[ previous ] [ next ] [ threads ]
 
 From:  "Richard Parvass" <Richard dot Parvass at aaland dot co dot uk>
 To:  "Peter Lauda" <plauda at rx30 dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PPTP VPN not working
 Date:  Mon, 3 Jul 2006 14:34:33 +0100 
Peter

Put the PPTP server address into the LAN (192.168.0.x) so m0n0wall
basically has two LAN addresses, the PPTP server and the LAN interface.
Leave the range on 11.x, make sure you have your firewall rule on the
PPTP tab for any to any for testing, and remove your static route.

Works for me ;)

As a side-effect, this forces you to have the "use default gateway" set
on the client, otherwise it'll never route to the LAN.

Richard



-----Original Message-----
From: Peter Lauda [mailto:plauda at rx30 dot com] 
Sent: Wednesday, June 28, 2006 2:06 PM
To: Josh Simoneau; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] PPTP VPN not working

I do have routes added... added after some good suggestions. I still
can't 
seem to get through the networks.  (192.168.0.xxx)

I have a static route setup in monowall for the LAN IP's. I have a
static 
route setup in monowall for the subnet for VPN address  (192.168.11.xxx)

where .1 is the monowall side of pptp)

I cannot ping anything beyond monowall. No name service issue since I
use 
the IP addresses to try this. I have set the clients to use default
gateway 
of remote side. They should have no problem getting beyong the monowall 
machine now as I see it. However, I still cannot touch any system on the

192.168.0.xxx network from the PPTP VPN connections on 192.168.11.xxx 
network.

Is there any extremely verbose loging I can enable to see where the
problem 
may be?

Thanks for the responses. If I can't get this going we'll have to keep
using 
the blasted MS VPN services that make life even more confined and
difficult. 
Not to mention keeping Bill and CO in business :(.

Cheers!
--p

----- Original Message ----- 
From: "Josh Simoneau" <jsimoneau at lmtcs dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, June 27, 2006 10:24 AM
Subject: RE: [m0n0wall] PPTP VPN not working


Hi Peter,

This does sound like a rules issue. When you setup rules for 'any' to
'any' did you do it on the PPTP tab? Can users on the LAN ping the PPTP
users?

When you say they cannot access things, does this include pinging the
hosts you need to get to? A lot of times with PPTP there are DNS issues
that need to be resolved before users can get to shared folders and
things like that.

Regards,
Josh Simoneau


-----Original Message-----
From: Peter Lauda [mailto:plauda at rx30 dot com]
Sent: Tuesday, June 27, 2006 10:06 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] PPTP VPN not working

Hello,

I've got 1.2b9 installed and running as a corp firewall and I'm trying
to setup PPTP VPN capability for it. I've follwed the docs to set up
users and some basic rules to allow 'any' connection type to 'any'
machine. When my users get connected and get their address assigned,
they then cannot access anything in the internal network at all.

The IP of monowall to our inside net is 192.168.0.70 The IP range being
handed out to VPN clients is 192.168.11.100 + and the IP for the
monowall's side of the PPTP is 192.168.11.1

There is an external address for the monowall box as well and I'm coming
through a switch directly to that WAN interface in my testing.

Does any one have anythoughts on how I can troubleshoot this or what I
may be missing?

Thanks!

--p

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


The information in this e-mail and any files transmitted with it is confidential
and may be legally privileged. It is intended solely for the addressee and
others authorised to receive it. If you are not the intended recipient, any
disclosure, copying, distribution or action taken in reliance on its contents
is prohibited and may be unlawful.

The opinions expressed in this message are that of the sender and not
necessarily those of Aaland Limited. If you have received this e-mail in
error please notify postmaster at aaland dot co dot uk