Tom Eastep wrote: > I keep trying to tell you that you are avoiding *double NAT* when you > connect directly. I suspect that is the problem and it may not be > solvable; I don't know. The trace log you sent (which STILL DIDN'T USE > THE -n OPTION) shows both TCP and GRE traffic flowing in both > directions. So there is nothing more that I know of that you can expect > the firewall to do.
One thing that you can *try* -- remove the pptp conntrack and nat helper modules and try to connect. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
