?
Solved

VPN and windows clients

Posted on 2005-03-18
12
Medium Priority
?
600 Views
Last Modified: 2010-03-18
Hi all im newbie in linux and my boss tell me ....

Please install a VPN server i need to connect to this server from my house with a VPN.

My boss use a windows XP notebook. here my questions

1. A HOWTO to install step by step a VPN server Fedora Core2  with IPTABLES?   (or any voluntaire to explain step by step_)

2. What windows client is FREE - OpenSource to connect windows to a server with VPN ?

Thanks.... a LOT!!!!!!

im really desperate... :(
0
Comment
Question by:netrok
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
12 Comments
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13577634
Hi,

  iptables is mostly for packets filtering such as firewall. As VPN server for Windows clients, you might
want to try Poptop.
http://www.poptop.org/

Download here:
http://sourceforge.net/project/showfiles.php?group_id=44827
Or
http://sourceforge.net/project/showfiles.php?group_id=44827&package_id=51373&release_id=248009

Documentation here:
http://poptop.sourceforge.net/dox/
Including installation guide on the server and Windows clients.

PPTP is built-in with Windows, you don't need the client software. Just refer the documentation link and the Windows client
configuration portition.

Regards,

Wesly

0
 

Author Comment

by:netrok
ID: 13579332
hi welsy thnks for this comments.

i install the soft and connect to my server ........ and now i have some questions and problems


1- how to use the system user and password for authenticate??? is possible?

2- i connect to my server and give me the address 192.168.1.3  now this is rigth but .....

i cant ping my other server 192.168.1.143 and this is the reason for that. and when i start for example thunderbird if i check mail the connection goes for 192 VPN or for the public IP ???

3- i need some specific IPTABLES sentence to access ??? or is all rigth with no rules?
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13579416
> cant ping my other server 192.168.1.143
Where did you connect from? It need to from outside (internet).
What's the default gateway on your VPN client? ("route print" in command prompt)

Could you describe more about your network infrastructure such as
(on Linux box)
ifconfig -a  
netstat -rn  
iptables -L
(on Windows VPN client)
ipconfig /all
route print

Wesly
0
Is Your Team Achieving Their Full Potential?

74% of employees feel they are not achieving their full potential. With Linux Academy, not only will you strengthen your team's core competencies but also their knowledge of of the newest IT topics.

With new material every week, we'll make sure that you stay ahead of the game.

 

Author Comment

by:netrok
ID: 13579883
oh oh... i restart the server and now isimpossible to connect remotely by a VPN

ar 18 23:26:52 omega pptpd[2820]: CTRL: Client 200.125.15.177 control connection started
Mar 18 23:26:52 omega pptpd[2820]: CTRL: Starting call (launching pppd, opening GRE)
Mar 18 23:26:52 omega pptpd[2820]: GRE: read(fd=4,buffer=804dac0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Mar 18 23:26:52 omega pptpd[2820]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Mar 18 23:26:52 omega pptpd[2820]: CTRL: Client 200.125.15.177 control connection finished


i use the standart conf files, i delete all and reinstall again but nothing these is the error! :(


0
 
LVL 38

Assisted Solution

by:wesly_chen
wesly_chen earned 800 total points
ID: 13579894
> usually caused by unexpected termination of pppd, check option syntax and pppd logs
Please check pppd.logs for the information since you reboot the system (unexpected termination of pppd...)
0
 

Author Comment

by:netrok
ID: 13587427
nothing in pppd.log   only this in message log
0
 

Author Comment

by:netrok
ID: 13587545
ok wesly i repairthe connection .... i delete the CHEAP and is ok now. but i continue with the same problem i connect and get a 192.168.1.43 IP number my remote net is 192.168.1.0/24

my firewall is only for forwarding 192 to external net

i add this
iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 1723 -j ACCEPT
iptables -t nat -A OUTPUT -o eth0 -p 47 -j ACCEPT
iptables -A OUTPUT -o eth0 -p 47 -j ACCEPT
iptables -A INPUT  -i eth0 -p 47 -j ACCEPT
iptables -A INPUT  -i ppp+ -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
iptables -A OUTPUT -o ppp+ -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
echo "PPTPD allowed"


but still no connect to the server 192.168.1.143   in my remote net 192.   why?  :(
0
 

Author Comment

by:netrok
ID: 13587586
another comment the default Gateway in my windows client is the same address than VPN assign ... that is correct?  for example

Ip: 192.168.1.213
DefaulGateway: 192.168.1.213
0
 
LVL 14

Expert Comment

by:pablouruguay
ID: 13591005
hi network. i think this config is OK. and you can access to the server. 143 with this gateway.

maybe you have a problem like the ISP ip is 192.168.1.x  in this case you need to config with another 192.168.0 for example your VPN connection. check that and comment
0
 

Author Comment

by:netrok
ID: 13599748
my ISP give me a 192.168.1.x too. i change my vpn connection a now i can access to the server. :)   but how to add MPE 128 ??? is the problem now.  because when i add this line to my setup the log say Wrong Sintax
0
 
LVL 14

Accepted Solution

by:
pablouruguay earned 1200 total points
ID: 13601937
you need to add patchs to kernel and ppp. folow this instructions please.

http://csg.trinhall.cam.ac.uk/tips/vpn/linux

0
 

Author Comment

by:netrok
ID: 13602291
thanks wesly and pablo i will try this options later in my work!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month13 days, 4 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question