LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page vpn can't access from window network
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-16-2009, 06:19 AM   #1
vijay1585
LQ Newbie
 
Registered: Mar 2009
Location: Bangalore
Posts: 12
Blog Entries: 1

Rep: Reputation: 0
vpn can't access from window network

Hi
i am using Redhat EL5
squid and dansguardian running in my proxy server
IP address details
eth 1
iP address 192.168.1.3
sub net 255.255.255.0
gate way 192.168.1.2(my firewall ip address)

eth2
ip address 192.168.30.2
subnet 255.255.255.0


problem is i cant connect vpn in client system(clients all are using windows XP).

windows network gateway address is eth2(192.168.30.2)

my iptables configuration

touch /var/lock/subsys/local
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

iptables -F
iptables -t nat -F
modprobe iptable_nat
modprobe ip_nat_ftp
modprobe ip_nat_irc


# for vpn access
iptables -t nat -A PREROUTING -p udp -s 192.168.30.0/24 -d 0/0 --dport 1723 -j DNAT --to 192.168.1.3
iptables -t nat -A PREROUTING -p tcp -s 192.168.30.0/24 -d 0/0 --dport 3247 -j DNAT --to 192.168.1.3
#here 0/0 is my destination ip 65.74.131.53
#for mail access
iptables -t nat -A POSTROUTING -p tcp -s 192.168.30.0/24 -d 0/0 --dport 25 -j SNAT --to 192.168.1.3 # smtp
iptables -t nat -A POSTROUTING -p tcp -s 192.168.30.0/24 -d 0/0 --dport 7110 -j SNAT --to 192.168.1.3 #pop3
iptables -t nat -A POSTROUTING -p tcp -s 192.168.30.0/24 -d 0/0 --dport 7071 -j SNAT --to 192.168.1.3 # for mail server admin access
iptables -t nat -A POSTROUTING -p tcp -s 192.168.30.0/24 -d 0/0 --dport 81 -j SNAT --to 192.168.1.3

#this is for norestriction users with out content filtering
iptables -t nat -A POSTROUTING -s 192.168.30.11 -d 0/0 -j SNAT --to 192.168.1.3
-------------
my windows network can send and recive mail by microsoft outlook express

internet browsing also access well

i can't connect vpn in lan network


if i use windows network gateway like eth1(192.168.1.3),the below iptables can connect vpn in windows network

iptables -t nat -A POSTROUTING -p udp -s 192.168.1.0/24 -d 0/0 --dport 1723 -j SNAT --to 192.168.1.3
iptables -t nat -A POSTROUTING -p tcp -s 192.168.1.0/24 -d 0/0 --dport 3247 -j SNAT --to 192.168.1.3


but one drawback:
i can't use proxy port. porxy is authantication based access,so user can easily access internet browsing without Content Filtering and Internet Access Restriction.

please help me
i want iptables port nat rule for 192.168.30.0/24 to 192.168.1.3
Regards
Vijay
Last edited by vijay1585; 05-16-2009 at 06:28 AM. Reason: i am using authandication squid proxy. i want tell about full access internet browsing
 
  


Reply

Tags
iptables



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN pptpd connected vpn server only access need help please u4david Linux - Networking 1 10-17-2008 03:54 PM
VPN access for network device that is NOT a Win/Linux Computer lothario Linux - Networking 7 08-18-2008 12:53 PM
How to make non-vpn machines to access VPN server deepugopi Linux - Networking 0 07-31-2007 06:55 AM
VPN is setup, now how to access network? ssfrstlstnm Linux - Networking 6 04-24-2005 01:30 PM
VPN Remote Access to the Network saavik Linux - Networking 4 01-21-2003 08:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:48 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration