proxmox and pptp

F

Frakir

Member
Jan 20, 2016
29
0
21
53
I'm trying to make pptp work in proxmox and I found a lot of problems.
The only way I managed to get it work is: VM with a real IP.
pptp doesn't work in a VM with nat.
Is it possible to make pptp work in a VM with nat?

When I make lxc-container it doesn't work even with a real IP without nat. Even worse, pptp in lxc hangs up all the node.
Every time I get
...
sent [LCP ConfReq id=0x1a <asyncmap 0x0> <magic 0xbd9e3105> <pcomp> <accomp>]
LCP: timeout sending Config-Requests

Of course on the node I did
modprobe ip_nat_pptp
modprobe ip_conntrack_pptp
modprobe ip_gre

I tried Network Device with nat mode and with bridged mode (and made nat myself). All the same.
I added
iptables -I FORWARD 1 -j ACCEPT
It doesn't help.

What's wrong, maybe there is something more I can try?
 
It's just a business task. I can't make our partner change it's network.
Of course I use ipsec and openvpn but this time I need exactly pptp. I know it's bad (and it made a lot of troubles when lxc with pptp hang up the whole node) but I need pptp-client. Without real IP, with nat.
 
I assume you have a similar setup like this:
https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29_with_iptables

With that, you can just create DNAT rules in PREROUTING to forward all gre and gre enhanced traffic to the private destination IP. Easier if your customer has a fixed/static ip address to preroute everything to your VM. We use a similar setup to nat all traffic from a customer to a specific VM endpoint.

If this does not apply, could you please "sketch" how your network is current set-up?
 
Yeees, it works!
Forwarding all gre to the VM does the trick. It's the solution!

Thank you very much.
 
You must log in or register to reply here.
Top Bottom