OpenWrt Forum Archive

Topic: PPTP, Internet, Iptables and Route

The content of this topic has been archived on 4 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
jnash
29 Mar 2008, 01:00

I don't understand how to routing my pptp internet access with Netgear wgt634u. (kamikaze 7.09)
I read any document about routing on kamikaze but I don't understand it.
Windows without router it's OK
Windows with router it's NOT OK
Linux without router it's NOT OK (I think it was the same problem)

I can connect to my Internet provider with Linux and with the router, but I can't surf to the internet.

Before connect my Ifconfig:


br-lan    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:105 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13518 (13.2 KiB)  TX bytes:6494 (6.3 KiB)

br-wan    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          inet addr:10.10.14.83  Bcast:10.10.15.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:452 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:26747 (26.1 KiB)  TX bytes:1568 (1.5 KiB)

eth0      Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:556 errors:0 dropped:0 overruns:0 frame:0
          TX packets:56 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:52121 (50.8 KiB)  TX bytes:8116 (7.9 KiB)
          Interrupt:4

eth0.0    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:105 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13938 (13.6 KiB)  TX bytes:6686 (6.5 KiB)

eth0.1    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:457 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:28897 (28.2 KiB)  TX bytes:1620 (1.5 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

my route -n before connect to ISP

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
10.10.14.0      0.0.0.0         255.255.254.0   U     0      0        0 br-wan
0.0.0.0         10.10.14.1      0.0.0.0         UG    0      0        0 br-wan

my iptables before connect

Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       tcp  --  anywhere             anywhere            tcp option=!2 flags:SYN/SYN
input_rule  all  --  anywhere             anywhere
input_wan  all  --  anywhere             anywhere
LAN_ACCEPT  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     gre  --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable

Chain FORWARD (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            state INVALID
TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
forwarding_rule  all  --  anywhere             anywhere
forwarding_wan  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
output_rule  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable

Chain LAN_ACCEPT (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain forwarding_rule (1 references)
target     prot opt source               destination

Chain forwarding_wan (1 references)
target     prot opt source               destination

Chain input_rule (1 references)
target     prot opt source               destination

Chain input_wan (1 references)
target     prot opt source               destination

Chain output_rule (1 references)
target     prot opt source               destination

after connection to my isp

pppd options in effect:
debug           # (from command line)
nodetach                # (from command line)
maxfail 0               # (from /etc/ppp/options)
dump            # (from command line)
name MyLogin              # (from /etc/ppp/peers/MyISP)
remotename MyISP          # (from /etc/ppp/peers/MyISP)
                # (from /etc/ppp/options)
pty pptp 10.10.0.1 --nolaunchpppd               # (from /etc/ppp/peers/MyISP)
nocrtscts               # (from /etc/ppp/options)
noaccomp                # (from /etc/ppp/options)
nopcomp         # (from /etc/ppp/options)
mppe xxx # [don't know how to print value]              # (from /etc/ppp/peers/MyISP)
using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x841ae8f9>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xa533658b> <pcomp> <accomp>]
sent [LCP ConfRej id=0x1 <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x841ae8f9>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0xa533658b>]
sent [LCP ConfAck id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0xa533658b>]
rcvd [LCP EchoReq id=0x0 magic=0xa533658b]
sent [LCP EchoRep id=0x0 magic=0x841ae8f9]
rcvd [CHAP Challenge id=0xf3 <f18036d116e5c66d698d3ffd9f5627f0>, name = "pptpd"]
sent [CHAP Response id=0xf3 <670ab2a6ae088e9c890158d360493f5c0000000000000000c710ee597f7ce5f2dfdac6df9d19a82812d4e2866627fc4600>, name = "MyLogin"]
rcvd [CHAP Success id=0xf3 "S=F54845B6EA4B4C60F23A131FCAFFF544FE4D8D67"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H +M +S +L -D -C>]
rcvd [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.10.64.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.10.64.1>]
rcvd [IPCP ConfNak id=0x1 <addr 10.10.64.180>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 10.10.64.180>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 10.10.64.180>]
local  IP address 10.10.64.180
remote IP address 10.10.64.1
Script /etc/ppp/ip-up started (pid 667)
Script /etc/ppp/ip-up finished (pid 667), status = 0x0


br-lan    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1134 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1820 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:75465 (73.6 KiB)  TX bytes:209299 (204.3 KiB)

br-wan    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          inet addr:10.10.14.83  Bcast:10.10.15.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:695 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:40646 (39.6 KiB)  TX bytes:4247 (4.1 KiB)

eth0      Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1829 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1864 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:155937 (152.2 KiB)  TX bytes:228094 (222.7 KiB)
          Interrupt:4

eth0.0    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1134 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1820 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:80001 (78.1 KiB)  TX bytes:216579 (211.5 KiB)

eth0.1    Link encap:Ethernet  HWaddr 00:0F:B5:0B:9D:14
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:700 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:43768 (42.7 KiB)  TX bytes:4447 (4.3 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:312 (312.0 B)  TX bytes:312 (312.0 B)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:10.10.64.180  P-t-P:10.10.64.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:72 (72.0 B)  TX bytes:78 (78.0 B)

The iptables -L before and after connection are the same.
I insert in /etc/ppp/ip-up and ip-down some iptables rules as HowtoPPTPClient
but they are not load.

Can You Help Me please?
Thanks and sorry for my bad english.

Post #2
jnash
13 Apr 2008, 11:24

Any Idea?

The discussion might have continued from here.