3

I've installed pptpd on an ubuntu 10.4 box and configured it like this:

localip: 192.168.1.11 (the pptpd server) remoteip: 192.168.1.150-199

I've also added a user and added the following line to /etc/rc.local: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

and also edited /etc/sysctl.conf to enable ip forwarding.

I can browse the web using this VPN and can ping the 192.168.1.11 server. Whenever I try to connect to another host on the same network (for example 192.168.1.200, a webserver) it fails and ping times out.

Anyone an idea how I can access the other local network computers using vpn? Any help is appreciated!

kimausloos
  • 67
  • 7
  • Even when I'm using internet tethering with my phone I can connect to the VPN and reach 192.168.1.11, but not the others, so I suspect the subnet is not the problem... Feel free to correct me. – kimausloos Sep 13 '10 at 15:53
  • How do you "tether" your phone? If it's connecting to the VPN client computer or network then the same conditions apply. – joeqwerty Sep 13 '10 at 16:13
  • I connect my laptop to the phone using bluetooth and get an IP from my cellphone provider in the 170.x.x.x range, connected directly to the internet. I disable everything else (wifi, network) and then use the built-in vpn client of OSX to connect to the VPN. I've tried surfing to the vpn server (which is also a webserver) while being connected to the vpn like this, and apache logs indicate I'm having IP 192.168.1.150, the first one in the remoteip range. – kimausloos Sep 13 '10 at 16:32
  • You've still got the same issue. It doesn't matter how you get your internet connection or what ip address you get from that internet connection. The workstation's local network is on the same subnet as the VPN server, which is the cause of the issue. – joeqwerty Sep 14 '10 at 01:58

1 Answers1

1

I'm thinking that the LAN where the client is connecting from is using the same subnet as the LAN where the pptp server is, typically 192.168.1.0/24. If it is then that's the problem. The solution would be to use a different subnet on the client side or the server side.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172