Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Well, I installed Linux about two years ago, flattened by Windows 2000 box and just started over with RH 8. Fast-forward to the present and I am running Fedora. As a professional programmer I am comfortable working with the shell, plus I had quite a bit of Unix experience while at University. I have managed to find all the development tools that I need to work comfortably on my Linux box.
I only have one complaint: I need to connect to my windows machine (ideally through remote desktop) at work. Of course to do this I need a VPN connection to our watchguard firewall. Yes, yes I know that PPTP is potentially useful for this purpose. And yes I have already spent enough hours trying to get it to work to buy several windows boxes.. After several days spent playing with ifconfig, tcpdump, route, posting on forums and edititing configuration files I am still not able to do something that would have literally taken me ten minutes to do using a windows os. If I was back at the point when I was 15 and poking around on bulletin boards and playing with 6502 assembler this challenge might be fun. Now however, I simply want to use the OS as a tool to accomplish bigger and better things.
I am at the point where I am seriously thinking about writing a VPN client for Linux, but I have a creeping and realistic sense that I will do no better than the guys at PPTP did (and they probably did a great job)
I really just wanted to rant, but I would appreciate any help using a Linux client to communicate with a MS VPN or Watchguard VPN server? And please, pretty please don't send me something that says, "check out PPTP dude".
I have already tried:
-PPTP (can connect, but can not get traffic to route through tunnel, added routes..blah blah, tcpdump shows now traffic over ppp0 interface, ifconfig shows tunnel up but no packets coming in)
-VNC (too bad our firewall is seriously locked down, VNC server on my windows box at work needs port 5900 open on the firewall - forget it)
OpenVPN uses it's own protocol which will not be compaitable with the WatchGuard PPTP protocol. The other one looks like it uses IPSec which are VPN server is not using. Thanks for the suggestions .....
It shouldn't matter if you do it before or after the tunnel starts. I initially used Poptop (PPTP), but had trouble with it so I switched to OpenVPN.
Oddly, they both exhibited the exact same behaviors - identical to the symptoms you are describing - if I'm reading them right.
That single command I posted above is essentially turning on Linux's version of Windows's old-school "Internet Connection Sharing". If you didn't have Internet connection sharing enabled on the one end (the gateway) - the packets will be simply dropped - and cause the behavior you are describing - IIRC.
EDIT: I may be misunderstanding which you are considering as the client. The ip forwarding should only be an issue on the "gateway" computer. But it may be a firewall issue, see my next post.
You know, I thought I read that you had ruled out the firewall on the Linux machine, but now I can't find it.
If you have iptables running, you might want to try these commands (adjusting the interface (eth0) as needed)
# Keep state of connections from local machine and private subnets
iptables -A OUTPUT -m state --state NEW -o eth0 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state NEW -o eth0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# Masquerade local subnet
iptables -t nat -A POSTROUTING -s $PRIVATE -o eth0 -j MASQUERADE