[pptp-server] pptp tunnel is not used for internet services
Cowles, Steve
Steve at SteveCowles.com
Wed Sep 19 17:41:20 CDT 2001
> -----Original Message-----
> From: HaiDang [mailto:haidang79 at yahoo.com]
> Sent: Wednesday, September 19, 2001 3:12 PM
> To: Michael McConnell
> Cc: pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] pptp tunnel is not used for
> internet services
>
>
> Maybe I need to clarify it more.
Thank You!
> The firewall is on the Linux box, which also runs as
> VPN server. The firewall only allows packets within
> the subnet to the Linux server (let say - 0 to 31).
> The IP pool consists of only 3 IPs: 29, 30, and 31).
> When I establish VPN, I get assigned 29. But when I
> use the mail server on the same Linux box, and check
> the log files, my Wins98 uses its original IP to send
> packets to the Linux, and thus is denied by the
> firewall rules. The tunnel is just between my Wins98
> and the Linux server, nothing else's involved.
If I understand your post correctly, it sounds like your PPTP clients
ethernet interface has an IP address that is within the same subnet as the
VPN that you are trying to create. If this is the case, then what you are
describing is normal. Think netmasks! Type: route print - at the PPTP client
after you establish your VPN.
If this is not the case, and you are establishing a VPN across the internet
where your ethernet (or dialup) adapter has a differnent IP/netmask then the
private LAN your are trying to access across the VPN, then how are you
specifying the mail server? By IP or FQDN. ie. When you ping your mail
server from the PPTP client using its FQDN... what IP address is being
returned? In other words, is the IP address internal or external? FWIW: I
run a DNS server which returns the internal IP address for mail.mydomain.com
when queried internally (or across the VPN) and an external address when
queried from the internet.
>
> And if I used firewall-config to configure the
> firewall, how should I add those rules in ??
>
> Thank you,
Can't help you much here. Keep in mind that your PPTP server is in essence -
a router. It is routing packets of data between eth0 and ppp0 and
vice-versa. Your firewall rules will need to deal with this.
Steve Cowles
More information about the pptp-server
mailing list