Thanks Nic, here is a tcpdump of a session tcpdump -pnvi ppp0 host 202.89.41.34 and not port 23 tcpdump: listening on ppp0 08:23:13.329836 202.27.208.8.61399 > 202.89.41.34.1723: S [tcp sum ok] 2421251911:2421251911(0) win 64240 <mss 1460,nop,nop,sackOK> (DF) (ttl 127, id 4611, len 48) 08:23:13.509801 202.89.41.34.1723 > 202.27.208.8.61399: S [tcp sum ok] 1391229001:1391229001(0) ack 2421251912 win 5840 <mss 1460,nop,nop,sackOK> (DF) [tos 0x80] (ttl 56, id 0, len 48) 08:23:13.510392 202.27.208.8.61399 > 202.89.41.34.1723: . [tcp sum ok] ack 1 win 64240 (DF) (ttl 127, id 4613, len 40) 08:23:13.510576 202.27.208.8.61399 > 202.89.41.34.1723: P 1:157(156) ack 1 win 64240 (DF) (ttl 127, id 4614, len 196) 08:23:13.719793 202.89.41.34.1723 > 202.27.208.8.61399: . [tcp sum ok] ack 157 win 6432 (DF) [tos 0x80] (ttl 56, id 6473, len 40) 08:23:13.739784 202.89.41.34.1723 > 202.27.208.8.61399: P 1:157(156) ack 157 win 6432 (DF) [tos 0x80] (ttl 56, id 6474, len 196) 08:23:13.740941 202.27.208.8.61399 > 202.89.41.34.1723: P 157:325(168) ack 157 win 64084 (DF) (ttl 127, id 4616, len 208) 08:23:13.939761 202.89.41.34.1723 > 202.27.208.8.61399: P [tcp sum ok] 157:189 (32) ack 325 win 7504 (DF) [tos 0x80] (ttl 56, id 6475, len 72) 08:23:13.939802 202.89.41.34 > 202.27.208.8: gre 202.89.41.34 > 202.27.208.8: [KS] gre-proto-0x880B (DF) [tos 0x80] (ttl 56, id 24858, len 65) 08:23:13.940001 202.27.208.8 > 202.89.41.34: icmp: 202.27.208.8 protocol 47 unreachable [tos 0xc0] (ttl 255, id 57926, len 93) 08:23:13.942586 202.27.208.8.61399 > 202.89.41.34.1723: P [tcp sum ok] 325:349 (24) ack 189 win 64052 (DF) (ttl 127, id 4618, len 64) 08:23:14.119785 202.89.41.34.1723 > 202.27.208.8.61399: F [tcp sum ok] 189:189 (0) ack 325 win 7504 (DF) [tos 0x80] (ttl 56, id 6476, len 40) 08:23:14.120570 202.27.208.8.61399 > 202.89.41.34.1723: F [tcp sum ok] 349:349 (0) ack 190 win 64052 (DF) (ttl 127, id 4621, len 40) 08:23:14.139798 202.89.41.34.1723 > 202.27.208.8.61399: R [tcp sum ok] 1391229190:1391229190(0) win 0 (DF) [tos 0x84] (ttl 247, id 0, len 40) 08:23:14.289767 202.89.41.34.1723 > 202.27.208.8.61399: R [tcp sum ok] 1391229191:1391229191(0) win 0 (DF) [tos 0x84] (ttl 247, id 0, len 40) AND tcpdump -pnvi eth0 host 202.89.41.34 and not port 23 tcpdump: listening on eth0 08:23:50.760625 192.168.20.19.1327 > 202.89.41.34.1723: S [tcp sum ok] 2429914894:2429914894(0) win 64240 <mss 1460,nop,nop,sackOK> (DF) (ttl 128, id 4696, len 48) 08:23:50.919851 202.89.41.34.1723 > 192.168.20.19.1327: S [tcp sum ok] 1421680695:1421680695(0) ack 2429914895 win 5840 <mss 1460,nop,nop,sackOK> (DF) [tos 0x80] (ttl 55, id 0, len 48) 08:23:50.920426 192.168.20.19.1327 > 202.89.41.34.1723: . [tcp sum ok] ack 1 win 64240 (DF) (ttl 128, id 4698, len 40) 08:23:50.920641 192.168.20.19.1327 > 202.89.41.34.1723: P 1:157(156) ack 1 win 64240 (DF) (ttl 128, id 4699, len 196) 08:23:51.119877 202.89.41.34.1723 > 192.168.20.19.1327: . [tcp sum ok] ack 157 win 6432 (DF) [tos 0x80] (ttl 55, id 20391, len 40) 08:23:51.139836 202.89.41.34.1723 > 192.168.20.19.1327: P 1:157(156) ack 157 win 6432 (DF) [tos 0x80] (ttl 55, id 20392, len 196) 08:23:51.140814 192.168.20.19.1327 > 202.89.41.34.1723: P 157:325(168) ack 157 win 64084 (DF) (ttl 128, id 4701, len 208) 08:23:51.349861 202.89.41.34.1723 > 192.168.20.19.1327: P [tcp sum ok] 157:189 (32) ack 325 win 7504 (DF) [tos 0x80] (ttl 55, id 20393, len 72) 08:23:51.352535 192.168.20.19.1327 > 202.89.41.34.1723: P [tcp sum ok] 325:349 (24) ack 189 win 64052 (DF) (ttl 128, id 4703, len 64) 08:23:51.354956 192.168.20.19 > 202.89.41.34: gre 192.168.20.19 > 202.89.41.34: [KS] gre-proto-0x880B (ttl 128, id 4704, len 80) 08:23:51.529848 202.89.41.34.1723 > 192.168.20.19.1327: F [tcp sum ok] 189:189 (0) ack 325 win 7504 (DF) [tos 0x80] (ttl 55, id 20394, len 40) 08:23:51.530207 192.168.20.19.1327 > 202.89.41.34.1723: F [tcp sum ok] 349:349 (0) ack 190 win 64052 (DF) (ttl 128, id 4705, len 40) 08:23:51.549845 202.89.41.34.1723 > 192.168.20.19.1327: R [tcp sum ok] 1421680884:1421680884(0) win 0 (DF) [tos 0x84] (ttl 246, id 0, len 40) 08:23:51.689838 202.89.41.34.1723 > 192.168.20.19.1327: R [tcp sum ok] 1421680885:1421680885(0) win 0 (DF) [tos 0x84] (ttl 246, id 0, len 40) Any help appreciated. -- Access Information Limited Waitangi Rd f4 PO Box 122 Carterton Wairarapa 06-379-6668 * 021-827-660 tony at access-info.co.nz www.access-info.co.nz Quoting Nic Bellamy <nic at bellamy.co.nz>: > On Mon, 2003-07-14 at 17:53, Tony Arcus wrote: > > Question: > > What is needed to set up pptp with the following configuration: > > > > > > ME with } > > Win2000 }-----RH6.2------internet-----a firewall----customers network > > ipchains > > >From memory (as in: it's been a while since I've done anything serious > with it), ipchains doesn't handle address translation of protocols other > than TCP/UDP/ICMP very well. Although it *should* be able to handle a > single outgoing PPTP connection ok (running multiple tunnels, or running > a PPTP server behind NAT, is where you start needing special support). > > What's happening on your firewall - is it blocking either the outgoing > or returning GRE packets (IP protocol 47)? > > Cheers, > Nic. > > -- > Nic Bellamy <nic at bellamy.co.nz> > Bellamy Consulting (NZ) Limited. +64-6-377-4957 Mobile: +64-21-251-8954 > Internet Software & Security Consulting -- http://www.bellamy.co.nz/ -- > > -------------------------------------------------------------------- > To remove yourself from this list, email wailug-request at linux.net.nz > with "unsubscribe" in the body of the message. > ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ -------------------------------------------------------------------- To remove yourself from this list, email wailug-request at linux.net.nz with "unsubscribe" in the body of the message.
| More information about the WaiLUG mailing list |
If you have any questions or comments about this page, email the
Webmaster Design Copyright © 1998-2005 Linux.net.nz |