Find the answer to your Linux question:
Results 1 to 7 of 7
Hi, I'm running an own PPTP Server, but I can't get it to access the internet. All my PCs at home run in the 192.168.0.0/24 net, the PPTP Server has ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2010
    Posts
    4

    IPTABLES: Allow PPTP IPs to access the Internet


    Hi,

    I'm running an own PPTP Server, but I can't get it to access the internet.

    All my PCs at home run in the 192.168.0.0/24 net,
    the PPTP Server has local IP192.168.0.5 and remote IP 192.168.0.80-99.

    The router to the internet is at 192.168.0.1, and the IP of eth0 on the machine where the pptpd runs is 192.168.0.4.


    I want to be able to connect to the internet trough that VPN and access my local LAN servers (which works fine so far). I can ping internet and local IPs successfully, but can not access them with a browser, or connect to them in any other way.

    I have 'accepted' all in/output and forwards.

    I am running a Squid proxy on the same machine, and if I do:
    iptables -t nat -A PREROUTING -j REDIRECT -i ppp0 -s 192.168.0.0/24 -p tcp --dport 80 --to-port 3128
    ... I can access the internet through Squid, but of course Jabber/ICQ etc. won't work then because it just refers port 80.

    But I want the PPTP Clients to connect to the internet directly, if I don't use that rule it's not possible to load any pages. But pinging works all the time. DNS is also working fine, but I can't even access webpages via IP directly.


    So how can I allow the PPTP IPs 192.168.0.80-99 to get direct access to the Internet with Iptables?


    Thanks in advance!

  2. #2
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    if you have configured all traffic to need to go through the proxy, then any application using internet must be configured to use this proxy

  3. #3
    Just Joined!
    Join Date
    Jan 2010
    Posts
    4
    Hi, thanks for the reply,

    but I want to not to use the proxy,

    so it's like this: PPTP Client -> PPTP Server -> Internet


    Regards

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User
    Join Date
    Dec 2009
    Posts
    264
    If I am allowed to redirect you to a howto of a configuration howto for a wrt pptpd server.
    ____://nuwiki.openwrt.org/oldwiki/PPTPDHowto

    iptables -A forwarding_rule -i ppp+ -o $WAN -j ACCEPT
    I guess thats the line you are looking for ...

    The only problem is, that the parameter $WAN isn't set on your system.
    You can write the Internet Interface there (eth0.0 for example)

    And maybe you don't have the table "forwarding_rule" ...
    Guess FORWARD should work on each system ...

  6. #5
    Just Joined!
    Join Date
    Jan 2010
    Posts
    4
    I have already allowed all in/output and forwards, so that can't be the problem, unfortunately.

    Weird is that I can ping an IP in the internet, while connected to the PPTP Server, but can't connect to that IP it in a browser then.



    Regards

  7. #6
    Linux User
    Join Date
    Dec 2009
    Posts
    264
    Is
    iptables -t nat -A PREROUTING -j REDIRECT -i ppp0 -s 192.168.0.0/24 -p tcp --dport 80 --to-port 3128
    set? or not?

    It says that every trafic from the pptp interface with a destination on port 80 (http) is redirected to the proxy on localhost.
    So you ll have to "delete" this rule.

  8. #7
    Just Joined!
    Join Date
    Jan 2010
    Posts
    4
    I know, I know.
    I've just mentioned it because I thought it might help, it's disabled until I got the routing working.

    If I don't set that rule I can't access the internet at all, except pinging.


    Regards

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •