AW: [pptp-server] network neighborhood HELP!!!

Alan Chung alan at silveregg.co.jp
Wed Oct 11 01:52:12 CDT 2000


Thanks for your help.

The following are the IPchains rules and related port forwarding for 
VPN.  Like I mentioned in last mail, it seems that I got the connection 
through firewall but I should be able to ping internal hosts from VPN 
client, shouldn't I?  Also I have done local test (without going through 
firewall) for VPN connection and it worked fine.  I FINALLY got pptp 
through firewall but it is not working yet.

Here are my ipchains rules:

$REMOTENET = 0/0
$OUTERIP = IP address of external interface on firewall
$OUTERNET = $OUTERIP/netmask
$OUTERIF = external interface of firewall
$pptp_interip = internal IP address of pptp server

#--------------------------
# port forwarding for 1723
#--------------------------
ipmasqadm portfw -a -P tcp -L $OUTERIP 1723 -R $pptp_interip 1723

#----------------------
# redirect protocol 47
#----------------------
/usr/local/sbin/ipfwd --masq --syslog $pptp_interip 47 &

#-----------------------
# ipchains part for VPN
#-----------------------

ipchains -A input -p tcp -s $REMOTENET -d $OUTERNET 1723 -i $OUTERIF -j ACCEPT
ipchains -A input -p 47  -s $REMOTENET -d $OUTERNET        -i $OUTERIF -j 
ACCEPT

ipchains -A output -p tcp -s $OUTERNET -d $REMOTENET 1723 -i $OUTERIF -j ACCEPT
ipchains -A output -p 47  -s $OUTERNET -d $REMOTENET        -i $OUTERIF -j 
ACCEPT

Do you have any idea what could be wrong?

Thanks. 



More information about the pptp-server mailing list