I want to set up a pptp tunnel using a port different from 1723. This is
needed as this port is already used on our internet router by another
tunnel (for a company to log in for system maintenance).
I tried to "DNAT" from 1723 to another port on the client and vice versa
on the server, plus a rule on each side to route the GRE protocol. The
system tries to log in, but does not get a connection (GRE errors in the
logfile).
Is there any way to solve this problem ?
Here are my rulesets:
on the gateway $PPTPGATEWAY:
$PPTPGATEWAY sits behind a Netgear ADSL router with port 5610 forwarded
to it. Port 1723 is forwarded to another system as described above.
$IPTABLES -t nat -A PREROUTING -i $EXT \
-p TCP --dport $OTHERPORT -j DNAT --to $PPTPSERVER:1723
$IPTABLES -t nat -A PREROUTING -i $EXT -p GRE -j DNAT --to $PPTPSERVER
on the client:
$IPTABLES -t nat -A PREROUTING -i $INT \
-p TCP --dport pptp \
-j DNAT --to $PPTPGATEWAY:5610
$IPTABLES -t nat -A PREROUTING -i $INT \
-p GRE -j DNAT --to $PPTPGATEWAY
Mark Dammer
|
Similar Threads
Linear Mode
