[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] PPTP through m0n0 not authenticating
 Date:  Fri, 13 Aug 2004 15:03:16 -0700 (PDT)
On Fri, 13 Aug 2004, Herron, David S wrote:

> I appreciate hearing that what I've done is correct.  I DO have the
> 'Enable advanced outbound NAT' turned on, and the table is empty.  That
> was the only combination that did what I wanted - No NATing at all from
> the m0n0wall.  You are correct in assuming that all NAT is done from our
> primary firewall.
> However, my problem still lingers - even with no NATing, the connection
> will not authenticate.  Hmmmph!

Hmm...  I presume you also have the routing entry I mentioned, since
otherwise you wouldn't get the return packets from the control
connection.  Make sure m0n0wall's PPTP feature is turned off, since
otherwise it will divert the GRE packets.

I don't think explicitly allowing inbound GRE through m0n0wall should be
needed, since the first GRE packet should be outbound and create a state
entry, but it's worth a try if the above doesn't fix it.

If all else fails, you could look at packet traces. :-)

					Fred Wright