[pptp-server] maybe a routing problem??
Alan Chung
alan at silveregg.co.jp
Thu Oct 12 00:11:41 CDT 2000
Thanks for the help.
I do have proxyarp in my /etc/ppp/options file. This is my content of that
file,
lock
debug
mtu 1400
mru 1400
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
proxyarp
ms-wins 192.168.0.12
ms-dns 192.168.0.12
And, the only difference between your ipchains rules and mine is the ones
for ppp interface. I am not sure if those are necessary but I have tried
them. It doesn't create a different chain when I use "ipchains -L -n" to
see. Also, does "ppp+" apply to all ppp0, ppp1, ppp2...? I can still see
the ppp connection and ping from all internal machine to that VPN client IP
(after connection is built). But not reversely, I can't ping or see even
PPTP server or any of the internal hosts from VPN client. I was thinking I
probably have to add routes for VPN client to see all internal
machines. But I have no idea how to add a route in WIN98.
I am really STUCKed.
Please help.
At 午前 09:13 00/10/11 -0500, you wrote:
>Hi Alan:
>
>What are the rules on the pptp server?
>These are mine:
>/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p tcp -d $EXTIP/32 1723
>/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p 47 -d $EXTIP/32
>/sbin/ipchains -A input -j ACCEPT -i ppp+ -b -s 0/0 -d
>0/0 <<needed for ppp
>to talk to internal network, can changed to fit your needs
>/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p tcp ! -y -s $EXTIP/32 1723
>/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p 47 -s $EXTIP/32 -d $UNIVERSE
>/sbin/ipchains -A output -j ACCEPT -i ppp+ -b -s 0/0 -d
>0/0 <<needed for
>ppp to talk to internal network, can changed to fit your needs
>/sbin/ipchains -A forward -j ACCEPT -i $ppp+ -s $INTLAN -d $INTLAN << needed
>/sbin/ipchains -A forward -j ACCEPT -i $EXTIF -s $INTLAN -d $INTLAN
>I have these rules in use, yes they work.
>Is the proxyarp working in the pptp server?
More information about the pptp-server
mailing list