LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-04-2004, 01:02 PM   #1
MadTurki
Member
 
Registered: Nov 2003
Location: Toronto
Distribution: RedHat 9, Mandrake 10, OS X
Posts: 114

Rep: Reputation: 15
vpn passed from RH9 firewall to OS X server - not quite


I'm using the rc.firewall script on a dual-homed RedHat 9 (gateway) machine. I'm forwarding ports 1723 (pptp) and 500 (ipsec) to an Apple OS X server (vpn) on the internal network. The vpn server shows in the logs that a connection is inbound and that an IP address is being assigned. Immediatly after the connection is dropped with the message "Client With Address 192.168.1.221 was hungup." This repeats about five times before the connection gives up for good and the user gets an error. Is this a problem with acks being passed properly? Is it a problem on the vpn server? Or am I not forwarding enough/the right ports? I'm going to stick with pptp for now and then move on to l2tp. Unless it's easier!

Thanks!
 
Old 02-04-2004, 03:32 PM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
The docs also mention forwarding protocol 47 (GRE)..

I also added the pptp conntrack & nat patches from patch-o-matic at www.netfilter.org to allow more than 1 concurrent connection...

Last edited by peter_robb; 02-04-2004 at 03:36 PM.
 
Old 02-04-2004, 03:41 PM   #3
MadTurki
Member
 
Registered: Nov 2003
Location: Toronto
Distribution: RedHat 9, Mandrake 10, OS X
Posts: 114

Original Poster
Rep: Reputation: 15
now that's not forwarding a port... How would I specify that in rc.firewalls? Or how would I do it otherwise?
 
Old 02-04-2004, 04:37 PM   #4
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
iptables -t nat -A PREROUTING -i eth~ -p 47 -j DNAT --to-destination Mac Box
 
Old 02-25-2004, 04:55 PM   #5
MadTurki
Member
 
Registered: Nov 2003
Location: Toronto
Distribution: RedHat 9, Mandrake 10, OS X
Posts: 114

Original Poster
Rep: Reputation: 15
What if I added this but I'm still getting the same error? :P
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
vpn server behind suse firewall gem124 Linux - Networking 1 03-30-2005 07:57 PM
Setting up firewall and internal vpn server alon005 Linux - Security 3 12-27-2004 03:16 AM
Firewall and VPN server pilipk01 Linux - Security 2 08-26-2004 09:16 AM
VPN Question Win98->internet->Router->Linux VPN Server->Win2k Server patrickrea Linux - Networking 1 08-10-2004 03:09 AM
I have a firewall. I want to configure a vpn server. How do I this Sergiu Linux - Newbie 0 04-13-2004 10:04 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration