PPTPD service on Openvpn AS machine!?
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Aug 18, 2011 9:05 pm
PPTPD service on Openvpn AS machine!?
Hey guys,
I currently have OpenVPN AS service running very well, but I would like to offer PPTP service too.
Is running PPTP and Openvpn AS on the same server without the two conflicting in any way possible?
Thank you for any pointers/help you might provide,
Nile
I currently have OpenVPN AS service running very well, but I would like to offer PPTP service too.
Is running PPTP and Openvpn AS on the same server without the two conflicting in any way possible?
Thank you for any pointers/help you might provide,
Nile
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: PPTPD service on Openvpn AS machine!?
as far as they dont use the same port/protocol yes..
Michael.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Aug 18, 2011 9:05 pm
Re: PPTPD service on Openvpn AS machine!?
How would I incorporate an iptables rule to allow PPTPD connections/NAT into this mess? Someone please help.
Chain INPUT (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_ACCEPT all -- anywhere anywhere
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000000/0x2000000
AS0_ACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:915
AS0_ACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:914
AS0_ACCEPT udp -- anywhere 3.247.203.1 state NEW udp dpt:917
AS0_ACCEPT udp -- anywhere 3.247.203.1 state NEW udp dpt:916
AS0_WEBACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_WEBACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:943
Chain FORWARD (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000000/0x2000000
AS0_OUT_S2C all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
AS0_OUT_LOCAL all -- anywhere anywhere
Chain AS0_ACCEPT (7 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain AS0_IN (4 references)
target prot opt source destination
ACCEPT all -- anywhere 5.5.0.1
AS0_IN_POST all -- anywhere anywhere
Chain AS0_IN_POST (1 references)
target prot opt source destination
AS0_OUT all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain AS0_IN_PRE (2 references)
target prot opt source destination
AS0_IN all -- anywhere 5.5.0.0/20
AS0_IN all -- anywhere 172.16.0.0/12
AS0_IN all -- anywhere 192.168.0.0/16
AS0_IN all -- anywhere 10.0.0.0/8
ACCEPT all -- anywhere anywhere
Chain AS0_OUT (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain AS0_OUT_LOCAL (1 references)
target prot opt source destination
DROP icmp -- anywhere anywhere icmp redirect
ACCEPT all -- anywhere anywhere
Chain AS0_OUT_S2C (1 references)
target prot opt source destination
AS0_OUT all -- anywhere anywhere
Chain AS0_WEBACCEPT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_ACCEPT all -- anywhere anywhere
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000000/0x2000000
AS0_ACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:915
AS0_ACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:914
AS0_ACCEPT udp -- anywhere 3.247.203.1 state NEW udp dpt:917
AS0_ACCEPT udp -- anywhere 3.247.203.1 state NEW udp dpt:916
AS0_WEBACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_WEBACCEPT tcp -- anywhere 3.247.203.1 state NEW tcp dpt:943
Chain FORWARD (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000000/0x2000000
AS0_OUT_S2C all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
AS0_OUT_LOCAL all -- anywhere anywhere
Chain AS0_ACCEPT (7 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain AS0_IN (4 references)
target prot opt source destination
ACCEPT all -- anywhere 5.5.0.1
AS0_IN_POST all -- anywhere anywhere
Chain AS0_IN_POST (1 references)
target prot opt source destination
AS0_OUT all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain AS0_IN_PRE (2 references)
target prot opt source destination
AS0_IN all -- anywhere 5.5.0.0/20
AS0_IN all -- anywhere 172.16.0.0/12
AS0_IN all -- anywhere 192.168.0.0/16
AS0_IN all -- anywhere 10.0.0.0/8
ACCEPT all -- anywhere anywhere
Chain AS0_OUT (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain AS0_OUT_LOCAL (1 references)
target prot opt source destination
DROP icmp -- anywhere anywhere icmp redirect
ACCEPT all -- anywhere anywhere
Chain AS0_OUT_S2C (1 references)
target prot opt source destination
AS0_OUT all -- anywhere anywhere
Chain AS0_WEBACCEPT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Aug 18, 2011 9:05 pm
Re: PPTPD service on Openvpn AS machine!?
I am sorry, but this is beyond my basic understanding of IPTABLES
Any help would be appreciated!!!
Any help would be appreciated!!!
- swg0101
- OpenVPN User
- Posts: 23
- Joined: Fri Sep 23, 2011 7:03 am
Re: PPTPD service on Openvpn AS machine!?
You will need to open up TCP port 1723 and protocol GRE for PPTP to work.
As far as concurrently running OpenVPN and a PPTP server - I suggest you don't do this, as OpenVPN-AS relies somewhat heavily on iptables which the PPTP server might break if you install them both together.
You can try this on a non-production machine and see how they behave though...
Good luck!
As far as concurrently running OpenVPN and a PPTP server - I suggest you don't do this, as OpenVPN-AS relies somewhat heavily on iptables which the PPTP server might break if you install them both together.
You can try this on a non-production machine and see how they behave though...
Good luck!
--- Sorry, I probably can't help you, so you can stop asking now...
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Aug 18, 2011 9:05 pm
Re: PPTPD service on Openvpn AS machine!?
Right, yeah I see that it sure does. Well, I have already installed PPTPD and I can connect, but the routing won't work.
I have created an alias interface for PPTPD to give out to users, but the question is how to make it NATed.
Gosh I need ideas, as I must come up with a PPTPD server on the same machine.
Any further ideas/help would be appreciated.
Nile
I have created an alias interface for PPTPD to give out to users, but the question is how to make it NATed.
Gosh I need ideas, as I must come up with a PPTPD server on the same machine.
Any further ideas/help would be appreciated.
Nile
- swg0101
- OpenVPN User
- Posts: 23
- Joined: Fri Sep 23, 2011 7:03 am
Re: PPTPD service on Openvpn AS machine!?
Does sticking a MASQUERADE rule in the interface in question work?
--- Sorry, I probably can't help you, so you can stop asking now...
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Aug 18, 2011 9:05 pm
Re: PPTPD service on Openvpn AS machine!?
No. I honestly need to dig up some books on IPTABLES. I just don't fully understand OVPN-AS's rules... when I do I will be able to add what I need... so unless someone has an answer I am going to spend a few weeks studying linux networking.
- swg0101
- OpenVPN User
- Posts: 23
- Joined: Fri Sep 23, 2011 7:03 am
Re: PPTPD service on Openvpn AS machine!?
If you post your iptables listing then it would be easier to help you...
--- Sorry, I probably can't help you, so you can stop asking now...