[pptp-server] Linux firewall

[Jerry Vonau]

Hello Allen:

>> What is the Ip of the server that you are forwarding to?? 6 or 2

Jerry

Alan Chung wrote:

> I have successfully setup a pptp server and tested it locally.  After I put
> it behind my current Redhat 6.2 firewall, it failed to connect to server.
>
> I have the current ipchains rules setup for PPTP,
>
> # port forwarding for 1723
> >>ipmasqadm portfw -a -P tcp -L 211.2.228.100 1723 -R 192.168.0.6 1723
>
> # redirect protocol 47
> /usr/local/sbin/ipfwd --masq 192.168.0.6 47 &
>
> # ipchains section
> >>$IPCHAINS -A input   -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> >>$IPCHAINS -A input   -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> $IPCHAINS -A input   -p 47  -d 192.168.0.2/24        -j ACCEPT
> $IPCHAINS -A input   -p 47  -s 192.168.0.2/24        -j ACCEPT
>
> $IPCHAINS -A output  -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> $IPCHAINS -A output  -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> $IPCHAINS -A output  -p 47  -d 192.168.0.2/24        -j ACCEPT
> $IPCHAINS -A output  -p 47  -s 192.168.0.2/24        -j ACCEPT
>
> $IPCHAINS -A forward -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> $IPCHAINS -A forward -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> $IPCHAINS -A forward -p 47  -d 192.168.0.2/24        -j ACCEPT
> $IPCHAINS -A forward -p 47  -s 192.168.0.2/24        -j ACCEPT
>
> But I got the following error when I tried to access from my pptp-linux
> client to server through firewall,
>
> warn[open_inetsock:pptp_callmgr.c:287]: connect: No route to host
> fatal[callmgr_main:pptp_callmgr.c:122]: Could not open control connection
> to 211.2.228.100
> fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256
>
> And got 629 error if access from windows 98 client?
>
> Any clue?
>
> Thanks in advance.
>
> Alan
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!