LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-15-2015, 10:12 AM   #1
androbod
LQ Newbie
 
Registered: Jan 2015
Posts: 1

Rep: Reputation: Disabled
NAT iptables GRE tunnels hell


Hi Guys !

I have one head blowing problem, maybe your smart brains can help in resolving this issue, or just finding cause of it.

Just in few words without configurations sofar.

I'm managing small office network, that is sitting behind CentOS bases router.

Router duty to do NAT, and forward some ports to internal servers (same NAT).

All done on iptables. Problem that i have now somehow related to iptables and seen very well with GRE (PPTP tunnels) and i think with any tunnels.

We have multiple client stations that trying to connect to same VPN servers outside our LAN.

And we have such scenario:

Iptables or something in routerbox remembers first connection that was made to VPN1 server, and allows to connect to this VPN1 server only to particular IP addrees that firstly initiated connection to VPN1 server.

Funny that iptables restart doesn't help to, somehow reset this first initiating connection. But if you change anything inside rules (i don't know add comment) inside iptables and restart it. It will reset cache or something i really don't know and accept again first connection from first IP that will try to initiate this connection to VPN server.

And it's really looks crazy, if Client1 initiats connection to VPNServer1 and he is first all fine, but to allow Client2 to connect to VPNServer1 - i need change rule, restart iptables, then Client2 has VPN resources, but Client1 can not. And they don't try to connect to one VPN resource in parallel with same login/pass.

Hopefully it's common problem with iptables or ipconntrack something

Regards
 
Old 01-16-2015, 08:19 AM   #2
GunFighT
Member
 
Registered: May 2014
Location: Romania
Distribution: Debian, Red Hat
Posts: 49

Rep: Reputation: Disabled
Hello,
Check in /etc/pptpd.conf
how many connections are allowed (line 68, or near that line).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
linux gre nat problem with traffic forwarding seccentral Linux - Server 3 06-06-2012 03:09 AM
Redirect traffic between ssh tunnels with iptables AresiusXP Linux - Networking 10 03-08-2012 02:59 PM
GRE Tunnels and Kernel 2.7. GGlinux Linux - Networking 0 10-29-2008 06:46 PM
NAT over tunnels sqn Linux - Networking 2 03-18-2005 02:08 AM
gre ip tunnels and their security antken Linux - Networking 5 09-22-2003 05:08 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration