
Here we go, (Thanks in advance)
I am trying to enable PPTP VPN in RAF 1.28 NOCAT + VPN. This version already has the fix of removing "allow all" PPP which I found in my search for solutions.
[/forum/t-622079/restrict-vpn-traffic-shibby-tomato-k26usb-1-28-rt-mipsr2-105]
What happened is after enabling PPTP VPN, the TCP port 1723 and Protocol 47 are still closed from the outside. No client can connect.
Looking at the IPTABLES I find the following.
Chain INPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
...
20 0 0 logdrop all -- * * 0.0.0.0/0 0.0.0.0/0
21 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
22 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0
Looking at the "IP-UP" script in "/etc/vpn/ip-up" I cannot find where this rule is created. Deleting line 21 and 22 and re-adding them as below instantly make it work.
iptables -I INPUT -p tcp --dport 1723 -j ACCEPT
iptables -I INPUT -p 47 -j ACCEPT
I cannot find how to automate this process so that using the GUI to enable PPTP results in the correct rules.
Can anyone help?
I suspect this guy has the same problem since iptables -a for 1723 and gre puts it below the block all
[/forum/t-572852/lan-acces-with-pptp-tunnel-on-shibby]
