[pptp-server] can't ping past pptp server
Jerry Vonau
jvonau at home.com
Sat Oct 14 10:44:33 CDT 2000
Hi All:
Found it, the test rules that I was using were taken from the a much
larger script.
>>/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p tcp -d $EXTIP/32 1723
>>/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p 47 -d $EXTIP/32
>>/sbin/ipchains -A input -j ACCEPT -i ppp+ -b -s 0/0 -d 0/0
<<needed for ppp to talk to internal network, can changed to fit your
needs
>>/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p tcp ! -y -s $EXTIP/32
1723
>>/sbin/ipchains -A output -j ACCEPT -i $EXTIF -p 47 -s $EXTIP/32 -d
$UNIVERSE
>>/sbin/ipchains -A output -j ACCEPT -i ppp+ -b -s 0/0 -d 0/0
<<needed for ppp to talk to internal network, can changed to fit your
needs
>>/sbin/ipchains -A forward -j ACCEPT -i $ppp+ -s $INTLAN -d $INTLAN <<
needed
>>/sbin/ipchains -A forward -j ACCEPT -i $INTIF -s $INTLAN -d $INTLAN
<< needed but I forgot it.
so the internial interface couldn't talk to PPP
All is well now. It's been a long week..
Jerry Vonau
Jerry Vonau wrote:
> Hi All:
>
> The subject said it all. Proxyarp is enabled and shows in the log,
> no access to the LAN. ip forwarding is a 1
> I have the same setup working on 2.2.12,13,14,15 kernels, but what is
> the trick with 2.2.16-3.
> I used the exact same scripts. 128bit works great, but can't ping
> anything on the lan except the ppp link.
>
> Jerry Vonau
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
More information about the pptp-server
mailing list