Hey guys,
I have set up a box which I will be using as a router.
The box has 2 NICs in it, external and internal. The server is running bind9, DHCP3-server, Webmin and a basic firewall using IPTables. It's also on it's own connection.
Internal IP range is 192.168.200.0
DHCP and DNS are working fine, so I started to looking into a PPTP server so I can connected into the box. I followed this guide
http://pigtail.net/nicholas/pptp/.
I can VPN to the router, it connects and registers my computer. I get just under 5 minutes of connectivity before the VPN kicks me off.
I have the following in syslog
pptpd[9185]: GRE: read(fd=7,buffer=80505a0,len=8260) from network failed: status = -1 error = Protocol not available
pptpd[9185]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
pptpd[9185]: CTRL: Reaping child PPP[9186]
pppd[9186]: Modem hangup
pppd[9186]: pptpd-logwtmp.so ip-down ppp0
pppd[9186]: Connect time 4.9 minutes.
pppd[9186]: Sent 2645264 bytes, received 503952 bytes.
pppd[9186]: Script /etc/ppp/ip-down started (pid 9219)
pppd[9186]: MPPE disabled
pppd[9186]: sent [LCP TermReq id=0x3 "MPPE disabled"]
pppd[9186]: Connection terminated.
pppd[9186]: Waiting for 1 child processes...
pppd[9186]: script /etc/ppp/ip-down, pid 9219
named[2209]: received control channel command 'reconfig'
named[2209]: loading configuration from '/etc/bind/named.conf'
named[2209]: max open files (1024) is smaller than max sockets (4096)
named[2209]: using default UDP/IPv4 port range: [1024, 65535]
named[2209]: using default UDP/IPv6 port range: [1024, 65535]
named[2209]: reloading configuration succeeded
named[2209]: any newly configured zones are now loaded
postfix/master[8399]: reload configuration /etc/postfix
pppd[9186]: Script /etc/ppp/ip-down finished (pid 9219), status = 0x1
pppd[9186]: Exit.
pptpd[9185]: CTRL: Client ***.***.***.*** control connection finished
(I have masked my IP address)
This all happens in the space of 2 seconds.
Once this happens I cannot connect to the box again until I restart the pptpd service.
I have added this to the end of my /etc/pptpd.conf
localip 192.168.200.1
remoteip 192.168.200.100-200
When I connect to the VPN, I cannot ping/ssh/https to the router box using it's local address. I can get there fine using it's external.
My Iptables are as follows
# Generated by iptables-save v1.4.2 on Mon Feb 15 11:48:51 2010
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Feb 15 11:48:51 2010
# Generated by iptables-save v1.4.2 on Mon Feb 15 11:48:51 2010
*mangle
:PREROUTING ACCEPT [5:914]
:INPUT ACCEPT [5:914]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [7:3602]
:POSTROUTING ACCEPT [7:3602]
COMMIT
# Completed on Mon Feb 15 11:48:51 2010
# Generated by iptables-save v1.4.2 on Mon Feb 15 11:48:51 2010
*filter
:FORWARD ACCEPT [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state -i eth0 --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -s ***.***.***.*** -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A FORWARD -m state -i eth0 -o eth1 --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
COMMIT
# Completed on Mon Feb 15 11:48:51 2010
(Ip masked is my work IP so I can access the box)
Can anyone help me shed some light on the issue?