[pptp-server] Help with config and ipchain rulesets...

[Tommy Orndorff]

I am having some issues with my poptop/pppd connections, and I was hoping 
someone could give me a hand checking ipchains rules, etc.

I'm running PoPToP v1.1.2 and pppd version 2.4.0 on kernel version 2.4.16.  
Connections to the VPN work fine 100% of the time with encryption enabled.  
Here is my ppp options file:

lock
debug
proxyarp
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
auth
require-chap
+chap
ms-wins 192.168.1.1

My pptpd.conf file contains these lines: 

option /etc/ppp/options
debug
localip 192.168.1.102-120
remoteip 192.168.1.102-120
listen 192.168.1.101

My ip chains rules contain the following rules (and ipchains only uses these 
rules):

echo 1 > /proc/sys/net/ipv4/ip_forward

ipchains -P forward DENY
ipchains -A forward -i eth0 -j MASQ

ipchains -N ppp-out
ipchains -A output -i eth0 -j ppp-out
ipchains -A ppp-out -p 47 -j ACCEPT

ipchains -N ppp-in
ipchains -A input -i eth0 -j ppp-in
ipchains -A ppp-in -p TCP -y -d 0.0.0.0/0 pptp -j ACCEPT -l
ipchains -A ppp-in -p TCP    -d 0.0.0.0/0 pptp -j ACCEPT

ipchains -A ppp-in -p 47 -j ACCEPT
ipchains -A ppp-in -p TCP -y -j DENY
ipchains -A ppp-in -p UDP -j DENY

ipchains -A forward -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT

My gateway IP for the LAN that the VPN resides on is 192.168.1.254.  I have 
users set with IP's given out of the range.  After connecting, no packets are 
received back to the client (ie. when browsing any www page there is no 
response).

Anyone see anything wrong or have any suggestions?  Hopefully I've included 
enough information.

Tommy Orndorff