[SOLVED] I can't SSH to my machine after setting up PPTP VPN
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I can't SSH to my machine after setting up PPTP VPN
Hi all. I've been using ssh access to my Fedora 12 box for years without a hitch. Now I have decided to setup a lightweight VPN using PPTP for use with the iPhone's VPN client on 3G. This has worked flawlessly, but now I can't access the Fedora machine via ssh anymore. All worked fine until I executed this script with iptables rules for the VPN to work. So now I have functional VPN, but SSH is broken. Any clues? this is the script I used:
iptables_set.sh:
#!/bin/bash
/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p gre -j ACCEPT
/sbin/iptables -A INPUT -p icmp -j ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/service iptables save
/sbin/iptables -L -v
My setup: Fedora 12 Machine with single (eth0) NIC > IPTables > Telsey CPVA500 Router with NAT > Internet
I have SSH server set up on port 6886, NAT on router and port 6886 open on Fedora's firewall GUI.
Before executing that script, I was able to connect to both SSH and VPN but not getting internet through the VPN. Should I use the command line above instead of Fedora's firewall GUI? I want to make sure it won't break internet access on my VPN.
Solved. I didn't notice the script above flushed all my iptables rules (stupid on my part)
Tomorrow I will be in front of the server, in order to correct the mess locally.
Thanks for the tip. All is working fine now: I'm posting this from my iPhone connected to vpn and ssh at the same time. Only one thing: Fedora 12 firewall gui sucks, I'm using iptables from command line from now on.
Thanks for the tip. All is working fine now: I'm posting this from my iPhone connected to vpn and ssh at the same time. Only one thing: Fedora 12 firewall gui sucks, I'm using iptables from command line from now on.
Would like to say, Don't use too older fedora version. Reason is , Current version of Fedora is Fedora 17. You will get package for Fedora 15 and Fedora 16 only from the fedora repositories not older than that. So when you are trying to install any new package on your fedora 12 machine using #yum install kb3. It wont work. You have to update your whole machine at the spot.
If you dont want to update so quickly then use Centos (It is Redhat/Fedora with Centos Logos)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.