On 06-09-12 11:05 PM, Nico Pagliaro wrote:
Sorry, I dont understand you
On Thu, Sep 6, 2012 at 4:51 PM, Gábor Majoros <[email protected]
<mailto:[email protected]>> wrote:
but ppgrp was replaced with vpn right? as it's your ppp+ if.
HTTP protocol it working for you?
I dont see the ping as a rule, something like:
Ping(ACCEPT):info vpn ppp0
Please provide more info about your configs , not parts of it if you
want us to help you
Bogdan T.
SysAdmin
tbogdan<.a|t.>direkt.ro <http://direkt.ro>
----------------------------
www.direkt.ro <http://www.direkt.ro>
www.first-car.ro <http://www.first-car.ro>
On 6 September 2012 20:12, Nico Pagliaro <[email protected]
<mailto:[email protected]>> wrote:
the same
i have this in the log
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=8 ID=64596 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2193
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=9 ID=28511 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2194
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=10 ID=629 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2195
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=11 ID=30775 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2196
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=12 ID=13589 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2197
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=13 ID=23363 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2198
Sep 6 16:56:43 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=14 ID=29285 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2199
Sep 6 16:56:44 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=15 ID=40304 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2200
Sep 6 16:56:44 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=16 ID=25355 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2201
Sep 6 16:56:44 localhost kernel:
Shorewall:sfilter:DROP:IN=ppp2 OUT=ppp0 SRC=192.168.10.90
DST=200.40.139.50 <tel:200.40.139.50> LEN=84 TOS=0x00
PREC=0x00 TTL=17 ID=7209 PROTO=ICMP TYPE=8 CODE=0 ID=184 SEQ=2202
ppp2 = pptp
ppp0 adsl1
192.168.10.90 is me outside connected to the vpn
On Thu, Sep 6, 2012 <tel:2012> at 4:01 PM, DanyD
<[email protected] <mailto:[email protected]>> wrote:
See HINT comment
Bogdan T.
SysAdmin
tbogdan<.a|t.>direkt.ro <http://direkt.ro>
----------------------------
www.direkt.ro <http://www.direkt.ro>
www.first-car.ro <http://www.first-car.ro>
On 06-09-12 6:53 PM, Nico Pagliaro wrote:
Hi everybody, I am having this problem
I have 2 adsl in my firewall
adsl1 - eth1
ads2 - eth2
lan - eth0 192.168.10.0/24 <http://192.168.10.0/24>
and shorewall
Now I have installed pptpd in my firewall and works
My client connects without probem and can access local
servers, also I can ssh to my FW
The problem is that once connected to the vpn they can
not access internet.
here is my conf:
etc/pptpd.conf
-------------------
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.10.80-89
remoteip 192.168.10.90-99
Shorewall
----------
interfaces
#ZONE INTERFACE OPTIONS
loc eth0
net ppp0
net ppp1
vpn ppp+
*HINT*
you can make also something like this
loc ppp+
as replacement for
vpn ppp+
zones
#ZONE TYPE OPTIONS IN
OUT
# OPTIONS
OPTIONS
fw firewall
net ipv4
loc ipv4
vpn ipv4
rules
#VPN
ACCEPT net $FW tcp 1723
ACCEPT vpn $FW tcp 22
ACCEPT vpn net tcp http,https
ACCEPT vpn net udp 53
tunnels
#TYPE ZONE GATEWAY(S)
GATEWAY
#
ZONE(S)
pptpserver net 0.0.0.0/0 <http://0.0.0.0/0>
masq
#INTERFACE:DEST SOURCE ADDRESS
PROTO PORT(S) IPSEC MARK USER/ SWITCH
#
GROUP
ppp1 192.168.10.0/24 <http://192.168.10.0/24>
ppp0 192.168.10.0/24 <http://192.168.10.0/24>
ppp+ 192.168.10.0/24 <http://192.168.10.0/24>
I dont know what I am doing wrong.
Any idea?
Really thanks
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond.
Discussions
will include endpoint security, mobile security and the latest in
malware
threats.http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's
security and
threat landscape has changed and how IT managers can
respond. Discussions
will include endpoint security, mobile security and the
latest in malware
threats.
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond.
Discussions
will include endpoint security, mobile security and the latest
in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond.
Discussions
will include endpoint security, mobile security and the latest in
malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
