0

I am trying to configure PPTPD on my Ubuntu box to pass all VPN traffic through to it's internet connection, so I essentially want it to work like a Proxy.

I think the problem is that no default gateway is being assigned to my PPTP client (Windows 7). I can connect to the VPN fine, I get an IP address and DNS servers but no default gateway.

Do I need to configure a specific option to tell the VPN server to forward all traffic it receives down it's eth0 port and out to the internet.

Thanks!

SnAzBaZ
  • 203
  • 2
  • 6
  • 11
  • I also need an answer to this question. I've added a bounty ;) – Unkwntech Dec 20 '10 at 07:15
  • Would you please copy/paste your `route print`? – Ehsan Dec 21 '10 at 00:36
  • In my case there are no custom routes. – Unkwntech Dec 21 '10 at 17:13
  • I didn't mean that, let me ask the question in other words, When I connect to me vpn server, it assign me an IP address like 192.168.0.3 and also it's my default gateway. what about your case? You also should have a route to your vpn server trough the former gateway. do you have that? It's better if you copy/paste your `route print` :-) – Ehsan Dec 21 '10 at 18:05

3 Answers3

1

Have you done setup of nat on your ubuntu box?

Here is example how to do it using iptables hope it will help you

#!/bin/sh

# iptables executable lives here
IPTABLES='/usr/sbin/iptables'
# renaming of our interfaces for better usability
# externail interface 
EXTIF='eth0'
# internal interface
INTIF='ppp0'
# flushing all of our rules
$IPTABLES -F
$IPTABLES -X
# switching on NAT 
# 192.168.1.0/24 - is an internal network behind our linux box
$IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -o $EXTIF -j MASQUERADE
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -m state --state NEW,ESTABLISHED -j ACCEPT

# optional tuning
# allow ssh connections to linux box
$IPTABLES -A INPUT --protocol tcp --dport 22 -j ACCEPT
# allow connections to http server on linux box
$IPTABLES -A INPUT --protocol tcp --dport 80 -j ACCEPT
# deny all other connections
$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,INVALID -j DROP
$IPTABLES -A FORWARD -i $EXTIF -m state --state NEW,INVALID -j DROP

# port forwarding
# vnc
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 5900 -j DNAT --to 192.168.1.116:5900
iptables -A INPUT -p tcp -m state --state NEW --dport 5900 -i $EXTIF -j ACCEPT
# samba
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 139 -j DNAT --to 192.168.1.116:139
iptables -A INPUT -p tcp -m state --state NEW --dport 139 -i $EXTIF -j ACCEPT
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 445 -j DNAT --to 192.168.1.116:445
iptables -A INPUT -p tcp -m state --state NEW --dport 445 -i $EXTIF -j ACCEPT
Shamanu4
  • 194
  • 4
  • 16
0

Which default gateway do you want, remote or local?

windows pptp vpn client *do not* use default gateway on remote network

Community
  • 1
songei2f
  • 1,924
  • 1
  • 20
  • 30
0

I found that uncommenting these two lines in /etc/ppp/pptpd-options;

ms-dns: 10.0.0.1

ms-dns: 10.0.0.2

and replacing them with the ip address of your router/modem did the trick.

user69074
  • 1