[linux] Pripojenie na VPN

[Al Hafoudh]

Zdar,
ja som nastavoval VPN na Win2k3 server. Pripajam kusok skriptu z roboty:

-----------------------
$IPTABLES -t nat -A PREROUTING -p tcp -d $INET_IP --dport 1723 -j DNAT 
--to ${MAGICSERVERIP}:1723
$IPTABLES -t nat -A PREROUTING -p udp -d $INET_IP --dport 500 -j DNAT 
--to ${MAGICSERVERIP}:500
$IPTABLES -t nat -A PREROUTING -p 47 -d $INET_IP -j DNAT --to 
${MAGICSERVERIP}
$IPTABLES -t nat -A PREROUTING -p gre -d $INET_IP -j DNAT --to 
${MAGICSERVERIP}

$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN1_IFACE -p tcp -d 
${MAGICSERVERIP} --dport 1723 -j ACCEPT
$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN1_IFACE -p udp -d 
${MAGICSERVERIP} --dport 500 -j ACCEPT
$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN1_IFACE -p 47 -d 
${MAGICSERVERIP} -j ACCEPT
$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN1_IFACE -p gre -d 
${MAGICSERVERIP} -j ACCEPT
-----------------------

Igor Stanek  wrote / napísal(a):
> Ahoj,
>  
> potrebujem sa z nasej LAN, ktora je za Debian linux firewallom 
> (NAT) pripojit k zakaznikovi na jeho VPN (Windows Server 2003). 
> Neviem, co mam nastavit u nas na tom Debiane, aby sa to podarilo. 
> Spojenie zlyha s hlaskou "Error 721: The remote computer did not 
> respond.".
>  
> Vdaka za kazde nakopnutie...
>  
> Igor Stanek
>  
> Toto tam mam nastavene...
>
> # PPTP authentication
>
> ipchains -A input -p tcp -s <remote_vpn_server> -d <my_ext_ip> 1723 -j 
> ACCEPT
> ipchains -A output -p tcp -d <remote_vpn_server> -s <my_ext_ip> 1723 
> -j ACCEPT
>
> # GRE forwarding
>
> ipchains -A input -p 47 -s <remote_vpn_server> -j ACCEPT
> ipchains -A output -p 47 -d <remote_vpn_server> -j ACCEPT
>
> ipchains -A input -p udp -s <remote_vpn_server> 500 -j ACCEPT
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> https://lists.linux.sk/mailman/listinfo/linux
> Prehladavanie archivu: http://search.lists.linux.sk
> Meta FAQ: http://www.sklug.sk/lists/linux/metafaq.html