Shorewall users - Oct 2002 - Shorewall and PPTP problem...

Hi, I''m a new user in the firewall shorewall.

The problem which I have is that when I try to configure a PPTP
server in the firewall itself. I''ve followed the instructions given
in the web, and it NEARLY works properly. The problem comes up when I
do the VPN connection with a Microsoft Windows client. When I browse
the Windows ME network I can see all the internal network hardware
which is behind the firewall.

Of course samba is installed in the firewall, following the example
provided in the shorewall webpage. I have no problems when browsing
the firewall shared resources, but when I try to have access to any
of the other machines it says that I have no access and I cannot see
the shared files of the rest of it.

In my shorewall configuration I have included in /etc/shorewall/rules
the lines which are needed to make the shorewall work properly (it
isn''t a big problem, but it looks like a little bit limiting)

Well, could anybody help me to sort this out?

Thank you.

Regards, Sergio.

Shorewall version 1.3.9b
---- config files ----
/etc/shorewall/interfaces
net     eth0            detect          routefilter,norfc1918
loc     eth1            detect          dhcp,routestopped
-       ppp+

/etc/shorewall/policy
loc             net             ACCEPT
fw              net             ACCEPT
net             all             DROP
all             all             REJECT
loc             loc             ACCEPT

/etc/shorewall/
ACCEPT          fw        loc           udp     137:139
ACCEPT          fw        loc           tcp     137,139
ACCEPT          fw        loc           udp     1024:   137
ACCEPT          loc       fw            udp     137:139
ACCEPT          loc       fw            tcp     137,139
ACCEPT          loc       fw            udp     1024:   137
ACCEPT          net       fw            tcp     1723
ACCEPT          net       fw            47      -
ACCEPT          fw        net           47      -

Anna Roig i Guijarro (by way of Sergio Navarro i Fajardo )
wrote:
> Hi, I''m a new user in the firewall shorewall.
> 
> The problem which I have is that when I try to configure a PPTP
> server in the firewall itself. I''ve followed the instructions
given
> in the web, and it NEARLY works properly. The problem comes up when I
> do the VPN connection with a Microsoft Windows client. When I browse
> the Windows ME network I can see all the internal network hardware
> which is behind the firewall.
> 
> Of course samba is installed in the firewall, following the example
> provided in the shorewall webpage. I have no problems when browsing
> the firewall shared resources, but when I try to have access to any
> of the other machines it says that I have no access and I cannot see
> the shared files of the rest of it.
> 
> In my shorewall configuration I have included in /etc/shorewall/rules
> the lines which are needed to make the shorewall work properly (it
> isn''t a big problem, but it looks like a little bit limiting)
> 
> Well, could anybody help me to sort this out?
> 
> Thank you.
> 
> Regards, Sergio.
> 
> Shorewall version 1.3.9b
> ---- config files ----
> /etc/shorewall/interfaces
> net     eth0            detect          routefilter,norfc1918
> loc     eth1            detect          dhcp,routestopped
> -       ppp+
If you are going to have "-" in the ZONE column here then you need to 
assign the remote systems to some zone in the hosts file. If you want to 
consider them to be simply part of the ''loc'' zone then the
last entry
should be:

loc	ppp+

You haven''t posted any of the other config files (pptpd, pppd) so we
can''t
tell if they are ok or not; you may still have other problems in those 
files as well.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Hi Tom,


  do you have a few minutes today for me and the files I''ve sent you
last friday ?


Frantzcy