[pptp-server] pptp through firewall
Cowles, Steve
Steve at SteveCowles.com
Thu Jul 19 17:11:29 CDT 2001
>
> Okay, here goes... Sorry about the confusion, I
> misinterpreted "remote end" as "client."
>
> 1) Cut/Paste of /var/log/messages for pptp connection from remote.
> Jul 19 12:11:29 thing pppd[17845]: pppd 2.3.11 started by root, uid 0
> Jul 19 12:11:29 thing pppd[17845]: Using interface ppp0
> Jul 19 12:11:29 thing pppd[17845]: Connect: ppp0 <--> /dev/pts/0
> Jul 19 12:11:32 thing pppd[17845]: CHAP peer authentication
> succeeded for vpnuser
> Jul 19 12:11:36 thing pppd[17845]: found interface eth0 for proxy arp
> Jul 19 12:11:36 thing pppd[17845]: local IP address 192.168.200.240
> Jul 19 12:11:36 thing pppd[17845]: remote IP address 192.168.200.242
>
> 2) Cut/Paste of "ifconfig ppp0" after connection is brought up.
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:192.168.200.240 P-t-P:192.168.200.242
> Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
> RX packets:72 errors:0 dropped:0 overruns:0 frame:0
> TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:10
>
>
> 3) Cut/Paste of "netstat -rn"
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS
> Window irtt
> Iface
> 192.168.200.242 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
> 192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 0.0.0.0 192.168.200.1 0.0.0.0 UG 0 0 0 eth0
The above looks good.
Are you sure you have ip_forwarding enabled on the PPTP server???
To verify type: cat /proc/sys/net/ipv4/ip_forward
If ip_forwarding is enabled, the above should print out "1", it not it
should print out "0"
To Enable/test ip_forwarding (temporarily), will not live thru a reboot:
echo "1" >/proc/sys/net/ipv4/ip_forward
Based on your linux disto, you can enable ip_forwarding (permanently) thru
gui's or edit either:
/etc/sysconfig/network
or
/etc/sysctl.conf
and change the ip_frowarding variable to "1"
Steve Cowles
More information about the pptp-server
mailing list