PoPTop, Samba, IPTables

Hello,


I'm configuring a VPN using POPTOP/RedHat 9, in LAN scenario with a
firewall written with IPTables. The client is a Windows XP (SP1a) with
ADSL connection.

The basic sketch is as follows:

[XP] ------ [Fw/Gw] --- [ADSL] --+ Scenario A
192.168.1.x 200.10.100.x |
(private) (public/dynamic) |
(internet)
|
192.168.0.f 192.168.0.e |
[SMB FS] ----+---- [Fw/Gw] --+ Scenario B
| A.B.C.D
[WorkStation1]---+ (public/static)
[WorkStation2]---+
....

In scenario A, I've only one XP with address 192.168.1.x/24, where
the gateway is a propietary firewall (3Com Office Connect Cable/DSL
Gateway). The public address is 200.10.100.x (it is dynamic via DHCP).

The other scenario is RedHat 9 configured with iptables as firewall,
with static IP addresses: A.B.C.D (eth1 external) and 192.168.0.e (eth0
internal). Behind the firewall, there is another Linux (RH 7.1) with
Samba as file server and WINS server.

I installed POPTOP in the firewall/gateway with static public address
A.B.C.D (in scenario B) and eventually get connected from my XP, but I
can't ping 192.168.0.x machines, nor see any shared resource.

My /etc/pptpd.conf showns:

option /etc/ppp/options.pptpd
bcrelay eth1
localip 192.168.0.100-200
remoteip 192.168.0.100-200

My /etc/ppp/options.pptpd showns:

lock
name pptpd

proxyarp
bsdcomp 0

# File Server (Samba)
ms-wins 192.168.0.f
ms-dns 200.69.193.1


Any clues?

Thanks in advance.


cbi.

Sebastian Araya wrote:

> Hello,
>
>
> I'm configuring a VPN using POPTOP/RedHat 9, in LAN scenario with a
> firewall written with IPTables. The client is a Windows XP (SP1a) with
> ADSL connection.
>
> The basic sketch is as follows:
>
> [XP] ------ [Fw/Gw] --- [ADSL] --+ Scenario A
> 192.168.1.x 200.10.100.x |
> (private) (public/dynamic) |
> (internet)
> |
> 192.168.0.f 192.168.0.e |
> [SMB FS] ----+---- [Fw/Gw] --+ Scenario B
> | A.B.C.D
> [WorkStation1]---+ (public/static)
> [WorkStation2]---+
> ...
>
> In scenario A, I've only one XP with address 192.168.1.x/24, where
> the gateway is a propietary firewall (3Com Office Connect Cable/DSL
> Gateway). The public address is 200.10.100.x (it is dynamic via DHCP).
>
> The other scenario is RedHat 9 configured with iptables as firewall,
> with static IP addresses: A.B.C.D (eth1 external) and 192.168.0.e (eth0
> internal). Behind the firewall, there is another Linux (RH 7.1) with
> Samba as file server and WINS server.
>
> I installed POPTOP in the firewall/gateway with static public address
> A.B.C.D (in scenario B) and eventually get connected from my XP, but I
> can't ping 192.168.0.x machines, nor see any shared resource.
>
> My /etc/pptpd.conf showns:
>
> option /etc/ppp/options.pptpd
> bcrelay eth1
> localip 192.168.0.100-200
> remoteip 192.168.0.100-200
>

In my setup this is something like:

localip 192.168.0.1.1-50
remoteip 192.168.0.51-100

> My /etc/ppp/options.pptpd showns:
>
> lock
> name pptpd
>
> proxyarp
> bsdcomp 0
>
> # File Server (Samba)
> ms-wins 192.168.0.f
> ms-dns 200.69.193.1
>
>
> Any clues?
>
Once connected try showing us your routing table on the connected machine
(If windows run route print, if Linux just run route)

If things don't appear to be working, first check that your client has
received an IP address (ifconfig -a for UNIX, ipconfig /all for Windows
clients)

Can you ping the other end of the PP(T)P tunnel?

PPTP uses tcp/1723 and protocol 47

in general this means something like:

iptables -A INPUT -s 0/0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -s 0/0 -p 47 -j ACCEPT

In your firewall script.


> Thanks in advance.
>
>
> cbi.