LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-10-2013, 10:22 AM   #1
linuxakias
LQ Newbie
 
Registered: Dec 2012
Posts: 21

Rep: Reputation: Disabled
PPTPD and Squid proxy Routing


Hello,

I have a pptpd server and a squid server in to the same machine.

I want to send all internet traffic for VPN Clients 172.16.36.0/32 through Squid server

Until now Squid server working ok for internal lan, but only if i set to client the proxy settings.

Also the pptpd working ok. Clients may connect and access the internet normaly but not through Squid proxy.

The Server is a VPS on A KVM node with Bridge networking.

Thanks
 
Old 02-11-2013, 05:04 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,344

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
I don't understand where you want help here. You want the clients to use the server side proxy right? so can they reach it or not? You've not actualyl said anythign about trying to use it once connected on pptp
 
Old 02-11-2013, 05:16 AM   #3
linuxakias
LQ Newbie
 
Registered: Dec 2012
Posts: 21

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
I don't understand where you want help here. You want the clients to use the server side proxy right? so can they reach it or not? You've not actualyl said anythign about trying to use it once connected on pptp

My clients are able to connect to the PPTPD server and access the internet just fine. But not through the Squid!



Thanks
 
Old 02-11-2013, 05:20 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,344

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
so what does "not through squid" mean? What do your logs say? can you connect to it via telnet from the client?
 
Old 02-11-2013, 05:26 AM   #5
linuxakias
LQ Newbie
 
Registered: Dec 2012
Posts: 21

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
so what does "not through squid" mean? What do your logs say? can you connect to it via telnet from the client?
The Squid access.log doesnt write anything, but from the client iam able to connect to the internet normal. And yes, i can connect just fine. I forgot to mention that the Squid server is in transparent mode.

Last edited by linuxakias; 02-11-2013 at 05:27 AM.
 
Old 02-11-2013, 05:48 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,344

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
hmm, slightly relevant that it's transparent...

so I guess your rewrite rule for squid is only listening on eth1 not pptp0 or whatever the interfaces are?

Transparent proxies suck. You should stop doing it transparently if AT ALL possible.
 
Old 02-11-2013, 06:16 AM   #7
linuxakias
LQ Newbie
 
Registered: Dec 2012
Posts: 21

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
hmm, slightly relevant that it's transparent...

so I guess your rewrite rule for squid is only listening on eth1 not pptp0 or whatever the interfaces are?

Transparent proxies suck. You should stop doing it transparently if AT ALL possible.
Thats correct ! the ports is eth0 for the squid and pptp0 for clients

Unfortunately i need in transparent mode. Its absolutely necessary for the clients to be up and running at the time connected to the VPN server without extra settings.
 
Old 02-11-2013, 06:48 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,344

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
right, so you need to change the iptables rule, right?

no extra settings? You can provide proxy details over DHCP. I've seen so so few instances where things have egnuinely had to be transparent.
 
Old 02-11-2013, 07:09 AM   #9
linuxakias
LQ Newbie
 
Registered: Dec 2012
Posts: 21

Original Poster
Rep: Reputation: Disabled
Yeap thats correct
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN - Default Gateway / Routing Issues, pptpd stuartornum Linux - Networking 0 03-25-2008 01:15 PM
configure squid proxy with microsoft proxy as a parent proxy nintykola Linux - Software 1 08-28-2007 01:38 AM
pptpd routing problem satish Linux - Networking 0 05-04-2007 08:16 AM
debian PoPTop (pptpd), remote assistance solution routing fasta Linux - Networking 1 12-14-2006 08:24 AM


All times are GMT -5. The time now is 02:32 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration