Re: [Shorewall-users] Shorewall +PPTP server on the same machine

Thu, 06 Sep 2012 12:05:37 -0700 

See HINT comment

Bogdan T.
SysAdmin
tbogdan<.a|t.>direkt.ro
----------------------------
www.direkt.ro
www.first-car.ro


On 06-09-12 6:53 PM, Nico Pagliaro wrote:

Hi everybody, I am having this problem

I have 2 adsl in my firewall
adsl1 - eth1
ads2 - eth2
lan - eth0 192.168.10.0/24 <http://192.168.10.0/24>

and shorewall

Now I have installed pptpd in  my firewall and works
My client connects without probem and can access local servers, also I can ssh to my FW
The problem is that once connected to the vpn they can not access internet. 
here is my conf:

etc/pptpd.conf
-------------------
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.10.80-89
remoteip 192.168.10.90-99


Shorewall
----------
interfaces
#ZONE           INTERFACE               OPTIONS
loc     eth0
net     ppp0
net     ppp1
vpn     ppp+



*HINT*
you can make also something like this

loc    ppp+
as replacement for
vpn  ppp+



zones
#ZONE   TYPE            OPTIONS         IN                      OUT
#                                       OPTIONS                 OPTIONS
fw      firewall
net     ipv4
loc     ipv4
vpn     ipv4

rules
#VPN
ACCEPT          net             $FW     tcp     1723
ACCEPT          vpn             $FW     tcp     22
ACCEPT          vpn             net     tcp     http,https
ACCEPT          vpn             net     udp     53


tunnels
#TYPE                   ZONE    GATEWAY(S)                      GATEWAY
#                                                               ZONE(S)
pptpserver      net 0.0.0.0/0 <http://0.0.0.0/0>



masq
#INTERFACE:DEST SOURCE ADDRESS PROTO PORT(S) IPSEC MARK USER/ SWITCH # GROUP 


ppp1 192.168.10.0/24 <http://192.168.10.0/24>
ppp0 192.168.10.0/24 <http://192.168.10.0/24>
ppp+ 192.168.10.0/24 <http://192.168.10.0/24>


I dont know what I am doing wrong.

Any idea?

Really thanks



------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/


_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to