If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)

Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

IPtables/Gateway/Firewall not passing PPTP

rogue-entity · 2008-08-06 17:26:00

My network used to be connected as follows: modem -> router -> PC's This was fine, in that it easily connected my computer, laptop, and two other laptops to share the internet connection. But I was not happy with the utter uselessness of consumer-grade routers.. they didn't have the flexibility that I wanted, so I put a…

Options

06-08-2008 6:26pm

#1

rogue-entity

Registered Users Posts: 1,656 ✭✭✭

Join Date: July 2005

Posts: 1578

My network used to be connected as follows:
modem -> router -> PC's

This was fine, in that it easily connected my computer, laptop, and two other laptops to share the internet connection. But I was not happy with the utter uselessness of consumer-grade routers.. they didn't have the flexibility that I wanted, so I put a second network card into my server PC, and configured it as a gateway/router for the network.
This works fine for the most part, using IPTables it blocks incoming connection attempts, allows outgoing connections, forwards with NAT and allows reply packets back through.

All the PC's on the network, can access the internet just fine, MSN, Skype, everything like that works fine. As best as I can tell, IPTables is configured to blindly forward from the Lan (eth0) to the DSL (ppp0), without discriminating against any particular protocol (tcp, udp etc).

But PPTP is blocked, and I cant seem to get the gateway PC to allow it through just like any other internet connection. If I use the netgear router, my dad can connect in to his company network just fine, the same if I connect his laptop directly to the DSL modem.. but it wont connect through my gateway PC.

The gateway runs Debian using iptables, I scoured google but everything I found was either outlining how to connect to a PPTP server behind an iptables gateway like mine.. or suggested forwarding GRE and port 1743 along the lines of:
"iptables -A FORWARD -p 47 -s 192.168.0.0/28 -j ACCEPT"
"iptables -A FORWARD -p tcp --dport 1743 -s 192.168.0.0/28 -j ACCEPT"

I already have a similar line to forward outbound traffic from the LAN to the Internet.. and allow reply packets back like:
"iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT"
"iptables -A FORWARD -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT"

Any idea why PPTP refuses to forward through the NAT/Gateway? Adding the above lines for protocol 47 and port 1743 made no difference.

This is the only snag in a system I am otherwise very happy with, since my dad uses the same internet connection for work.. and the alternatives would be to force him to go back to using dialup (very slow), or switching back to using my wireless router.

Any help/advice would be greatly appreciated.. my knowledge of iptables is rather limited.

0