Here is my conf :
#TYPE ZONE GATEWAY GATEWAY
# ZONE
pptpserver net 0.0.0.0/0 ppgrp
works more or less. Some sites do not load (net bank :) ) but generally at
least some works.
On 6 September 2012 19:55, Gábor Majoros <[email protected]> wrote:
> sysctl net.ipv4.ip_forward tells you
>
> root@grpgw:~# sysctl net.ipv4.ip_forward
> net.ipv4.ip_forward = 1
>
>
> On 6 September 2012 19:42, Nico Pagliaro <[email protected]> wrote:
>
>> Gabor, I dont understand you.
>> i have enable this in sysctl.conf
>> net.ipv4.ip_forward = 1
>>
>> but I did not restart yet. perhaps this fix this problem
>>
>> On Thu, Sep 6, 2012 at 3:25 PM, Gábor Majoros <[email protected]> wrote:
>>
>>> My bad...getting tired...
>>>
>>> I meant gateway. :)
>>>
>>> Apologies.
>>>
>>>
>>> On 6 September 2012 19:19, Gábor Majoros <[email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> Might be wrong, but add a zone also to tunnels?
>>>>
>>>> tunnels
>>>> #TYPE ZONE GATEWAY(S) GATEWAY
>>>> # ZONE(S)
>>>> pptpserver net 0.0.0.0/0
>>>>
>>>>
>>>>
>>>> On 6 September 2012 18:58, Nico Pagliaro <[email protected]> wrote:
>>>>
>>>>> I have this in my log
>>>>> Sep 6 15:42:17 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2
>>>>> OUT=ppp1 SRC=192.168.10.90 DST=200.40.30.245 LEN=70 TOS=0x00
>>>>> PREC=0x00 TTL=254 ID=34532 PROTO=UDP SPT=54024 DPT=53 LEN=50
>>>>>
>>>>>
>>>>> ppp2 = pptp
>>>>> ppp1 is one of my adsl
>>>>>
>>>>>
>>>>> On Thu, Sep 6, 2012 at 12:53 PM, Nico Pagliaro <[email protected]>wrote:
>>>>>
>>>>>> Hi everybody, I am having this problem
>>>>>>
>>>>>> I have 2 adsl in my firewall
>>>>>> adsl1 - eth1
>>>>>> ads2 - eth2
>>>>>> lan - eth0 192.168.10.0/24
>>>>>>
>>>>>> and shorewall
>>>>>>
>>>>>> Now I have installed pptpd in my firewall and works
>>>>>> My client connects without probem and can access local servers, also
>>>>>> I can ssh to my FW
>>>>>>
>>>>>> The problem is that once connected to the vpn they can not access
>>>>>> internet.
>>>>>> here is my conf:
>>>>>>
>>>>>> etc/pptpd.conf
>>>>>> -------------------
>>>>>> option /etc/ppp/options.pptpd
>>>>>> logwtmp
>>>>>> localip 192.168.10.80-89
>>>>>> remoteip 192.168.10.90-99
>>>>>>
>>>>>>
>>>>>> Shorewall
>>>>>> ----------
>>>>>> interfaces
>>>>>> #ZONE INTERFACE OPTIONS
>>>>>> loc eth0
>>>>>> net ppp0
>>>>>> net ppp1
>>>>>> vpn ppp+
>>>>>>
>>>>>>
>>>>>> zones
>>>>>> #ZONE TYPE OPTIONS IN OUT
>>>>>> # OPTIONS
>>>>>> OPTIONS
>>>>>> fw firewall
>>>>>> net ipv4
>>>>>> loc ipv4
>>>>>> vpn ipv4
>>>>>>
>>>>>> rules
>>>>>> #VPN
>>>>>> ACCEPT net $FW tcp 1723
>>>>>> ACCEPT vpn $FW tcp 22
>>>>>> ACCEPT vpn net tcp http,https
>>>>>> ACCEPT vpn net udp 53
>>>>>>
>>>>>>
>>>>>> tunnels
>>>>>> #TYPE ZONE GATEWAY(S)
>>>>>> GATEWAY
>>>>>> #
>>>>>> ZONE(S)
>>>>>> pptpserver net 0.0.0.0/0
>>>>>>
>>>>>>
>>>>>>
>>>>>> masq
>>>>>> #INTERFACE:DEST SOURCE ADDRESS PROTO
>>>>>> PORT(S) IPSEC MARK USER/ SWITCH
>>>>>> #
>>>>>> GROUP
>>>>>>
>>>>>>
>>>>>> ppp1 192.168.10.0/24
>>>>>> ppp0 192.168.10.0/24
>>>>>> ppp+ 192.168.10.0/24
>>>>>>
>>>>>>
>>>>>> I dont know what I am doing wrong.
>>>>>>
>>>>>> Any idea?
>>>>>>
>>>>>> Really thanks
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Live Security Virtual Conference
>>>>> Exclusive live event will cover all the ways today's security and
>>>>> threat landscape has changed and how IT managers can respond.
>>>>> Discussions
>>>>> will include endpoint security, mobile security and the latest in
>>>>> malware
>>>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>>>> _______________________________________________
>>>>> Shorewall-users mailing list
>>>>> [email protected]
>>>>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>>>>
>>>>>
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Live Security Virtual Conference
>>> Exclusive live event will cover all the ways today's security and
>>> threat landscape has changed and how IT managers can respond. Discussions
>>> will include endpoint security, mobile security and the latest in malware
>>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>>> _______________________________________________
>>> Shorewall-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Live Security Virtual Conference
>> Exclusive live event will cover all the ways today's security and
>> threat landscape has changed and how IT managers can respond. Discussions
>> will include endpoint security, mobile security and the latest in malware
>> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>> _______________________________________________
>> Shorewall-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>
>>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
