|
||||||||
Fred, Yes, the routing entry is in place, and m0n0wall's PPTP and IPSEC VPN are both disabled. The GRE rule I have tried with & without.... neither seem to make a difference. As for the packet trace, I'm not very experienced in that area.... I appreciate all your help! Hopefully somebody will have an idea I haven't tried! --Dave -----Original Message----- From: Fred Wright [mailto:fw at well dot com] Sent: Friday, August 13, 2004 4:03 PM To: m0n0wall at lists dot m0n0 dot ch Subject: RE: [m0n0wall] PPTP through m0n0 not authenticating On Fri, 13 Aug 2004, Herron, David S wrote: > I appreciate hearing that what I've done is correct. I DO have the > 'Enable advanced outbound NAT' turned on, and the table is empty. That > was the only combination that did what I wanted - No NATing at all from > the m0n0wall. You are correct in assuming that all NAT is done from our > primary firewall. > > However, my problem still lingers - even with no NATing, the connection > will not authenticate. Hmmmph! Hmm... I presume you also have the routing entry I mentioned, since otherwise you wouldn't get the return packets from the control connection. Make sure m0n0wall's PPTP feature is turned off, since otherwise it will divert the GRE packets. I don't think explicitly allowing inbound GRE through m0n0wall should be needed, since the first GRE packet should be outbound and create a state entry, but it's worth a try if the above doesn't fix it. If all else fails, you could look at packet traces. :-) Fred Wright --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |