I've got a router on my network that faces outside running iptables. I've got a PPTP server on 192.168.1.6 on port 1723. I want the router to accept connections on eth2 (thats the external interface) on port 21 and forward it to 192.168.1.6 on port 1723. Is this possable? 192.168.1.6 is connected to eth1.

I tried this, but it didn't work:

iptables -t nat -A PREROUTING -i eth2 -p tcp --source-port 21 -j DNAT --dport 1723 --to 192.168.1.6

What did I do wrong?

-ee99ee2

P.S. - I know didn't work. I tried telneting into it from outside, connection refused. But I can telnet into 1723 from inside my network on 192.168.1.6.

iptables -t nat -A PREROUTING -i eth2 -p tcp --source-port 21 -j DNAT --dport 1723 --to 192.168.1.6 -j DNAT --to-destination 192.168.1.6:1723 :) That will convert the destination IP to 192.168.1.6 and the destination port to 1723.
--dport 21 That will check if the destination port in the packet is 21, which is what you want.--source-port 21 You want to take this out, because this will check if the packet's source port is on 21, but the source port is the port that the packet was sent out of on the client.

So, the final product is basically:
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 21 -j DNAT --to-destination 192.168.1.6:1723