0

So I setup a simple PPTP VPN on my EC2 Ubuntu instance. However, when I'm connected to that VPN from my laptop, I'm unable to access any AWS-hosted sites/services (times out). Everything else works.

I've tried accessing the same sites from the instance itself, and that works fine.

As far as routing goes, this is what I have:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

eth0:

Link encap:Ethernet  HWaddr 12:31:3d:00:9c:c3  
inet addr:10.244.163.49  Bcast:10.244.163.255  Mask:255.255.254.0
inet6 addr: fe80::1031:3dff:fe00:9cc3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:21277177 errors:0 dropped:0 overruns:0 frame:0
TX packets:20872214 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000 
RX bytes:18763465606 (18.7 GB)  TX bytes:3316560823 (3.3 GB)

routing table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.244.162.0    0.0.0.0         255.255.254.0   U     0      0        0 eth0
0.0.0.0         10.244.162.1    0.0.0.0         UG    100    0        0 eth0

any pointers?

thanks.

oliver
  • 1
  • 1
  • 1
    `iptables` isn't routing, it's firewalling. Your routing table, amongst other things, might be instructive. – womble Aug 03 '11 at 10:23

2 Answers2

0

You should use an Elastic IP if you have assigned one, otherwise you can use the private (ex: ec2-46-137-xx-xx.eu-west-1.compute.amazonaws.com) or public (ex ip-10-xxx-xxx-6.eu-west-1.compute.internal) DNS.

Bart De Vos
  • 17,911
  • 6
  • 63
  • 82
0

I know this is old but I had the same problem and it waasn't easy to find the answer.

I found it here, item number 4: http://allstarnix.blogspot.com.br/2013/03/how-to-solve-pptp-vpn-client-cannot.html

It gives this little extra command that solved it:

iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Rafael
  • 1