Hi list I hope someone can help me out of the trouble (problem has become trouble) I’m in after promoting using Linux server (SuSE standard server 8). My problem is allowing multiple pptp connection from my local LAN clients to same Win server out there somewhere. My current setup does work for 1 connection Google search gave me 2 options. 1 patch the kernel and compile (bad idea because it has to be repeated for all SuSE kernel updates). 2 Let the server create pptp connection and use some advance routing using some program from sourceforge, but this fails because of some non upgradeable lib in SLSS8 (how would you anyway start and terminate it remotely) So I went for patching my kernel with latest pom and iptables. This is what I did: Patch the kernel with pptp_conntrack_nat (KERNEL_DIR and iptables dir correct) make mrproper make clonconfig make xconfig and install the patches as modules make dep && make bzImage && make modules && make modules_install && make install make all install for new iptables (into /usr/sbin not /usr/local/sbin which was default for iptables) No errors so far and ip_nat_proto_gre and ip_nat_pptp are not loaded (they would brake my poptop server according to Google), but ip_conntrack_proto_gre and ip_conntrack_pptp are. But now I get this error “kernel: ip_conntrack_pptp: error during exp_gre” and I still can only create 1 connection (this error is only when the new modules are loaded) Help file in pom say’s: The GRE connection is marked as RELATED to the TCP session on port 1723, so all you need is something like iptables -j ACCEPT -m state --state RELATED,ESTABLISHED iptables -j ACCEPT -d my_pptp_server -p tcp --dport 1723 -m state --state NEW I have tried to put this in the custom script but get errors (iptables command missing or something like that). I have tried to get help from netfilter list but no luck (think they run away when SuSE is mentioned), but anyway I don’t want to become an expert on iptables for one issue (still have my ordinary work to do). Please help me, otherwise the Microsoft guys have proven me wrong and I have to swap over to Redmond (or was it Redneck) My setup is INTERNET--NAT ROUTER--SuSE--local LAN Default setup as domain, email server etc, all patches up to date -- regards Gudmundur Arnljotsson B.Sc Independent Scales Ltd 100a Hayton Road P.O. Box 8098 Christchurch New Zealand Tel Office: +64 03 341 1324 Mobile: +64 021 475 581