Re: [Shorewall-users] Shorewall +PPTP server on the same machine

Thu, 06 Sep 2012 11:03:06 -0700 

I have this in my log
Sep  6 15:42:17 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp1
SRC=192.168.10.90 DST=200.40.30.245 LEN=70 TOS=0x00 PREC=0x00 TTL=254
ID=34532 PROTO=UDP SPT=54024 DPT=53 LEN=50


ppp2 =  pptp
ppp1 is one of my adsl


On Thu, Sep 6, 2012 at 12:53 PM, Nico Pagliaro <[email protected]> wrote:

> Hi everybody, I am having this problem
>
> I have 2 adsl in my firewall
> adsl1 - eth1
> ads2 - eth2
> lan - eth0 192.168.10.0/24
>
> and shorewall
>
> Now I have installed pptpd in  my firewall and works
> My client connects without probem and can access local servers, also I can
> ssh to my FW
>
> The problem is that once connected to the vpn they can not access internet.
> here is my conf:
>
> etc/pptpd.conf
> -------------------
> option /etc/ppp/options.pptpd
> logwtmp
> localip 192.168.10.80-89
> remoteip 192.168.10.90-99
>
>
> Shorewall
> ----------
> interfaces
> #ZONE           INTERFACE               OPTIONS
> loc     eth0
> net     ppp0
> net     ppp1
> vpn     ppp+
>
>
> zones
> #ZONE   TYPE            OPTIONS         IN                      OUT
> #                                       OPTIONS                 OPTIONS
> fw      firewall
> net     ipv4
> loc     ipv4
> vpn     ipv4
>
> rules
> #VPN
> ACCEPT          net             $FW     tcp     1723
> ACCEPT          vpn             $FW     tcp     22
> ACCEPT          vpn             net     tcp     http,https
> ACCEPT          vpn             net     udp     53
>
>
> tunnels
> #TYPE                   ZONE    GATEWAY(S)                      GATEWAY
> #                                                               ZONE(S)
> pptpserver      net              0.0.0.0/0
>
>
>
> masq
> #INTERFACE:DEST         SOURCE          ADDRESS         PROTO   PORT(S)
> IPSEC   MARK    USER/   SWITCH
> #
>               GROUP
>
>
> ppp1                    192.168.10.0/24
> ppp0                    192.168.10.0/24
> ppp+                    192.168.10.0/24
>
>
> I dont know what I am doing wrong.
>
> Any idea?
>
> Really thanks
>
>

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to