Here we go, (Thanks in advance)
I am trying to enable PPTP VPN in RAF 1.28 NOCAT + VPN. This version already has the fix of removing "allow all" PPP which I found in my search for solutions.
What happened is after enabling PPTP VPN, the TCP port 1723 and Protocol 47 are still closed from the outside. No client can connect.
Looking at the IPTABLES I find the following.
Chain INPUT (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination ... 20 0 0 logdrop all -- * * 0.0.0.0/0 0.0.0.0/0 21 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 22 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0
Looking at the "IP-UP" script in "/etc/vpn/ip-up" I cannot find where this rule is created. Deleting line 21 and 22 and re-adding them as below instantly make it work.
iptables -I INPUT -p tcp --dport 1723 -j ACCEPT iptables -I INPUT -p 47 -j ACCEPT
I cannot find how to automate this process so that using the GUI to enable PPTP results in the correct rules.
Can anyone help?
I suspect this guy has the same problem since iptables -a for 1723 and gre puts it below the block all