Art
April 16, 2007, 5:32am
1
Hi
I have problem with pptp gateway and nat on mt.
users → mt (wlan 1 nat) (PPtP gateway) → ISP
0 R name="pptp-out1" max-mtu=1460 max-mru=1460 connect-to=172.xx.xx.xx user="user" password="password"
profile=default add-default-route=yes allow=mschap1,mschap2
0 chain=srcnat src-address=10.11.10.0/24 action=src-nat to-addresses=80.xx.xx.xx to-ports=0-65535
0 ADC 10.11.10.0/24 10.11.10.1 wlan1
1 ADC 80.xx.xx.xx/32 80.xx.xx.xx pptp-out1
2 ADC 172.16.16.0/24 172.16.16.3 ether1
3 A S 0.0.0.0/0 r 80.xx.xx.xx pptp-out1
i can’t ping from my network (10.11.10.0/24) any adress behind nat, pages don’t open, etc.
Art:
Hi
I have problem with pptp gateway and nat on mt.
users → mt (wlan 1 nat) (PPtP gateway) → ISP
0 R name="pptp-out1" max-mtu=1460 max-mru=1460 connect-to=172.xx.xx.xx user="user" password="password"
profile=default add-default-route=yes allow=mschap1,mschap2
0 chain=srcnat src-address=10.11.10.0/24 action=src-nat to-addresses=80.xx.xx.xx to-ports=0-65535
0 ADC 10.11.10.0/24 10.11.10.1 wlan1
1 ADC 80.xx.xx.xx/32 80.xx.xx.xx pptp-out1
2 ADC 172.16.16.0/24 172.16.16.3 ether1
3 A S 0.0.0.0/0 r 80.xx.xx.xx pptp-out1
i can’t ping from my network (10.11.10.0/24) any adress behind nat, pages don’t open, etc.
Art,
By what it sounds like to me is your masquerade rule is missing. If you are trying to have your private ip block access the internet using the IP address of your MT then use masquerade.
Matt
Art
April 16, 2007, 6:03am
3
there is nat
even i change to
0 chain=srcnat src-address=10.11.10.0/24 action=masquerade
still nothing
Art,
Once you have the masquerade rule then try typing this in a dos prompt on one of the client pc’s…
ping 4.2.2.2 -l 1460
If you get a successful reply back then your having a MTU and MRU issue.
Matt
Art
April 17, 2007, 7:38am
5
standard ping is only 32 so this must go , but it isn’t
i think there is problem with pptp and nat in mt