Re: Help: Iptables rules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Most of the net applications are working fine,  web browser, ftp, telnet,
ssh, ping, Cisco VPN.
I only have problem with VPN using PPTP protocol.

Please let me know which modules to get pptp to work.

Thanks
Minh




                                                                                                                           
                      Antony Stone                                                                                         
                      <Antony@xxxxxxxxxxxxxxxx        To:       netfilter@xxxxxxxxxxxxxxxxxxx                              
                      o.uk>                           cc:                                                                  
                      Sent by:                        Subject:  Re: Help: Iptables rules                                   
                      netfilter-admin@xxxxxxxx                                                                             
                      tfilter.org                                                                                          
                                                                                                                           
                                                                                                                           
                      01/15/2004 01:53 PM                                                                                  
                                                                                                                           
                                                                                                                           




On Thursday 15 January 2004 7:57 pm, Minh Cao wrote:

> > 3. You say the above has not worked - how have you tested it?
>
> Yes, I tested
> I used VPN client, which connected to remote side. After connected, the
> password authentication is timeout in 2 minutes.

I really would recommend testing the setup with something a lot simpler
than a
VPN client :)

For example, a web browser, email, ssh, ftp - something which uses fairly
standard TCP connections, and is likely to work through NAT.

Depending on what sort of VPN you are trying to use, you may have
significant
problems getting it work (but then again you may not - as I say it depends
what sort of VPN it is).   For example, IPsec ESP (tunnel mode) is not too
difficult to get working, IPsec AH (transport mode) will not work across
NAT.
PPTP requires a special helper module, and there are other sorts of VPN
about
which I have no idea.

Start with something easy and work your way up to a VPN gradually.

> > 6. Did the machine work as a simple router before you tried adding
> > netfilter rules?
>
> Two NICs are on different subnet. Can I config as a router w/o using
> netfilter ?

Er, yes :)   You really should make sure the machine will route packets
properly before setting up netfilter, which (basically) blocks things.

It sounds as though you might benefit from reading the standard Linux
Networking HOWTO befoer tackling Oska Andreassen's netfilter tutorial which
I
recommended to you yesterday.

Regards,

Antony.

--
"Note: Windows 98, Windows 98SE and Windows 95 are not affected by [MS
Blaster].   However, these products are no longer supported.   Users of
these
products are strongly encouraged to upgrade to later versions."

(which *are* affected by MS Blaster...)

http://www.microsoft.com/security/security_bulletins/ms03-026.asp

                                                     Please reply to the
list;
                                                           please don't CC
me.
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux