On Monday 08 December 2003 09:54 pm, Troy Aden wrote: > Ok I loaded the modules: (Listed in this order in the /lib/modules config > file) > ip_conntrack_proto_gre.o > ip_conntrack_pptp.o > ip_nat_proto_gre.o > ip_nat_pptp.o > > Here are the rules that worked fine previously for pptp BEFORE I loaded > these modules. > > #Allow VPN connections Outbound!!!! > ACCEPT loc net tcp 1723 > ACCEPT loc net 47 - > > #Allow VPN Inbound > DNAT net loc:192.168.169.24 tcp 1723 > DNAT net loc:192.168.169.24 47 - > > Here are the policies: > > #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST > loc net DROP ULOG > loc vpn ACCEPT > vpn loc ACCEPT > # If you want open access to the Internet from your Firewall > # remove the comment from the following line. > #fw net ACCEPT > net all DROP ULOG > all all REJECT ULOG > > > Now I can't make a pptp connection to our VPN. > > Can anyone PLEASE tell me why? Is there something that I am missing here? > It fails with error 721 "remote computer did not respond". It was working > before I loaded these modules. Why is it broken now? >
I've taken you as far as I can -- I don't run Patch-O-Matic features like the pptp NAT/conntrack patch (see http://www.shorewall.net/Shorewall_Doesnt.html). -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
