Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: iptables: User
Re: NAT rules for VPN only allowing one user?
 

Index | Next | Previous | View Flat


michael.gale at pason

May 30, 2007, 7:37 AM


Views: 1088
Permalink
Re: NAT rules for VPN only allowing one user? [In reply to]

Hey,

This sounds like a problem on the VPN gateway device, you should remove the rule:

"/sbin/iptables -t nat -A POSTROUTING -o eth1
-d $LINKSYS_VPN_IP -p tcp --dport 1723
-j SNAT --to-source $ETH1_IP"

And resolve that issue, what is most likely currently happening. Your VPN router is only setup for or only supports 1 VPN connection per IP address. So a second connection
would over write the first one.

Michael

Neil Aggarwal wrote:
> Jan:
>
> Actually, I need the SNAT rule to make my remote
> users look like they are coming from the local network.
>
> For some reason, the Linksys does not respond to the
> connection unless I have that.
>
> Thanks,
> Neil
>
> --
> Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
> FREE! Eliminate junk email and reclaim your inbox.
> Visit http://www.spammilter.com for details.
>
> -----Original Message-----
> From: netfilter-bounces [at] lists
> [mailto:netfilter-bounces [at] lists] On Behalf Of Jan Engelhardt
> Sent: Tuesday, May 29, 2007 1:13 PM
> To: Neil Aggarwal
> Cc: netfilter [at] lists
> Subject: Re: NAT rules for VPN only allowing one user?
>
> On May 29 2007 12:31, Neil Aggarwal wrote:
>
>> /sbin/iptables -t nat -A POSTROUTING -o eth1
>> -d $LINKSYS_VPN_IP -p tcp --dport 1723
>> -j SNAT --to-source $ETH1_IP
>
> This is redundant.
>
>> Either one of my remote users can connect to the VPN using
>> the Windows XP VPN client. But, if one of them is connected
>> and the other tries to connect, the second person gets to
>> the verifying username and password screen and then
>> gets an Error 619 that they are not able to connect.
>>
>> I think somehow the existing connection is mis-routing
>> the login for the second connection.
>>
>> Any ideas what could be going on?
>
> Use the holy tcpdump.
>
>
> Jan

--
Michael Gale

Red Hat Certified Engineer
Network Administrator
Pason Systems Corp.

Subject User Time
NAT rules for VPN only allowing one user? neil at JAMMConsulting May 29, 2007, 10:31 AM
    Re: NAT rules for VPN only allowing one user? jengelh at linux01 May 29, 2007, 11:12 AM
        RE: NAT rules for VPN only allowing one user? neil at JAMMConsulting May 29, 2007, 10:17 PM
            Re: NAT rules for VPN only allowing one user? michael.gale at pason May 30, 2007, 7:37 AM
                RE: NAT rules for VPN only allowing one user? mmckeay at stillsecure May 30, 2007, 8:16 AM
    RE: NAT rules for VPN only allowing one user? neil at JAMMConsulting May 30, 2007, 8:28 AM
    RE: NAT rules for VPN only allowing one user? mmckeay at stillsecure May 30, 2007, 9:12 AM
    Re: NAT rules for VPN only allowing one user? m at rtij May 30, 2007, 2:06 PM
        Re: NAT rules for VPN only allowing one user? gcarter at aesgi May 30, 2007, 5:24 PM
            RE: NAT rules for VPN only allowing one user? neil at JAMMConsulting May 30, 2007, 6:07 PM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.