PPTPD CentOS 5 - Issues with Shorewall

CoMMy · 08-10-2008, 11:12 AM

Hi people,

After working on this VPN setup many weeks now I thought to take a break and ask you people might have an insight on this since google does not help much for my server configuration type.

Here are some details on what i have and what i am trying to accomplish:

Server : CentOS 5.2 - Kernel 2.6.18-53.1.21.el5
eth0 : inet addr:XXX.8.159.34 Bcast:XXX.8.159.35 Mask:255.255.255.252

Also on eth0, the following IP's are also assigned:
XXX.20.10.217 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.10.218 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.10.219 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.10.220 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.10.221 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.10.222 --Bcast : XXX.20.10.223 --Mask:255.255.255.248
XXX.20.55.81 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.82 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.83 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.84 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.85 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.86 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.87 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.88 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.89 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.90 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.91 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.92 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.93 --Bcast : XXX.20.55.95 --Mask:255.255.255.240
XXX.20.55.94 --Bcast : XXX.20.55.95 --Mask:255.255.255.240

There is no eth1, ie. no internal network so to speak. Its a remote dedicated server ...

I have tried setting up a pptpd server on this machine to be able to access the internet through the dedicated from my house.

PPTPD config files:
/etc/pptpd.conf

Code:

option  /etc/ppp/options.pptpd
debug
logwtmp
localip XXX.20.55.81
remoteip XXX.20.55.82-94
listen  XXX.20.55.81
speed   115200

/etc/ppp/options.pptpd

Code:

refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns XXX.20.1.2
proxyarp
debug
nobsdcomp
novj
novjccomp
nologfd
auth

Shorewall configs:
/etc/shorewall/zones

Code:

fw      firewall
net     ipv4

/etc/shorewall/interfaces

Code:

net     eth0    detect  blacklist,tcpflags,logmartians,nosmurfs
loc     ppp+    XXX.20.55.95

/etc/shorewall/policy

Code:

$FW             net             ACCEPT
$FW             all             ACCEPT
net             $FW             DROP            info
net             all             DROP            info
all     all     DROP    info

/etc/shorewall/tunnels

Code:

pptpserver      net     0.0.0.0/0

Basically, the VPN connection connects successfully. However, i cant ping or even use the dns to get a response!

I have tried the configuration found in shorewall website with no end though.
If you can provider some insight on how to setup shorewall i would appreciate it.

PoPToP version 1.3.4
Shorewall version 4.0.12

Thank you