pptp/GRE with IPCHAINS and RedHat 7.2.....Help

pptp/GRE with IPCHAINS and RedHat 7.2.....Help

Post by Eric K » Fri, 25 Jan 2002 10:57:57



I am using RedHat 7.2, kernel 2.4.10 on my old Pentium II dual-homed NIC box
as my firewall. I have loaded IPCHAINS mod and disabled IPTABLES mod. NAT
and Firewall functions works fine for all the host behind the
firewall.....except for one protocol: p 47 (GRE). I have a couple of hosts
behind the firewall that are Windows machines that needs connection out to
an external VPN server. I have done everything I can think of to forward
Port 1723 TCP traffic and GRE protocol (Including ipfwdadm). But the Windows
machines just won't make the VPN connection. Testing the Windows machines
with a modem dialed up to an ISP, I was able to get the VPN connection to
establish just fine. After a whole of digging around, my questions are
these:

1) With 2.2.x kernels, various sources has said if the internal net are
using non-routable IPs, then I need a ip_masq_pptp module or somesuch, so it
will be GRE aware. Is this true? If so, is the default RedHat 7.2, 2.4.10
Kernell GRE aware?

2) If the default RH7.2 Kernell is not GRE aware, what packages do I need to
get to get 2.4.10 to be GRE aware?

Any help would be greatly appreciated. BTW I am using PMFirewall to generate
my original Firewall script, then manually editing the rules. I know
IPTABLES has more functionalities, but that's a lesson for another day. :-)

--
Eric K.

 
 
 

1. pptp/GRE with IPCHAINS & RedHat 7.2

I am using RedHat 7.2, kernel 2.4.10 on my old Pentium II dual-homed NIC box
as my firewall. I have loaded IPCHAINS mod and disabled IPTABLES mod. NAT
and Firewall functions works fine for all the host behind the
firewall.....except for one protocol: p 47 (GRE). I have a couple of hosts
behind the firewall that are Windows machines that needs connection out to
an external VPN server. I have done everything I can think of to forward
Port 1723 TCP traffic and GRE protocol (Including ipfwdadm). But the Windows
machines just won't make the VPN connection. Testing the Windows machines
with a modem dialed up to an ISP, I was able to get the VPN connection to
establish just fine. After a whole of digging around, my questions are
these:

1) With 2.2.x kernels, various sources has said if the internal net are
using non-routable IPs, then I need a ip_masq_pptp module or somesuch, so it
will be GRE aware. Is this true? If so, is the default RedHat 7.2, 2.4.10
Kernell GRE aware?

2) If the default RH7.2 Kernell is not GRE aware, what packages do I need to
get to get 2.4.10 to be GRE aware?

Any help would be greatly appreciated. BTW I am using PMFirewall to generate
my original Firewall script, then manually editing the rules. I know
IPTABLES has more functionalities, but that's a lesson for another day. :-)

--
Eric K.

2. Windows95 box -> Linux Box (Static IP) -> Intranet -> Internet?

3. PPTP via ipchains and SuSE 7.2 with 2.4.x kernel

4. CD Writing on networked Linux box

5. Sharing a PPTP (ADSL) connection over a network using RedHat Linux 7.2

6. HELP: Need to add FTP code to my C CGI code.

7. Can't get GRE redirected to an internal PPtP server - help

8. Strange makefile construct

9. Redhat 7.2 - ipchains (i need an idiots access method)

10. I'm confused with ipchains/iptables on Redhat 7.2

11. ipchains on redhat 7.2

12. ipchains in RedHat 7.2

13. How can I active and use IPCHAINS replace of IPTABLES in redhat 7.2 ?