[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP from OPT1 to LAN
 Date:  Fri, 16 Sep 2005 12:05:58 -0400 
On 9/16/05, Nik Clayton <nik at ngo dot org dot uk> wrote:
> 
> > Then set a firewall rulset only allowing the opt1 subnet to
> > access 192.168.2.1 with PPTP and no WAN access.
> 
> Done that.  The rule looks like:
> 
>    OPT1 interface
> 
>    Proto  Source        Port  Destination  Port
>    *      PPTP Clients  *     192.168.2.1  *
>

that's only allowing clients already connected via PPTP to talk to
192.168.2.1, which is why you can't ping the interface anymore. 
Change that source to "any".
 

> 
> But to no avail.  The wireless clients are given IP addresses using DHCP
> (that still works, verified by delete/down/up'ing their wireless
> interfaces, making sure they got a 192.168.2.x IP address, and
> confirming through the m0n0wall "DHCP leases" diagnostics page) but they
> can't do anything else.  Attempts to connect to the PPTP server on
> 192.168.0.239 eventually time out, and they can't ping their subnet's

and you aren't actually trying to connect to 192.168.0.239, you want
to connect to the PPTP server using 192.168.2.1.

-Chris