From owner-freebsd-isp Thu Jan 23 10: 5:58 2003 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB93D37B401 for ; Thu, 23 Jan 2003 10:05:56 -0800 (PST) Received: from supergeer.shunda.com (h24-86-153-117.ed.shawcable.net [24.86.153.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 898B343ED8 for ; Thu, 23 Jan 2003 10:05:55 -0800 (PST) (envelope-from robert.martin@shunda.com) Received: from 127.0.0.1 (oppy [172.16.60.100]) by supergeer.shunda.com (8.11.1/8.11.1) with ESMTP id h0NI5tA16511 for ; Thu, 23 Jan 2003 11:05:55 -0700 (MST) (envelope-from robert.martin@shunda.com) Date: Thu, 23 Jan 2003 11:05:51 -0700 From: Robert Martin X-Mailer: The Bat! (v1.60c) Reply-To: Robert Martin X-Priority: 3 (Normal) Message-ID: <1429470107.20030123110551@shunda.com> To: freebsd-isp@FreeBSD.org Subject: PPTP passthrough on FreeBSD 4.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (I submitted this a couple of days ago to freebsd-net, and didn't hear anything, so I thought I'd try this list. Hopefully somebody can help me out. --RWM) I am trying to get a FreeBSD ipfw firewall to pass Windows PPTP client traffic through to a Windows NT box behind the firewall. I have successfully used the pptpalias command in natd on a FreeBSD 3.4 box over the last couple of years to pass through PPTP traffic to both NT and 2000 servers. However I now have a client with a FreeBSD 4.4 box that wants to do the same thing, and unfortunately pptpalias has not been included in natd since 4.0. If I am correct, all I should need to do is put a redirect_proto line in natd.conf instead of the pptpalias line, like below: redirect_proto 47 192.168.0.51 redirect_port tcp 192.168.0.51:1723 1723 I think I have the redirect_proto line correct. But, I might not. I've tried it with GRE instead of 47, but that didn't work either. The thing that bothers me is that when I run ethereal on the Windows server behind the firewall, I see 0 GRE packets and 0 1723 packets. So that makes me think it's the firewall. Is there a problem with my natd.conf, or do I need a firewall rule? Or is it because of the funky combination of XP PPTP clients, FreeBSD PPTP passthrough and NT PPTP severs? Or is it something more serious like needing to recompile the kernel? Any and all help will be greatly appreciated. Regards, Robert Martin robert.martin@shunda.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBPjAuypIrR5N01aZzEQIzdACgwPvkkHnJDiisoBHMAi0Q/u8UZTIAn1PM IfKspASa+MV66CfwWZMjvc+Y =ncAB -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message