First things first, there might be a few English errors, considering it's not my native language. I'm having a problem with VPN(GRE protocol) passing through Iptables. I've done this at least a dozen times, but this time it's simply not working. I have a VPN server on my local network and my firewall is a Centos 6.6.
I have this rules on my FW:
$IPTABLES -A PREROUTING -t nat -p 47 -d $IP_EXT_CLT -j DNAT --to $IP_CLT_TS1
$IPTABLES -A PREROUTING -t nat -p tcp -m multiport -d $IP_EXT_CLT --dports 1723 -j DNAT --to\ $IP_CLT_TS1
The 'port 1723' rule it's working perfectly, but GRE rule(proto 47) it's not.
I monitored my interfaces, and it's not routing...for example I have tried to make a prerouting of 'everything' to my server (IP_CLT_TS1), monitored my external interface and the packets are coming. But when I watch my internal interface (with tcpdump) all protocols are passing by, except GRE.
Anyone already had this sort of problem?