you can enable it without restart echo 1 > /proc/sys/net/ipv4/ip_forward
T.Bogdan SysAdmin tbogdan<.a|t.>direkt.ro ------------------- www.direkt.ro www.first-car.ro On 06-09-12 9:42 PM, Nico Pagliaro wrote:
Gabor, I dont understand you. i have enable this in sysctl.conf net.ipv4.ip_forward = 1 but I did not restart yet. perhaps this fix this problemOn Thu, Sep 6, 2012 at 3:25 PM, Gábor Majoros <[email protected] <mailto:[email protected]>> wrote:My bad...getting tired... I meant gateway. :) Apologies. On 6 September 2012 19:19, Gábor Majoros <[email protected] <mailto:[email protected]>> wrote: Hi, Might be wrong, but add a zone also to tunnels? tunnels#TYPE ZONE GATEWAY(S) GATEWAY # ZONE(S)pptpserver net 0.0.0.0/0 <http://0.0.0.0/0> On 6 September 2012 18 <tel:2012%2018>:58, Nico Pagliaro <[email protected] <mailto:[email protected]>> wrote: I have this in my log Sep 6 15:42:17 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp1 SRC=192.168.10.90 DST=200.40.30.245 <tel:200.40.30.245> LEN=70 TOS=0x00 PREC=0x00 TTL=254 ID=34532 PROTO=UDP SPT=54024 <tel:54024> DPT=53 LEN=50 ppp2 = pptp ppp1 is one of my adsl On Thu, Sep 6, 2012 <tel:2012> at 12:53 PM, Nico Pagliaro <[email protected] <mailto:[email protected]>> wrote: Hi everybody, I am having this problem I have 2 adsl in my firewall adsl1 - eth1 ads2 - eth2 lan - eth0 192.168.10.0/24 <http://192.168.10.0/24> and shorewall Now I have installed pptpd in my firewall and works My client connects without probem and can access local servers, also I can ssh to my FW The problem is that once connected to the vpn they can not access internet. here is my conf: etc/pptpd.conf ------------------- option /etc/ppp/options.pptpd logwtmp localip 192.168.10.80-89 remoteip 192.168.10.90-99 Shorewall ---------- interfaces #ZONE INTERFACE OPTIONS loc eth0 net ppp0 net ppp1 vpn ppp+ zones#ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONSfw firewall net ipv4 loc ipv4 vpn ipv4 rules #VPN ACCEPT net $FW tcp 1723 ACCEPT vpn $FW tcp 22 ACCEPT vpn net tcp http,https ACCEPT vpn net udp 53 tunnels#TYPE ZONE GATEWAY(S) GATEWAY # ZONE(S)pptpserver net 0.0.0.0/0 <http://0.0.0.0/0> masq#INTERFACE:DEST SOURCE ADDRESS PROTO PORT(S) IPSEC MARK USER/ SWITCH # GROUPppp1 192.168.10.0/24 <http://192.168.10.0/24> ppp0 192.168.10.0/24 <http://192.168.10.0/24> ppp+ 192.168.10.0/24 <http://192.168.10.0/24> I dont know what I am doing wrong. Any idea? Really thanks ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] <mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] <mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
