* VPN Issue - help
@ 2003-05-05 22:42 Voltaire Pascual
2003-05-06 9:35 ` xchris
0 siblings, 1 reply; 7+ messages in thread
From: Voltaire Pascual @ 2003-05-05 22:42 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 1294 bytes --]
repost:
Clients can connect to the VPN server w/o any problem. Private network is 192.168.0.0/24. VPN server IP is
Public (ppp0) = 203.x.x.x
Private (eth0) = 192.168.0.10
When client is connected to the VPN server, it can ping the VPN but not the other machines in the network. Client IP when connected is 192.168.0.80/255.255.255.255. clients can surf the net after they are connected but cannot see other machines inside the network.
###########################
other config:
net.ipv4.ip_forward = 1
net.ipv4.conf.eth0.proxy_arp = 1
###########################
client is connected to the VPN. here's the result of ifconfig:
ppp1 Link encap:Point-to-Point Protocol
inet addr:192.168.0.10 P-t-P:192.168.0.80 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:18 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1062 (1.0 Kb) TX bytes:147 (147.0 b)
###########################
route -n
192.168.0.180 0.0.0.0 255.255.255.255 UH 0 0 0 ppp1
###########################
What could be the problem? What iptables rule should i do.
TIA
/Voltaire
[-- Attachment #2: Type: text/html, Size: 3347 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: VPN Issue - help
2003-05-05 22:42 VPN Issue - help Voltaire Pascual
@ 2003-05-06 9:35 ` xchris
2003-05-06 12:45 ` Voltaire Pascual
0 siblings, 1 reply; 7+ messages in thread
From: xchris @ 2003-05-06 9:35 UTC (permalink / raw)
To: netfilter; +Cc: Voltaire Pascual
On Tuesday 06 May 2003 00:42, Voltaire Pascual wrote:
> repost:
>
> Clients can connect to the VPN server w/o any problem. Private network is
> 192.168.0.0/24. VPN server IP is
>
> Public (ppp0) = 203.x.x.x
> Private (eth0) = 192.168.0.10
>> When client is connected to the VPN server, it can ping the VPN but not the
> other machines in the network. Client IP when connected is
> 192.168.0.80/255.255.255.255. clients can surf the net after they are
> connected but cannot see other machines inside the network.
>
> ###########################
> other config:
> net.ipv4.ip_forward = 1
> net.ipv4.conf.eth0.proxy_arp = 1
>
> ###########################
> client is connected to the VPN. here's the result of ifconfig:
>
> ppp1 Link encap:Point-to-Point Protocol
> inet addr:192.168.0.10 P-t-P:192.168.0.80 Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
> RX packets:18 errors:0 dropped:0 overruns:0 frame:0
> TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:3
> RX bytes:1062 (1.0 Kb) TX bytes:147 (147.0 b)
> ###########################
> route -n
>
> 192.168.0.180 0.0.0.0 255.255.255.255 UH 0 0 0
> ppp1 ###########################
>
>
> What could be the problem? What iptables rule should i do.
from route -n
you should have
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
eth(?)
not 192.168.0.180/32
what is .180?
maybe you should post your ifconfig (complete) and route -n (complete) and
maybe your pptpd.conf
bye
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: VPN Issue - help
2003-05-06 9:35 ` xchris
@ 2003-05-06 12:45 ` Voltaire Pascual
2003-05-07 7:37 ` xchris
0 siblings, 1 reply; 7+ messages in thread
From: Voltaire Pascual @ 2003-05-06 12:45 UTC (permalink / raw)
To: xchris, netfilter
Hi Chris,
Here's my configuration:
##################################
"/etc/pptpd.conf"
option /etc/ppp/options.pptpd
localip 192.168.0.10
remoteip 192.168.0.180-200
##################################
"/etc/ppp/options.pptpd"
lock
proxyarp
auth
mppe-40
mppe-128
mppe-stateless
require-chapms-v2
ms-dns 192.168.0.10
ms-dns 206.172.11.21
netmask 255.255.255.0
##################################
"ifconfig - VPN Client connected"
ppp0 (206.163.247.9) = public IP
eth0 (192.168.0.10) = private IP (192.168.0.0/24)
eth0 Link encap:Ethernet HWaddr 00:40:D0:09:83:6F
inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:456067 errors:0 dropped:0 overruns:0 frame:14190
TX packets:445109 errors:0 dropped:0 overruns:1 carrier:13205
collisions:16678 txqueuelen:100
RX bytes:225854445 (215.3 Mb) TX bytes:196873356 (187.7 Mb)
Interrupt:9
ppp0 Link encap:Point-to-Point Protocol
inet addr:206.163.247.9 P-t-P:206.163.246.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:327124 errors:0 dropped:0 overruns:0 frame:0
TX packets:253529 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:207103245 (197.5 Mb) TX bytes:31867835 (30.3 Mb)
ppp1 Link encap:Point-to-Point Protocol
inet addr:192.168.0.10 P-t-P:192.168.0.180 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:29 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2392 (2.3 Kb) TX bytes:259 (259.0 b)
##################################
"route -n"
Destination Gateway Genmask Flags Metric Ref
Use Iface
206.163.246.1 0.0.0.0 255.255.255.255 UH 0 0 0
ppp0
192.168.0.180 0.0.0.0 255.255.255.255 UH 0 0 0
ppp1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0
0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0
0 lo
0.0.0.0 206.163.246.1 0.0.0.0 UG 0 0 0
ppp0
##################################
----- Original Message -----
From: "xchris" <lyra@fastwebnet.it>
To: <netfilter@lists.netfilter.org>
Cc: "Voltaire Pascual" <voltaire@voltaire.servebeer.com>
Sent: Tuesday, May 06, 2003 5:35 PM
Subject: Re: VPN Issue - help
On Tuesday 06 May 2003 00:42, Voltaire Pascual wrote:
> repost:
>
> Clients can connect to the VPN server w/o any problem. Private network is
> 192.168.0.0/24. VPN server IP is
>
> Public (ppp0) = 203.x.x.x
> Private (eth0) = 192.168.0.10
>> When client is connected to the VPN server, it can ping the VPN but not
the
> other machines in the network. Client IP when connected is
> 192.168.0.80/255.255.255.255. clients can surf the net after they are
> connected but cannot see other machines inside the network.
>
> ###########################
> other config:
> net.ipv4.ip_forward = 1
> net.ipv4.conf.eth0.proxy_arp = 1
>
> ###########################
> client is connected to the VPN. here's the result of ifconfig:
>
> ppp1 Link encap:Point-to-Point Protocol
> inet addr:192.168.0.10 P-t-P:192.168.0.80 Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
> RX packets:18 errors:0 dropped:0 overruns:0 frame:0
> TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:3
> RX bytes:1062 (1.0 Kb) TX bytes:147 (147.0 b)
> ###########################
> route -n
>
> 192.168.0.180 0.0.0.0 255.255.255.255 UH 0 0 0
> ppp1 ###########################
>
>
> What could be the problem? What iptables rule should i do.
from route -n
you should have
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
eth(?)
not 192.168.0.180/32
what is .180?
maybe you should post your ifconfig (complete) and route -n (complete) and
maybe your pptpd.conf
bye
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: VPN Issue - help
2003-05-06 12:45 ` Voltaire Pascual
@ 2003-05-07 7:37 ` xchris
2003-05-07 9:23 ` xchris
2003-05-07 9:30 ` vpn help from tanzania Muffadal Essaji
0 siblings, 2 replies; 7+ messages in thread
From: xchris @ 2003-05-07 7:37 UTC (permalink / raw)
To: netfilter; +Cc: Voltaire Pascual
On Tuesday 06 May 2003 14:45, Voltaire Pascual wrote:
> Hi Chris,
>
> Here's my configuration:
>
CUT
OK.
Now it's more clear.
Stupid question...
did yoy try disabling firewall and enabling ip_forward?
you should have all chains with policy ACCEPT and ip_forward to 1.
If it goes... your problem is related to your firewall scripts,otherwise it's
a iptables problem.
More stupid question (just to be sure)
I guess this box is the default gateway for your lan. right?
(you reach the internet natted by this box)
To be honest i always prefer to give vpn remote client different IP...
(for example.. 192.168.1.x) to be more clear... but this is not the problem!
Let me know.
bye
xchris
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: VPN Issue - help
2003-05-07 7:37 ` xchris
@ 2003-05-07 9:23 ` xchris
2003-05-07 9:30 ` vpn help from tanzania Muffadal Essaji
1 sibling, 0 replies; 7+ messages in thread
From: xchris @ 2003-05-07 9:23 UTC (permalink / raw)
To: netfilter; +Cc: Voltaire Pascual
On Wednesday 07 May 2003 09:37, xchris wrote:
> On Tuesday 06 May 2003 14:45, Voltaire Pascual wrote:
> > Hi Chris,
> >
> > Here's my configuration:
>
> CUT
>
>
> OK.
> Now it's more clear.
>
> Stupid question...
> did yoy try disabling firewall and enabling ip_forward?
>
> you should have all chains with policy ACCEPT and ip_forward to 1.
>
> If it goes... your problem is related to your firewall scripts,otherwise
> it's a iptables problem.
ahem.. i mean..
if it goes your problem is your firewall otherwise your pptpd config.
sorry
xchris
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vpn help from tanzania.
2003-05-07 7:37 ` xchris
2003-05-07 9:23 ` xchris
@ 2003-05-07 9:30 ` Muffadal Essaji
2003-05-07 10:06 ` xchris
1 sibling, 1 reply; 7+ messages in thread
From: Muffadal Essaji @ 2003-05-07 9:30 UTC (permalink / raw)
To: xchris; +Cc: netfilter
Hi ..
Please can you help me to configure the vpn in linux i m very new and i
don't anything .
i using redhat linux 9.0 if u need any kernal patch up.
yours
muffadal.
----- Original Message -----
From: "xchris" <lyra@fastwebnet.it>
To: <netfilter@lists.netfilter.org>
Cc: "Voltaire Pascual" <voltaire@voltaire.servebeer.com>
Sent: Wednesday, May 07, 2003 10:37 AM
Subject: Re: VPN Issue - help
> On Tuesday 06 May 2003 14:45, Voltaire Pascual wrote:
>
> > Hi Chris,
> >
> > Here's my configuration:
> >
> CUT
>
>
> OK.
> Now it's more clear.
>
> Stupid question...
> did yoy try disabling firewall and enabling ip_forward?
>
> you should have all chains with policy ACCEPT and ip_forward to 1.
>
> If it goes... your problem is related to your firewall scripts,otherwise
it's
> a iptables problem.
>
> More stupid question (just to be sure)
>
> I guess this box is the default gateway for your lan. right?
> (you reach the internet natted by this box)
>
>
> To be honest i always prefer to give vpn remote client different IP...
> (for example.. 192.168.1.x) to be more clear... but this is not the
problem!
>
> Let me know.
> bye
> xchris
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: vpn help from tanzania.
2003-05-07 9:30 ` vpn help from tanzania Muffadal Essaji
@ 2003-05-07 10:06 ` xchris
0 siblings, 0 replies; 7+ messages in thread
From: xchris @ 2003-05-07 10:06 UTC (permalink / raw)
To: netfilter; +Cc: Muffadal Essaji
On Wednesday 07 May 2003 11:30, Muffadal Essaji wrote:
> Hi ..
> Please can you help me to configure the vpn in linux i m very new and i
> don't anything .
> i using redhat linux 9.0 if u need any kernal patch up.
> yours
> muffadal.
we cannot tell you every step do do!
follow one of the several howto and post if you have problem.
This is not a netfilter related problem.
bye
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2003-05-07 10:06 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-05-05 22:42 VPN Issue - help Voltaire Pascual
2003-05-06 9:35 ` xchris
2003-05-06 12:45 ` Voltaire Pascual
2003-05-07 7:37 ` xchris
2003-05-07 9:23 ` xchris
2003-05-07 9:30 ` vpn help from tanzania Muffadal Essaji
2003-05-07 10:06 ` xchris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox