Re: [Shorewall-users] PPTP Server on my Shorewall

Fri, 14 Nov 2008 19:05:28 -0800 

Nico Pagliaro wrote:
> On Fri, Nov 14, 2008 at 1:30 PM, Jerry Vonau <[EMAIL PROTECTED]> wrote:
> 
>> Nico Pagliaro wrote:
>>> I put that rule, and the same,. I cant connect...
>>>
>>> On Fri, Nov 14, 2008 at 1:06 PM, Jerry Vonau <[EMAIL PROTECTED]> wrote:
>>>
>> The response was based on the limited info you provided, need to see a
>> full unedited shorewall dump.
>>
>> Jerry

Are you sure that the vpn client has authenticated correctly? The pptp 
chat sequence in /var/log/messages should shed some light on that. I can 
see that the vpn traffic to port 1723 is present but there is no gre 
traffic.

Chain net2fw (3 references)
  pkts bytes target     prot opt in     out     source 
destination
  8957 1504K ACCEPT     all  --  *      *       0.0.0.0/0 
0.0.0.0/0           state RELATED,ESTABLISHED
     3   126 ACCEPT     udp  --  *      *       0.0.0.0/0 
0.0.0.0/0           udp dpt:1194
     0     0 LOG        47   --  *      *       0.0.0.0/0 
0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:'
     0     0 ACCEPT     47   --  *      *       0.0.0.0/0 
0.0.0.0/0
     5   264 LOG        tcp  --  *      *       0.0.0.0/0 
0.0.0.0/0           tcp dpt:1723 LOG flags 0 level 6 prefix 
`Shorewall:net2fw:ACCEPT:'
     5   264 ACCEPT     tcp  --  *      *       0.0.0.0/0 
0.0.0.0/0           tcp dpt:1723
     4  1104 LOG        udp  --  *      *       0.0.0.0/0 
0.0.0.0/0           udp dpt:500 LOG flags 0 level 6 prefix 
`Shorewall:net2fw:ACCEPT:'
     4  1104 ACCEPT     udp  --  *      *       0.0.0.0/0 
0.0.0.0/0           udp dpt:500
     0     0 ACCEPT     udp  --  *      *       0.0.0.0/0 
0.0.0.0/0           udp dpt:1194
     0     0 ACCEPT     47   --  *      *       0.0.0.0/0 
0.0.0.0/0
     0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0 
0.0.0.0/0           tcp dpt:1723
  1438 87140 all2all    all  --  *      *       0.0.0.0/0 
0.0.0.0/0

Not sure why you have duplicate entries for your pptp vpn, are you using 
the tunnels file also? Which of the public ip address are you trying to 
connect with? I can see that your using the multi-ISP support without 
using "balance", that maybe an issue if your connecting to the addresses 
on eth1 or eth2.

Jerry
PS  Edit the dump again, and I'm out of the picture, I'm not guessing at 
what the real information is.



-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to