-   Linux - Networking (
-   -   Enabling vpn/pptp in a linux gateway (

cogo 10-29-2006 06:02 AM

Enabling vpn/pptp in a linux gateway
I have set up a linux gateway at home that other computers use where eth0 is connected to the internet and eth1 is connected to my home network. I am having some problems with vpn connetions though. Below is what I do when I start the gateway script:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -A POSTROUTING -t nat -o eth0 -s -d 0/0 -j MASQUERADE
iptables -A FORWARD -t filter -i eth1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -t filter -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

I am not even sure if all that is neccessary. Anyway, I also do modprobe with the following modules:


Does anyone here know what else that I need to do to make my gateway support vpn stuff? Please keep in mind that I am by no means an advanced user. :) btw ... There are both windows and linux machines on my network.

maxut 10-29-2006 06:17 AM

pptp uses tcp 1723 and GRE (protocol 47)
so add the following rules and try
iptables -I FORWARD -i eth1 -p 47 -j ACCEPT
iptables -I FORWARD -i eth1 -p tcp --dport 1723 -j ACCEPT

i hope it will help

cogo 10-29-2006 06:53 AM

It does not work with those modifications. I can not figure out which log to look at either. I can not see that any of the logs in /var/log changes when the clients try to connect to the vpn I am trying to access...

maxut 10-30-2006 01:41 AM

i use pptpd server on some linux gateways, also some of my clients behind linux firewall. it is enough to allow tcp 1723 and GRE, it works well here. make sure your pptp server is accepting GRE and tcp 1723
and u might want to check

good luck

All times are GMT -5. The time now is 07:19 PM.