From: Michael Alaimo <lists@reptiliannature.org>
To: Jan Klod <janklodvan@gmail.com>
Cc: netfilter@vger.kernel.org
Subject: Re: VPN (interface) access for and all traffic through from single user -- how to do it?
Date: Sun, 17 Aug 2008 00:30:06 -0400 [thread overview]
Message-ID: <48A7A94E.8070202@reptiliannature.org> (raw)
In-Reply-To: <200808162347.55392.janklodvan@gmail.com>
Hi Jan,
I would use tcpdump and traceroute to aid in debugging. nmap might also
be useful.
I also forget exactly what to do here, so if someone else knows please
help out.
If i recall correctly, there is a way you can direct traffic to your vpn
using SNAT.
so like if iptables -t nat -A POSTROUTING -d vpn_endpoint -J SNAT
--to-source local_vpn_endpoint
I think thats correct. The idea here is to have only traffic to the vpn
use the vpn, no? Trafic would leave
your vpn endpoint, reach the other side. The other side would reply
back to your SNAT -to-source which
would get routed to your pc.
I know this works with the *swan implementations, so using some sort of
NAT may help.
I would use those tools to debug, but there are probably some others
that would help as well.
Have you ever tried OpenVPN? It have used it in an office situation
before, and people appreciated it.
Please correct me if I am wrong. Hope this helps.
Mike
Jan Klod wrote:
> Still asking questions. I tried to follow probably the most simple case
> presented here:
> http://pptpclient.sourceforge.net/routing.phtml#all-to-tunnel
> but result is no access to internet at all. How can I debug these things and
> find out what is going on? Now it is like in the dark...
>
> Is it considerable to be a proof, that pptp VPN tunnel is working, if I can
> ping -i ppp0 <remote VPN address>?
>
> Looking for solutions,
> Jan
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
next prev parent reply other threads:[~2008-08-17 4:30 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-15 9:55 VPN (interface) access for and all traffic through from single user -- how to do it? Jan Klod
2008-08-15 15:29 ` Grant Taylor
2008-08-15 16:14 ` Jan Klod
2008-08-15 16:28 ` Grant Taylor
2008-08-15 16:19 ` Jan Klod
[not found] ` <200808152212.59882.janklodvan@gmail.com>
[not found] ` <48A5F9E2.5080206@riverviewtech.net>
2008-08-16 20:47 ` Jan Klod
2008-08-17 4:30 ` Michael Alaimo [this message]
2008-08-17 5:01 ` Grant Taylor
2008-08-21 13:32 ` active interface? Jan Klod
2008-08-21 13:42 ` Jan Engelhardt
2008-08-21 14:27 ` Grant Taylor
2008-08-17 4:31 ` VPN (interface) access for and all traffic through from single user -- how to do it? Grant Taylor
2008-08-17 11:20 ` Jan Klod
2008-08-17 17:53 ` Grant Taylor
2008-08-22 20:40 ` Jan Klod
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48A7A94E.8070202@reptiliannature.org \
--to=lists@reptiliannature.org \
--cc=janklodvan@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox