[pptp-server] Linux firewall

Alan Chung alan at silveregg.co.jp
Thu Sep 21 03:21:17 CDT 2000 

I am sorry I forgot to correct 192.168.0.6 to 2.  They refer to the same 
machine.

Any clue?

At 午前 02:38 00/09/21 -0500, you wrote:
>Hello Allen:
>
> >> What is the Ip of the server that you are forwarding to?? 6 or 2
>
>Jerry
>
>Alan Chung wrote:
>
> > I have successfully setup a pptp server and tested it locally.  After I put
> > it behind my current Redhat 6.2 firewall, it failed to connect to server.
> >
> > I have the current ipchains rules setup for PPTP,
> >
> > # port forwarding for 1723
> > >>ipmasqadm portfw -a -P tcp -L 211.2.228.100 1723 -R 192.168.0.6 1723
> >
> > # redirect protocol 47
> > /usr/local/sbin/ipfwd --masq 192.168.0.6 47 &
> >
> > # ipchains section
> > >>$IPCHAINS -A input   -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> > >>$IPCHAINS -A input   -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> > $IPCHAINS -A input   -p 47  -d 192.168.0.2/24        -j ACCEPT
> > $IPCHAINS -A input   -p 47  -s 192.168.0.2/24        -j ACCEPT
> >
> > $IPCHAINS -A output  -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> > $IPCHAINS -A output  -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> > $IPCHAINS -A output  -p 47  -d 192.168.0.2/24        -j ACCEPT
> > $IPCHAINS -A output  -p 47  -s 192.168.0.2/24        -j ACCEPT
> >
> > $IPCHAINS -A forward -p tcp -d 192.168.0.2/24 1723 -j ACCEPT
> > $IPCHAINS -A forward -p tcp -s 192.168.0.2/24 1723 -j ACCEPT
> > $IPCHAINS -A forward -p 47  -d 192.168.0.2/24        -j ACCEPT
> > $IPCHAINS -A forward -p 47  -s 192.168.0.2/24        -j ACCEPT
> >
> > But I got the following error when I tried to access from my pptp-linux
> > client to server through firewall,
> >
> > warn[open_inetsock:pptp_callmgr.c:287]: connect: No route to host
> > fatal[callmgr_main:pptp_callmgr.c:122]: Could not open control connection
> > to 211.2.228.100
> > fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256
> >
> > And got 629 error if access from windows 98 client?
> >
> > Any clue?
> >
> > Thanks in advance.
> >
> > Alan
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!

*************************************
システムネットワークマネージャー
アラン チャン
*************************************
シルバーエッグテクノロジー株式会社
港区赤坂 2-14-15 プラザミカド303号
TEL : 03-3560-1831
FAX : 03-3560-1832
Email: alan at silveregg.co.jp
Homepage: http://www.silveregg.co.jp
*************************************

More information about the pptp-server mailing list