PPTP Server Not Routing Internet

Issues related to configuring your network
Post Reply
sombra84
Posts: 8
Joined: 2012/01/30 17:19:54

PPTP Server Not Routing Internet

Post by sombra84 » 2012/02/17 04:01:22

Hello Everyone,

I have set up multiple PPTP servers on Cent OS 5 and no problem, when I apply a similar procedure on a new Cent OS 6 default install box, I run into an issue where it connects fine ... but no internet traffic can be router. I assume it's a firewall issue or similar.

Basically here is my firewall and iptables setup:

net.ipv4.ip_forward = 1 (in sysctl)

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


-Edit: I know it's a firewall . routing issue because I can ping the server fine when connected but not anything else. I ruled out DNS issues because I can't visit any website by IP.

If I have an RDP open with ANOTHER ONE of my servers, and I connect to the VPN, the RDP remains working fine, as do all existing connections, hence it appears the issue is some type of routing issue. I am confused because I use the same script as on my other Cent OS 6 with no problem.

sombra84
Posts: 8
Joined: 2012/01/30 17:19:54

Re: PPTP Server Not Routing Internet

Post by sombra84 » 2012/02/17 05:26:01

Edit 2: I disabled IP Tables and relaunched PPTP server, same issue, great connectivity to RDP, Skype, things already running once VPN launches but no web pages.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

PPTP Server Not Routing Internet

Post by pschaff » 2012/02/17 18:16:49

If having no problems with CentOS-5 then perhaps your [url=https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=35719&forum=41]other thread[/url] can be marked [SOLVED] per the guidance in [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28726&forum=54]Readme First[/url].

Very difficult to guess what's going on without some hard data. Please [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28723&forum=54]provide more information about your system[/url] by running "./getinfo.sh network" and showing us the output file.

serox_3
Posts: 6
Joined: 2012/02/18 12:49:47

Re: PPTP Server Not Routing Internet

Post by serox_3 » 2012/02/18 14:30:31

Hi all,


I have installed pptpd on centOS 6.2 and I have a similar issue:

The client can connect to my VPN server but the internet will not work through. Also the client cannot access or ping the other computers from my network except the VPN server.


Network configuration

Wireless router that act as a DHCP server and share the internet connection to all the computers from my network(3 Laptops an 4 virtual using Virtual BOX)
The server is also a virtual PC (the network settings for Virtual Box is bridged, so the IP to the server is assign by the router (has a reserved IP using the MAC))

router IP 192.168.19.1
other computers IPs 192.168.19.10-100(assing via DHCP by the router(every PC has its own reserved IP))

CentOS server:

eth0
IP: 192.168.19.103
netmask 255.255.255.0
gateway: 192.168.19.1
DNS 192.168.19.1

To install and configure the VPN server I used the information from [url=http://blog.secaserver.com/2011/10/install-vpn-pptp-server-centos-6/]here[/url]

/etc/pptpd.conf settings

localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

in /etc/ppp/options.pptpd

ms-dns 192.168.19.1 / also I used the google DNS and did not work

the rest of the settings from the above config files are the default ones

Other details that may help

In the router I forwarded 1723 port to VPN server's IP(192.168.19.103)

In iptables I opened 1723 port and protocol 47 (with this settings the client can connect to the VPN server)

iptables command that i used

iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p 47 -j ACCEPT

changed net.ipv4.ip_forward = 1 in /etc/sysctl.conf

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

what I need is if someone can assist and explain what/how to configure the VPN server to permit internet traffic to a client and the client to be able to access the other computers from the network(192.168.19.x)

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: PPTP Server Not Routing Internet

Post by pschaff » 2012/02/18 15:17:00

[b]serox_3[/b] - Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature.

After reading those links you should realize why you should not hijack threads as you have done. Please start a new Topic for your issue to get the attention you need, providing a link to this one if required for context.

serox_3
Posts: 6
Joined: 2012/02/18 12:49:47

Re: PPTP Server Not Routing Internet

Post by serox_3 » 2012/02/18 16:53:40

Ok, I'll do that, I tough that if there already exist a thread with the same issue I can post in it.

If posible you may delete my posts on this thread. I will create a new one.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: PPTP Server Not Routing Internet

Post by pschaff » 2012/02/19 20:45:04

[quote]
[url=https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=35855&forum=58]Elsewhere[/url] sombra84 wrote:
Hello,

My issue is ongoing, I have run a series of diagnostics to test what is going on .... ./getinfo.sh network returns "No such file or directory" for me ....

I have verified that target can forward replies back to server as such:

tcpdump -n -i eth0 icmp and src host (client ip) #Ran on server
ping (server ip) # ran on client

Result: ICMP echo replies with a source address of the target. = Okay.

So I move to this: Can the server forward the target reply packets back to the client?

tcpdump -n -i ppp0 icmp and src host (client IP) and dst host (client tunnel IP) #ran on server)
ping (server ip) #ran on client

And I get nothing captured.

I believe the issue to be something to with the server not being able to forward the target reply packets back to the client.

Can anyone provide some insight?

(Followed this guide for Troubleshooting: http://poptop.sourceforge.net/dox/diagnose-forwarding.phtml It's fine until Step 6)[/quote]

It appears you did not read [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28723&forum=54]How to provide information about your system[/url] and create the getinfo.sh script.

Post Reply