PPTP/GRE Multi-forwarding NAT IPTables Example

linux iptables nat pptp ipsec

Google is showing me some returns on PPTP/GRE NAT through iptables/netfilter that will allow multiple connections.

However, I am not finding an example of using this pptp helper module that allows for this. Anyone done this before?


This changed radically in kernel 2.6.14, and that accounts for the various random documentation examples you're finding (many with the pre-2.6.14 syntax). I don't have a machine handy to test on, but you should be fine with loading ip_conntrack_pptp and ip_nat_pptp to get PPTP connection tracking.


I am assuming you are talking about being behind a NAT, and trying to have multiple users connect to a remote VPN server, then I just managed to fix this on DD-WRT v24-sp2 (04/16/10):

Apparently the kernel modules were missing which do the NAT translation for the GRE protocol - inserting them proved enough. I have added the following lines to the firewall script:

# Insert modules for PPTP over NAT:
insmod nf_nat_proto_gre
insmod nf_conntrack_proto_gre
insmod nf_conntrack_pptp
insmod nf_nat_pptp

The rest of iptables/netfilter is already set up correctly in DD-WRT apparently :)

If wanted I can dig up the rest of the NAT table entries relating to this.

Related

Why can't I get Apache2 mod_dumpio working under Lucid Lynx Ubuntu?
How to do the equivalent of rpm -qf in AIX? (Which package does this file belong to?)
How to edit command completion for ssh on bash?
Security concerns about Windows NT 4.0
How the big guys monitor their servers?
Can I use pfsense as a DNS server?
Multiple DNS answers for same domain eg google.com -- what does it mean?
IP address range for examples in documentations
Why shouldn't I serve my Java webapp directly with Tomcat?
What do you recommend? OpenVZ or Xen DomU?
Different mandatory user profiles for WinXP & Win7
Apache - maximum number of threads?