Allow PPTPD VPN clients to communicate with one another

Question

I have an Ubuntu server on the net, I setup PPTPD on said server because I was experiencing a problem I VPN might solve. At my home address I have my Desktop, and I would like to access its resources remotely, but my network is managed by the owner of the building I rent as part of the package. The problem with this being that I'm behind a NAT gateway and I have no control over making rules for incoming connections - which is where I thought this VPN would come in.

I have the VPN setup and I have 2 clients connected it, one at my work address and the machine at my home address I am trying to access.

The problem I am now facing is that, while both clients can access the server using its address on the VPN, neither client can access one another. From my limited experience with setting up a VPN server on a windows machine I am assuming this is a static route I need to put on the VPN server (using IP tables on Linux, correct?)

My issue here being I cant seem to find any resources guiding someone new to IP tables like myself to do such a thing (the most I've used IP tables for are rudimentary firewalls on Linux machines)

My pptpd.conf currently looks like this:

localip 192.168.5.1
remoteip 192.168.5.100-200

and running ifconfig in the terminal returns this:

eth0      Link encap:Ethernet  HWaddr 06:04:f3:bd:b1:55
          inet addr:172.31.40.155  Bcast:172.31.47.255  Mask:255.255.240.0
          inet6 addr: fe80::404:f3ff:febd:b155/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:799727 errors:0 dropped:0 overruns:0 frame:0
          TX packets:842359 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:162961224 (162.9 MB)  TX bytes:175049396 (175.0 MB)
          Interrupt:25

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:192.168.5.1  P-t-P:192.168.5.100  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1396  Metric:1
          RX packets:638 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:39972 (39.9 KB)  TX bytes:120 (120.0 B)

ppp1      Link encap:Point-to-Point Protocol
          inet addr:192.168.5.1  P-t-P:192.168.5.101  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1396  Metric:1
          RX packets:249165 errors:0 dropped:0 overruns:0 frame:0
          TX packets:358982 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:47416219 (47.4 MB)  TX bytes:84311463 (84.3 MB)

Sorry if I'm supplying too much information and/or am rambling, I'm just trying to provide as much info on my problem as possible.

score 0 · Accepted Answer · answered Apr 06 '14 at 16:58

Is IPv4 routing enabled? You can check by typing cat /proc/sys/net/ipv4/ip_forward. If it says 0 routing is disabled, if it says 1 routing is enabled. If this is what you are missing, you can enable routing by typing echo 1 > /proc/sys/net/ipv4/ip_forward, and it can be made permanent by adding one line to /etc/sysctl.conf

net.ipv4.ip_forward=1

If routing is enabled and it still doesn't work, you can look for firewall rules. If you are using iptables, you can use the iptables-save command to see the current rules.

Allow PPTPD VPN clients to communicate with one another

1 Answers1