Hi Guys,
Ive been struggling with a problem for a couple of days now, hopefully
someone can assist me. I think its mainly because i dont understand the
routing of a vpn and pptp tunnel.
I have two machines. Both are connected to the Internet via ADSL, so
interface ppp0.
Both machines are running shorewall 1.4.10b
Gateway A is my firewall machine, and as far as i''m aware, no special
changes need to be made to for me to use an internal computer to create
the tunnel.
Gateway B is the machine to where I am making the tunnel. Poptop is
running on the Firewall.
I can create the tunnel fine, I get assigned an IP address.
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.1.235 P-t-P:192.168.1.252
Mask:255.255.255.255
I am able to ping from my workstation, myself, Gateway B 192.168.1.252.
The problem really is I cant ping any Gateway B local addresses. ie.
192.168.1.1 (which does respond when on gateway B)
Routing Table
192.168.1.252 0.0.0.0 255.255.255.255 UH ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U eth0
127.0.0.0 127.0.0.1 255.0.0.0 UG lo
0.0.0.0 192.168.0.254 0.0.0.0 UG 0 eth0
I added the route
192.168.1.0 0.0.0.0 255.255.255.255 UH ppp0
but that still didnt help.
So i''m not sure what i''m missing. Why cant I access any of the
local IP
addresses?
I have posted my config''s below. If there is anything else you need
please let me know.
Please could you respond to me directly as I am not on the list.
Thanks very much,
Stefan
zones
#ZONE DISPLAY COMMENTS
net Net Internet
loc Local Local networks
vpn VPN Remote Users
interfaces
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
net ppp0 detect dhcp,routefilter,norfc1918
- ppp1 -
loc eth0 detect dhcp
hosts
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE
loc ppp1:192.168.1.0/24
tunnel
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
pptpserver net 0.0.0.0/0
policy
#SOURCE DEST POLICY LOG LIMIT:BURST
# LEVEL
loc net ACCEPT
net all DROP info
fw net ACCEPT
fw loc ACCEPT
loc loc ACCEPT
loc fw ACCEPT
#fw vpn ACCEPT
#vpn fw ACCEPT
#vpn loc ACCEPT
#loc vpn ACCEPT
#
# THE FOLLOWING POLICY MUST BE LAST
#
all all REJECT info
(as you can see i''ve been trying)