We´re using a PC with openSUSE 11.0 in our small company which works as Internetgateway + Router.
I set up the PPTP Daemon an made the configs to get incoming connections. It is possible to establish a connection from external zone eg. a Win XP Client but I cannot connect to the clients in the internal Zones.
The thing we want to do is a Remotedesktopconnection through the VPN tunnel of the Gateway (in our case 192.168.0.1) to a Windows Client (192.168.0.11) in the internal zone.
In Susefirewall2 I configured the RDP Port 3389 and the GRE Protocol (for VPN) to be allowed in the internal an external zone. For security reasons there is no masquerading of the Port 3389, which allows direct Remotedesktop usage from outside. Only Port 1723 is forwarded to “localhost”.
The question is how to get internal client-connections through the PPTPd from outside?
Are you able to see the connection making it to your gateway machine even
(LAN trace)? If so do the packets get forwarded to your internal network?
I have not played with PPTP personally but have setup OpenVPN on multiple
distributions many times and it is great and cross-platform (its client on
windows is the easiest I’ve used, and the client in SUSE is built into
NetworkManager. If it were my environment I would go this route instead
but that’s just me. If that is not an option then troubleshoot where the
packets are going (make sure they get off the source box and make it to
your gateway, then off the gateway and through to the remote windows machine).
Good luck.
redoffice wrote:
> We´re using a PC with openSUSE 11.0 in our small company which works as
> Internetgateway + Router.
>
> I set up the PPTP Daemon an made the configs to get incoming
> connections. It is possible to establish a connection from external zone
> eg. a Win XP Client but I cannot connect to the clients in the internal
> Zones.
>
> The thing we want to do is a Remotedesktopconnection through the VPN
> tunnel of the Gateway (in our case 192.168.0.1) to a Windows Client
> (192.168.0.11) in the internal zone.
>
> In Susefirewall2 I configured the RDP Port 3389 and the GRE Protocol
> (for VPN) to be allowed in the internal an external zone. For security
> reasons there is no masquerading of the Port 3389, which allows direct
> Remotedesktop usage from outside. Only Port 1723 is forwarded to
> “localhost”.
>
> The question is how to get internal client-connections through the
> PPTPd from outside?
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
Thanks for the reply. OpenVPN is a very powerful program, I already tried that. But for our needs I wanted an easy as possible VPN connection.
Well I found a solution for the problem with connecting the internal clients.
Actually it was a very trivial thing. I only had to set a route of the Port 3389 to the Windows Workstation´s internal IP (192.168.0.11) from the internal IP of the connecting client from outside. That works just fine now!
Note that PPTP is far from secure compaired to others.
I personally use SSL-Explorer.
Is no longer maintained, old version can still be found on the net though. An open source alternative project is still running for it. This is called Adito. You might give that a try.
It can do some real great things, even running software right from the server which you don’t have on you own pc (even windows software).