[pptp-server] ipchains not forwarding to pptpd server

LIENARD Nicolas nicolas.lienard at internet-telecom.net
Thu Jan 6 05:18:56 CST 2000 

Hello


Why do u use this rules with ipchains ?

I only put this  (with ipfwadm):

/sbin/ipfwadm -F -a m -S 7.0.10.0/255.255.255.0 -D 0.0.0.0/0

and it works good.

[root scripts]# ./etat-firewall
IP firewall forward rules, default policy: deny
 pkts bytes type  prot opt  tosa tosx ifname  ifaddress       source
destination          ports
    0     0 acc/m all  ---- 0xFF 0x00 any     any             7.0.10.0/24
anywhere             n/a
    0     0 acc   tcp  b--- 0xFF 0x00 any     any             anywhere
cache.internet-telecom.net 1024:65535 -> smtp
    0     0 acc   tcp  b--- 0xFF 0x00 any     any
cache.internet-telecom.net anywhere             smtp -> 1024:65535
    0     0 acc   tcp  b--- 0xFF 0x00 any     any             anywhere
cache.internet-telecom.net 1024:65535 -> http
    0     0 acc   tcp  b--- 0xFF 0x00 any     any             7.0.10.0
anywhere             http -> 1024:65535
    0     0 acc   udp  b--- 0xFF 0x00 any     any             anywhere
7.0.10.0/24          domain -> any



why do u need a VPN ? i don't understand...  is it better than ip
masquerading ?

Thanx .


Nicolas.



Nicolas LIENARD
Internet Telecom
T/01.55.80.17.26 - F/01.55.80.17.18
19/21, rue Poissonnière - 75002 PARIS
nicolas.lienard at internet-telecom.net

----- Original Message -----
From: Terrelle Shaw <hshaw at epills.com>
To: pptpd <pptp-server at lists.schulte.org>
Sent: Tuesday, January 04, 2000 4:30 AM
Subject: [pptp-server] ipchains not forwarding to pptpd server


> Hello all..
>
> I think I might have an ipchains issue. Wondering of anything jumps out
any
> anyone while looking at my ipchains rules. It's supposed to be forwarding
> 1723 and 47 stuff to the vpn-pptpd server.. but looking at the logs on the
> firewall and pptpd-server.. its just getting to the firewall and
stopping..
>
> Any help is appreciated.
>
> Chain input (policy ACCEPT):
> target     prot opt     source                destination           ports
> REJECT     icmp ------  anywhere              external_ip
> echo-request
> ACCEPT     tcp  ------  anywhere              anywhere              any ->
> 1723
> ACCEPT     tcp  !y----  anywhere              external_ip         1723 ->
> any
> Chain forward (policy ACCEPT):
> target     prot opt     source                destination           ports
> ACCEPT     tcp  ------  anywhere              vpn_server_ip        any ->
> 1723
> ACCEPT     tcp  ------  vpn_server_ip        anywhere              1723 ->
> any
> ACCEPT     47   ------  anywhere              vpn_server_ip        n/a
> ACCEPT     47   ------  vpn_server_ip        anywhere              n/a
> ACCEPT     all  ------  10.0.0.0/24           external_real_ip/28    n/a
> MASQ       all  ------  10.0.0.0/24           anywhere              n/a
> MASQ       47   ------  anywhere              anywhere              n/a
> MASQ       tcp  ------  10.0.0.0              anywhere              any ->
> 1723
> Chain output (policy ACCEPT):
> target     prot opt     source                destination           ports
> ACCEPT     tcp  !y----  anywhere              10.0.0.0
             1723 ->
> any
> ACCEPT     tcp  ------  10.0.0.0              anywhere              any ->
> any
>
>
> Terrelle Shaw
> HealthCentralRx.com
> System Administrator
> hshaw at healthcentralrx.com
>
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!

More information about the pptp-server mailing list