[pptp-server] PPTP

George Vieira GeorgeV at citadelcomputer.com.au
Thu Apr 19 01:26:06 CDT 2001 

Is your $LOCALHOST containing 127.0.0.1? This won't work and should contains
your external IP address..

Can you give me/us a listing of your 

ipchains -L -n -v --linenumbers


thanks,
George Vieira


-----Original Message-----
From: Karan Ingale [mailto:karan_ingale at yahoo.com]
Sent: Thursday, April 19, 2001 4:09 PM
To: pptp-server at lists.schulte.org
Cc: shirish at dishatech.com
Subject: [pptp-server] PPTP


Hello,
 I am running Redhat Linux 6.2 on a Pentium machine. I
have applied the Kernel patch for PPTP. I am using
IPChains to filter out specific outgoing and incoming
traffic.
 I use a Windows 2000 machine from the internal
network, to make a VPN session with a server on the
internet. If I don't apply any rules for ipchains (All
Accept), I am able to make the connection. But as soon
as I apply the following rules, I am not able to make
a VPN connection with the VPN server on the internet.

This is the policy I used to deny all ports

  ipchains --policy input    DENY
  ipchains --policy output   DENY
  ipchains --policy forward  DENY

This is the policy for PPTP

  ipchains --append        input \
           --jump          ACCEPT \
           --interface     $EXTERNAL_INTERFACE \
           --source        $EXTERNAL_NETWORK $PPTP \
           --destination   $LOCALHOST $UNPRIVPORTS \
           --protocol      tcp  
#           --protocol      tcp  ! -y    #SYN BIT
Check

  ipchains --append        output \
           --jump          ACCEPT \
           --interface     $EXTERNAL_INTERFACE \
           --source        $LOCALHOST $UNPRIVPORTS \
           --destination   $EXTERNAL_NETWORK $PPTP \
           --protocol      tcp

  ipchains --append        input \
           --jump          ACCEPT \
           --interface     $EXTERNAL_INTERFACE \
           --source        $EXTERNAL_NETWORK $PPTP \
           --destination   $LOCALHOST $UNPRIVPORTS \
           --protocol      udp

  ipchains --append        output \
           --jump          ACCEPT \
           --interface     $EXTERNAL_INTERFACE \
           --source        $LOCALHOST $UNPRIVPORTS \
           --destination   $EXTERNAL_NETWORK $PPTP \
           --protocol      udp

 I have similar policies for other ports. They work
just fine. 
 Can anybody solve my problem?

Thanks.

Karan. 

Systems Engineer.
Disha Technologies.



__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!

More information about the pptp-server mailing list