[pptp-server] can't get through firewall
Mikael Lönnroth
gml at advancevpn.com
Wed Aug 21 06:26:24 CDT 2002
---- Original Message -----
From: "Jeff Shanholtz" <jsubs at shanholtz.com>
To: <pptp-server at lists.schulte.org>
Sent: Wednesday, August 21, 2002 9:53 AM
Subject: [pptp-server] can't get through firewall
> mentions (http://home.swbell.net/berzerke). I still can't connect, but
> now I'm getting some log information which has me a little puzzled.
>
> Aug 20 23:30:09 antishane kernel: Input packet droppedIN=eth1 OUT=
> MAC=00:20:af:a3:ea:67:00:80:48:db:39:80:08:00 SRC=4.18.238.25
> DST=4.18.238.26 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=6479 DF PROTO=TCP
> SPT=4725 DPT=1723 WINDOW=16384 RES=0x00 SYN URGP=0
>
> The first line of the pptpd section should cause that packet to be
> allowed as far as I can tell. Can someone point out the problem? $EXTINT
> is set to "eth1" and $PUBLICPORTS is set to "1024:65535"
>
> #Allow pptpd connections (port 1723)
> /sbin/iptables -t nat -A PREROUTING -i $EXTINT -p TCP \
> --sport $PUBLICPORTS --dport 1723 -j ACCEPT
It should be "iptables -A INPUT ..." not "...-t nat -A PREROUTING. "
Regards,
Mikael Lönnroth
AdvanceVPN Oy
www.advancevpn.com
More information about the pptp-server
mailing list