Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / [SOLVED]Zentyal 3.2.4 L2TP only one user can access the network
« on: November 30, 2013, 08:52:54 pm »
Hello,
I've configured my L2TP server but i can only connect one user can access the network. There can be multiple users connected but only the first can access from VPN -> LAN. I can access LAN -> VPN Clients
My config:
Tunnel IP: 192.168.0.191
Range: 192.168.0.161-192.168.0.179
So far I've figured this out.
in: /usr/share/perl5/EBox/IPsec/FirewallHelper.pm there are methods inputNoSpoof and forwardNoSpoof which should add the IP's into the firewall as they connect, but while i connect multiple clients 192.168.0.161 ppp1, 192.168.0.162 ppp2, 192.168.0.163 ppp3 I get only 192.168.0.161 in the logs on every connection.
Every time i make a conection i get this in my logs:
After i manually add the rules into the firewall for the other connections i can browse the network:
Anyone has idea how to continue with this? PPTP is not available in 3.2 and L2TP is not working and i con't want to conplicate things by installing software for OpenVPN.
EDIT:
I've managed to solve my problem and reported bug: http://trac.zentyal.org/ticket/7788
Regards,
Nikola
I've configured my L2TP server but i can only connect one user can access the network. There can be multiple users connected but only the first can access from VPN -> LAN. I can access LAN -> VPN Clients
My config:
Tunnel IP: 192.168.0.191
Range: 192.168.0.161-192.168.0.179
So far I've figured this out.
in: /usr/share/perl5/EBox/IPsec/FirewallHelper.pm there are methods inputNoSpoof and forwardNoSpoof which should add the IP's into the firewall as they connect, but while i connect multiple clients 192.168.0.161 ppp1, 192.168.0.162 ppp2, 192.168.0.163 ppp3 I get only 192.168.0.161 in the logs on every connection.
Every time i make a conection i get this in my logs:
Code: [Select]
2013/11/30 20:34:31 DEBUG> Sudo.pm:180 EBox::Sudo::_root - /usr/share/zentyal-firewall/dhcp-firewall.pl (pid: 8260) - set -e
/sbin/iptables -t filter -A fnospoofmodules -s 192.168.0.161/32 -i ppp1 -j faccept
/sbin/iptables -t filter -A inospoofmodules -s 192.168.0.161/32 -i ppp1 -j iaccept
/sbin/iptables -t filter -A fmodules -i ppp+ -p all -m state --state NEW,ESTABLISHED,RELATED -j faccept
/sbin/iptables -t filter -A iexternalmodules -m policy --dir in --pol ipsec -p udp --dport 1701 -j iaccept
After i manually add the rules into the firewall for the other connections i can browse the network:
Code: [Select]
/sbin/iptables -t filter -A fnospoofmodules -s 192.168.0.162/32 -i ppp2 -j faccept
/sbin/iptables -t filter -A inospoofmodules -s 192.168.0.162/32 -i ppp2 -j iaccept
/sbin/iptables -t filter -A fnospoofmodules -s 192.168.0.163/32 -i ppp3 -j faccept
/sbin/iptables -t filter -A inospoofmodules -s 192.168.0.163/32 -i ppp3 -j iaccept
Anyone has idea how to continue with this? PPTP is not available in 3.2 and L2TP is not working and i con't want to conplicate things by installing software for OpenVPN.
EDIT:
I've managed to solve my problem and reported bug: http://trac.zentyal.org/ticket/7788
Regards,
Nikola
Pages: [1]