/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Hello,
I've been trying to create VPN passing through my Linux box for a day now
and am getting nowhere fast and would appreciate some advice on what I'm
doing wrong and/or what I can do to correct the problem.
Configuration:
Laptop ___
|
Dial-up ISP
|
Linux Box
eth0 216.60.221.155
eth0:2 198.246.197.225 (gw 198.246.197.10 which is on another
internal Linux box)
|
================= Internal Network 198.246.197.0
|
WinNT/PPTP Server
eth0 198.246.197.235 (gw 198.246.197.10 which is on another
internal Linux box)
*concern*
I'm not sure if the fact that the gw for 198.246.197.0 is part of my
problem or not???
Here is the script I'm using. Right now, it's wide open, but I just want
to get things working for now:
#Clear the chains
ipchains -F
ipchains -X
#For int net
#This should be eth0:2 and not eth0, right??
ipchains -A input -j ACCEPT -s 198.246.197.0/32 -d 0.0.0.0/0 -i eth0:2
ipchains -A output -j ACCEPT -s 0.0.0.0/0 -d 198.246.197.0/32 -i eth0:2
#For Internet
ipchains -A forward -j MASQ -s 198.246.197.0/32 -d 0.0.0.0/0 -i eth0
ipchains -A output -j ACCEPT -s 0.0.0.0/0 -d 0.0.0.0/0 -i eth0
ipchains -A input -j ACCEPT -s 0.0.0.0/0 -d 0.0.0.0/0 -i eth0
# Clear the ipportfw forwarding table
ipmasqadm portfw -f
# Forward traffic addressed to the firewall's 1723/tcp port
# to the PPTP server's 1723/tcp port
ipmasqadm portfw -P tcp -a -L 216.60.221.155 1723 -R 198.246.197.235 1723
^^^^^^^^^^^^^^^^^^ This does not appear to be working. When I use redir
instead, I at least see a connection and authentication attempt, but
naturally it fails as this is not what redir was designed for, correct?
When using ipmasqadm portfw, I do see a quick hit on the WinNT server when
running netstat -an, but it looks like that's all it is. Just a quick hit
and nothing else and my laptop immediately disconnected. Issuing sniffit
-A . -s198.246.197.235 creates an empty file. :-(
#Forward initial inbound 47/ip traffic to the PPTP server
ipfwd --debug --syslog --masq 198.246.197.235 47 &
My Laptop is set up to use the following for VPN:
Log on to network
enable software compression
require encrypted password
require data encryption
The above works when I set it up on a box inside to connect to the
WinNT/PPTP Server via the *Internal* network and the same if I only use
Log on to network and enable software compression.
Any ideas at all what I'm doing wrong? I would really appreciate any
pointers that anyone is willing to give
Best Regards,
Tim
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
