Let’s say SNAT or masquerading is configured on a Linux server, for example, as I described in article Ubuntu IP Masquerading (NAT). But if many NAT clients connect to external PPTP, FTP, SIP servers for NAT, then they will have connection problems.
To solve problems with connecting to PPTP, FTP, SIP, you need to download some modules:
modprobe nf_nat_pptp
modprobe nf_nat_ftp
modprobe nf_nat_sip
And also add the modules to the /etc/modules file so that they load automatically at system startup:
nf_nat_ftp
nf_nat_pptp
nf_nat_sip
Unload a module from memory if possible:
modprobe -r nf_nat_pptp
For example, on UBNT (Ubiquiti) devices, when configuring NAT, it is also possible to enable sip pptp ftp rtsp by ticking off.
Check if nf_conntrack_helper is enabled as follows:
sysctl net.netfilter.nf_conntrack_helper
For autorun, the following should be specified in the /etc/sysctl.conf file:
net.netfilter.nf_conntrack_helper = 1
See also my articles:
Difference between MASQUERADE and SNAT
How to fix the error “nf_conntrack: table full, dropping package”
Tuning nf_conntrack