Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Got a situation where users behind my IPTABLES firewall need to make a VPN connection from their win2k professional workstations to a server in Switzerland (POPTOP). From outside the firewall, any user can connect no problems and work away, however when they are inside my LAN, they are unable to conenct. The password verification just times out.
I have set my firewall to pass GRE type packets and all any packet initiated from my network to pass back to internal hosts.
Can any one tell me what I am missing. Thanks for you time
OK, changed the PTABLES to accept and forward tcp port 1723 to the client on my LAN. This in conjunction worked fine. I thought all was going to work, when I then tried the exact same setup to another host onmyLAN, which failed. It works fine to one host, but not to another...
ok I was going to suggest you make sure port 1723 is redirected back to the source and that IPTABLES will forward IP protocol 47 type. "which you must have done if it works to the outside system"
Anyway this is most likely your problem:
Currently, only one machine can have an open virtual circuit to another machine over pptp. If another inside machine connects to machine X, the first inside machine will lose its connection because packets will be intermixed.
This problem exists because this protocol is not port based.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.