> On March 2, 2017 at 10:15 PM Pavel Kolchanov <pavel.kolcha...@gmail.com> > wrote: > > > Hello. > > I have enabled GRE and PPtP macro in firewall: > > cat /etc/pve/firewall/cluster.fw > [OPTIONS] > > policy_in: REJECT > enable: 1 > > [RULES] > > GROUP vpn > GROUP basic-node > > [group basic-node] > > IN Ping(ACCEPT) > IN ACCEPT -p tcp -dport 8006 # Proxmox Web Interface > IN ACCEPT -p tcp -dport 22444 # SSH > > [group vpn] > > OUT GRE(ACCEPT) > IN GRE(ACCEPT) > IN PPtP(ACCEPT) > > But still cannot connect to pptpd until executed following commands: > > iptables -I INPUT -p gre -j ACCEPT > iptables -I OUTPUT -p gre -j ACCEPT
I tested here, and pve-firewall adds similar rules when you use the GRE macro. Please test with: # iptable-save|grep gre _______________________________________________ pve-user mailing list pve-user@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user