How to configure Iptables to access VPN behind NAT
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
My problem is how to configure iptables to give access from external (internet) to a VPN Server behind NAT running in a Win2000 Server.
I know I could run a VPN Server in the Linux Box, I hope to make that in the future but, unless a detailed and complete "how to" make all, that kind of solution it's not useful by now...
# The actual system:
- An Internet connection via DSL in to a Modem/Router, who have a internal IP 10.0.10.9
That Router are connected to a Switch, who have 2 Win Servers, one W2000 and another W2003.
The W2003 are PDC, with AD (Active Directory) and so one...
The W2000 are VPN Server.
Some users, who are in a specific group in AD, when are in the outside world, connect to the VPN, and log in to the network. When the connection are accepted and establish, they can remote connect to computers inside, run applications, etc., like when they are in Local Network.
The only port forward in Modem/Router is the 1723 from internet to W2000 (this is not really true, there are also some ports to the FTP server in W2003, but no any else port in the service of the VPN)
# The changed system:
When I insert the Linux Box between Modem/router and the Switch, changing the internal IP to a 192.168.1.1, connect to the eth0 who have the IP 192.168.1.2, and the eth1 connected to the switch with IP 10.0.10.9
The forward ports in Modem/Router are changed to the IP of eth0 of the Linux Box, and Linux Box Accept and Forward that ports to the Computers inside of the network.
I have the FORWARD active, Masquerade, etc...
The users inside the network don't "see" anything different, and all services run normally... Except VPN!!
I do some research in the Net, Already try to forward ( and -t nat -I PREROUTING) some ports like 42,47,88 and even 500.. no success..
I have already discovery and Try "modprobe ip_nat_pptp"..
can someone help me? What I need to put in Iptables ? Activate anything?
2 months and half, no answer or sugestion
I found here a similar situation, but the solution doesn't work :/
Only the pptpproxy, give by zn99, works... but that it's not the solution to the real problem :/
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
How to configure Iptables to access VPN behind NAT
