Sergio Navarro i Fajardo
2002-Nov-12 13:03 UTC
[Shorewall-users] Problems with PPTP & Samba ....
Hi,
I''m trying to configure a PPTP server in my firewall, but I have a
slight=20
doubt or let''s say a problem.
I have a machine working as a firewall with Shorewall. In this machine I
have=20
the PPTP server with the configuration which is set following instructions=20
provaided by the Shorewall documentation. I also have a properly installed=20
the Samba in my firewall. Everything seems to work apparently. My problem=20
is the following, I''ve a laptop with the WinME installed. It has
correctly=20
configured the net, and it''s in a workgroup called
''CASA'', which is diferent=20
from the workgroup with the Samba config in the firewall. If I connect the=20
laptop to the switch, there''re no problems al all, if sailing "My
Network=20
Sites" I can see the two workgroups, and I can get in any of the shared
units=20
putting my username anb password.
But, if I use a modem for connectin to Internet, and try to do a VPN=20
connection to the firewall some problems come up. The connection is fine,=20
but when I try to explore "My Network Sites" only the laptop workgroup
is=20
there. The net remote workgroup does not appeer is there.
If I change the name workgroup of the laptop and I use the same that is in
the=20
remote network, then I can see the different machines when doing a VPN=20
connection.
There ara the configuration files of my machine:
Shorewall 1.3.10
/etc/shorewall/interfaces
net eth0 detect routefilter,norfc1918
loc eth1 detect dhcp,routestopped
loc ppp+
/etc/shorewall/
loc net ACCEPT
fw net ACCEPT
loc loc ACCEPT
net all DROP
all all REJECT
/etc/shorewall/rules
ACCEPT fw loc udp 137:139
ACCEPT fw loc tcp 137,139
ACCEPT fw loc udp 1024: 137
ACCEPT loc fw udp 137:139
ACCEPT loc fw tcp 137,139
ACCEPT loc fw udp 1024: 137
ACCEPT net fw tcp 1723
ACCEPT net fw 47 -
ACCEPT fw net 47 -
/etc/shorewall/tunnels
pptpserver net 0.0.0.0/0
/etc/samba/smb.conf
[global]
workgroup =3D WORKGROUP
; netbios name =3D WORK
server string =3D GNU/Linux Box
encrypt passwords =3D Yes
log file =3D /var/log/samba/%m.log
max log size =3D 0
socket options =3D TCP_NODELAY SO_RCVBUF=3D8192 SO_SNDBUF=3D8192
os level =3D 65
domain master =3D yes
; local master =3D yes
preferred master =3D yes
dns proxy =3D no
wins support =3D yes
[homes]
comment =3D Home Directories
; valid users =3D %S
read only =3D No
create mask =3D 0664
directory mask =3D 0775
/etc/pptpd.conf
speed 115200
option /etc/ppp/pptpd-options
debug
localip 192.168.1.100
remoteip 192.168.1.234-238
/etc/ppp/pptpd-options
debug
ipparam PoPToP
lock
mtu 1490
mru 1490
ms-wins 192.168.1.100
ms-dns 194.224.52.36
multilink
proxyarp
auth
+chap
+chapms
+chapms-v2
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 30
lcp-echo-interval 5
deflate 0
mppe-128
mppe-stateless
Firewall interfaces
eth0 -> ext
eth1 -> 192.168.1.100
--=20
____________________________________________________________________
Sergio Navarro i Fajardo
=20
snavarro@ctv.es -- sergio.navarro@uv.es
GnuPG-Public-Key: 0x24E340FF
=09=09=09=09=09Alginet / Valencia / Spain
--On Tuesday, November 12, 2002 02:03:19 PM +0100 Sergio Navarro i Fajardo <snf@apdo.com> wrote:> Hi, > I''m trying to configure a PPTP server in my firewall, but I have a slight > doubt or let''s say a problem. > I have a machine working as a firewall with Shorewall. In this machine I > have the PPTP server with the configuration which is set following > instructions provaided by the Shorewall documentation. I also have a > properly installed the Samba in my firewall. Everything seems to work > apparently. My problem is the following, I''ve a laptop with the WinME > installed. It has correctly configured the net, and it''s in a workgroup > called ''CASA'', which is diferent from the workgroup with the Samba > config in the firewall.I was never able to get that to work either. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net