the same
i have this in the log
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=8
ID=64596 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2193
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=9
ID=28511 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2194
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=10 ID=629
PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2195
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=11
ID=30775 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2196
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=12
ID=13589 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2197
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=13
ID=23363 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2198
Sep 6 16:56:43 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=14
ID=29285 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2199
Sep 6 16:56:44 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=15
ID=40304 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2200
Sep 6 16:56:44 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=16
ID=25355 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2201
Sep 6 16:56:44 localhost kernel: Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0
SRC=192.168.10.90 DST=200.40.139.50 LEN=84 TOS=0x00 PREC=0x00 TTL=17
ID=7209 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2202
ppp2 = pptp
ppp0 adsl1
192.168.10.90 is me outside connected to the vpn
On Thu, Sep 6, 2012 at 4:01 PM, DanyD <[email protected]> wrote:
> See HINT comment
>
> Bogdan T.
>
> SysAdmin
> tbogdan<.a|t.>direkt.ro
> ----------------------------
> www.direkt.ro
> www.first-car.ro
>
>
>
> On 06-09-12 6:53 PM, Nico Pagliaro wrote:
>
> Hi everybody, I am having this problem
>
> I have 2 adsl in my firewall
> adsl1 - eth1
> ads2 - eth2
> lan - eth0 192.168.10.0/24
>
> and shorewall
>
> Now I have installed pptpd in my firewall and works
> My client connects without probem and can access local servers, also I can
> ssh to my FW
>
> The problem is that once connected to the vpn they can not access
> internet.
> here is my conf:
>
> etc/pptpd.conf
> -------------------
> option /etc/ppp/options.pptpd
> logwtmp
> localip 192.168.10.80-89
> remoteip 192.168.10.90-99
>
>
> Shorewall
> ----------
> interfaces
> #ZONE INTERFACE OPTIONS
> loc eth0
> net ppp0
> net ppp1
> vpn ppp+
>
>
> *HINT*
> you can make also something like this
>
> loc ppp+
> as replacement for
> vpn ppp+
>
>
> zones
> #ZONE TYPE OPTIONS IN OUT
> # OPTIONS OPTIONS
> fw firewall
> net ipv4
> loc ipv4
> vpn ipv4
>
> rules
> #VPN
> ACCEPT net $FW tcp 1723
> ACCEPT vpn $FW tcp 22
> ACCEPT vpn net tcp http,https
> ACCEPT vpn net udp 53
>
>
> tunnels
> #TYPE ZONE GATEWAY(S) GATEWAY
> # ZONE(S)
> pptpserver net 0.0.0.0/0
>
>
>
> masq
> #INTERFACE:DEST SOURCE ADDRESS PROTO PORT(S)
> IPSEC MARK USER/ SWITCH
> #
> GROUP
>
>
> ppp1 192.168.10.0/24
> ppp0 192.168.10.0/24
> ppp+ 192.168.10.0/24
>
>
> I dont know what I am doing wrong.
>
> Any idea?
>
> Really thanks
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
>
>
> _______________________________________________
> Shorewall-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
