similar to: Shorewall, PPTP VPN, and Samba

I am running shorewall 1.4.8-1 on my firewall. I am also running poptop on this firewall for remote VPN clients to connect to our local network. I would like to set some options in pppd, so that after 2 failed user/pass attempts are tried, the IP address is blacklisted, and an email is sent to the admin of this IP address that has been blacklisted. I know this may be more of a ppp question than

Hi ! Recently i switched my internet provider, to get more speed but another braindead setup regarding public ip addresses. I now have 4 PPTP Tunnel available, of which i''m using one as the gateway ip doing masquerading to other machines in my local lan, excluding three other machines, which i would like to use 1:1 nat to get them a direct access to one of the pptp tunnels. I was

Dear All, I have read all the documentation I can find but I still have not understood how, in what context and where to use the action commands enumerated in /usr/share/shorewall/actions.std. Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB and RejectSMB to control SMB traffic instead of the classic ACCEPT z1 z2 udp 135,445 ACCEPT z1

Srikrishnan, In the future, please post your questions to the mailing list. I''m copying the list with my response so that will appear in the archives. On 5 Apr 2002, Srikrishnan Chitoor wrote: > Hi: > > > I have a setup wherein the main server is running Shorewall and PPTP > Server. The local network is 192.168.1.* and it connects to Internet > using a Static IP

Hi I've been using linux to give VPN access to my corporate LAN using the following software: Centos 5.2 x86 kernel 2.6.18-92.1.18.el5xen pptpd (poptop) 1.3.4 ppp 2.4.4 The Centos server has directly connected the Internet Router, on one interface (eth1) and the LAN on another (eth0) and it works as the firewall/VPN server of my LAN. It mostly works, however, if I try to connect using

I wonder if I am seeing the problem mentioned here http://old.nabble.com/samba-3.2-breaks-ppp-winbind-plugin-td18715806.html. I can connect a WIndows PPTP client just fine if using chap-secrets, but when I use the winbind plugin, the client says that it can not authenticate the server (both are on the same domain). They said it was resolved in 3.2, but we are using 3.4.3. Is it possible this bug

Hi, I have a few remote user who use a PPTP based VPN. The server is running PoPToP (http://www.poptop.org/), and a pppd patched to support MPPE/MPPC for (some) added security. Currently, users authentication information is stored in plaintext in /etc/ppp/chap-secrets. I'd like to be able to put users into LDAP, and have ppp authenticate either directly against LDAP, or against Samba (with an

Hi Does anybody get packaged pptpd and/or ppp-mppe krnel module? Petr Klima

Hi friends, I need help. I''ve PPTP Server running behind Shorewall. The PPTP server is working OK in my LAN, but I want to connect outside and It isn''t working. I''ve configurate shorewall like http://www.shorewall.net/PPTP.htm. I add only this lines in my rules DNAT net loc:165.182.15.15 tcp 1723 - IPext DNAT net loc:165.182.15.15 47 - - IPext It isn''t

I use shorewall 2.0.9 I have a mac filter running on my eth2(wifi) 192.168.0.1 is eth1(loc). My policy file allows trafic from wifi to loc and loc to wifi. Also fw to wifi and fw to loc. I also use AllowSMB loc to fw and AllowSMB wifi to fw. Any ideas? Shorewall:eth2_mac:REJECT:IN=eth2 OUT= MAC= SRC=192.168.0.1 DST=192.168.1.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=6188 DF PROTO=UDP SPT=138

Hi, I configured pptp client and it connected successfully. but after sometimes it automatically got disconnected. /var/log/messages : Jul 15 15:29:19 ahc151l pppd[4725]: pppd 2.4.5 started by root, uid 0 Jul 15 15:29:19 ahc151l pppd[4725]: Using interface ppp0 Jul 15 15:29:19 ahc151l pppd[4725]: Connect: ppp0 <--> /dev/pts/2 Jul 15 15:29:19 ahc151l NetworkManager[852]: <info>

Hi all, I was trying to test ROUTE specific code with a multi-isp serviced box. There is a bug somewhere, but I''m not able to understand what the real problem is: when I issue a "shorewall show capabilities" I get: Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Shorewall has

Hello, I''m trying to setup DNAT to forward to a PPTP Server behind Shorewall. I setup the PPTP rules per your documentation with tcp port 1723 and Protocol 47 DNAT to my PPTP Server in the local zone. Looking at the logs it is dropping the connection going to port 1723. It is also dropping UDP port 1701, don''t know if it is of any significance. I looked at FAQ 1a and b and the

Akemi Yagi wrote: > On Wed, Mar 25, 2015 at 3:35 AM, Ken Smith <kens at kensnet.org> wrote: >> Hi All, >> >> Anyone else seeing this. >> >> Just updated to kernel 2.6.32-504.12.2.el6.x86_64 and pptp vpn (invoked via >> Gnome Network Manager) fails to connect. >> >> Boot up the previous 2.6.32-504.8.1.el6.x86_64 and pptp all good. >>

Hi All, Anyone else seeing this. Just updated to kernel 2.6.32-504.12.2.el6.x86_64 and pptp vpn (invoked via Gnome Network Manager) fails to connect. Boot up the previous 2.6.32-504.8.1.el6.x86_64 and pptp all good. OpenVPN is not affected. Anyone else seeing this. I have log file details if anyone wants those. Don't see it reported elsewhere. Thanks Ken -- This message has been

Last question, I promise, I am running PopTop for PPTP on the same box as my firewall. I can connect to the box fine, but nothing will route between the VPN tunnel and the local hosts. I read the Some Hosts have Special Firewalling Requirements article and though it was what I needed, but either I don''t get it, or it doesn''t apply to me. Here is my config: Zones: #ZONE

shorewall version 2.0.7 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo 2: eth0: <BROADCAST,MULTICAST,NOTRAILERS,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:30:48:53:25:b2 brd ff:ff:ff:ff:ff:ff inet 81.169.188.152/32 brd 81.169.188.152 scope global eth0 3: eth1:

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=54 Summary: Kernel crash with pptp connectiontrack Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: Gentoo Status: NEW Severity: major Priority: P2 Component: connection tracking AssignedTo:

Hi, can you tell me how to set up routing of packets comming from pptp clients connected to my FW. For now I managed to initialize the vpn with ppp+ byt I can''t MASQ it in the /etc/shorewall/masq file. I entered there this: eth0 eth1 and pptp is working fine but now everybody can change thair IPs and get Internet. How exactly should I set it up. I am running shorewall o n

Hi, All I'm tring to get a client connected to a vpn server running pptp & centos, the client connects to the server but I can't browse the internet or the local network from the client, when I stop the firewall the client can ping the server but no browsing can be done, do I need a iptables rule to allow pptp clients to use the internet or browse the network??? Sherwyn