Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

Connessioni VPN PPTP da dietro ZS non si connettono

 
Nuovo argomento   Rispondi    Indice del forum -> Bridge e router
Precedente :: Successivo  
Autore Messaggio
marcomv



Registrato: 11/09/18 12:31
Messaggi: 1

MessaggioInviato: Mar Set 11, 2018 12:44 pm    Oggetto: Connessioni VPN PPTP da dietro ZS non si connettono Rispondi citando

Salve,
Avrei la seguente problematica, se cerco di collegarmi a VPN di tipo PPTP dai miei PC client dietro ZS, mi restituisce l'errore seguente l'event view di windows:

Codice di errore restituito: 806

Attualmente la ZS č cosi configurata:

ETH01 192.168.1.2 GW 192.168.1.1 ( Router Telecom ) con DMZ su ZS
ETH02 192.168.10.1 LAN Pc client

Routing Table:
Destination Netmask Type Metric Gateway Interface Flags State Source
DEFAULT GATEWAY 0.0.0.0 Net 0 192.168.1.1 ETH01 UG Up Static
192.168.1.0 255.255.255.0 Net 0 none ETH01 U Up Auto
192.168.10.0 255.255.255.0 Net 0 none ETH02 U Up Auto

IPtables:
root@zeroshell ~> iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:http to:192.168.10.201:80
DNAT tcp -- anywhere anywhere tcp dpt:http to:192.168.10.201:80
DNAT tcp -- anywhere anywhere tcp dpts:8700:8705 to:192.168.10.10:8700-8705
DNAT tcp -- anywhere anywhere tcp dpt:pcsync-https to:192.168.10.10:8443
DNAT tcp -- anywhere anywhere tcp dpt:8843 to:192.168.10.10:8843
DNAT tcp -- anywhere anywhere tcp dpt:cddbp-alt to:192.168.10.10:8880
DNAT tcp -- anywhere anywhere tcp dpt:27717 to:192.168.10.10:27717
DNAT tcp -- anywhere anywhere tcp dpt:8881 to:192.168.10.10:8881
DNAT tcp -- anywhere anywhere tcp dpt:8882 to:192.168.10.10:8882
DNAT tcp -- anywhere anywhere tcp dpt:http-alt to:192.168.10.10:8080
DNAT tcp -- anywhere anywhere tcp dpt:nat-stun-port to:192.168.10.10:3478
DNAT udp -- anywhere anywhere udp dpt:nat-stun-port to:192.168.10.10:3478
DNAT tcp -- anywhere anywhere tcp dpt:57619 to:192.168.10.11:57619

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNATVS all -- anywhere anywhere
MASQUERADE all -- anywhere anywhere
MASQUERADE all -- anywhere anywhere
MASQUERADE all -- anywhere anywhere
MASQUERADE all -- anywhere anywhere

Chain SNATVS (1 references)

Firewall:
Chain FORWARD (policy ACCEPT 18400 packets, 1207K bytes)
pkts bytes target prot opt in out source destination
10M 10G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
39187 4958K ACCEPT all -- ETH02 ETH01 0.0.0.0/0 0.0.0.0/0
0 0 LOG 47 -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED limit: avg 10/min burst 15 LOG flags 0 level 4 prefix "FORWARD/003"
0 0 ACCEPT 47 -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
0 0 LOG 115 -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED limit: avg 10/min burst 15 LOG flags 0 level 4 prefix "FORWARD/004"
0 0 ACCEPT 115 -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
0 0 LOG udp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:500 dpt:500 limit: avg 10/min burst 15 LOG flags 0 level 4 prefix "FORWARD/005"
0 0 ACCEPT udp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:500 dpt:500
0 0 LOG udp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:4500 dpt:4500 limit: avg 10/min burst 15 LOG flags 0 level 4 prefix "FORWARD/006"
0 0 ACCEPT udp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:4500 dpt:4500
0 0 LOG tcp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp spt:1723 dpt:1723 limit: avg 10/min burst 15 LOG flags 0 level 4 prefix "FORWARD/007"
0 0 ACCEPT tcp -- ETH01 ETH02 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp spt:1723 dpt:1723

Chain INPUT (policy DROP 39233 packets, 3463K bytes)
pkts bytes target prot opt in out source destination
68204 6702K SYS_GUI all -- * * 0.0.0.0/0 0.0.0.0/0
68204 6702K SYS_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
92 4968 SYS_HTTPS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
4122 620K SYS_HTTPS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
182 13940 SYS_SSH tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
1810 154K ACCEPT all -- ETH02 * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED


Da cosa potrebbe dipendere? Le VPN in L2TP invece funzionano a meraviglia!
Grazie per la collaborazione!
Marco.
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Bridge e router Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it