DNAT pptp to windows machine
philipc at snapgear.com
Wed Aug 3 08:25:02 CEST 2005
Ming-Ching Tiew wrote:
> As far as I know, PPTP connection tracking is for the PPTP client going
> through firewall, ie pptp masquerade. It is not needed for DNAT of PPTP
> into a pptp server.
The PPTP connection tracking works for both clients and servers,
since after all, you need one of each to make a PPTP connection.
While you can get by without it for DNAT to a server, the PPTP
connection tracking allows you to automatically NAT the related
GRE connections, and you can use a conntrack state match to only
allow related GRE packets through the firewall.
More information about the netfilter