[pptp-server] Routing problem.
Oswald Knoppers
Oswald.Knoppers at contrastmediagroep.nl
Fri Feb 1 04:49:17 CST 2002
Hi,
Thanks for the suggestions so far. Here is some more information.
Office network 192.168.1.0/24. Firewall 192.168.1.253 and one system
with 192.168.1.2. On the pptp link the firewall gets 192.168.3.1 and the
home firewall 192.168.3.11. The home network is 192.168.4.0/24 the home
firewall eth0 interface is 192.168.4.254 and one system over there is at
192.168.4.2
After establishing the tunnel i have the following routing setup on the
office firewall:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
192.168.3.11 0.0.0.0 255.255.255.255 UH 0 0 0
ppp0
192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0
ppp0
192.168.2.0 192.168.1.251 255.255.255.0 UG 0 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
192.168.0.0 192.168.1.251 255.255.255.0 UG 0 0 0
eth0
194.159.73.0 0.0.0.0 255.255.255.0 U 0 0 0
ippp0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
lo
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0
ippp0
And on the home firewall:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
192.168.3.1 0.0.0.0 255.255.255.255 UH 40 0 0
ppp0
192.168.4.0 0.0.0.0 255.255.255.0 U 40 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
ppp0
193.172.249.0 0.0.0.0 255.255.255.0 U 40 0 0
ippp0
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0
lo
0.0.0.0 0.0.0.0 0.0.0.0 U 40 0 0
ippp0
0.0.0.0 193.172.249.21 0.0.0.0 UG 40 0 0
ippp0
On the 192.168.1.2 server in the office i can ping both 192.168.3.11 and
192.168.4.254 interfaces of the home firewall but i cannot ping
192.168.4.2.
It looks to me that this might be related to the firewall setup at the
home firewall. This system is running a 2.4.8-26mdk kernel (Mandrake
V8.1). I have installed the Bastille firewall utility on this system and
it uses iptables. Unfortunately i am not very experienced with this and
i am not sure what to check. This firewall does work for access to the
internet from the home systems (through the ippp0 isdn interface)
without any problems.
Also i haven't installed tcpdump on the home firewall but i can do that
if needed.
Thanks in advance,
Oswald
More information about the pptp-server
mailing list