Port Forward Protocol 47 (GRE) for PPTP VPN

[blewis]

Hi There,

I am new to the ebox platform.  I have a setup where I have ebox as the firewall / NAT device and I wish to port forward the ports required for PPTP VPN.  One of those ports is the GRE protocol (protocol 47).  In the port forwarding window I only seem to be able to set the protocol to TCP or UDP.  Is there a way I can set up ebox to forward protocol 47?

Many Thanks,
Ben

[sixstone]

I'm afraid to tell you that now it is impossible to do so . Anyway, we have this as a planned feature to enhance redirection section a little.

[blewis]

Ok.  I understand it is not available via the GUI but....

Am I able to add this rule by directly manipulating iptables?  I had a quick look but I didn't see my other rules in there so I  thought i'd leave it for the time being.

I am happy to manipulate the firewall via shell if that will enable the rule to be added.

~Ben

[starquake]

The problem is that a few modules need to be loaded.

To load them once use:
modprobe ip_nat_ftp ip_nat_pptp ip_conntrack_pptp ip_gre


To load it at boot time, edit /etc/modules and add the following rules:
ip_nat_pptp
ip_conntrack_pptp
ip_gre

I'm unsure if ip_conntrack_pptp and ip_gre really need to be loaded but they were loaded on my firewall.

[aguerra]

Some help to solve this problem? or How to make the rule in the iptables?

[aguerra]

Ready!!! 

[vovelee]

I loaded module ip_nat_pptp and everything is OK now.
It would be great if there was an option when the administrator forward port 1723 to some internal IP Ebox automatically load this module.