ConfigServer Security & Firewall (CSF) issue with natting to a remote PPTP server

One of my networks is protected by CSF, running on the router, and I noticed, I’m not able to connect from this network to a remote PPTP server (in this case it’s Poptop), while connecting from other networks, to the same PPTP server, is possible without problems.

[me]—-[router with CSF]—-[Internet]—-[Poptop server]

Of course the solution was not the famous IPTABLES -p 47 -j ACCEPT one, because I’m not running a PPTP server here, I just want my requests to be properly NATted to a remote PPTP server. The firewall protecting the remote PPTP server is OK, because clients from other networks are able to connect without problems.

The following lines added to /etc/csf/csfpost.sh solved my problems:

modprobe ip_nat_pptp
modprobe ip_conntrack_pptp

Security

Consider PPTP as unencrypted and use it wisely. Read more here:

Leave a Reply

Your email address will not be published. Required fields are marked *