Не устанавливается VPN соединение через NAT/

Друзья, есть проблема. В Новый год переставил шлюз на debian. Сейчас стоит Linux emmproxy 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686 GNU/Linux.
При подключении соединения VPN к налоговой (для отсылки отчетности), соединение не устанавливается.

В iptables разрешил все порты, в т.ч. и 1723. telnet идет на этот порт без проблем. При подсоединении виндовое соединение происходит нормально, идет аутентификация, но затем все отваливается по тайм-ауту. Есть подозрение , что нужен модуль ip_nat_gre, но у меня в инсталляции его нет и в помине. Пожалуйста наставьте на путь истинный!


В логах tcpdump при подключении:

proxy:~# tcpdump host 192.168.0.134
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
12:18:57.626977 arp who-has 192.168.0.134 tell 192.168.0.100
12:18:58.592749 arp who-has 192.168.0.1 tell 192.168.0.134
12:18:58.592768 arp reply 192.168.0.1 is-at 00:02:b3:cc:7c:af
12:18:58.592874 IP 192.168.0.134.1431 > 213.182.169.11.1723: S 3504288852:3504288852(0) win 65535 <mss 1460,nop,nop,sackOK>
12:18:58.625223 IP 213.182.169.11.1723 > 192.168.0.134.1431: S 1984623213:1984623213(0) ack 3504288853 win 65535 <mss 1460,nop,nop,sackOK>
12:18:58.626519 IP 192.168.0.134.1431 > 213.182.169.11.1723: P 1:157(156) ack 1 win 65535: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(2600) [|pptp]
12:18:58.663913 IP 213.182.169.11.1723 > 192.168.0.134.1431: P 1:157(156) ack 157 win 65535: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP(S) BEARER_CAP(DA) MAX_CHAN(0) FIRM_REV(257) [|pptp]
12:18:58.665198 IP 192.168.0.134.1431 > 213.182.169.11.1723: P 157:325(168) ack 157 win 65379: pptp CTRL_MSGTYPE=OCRQ CALL_ID(32768) CALL_SER_NUM(15869) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) [|pptp]
12:18:58.799041 IP 213.182.169.11.1723 > 192.168.0.134.1431: . ack 325 win 65535
12:19:03.622870 arp who-has 192.168.0.134 tell 192.168.0.1
12:19:03.623001 arp reply 192.168.0.134 is-at 00:0c:76:5e:11:92
12:19:03.758271 IP 213.182.169.11.1723 > 192.168.0.134.1431: P 157:189(32) ack 325 win 65535: pptp CTRL_MSGTYPE=OCRP CALL_ID(15007) PEER_CALL_ID(32768) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(64000) RECV_WIN(16) PROC_DELAY(1) PHY_CHAN_ID(1507328)
12:19:03.868767 IP 192.168.0.134.1431 > 213.182.169.11.1723: . ack 189 win 65347
12:19:03.950154 IP 192.168.0.134.1431 > 213.182.169.11.1723: P 325:349(24) ack 189 win 65347: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(15007) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
12:19:03.953991 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 0 gre-ppp-payload
12:19:04.077281 IP 213.182.169.11.1723 > 192.168.0.134.1431: . ack 349 win 65535
12:19:05.947779 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 1 gre-ppp-payload
12:19:08.948762 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 2 gre-ppp-payload
12:19:12.947611 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 3 gre-ppp-payload
12:19:16.947595 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 4 gre-ppp-payload
12:19:20.947441 IP 192.168.0.134 > 213.182.169.11: call 15007 seq 5 gre-ppp-payload
12:19:23.932392 IP 213.182.169.11.1723 > 192.168.0.134.1431: P 189:205(16) ack 349 win 65535: pptp CTRL_MSGTYPE=StopCCRQ REASON(3)
12:19:23.932564 IP 192.168.0.134.1431 > 213.182.169.11.1723: P 349:365(16) ack 205 win 65331: pptp CTRL_MSGTYPE=StopCCRP RESULT_CODE(1) ERR_CODE(0)
12:19:23.935846 IP 213.182.169.11.1723 > 192.168.0.134.1431: P 205:353(148) ack 349 win 65535: pptp CTRL_MSGTYPE=CDN CALL_ID(15007) RESULT_CODE(3) ERR_CODE(0) CAUSE_CODE(0) [|pptp]
12:19:24.098434 IP 213.182.169.11.1723 > 192.168.0.134.1431: F 353:353(0) ack 365 win 65535
12:19:24.098608 IP 192.168.0.134.1431 > 213.182.169.11.1723: F 365:365(0) ack 354 win 65183
12:19:24.168897 IP 213.182.169.11.1723 > 192.168.0.134.1431: . ack 366 win 65534

27 packets captured
27 packets received by filter
0 packets dropped by kernel

_________________
lsmod:

proxy:~# lsmod
Module Size Used by Not tainted
ip_gre 7488 0 (unused)
nls_iso8859-1 2780 0 (autoclean)
isofs 23092 0 (autoclean)
ip_conntrack_ftp 3440 1 (autoclean)
ip_nat_ftp 2512 0 (unused)
af_packet 11048 0 (autoclean)
ipt_REJECT 3160 0 (autoclean)
ipt_state 504 54 (autoclean)
iptable_filter 1644 1 (autoclean)
ipt_MASQUERADE 1304 5 (autoclean)
ipt_mark 472 8 (autoclean)
iptable_nat 14758 2 (autoclean) [ip_nat_ftp ipt_MASQUERADE]
ip_conntrack 17000 1 (autoclean) [ip_conntrack_ftp ip_nat_ftp ipt_state ipt_MASQUERADE iptable_nat]
ipt_MARK 728 8 (autoclean)
iptable_mangle 2040 1 (autoclean)
ip_tables 10400 10 [ipt_REJECT ipt_state iptable_filter ipt_MASQUERADE ipt_mark iptable_nat ipt_MARK iptable_mangle]
ehci-hcd 14764 0 (unused)
usb-uhci 19504 0 (unused)
usbcore 52268 1 [ehci-hcd usb-uhci]
i810_audio 21372 0 (unused)
ac97_codec 11252 0 [i810_audio]
soundcore 3268 2 [i810_audio]
ide-scsi 8272 0
scsi_mod 86052 1 [ide-scsi]
8139too 12328 1
mii 1952 0 [8139too]
crc32 2848 0 [8139too]
e100 42868 1
ide-cd 27072 0
cdrom 26212 0 [ide-cd]
rtc 5768 0 (autoclean)
ext3 65388 3 (autoclean)
jbd 34628 3 (autoclean) [ext3]
ide-detect 288 0 (autoclean) (unused)
piix 7784 1 (autoclean)
ide-disk 12448 4 (autoclean)
ide-core 91832 4 (autoclean) [ide-scsi ide-cd ide-detect piix ide-disk]
unix 12752 104 (autoclean)