Re: [m0n0wall] PPTP REdirect...!

From:	Manuel Kasper <mk at neon1 dot net>
To:	Hugues Belanger <hbelanger at 701 dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] PPTP REdirect...!
Date:	Sat, 2 Aug 2003 10:16:24 +0200 (CEST)

On Fri, 1 Aug 2003, Hugues Belanger wrote:

> I have tcpdump running on the server and I'm not receiving any pptp related
> traffic from m0n0wall. I can telnet demobox.ath.cx 1723 and see that traffic,
> so I'm wondering if it as something to do with GRE ?

The GRE tunnel is only setup after the port 1723 TCP connection... But
again, some PPTP servers may have troubles with NATing GRE tunnels. With
redirection turned on, check the output of
http://m0n0wall-ip/cgi-bin/status.cgi, in the ipnat -l section you should
see two lines like this:

rdr sis1 0.0.0.0/0 port 0 -> 192.168.0.1 port 0 gre
rdr sis1 0.0.0.0/0 port 1723 -> 192.168.0.1 port 1723 tcp

and in ipfstat -hio:

0 pass in quick proto gre from any to 192.168.0.1/32 keep state group 200
0 pass in quick proto tcp from any to 192.168.0.1/32 port = 1723 keep state group 200

If you've got that, then it's most likely not a problem in m0n0wall.

- Manuel