R
rodama
I tried researching on why I cannot connect to my centos 6.5 vpn server.
I am using centos 6.5 configured with vpn using this tutorial steps:
1.yum install -y git
2. cd /opt && git clone git://github.com/drewsymo/VPN.git
3. cd VPN && bash vpn-setup-vanilla.sh
I have also added these to permit vpn connection in iptables:
It seems that the default iptables rules allows ssh (port 22) . If I enable iptables I can ssh my server but cannot connect to vpn port 1723.
My current iptables configuration is as follows:
# Generated by iptables-save v1.4.7 on Thu Jul 3 02:33:59 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [54:7684]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -i ppp+ -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A FORWARD -j ACCEPT
-A OUTPUT -o ppp+ -j ACCEPT
-A OUTPUT -p gre -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Jul 3 02:33:59 2014
# Generated by iptables-save v1.4.7 on Thu Jul 3 02:33:59 2014
*nat
REROUTING ACCEPT [6:860]
OSTROUTING ACCEPT [0:0]
thanks
Continue reading...
I am using centos 6.5 configured with vpn using this tutorial steps:
1.yum install -y git
2. cd /opt && git clone git://github.com/drewsymo/VPN.git
3. cd VPN && bash vpn-setup-vanilla.sh
I have also added these to permit vpn connection in iptables:
It seems that the default iptables rules allows ssh (port 22) . If I enable iptables I can ssh my server but cannot connect to vpn port 1723.
My current iptables configuration is as follows:
# Generated by iptables-save v1.4.7 on Thu Jul 3 02:33:59 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [54:7684]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -i ppp+ -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A FORWARD -j ACCEPT
-A OUTPUT -o ppp+ -j ACCEPT
-A OUTPUT -p gre -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Jul 3 02:33:59 2014
# Generated by iptables-save v1.4.7 on Thu Jul 3 02:33:59 2014
*nat
REROUTING ACCEPT [6:860]
OSTROUTING ACCEPT [0:0]
thanks
Continue reading...