[pptp-server] Cannot ping after connecting.

Jerry Vonau jvonau at home.com
Thu Apr 19 22:40:17 CDT 2001 

Naresh:

I think you missing a forwarding rule for the ppp interface

ie:  forward -i ppp0 -s 10.1.2.0/24 -d 10.1.2.0/24 -j ACCEPT

Jerry Vonau




Naresh wrote:

> Hi,
>
>   I am testing a pptp server locally and trying to simulate the remote
> connection. I have a Win 2K pc with internet address and the pptp server on same
> network with local address. I am able to establish Vpn connection from Win2k
> machine but unable to ping local ip addresses. Here are some config. settings:
>
> [root at buzz /root]# iptables -L -n -v
> Chain INPUT (policy ACCEPT 10502 packets, 1127656 bytes)
>  pkts bytes target     prot opt in     out     source               destination
>     4   296 ACCEPT     all  --  lo     *       127.0.0.0/8          0.0.0.0/0
>     0     0 ACCEPT     all  --  lo     *       10.1.2.0/24          0.0.0.0/0
>    80  4405 ACCEPT     all  --  eth0   *       10.1.2.0/24          0.0.0.0/0
>  1349  114K ACCEPT     47   --  eth0   *       0.0.0.0/0            0.0.0.0/0
>   186 13323 ACCEPT     all  --  ppp+   *       10.1.2.0/24          10.1.2.0/24
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source               destination
>     4   240 ACCEPT     all  --  eth0   *       10.1.2.0/24          0.0.0.0/0
>     8   480 ACCEPT     all  --  *      eth0    0.0.0.0/0            10.1.2.0/24
>
> Chain OUTPUT (policy ACCEPT 10657 packets, 4613238 bytes)
>  pkts bytes target     prot opt in     out     source               destination
>     4   296 ACCEPT     all  --  *      lo      0.0.0.0/0            127.0.0.0/8
>     0     0 ACCEPT     all  --  *      lo      10.1.2.0/24          0.0.0.0/0
>   116  8180 ACCEPT     all  --  *      eth0    10.1.2.0/24          0.0.0.0/0
>  1606 73530 ACCEPT     47   --  *      eth0    0.0.0.0/0            0.0.0.0/0
>   200 14835 ACCEPT     all  --  *      ppp+    10.1.2.0/24          10.1.2.0/24
> [root at buzz /root]#
>
> -----------------------------------------------
> /etc/ppp/options:
>
> name *
> lock
> mtu 1490
> mru 1490
> proxyarp
> auth
> +chap
> +chapms
> +chapms-v2
> ipcp-accept-local
> ipcp-accept-remote
> lcp-echo-failure 3
> lcp-echo-interval 5
> deflate 0
> mppe-128
> mppe-40
> mppe-stateless
> defaultroute
> debug
>
> ------------------------
>
> [root at buzz /root]# netstat -nr
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
> 10.1.2.247      0.0.0.0         255.255.255.255 UH       40 0          0 ppp0
> 63.107.13.192   0.0.0.0         255.255.255.192 U        40 0          0 eth0
> 10.1.2.0        0.0.0.0         255.255.255.0   U        40 0          0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U        40 0          0 lo
> 0.0.0.0         10.1.2.2        0.0.0.0         UG       40 0          0 eth0
> [root at buzz /root]#
>
> ---------------------
> [root at buzz /root]# lsmod
> Module                  Size  Used by
> ip_gre                  7040   0  (unused)
> ppp_mppe               23712   2  (autoclean)
> ppp_async               6672   1  (autoclean)
> ppp_generic            18816   3  (autoclean) [ppp_mppe ppp_async]
> slhc                    4864   0  (autoclean) [ppp_generic]
> iptable_filter          1856   0  (autoclean) (unused)
> iptable_nat            19744   0  (unused)
> ip_conntrack           23520   1  [iptable_nat]
> ip_tables              13696   4  [iptable_filter iptable_nat]
> unix                   16656  47  (autoclean)
> [root at buzz /root]#
>
> Can someone please tell me where I went wrong. i did not put any masq. rules
> since I'll be using FW1 for NAT.
>
> Thanks,
> Naresh
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!

More information about the pptp-server mailing list