From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ozgur AKAN Subject: VPN and iptables rules Date: Tue, 04 Nov 2003 16:58:37 +0200 Sender: netfilter-admin@lists.netfilter.org Message-ID: <3FA7BE9D.1000202@aiqa.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="------------080809030401010706020406" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter@lists.netfilter.org This is a multi-part message in MIME format. --------------080809030401010706020406 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi, I have a installed pptpd, mppe to my RedHat 9.0. real ip`s 212.2.212.1 --------------- 195.111.111.1 vpn ip`s 192.168.77.11 ------------ 192.168.77.1 I open protocol gre, and tcp port 1721 at my firewall to establish a connection between client and linux firewall. Client is a windows xp. After dialing my isp my winxp connects to internet and gets 212.2.212.1. I establish the vpn connection to linux firewall. Everything is ok until this point. My problem is I can not ping the server from client or vice versa. What shall i do? thanks, Ozgur AKAN --------------080809030401010706020406 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Hi,
I have a installed pptpd, mppe to my RedHat 9.0.

real ip`s

212.2.212.1 --------------- 195.111.111.1

vpn ip`s

192.168.77.11 ------------ 192.168.77.1

I open protocol gre, and tcp port 1721 at my firewall to establish a connection between client and linux firewall. Client is a windows xp.

After dialing my isp my winxp connects to internet and gets 212.2.212.1. I establish the vpn connection to linux firewall. Everything is ok until this point.

My problem is I can not ping the server from client or vice versa.

What shall i do?

thanks,
Ozgur AKAN
 --------------080809030401010706020406-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Cedric Blancher Subject: Re: VPN and iptables rules Date: Tue, 04 Nov 2003 16:18:35 +0100 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1067959115.906.99.camel@elendil.intranet.cartel-securite.net> References: <3FA7BE9D.1000202@aiqa.com> Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: <3FA7BE9D.1000202@aiqa.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="iso-8859-1" To: Ozgur AKAN Cc: netfilter@lists.netfilter.org Le mar 04/11/2003 =E0 15:58, Ozgur AKAN a =E9crit : > After dialing my isp my winxp connects to internet and gets > 212.2.212.1. I establish the vpn connection to linux firewall. > Everything is ok until this point. > My problem is I can not ping the server from client or vice versa. You should have a look to the filtering ruleset for the PPTP link on the server side : INPUT and OUTPUT for ping FORWARD for usual trafic --=20 http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!=20 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ted Kaczmarek Subject: Re: VPN and iptables rules Date: Tue, 04 Nov 2003 21:41:54 -0500 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1068000113.7813.43.camel@tarkus> References: <3FA7BE9D.1000202@aiqa.com> Reply-To: tedkaz@optonline.net Mime-Version: 1.0 Content-Transfer-Encoding: 7BIT Return-path: In-reply-to: <3FA7BE9D.1000202@aiqa.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: Ozgur AKAN Cc: netfilter@lists.netfilter.org Try pinging from a machine behind the server the tunnel is terminated on. Ted On Tue, 2003-11-04 at 09:58, Ozgur AKAN wrote: > Hi, > I have a installed pptpd, mppe to my RedHat 9.0. > > real ip`s > > 212.2.212.1 --------------- 195.111.111.1 > > vpn ip`s > > 192.168.77.11 ------------ 192.168.77.1 > > I open protocol gre, and tcp port 1721 at my firewall to establish a > connection between client and linux firewall. Client is a windows xp. > > After dialing my isp my winxp connects to internet and gets > 212.2.212.1. I establish the vpn connection to linux firewall. > Everything is ok until this point. > > My problem is I can not ping the server from client or vice versa. > > What shall i do? > > thanks, > Ozgur AKAN