Добрый день
Сто пятьсот тем уже было, я все перечитал но что то ничего не получается. Объясните мне, пожалуйста, что не так. Не могу из локальной сети подключиться к VPN PPTP.
net.ipv4.ip_forward = 1
modprobe ip_gre
modprobe ip_nat_pptp
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -i ppp+ -j ACCEPT
-A FORWARD -j ACCEPT
-A FORWARD -p gre -j ACCEPT
-A FORWARD -i ppp+ -p tcp -m tcp --dport 1723 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o br0 -j ACCEPT
-A OUTPUT -o ppp+ -j ACCEPT
COMMIT
# Completed on Sat Aug 8 19:03:19 2020
# Generated by xtables-save v1.8.2 on Sat Aug 8 19:03:19 2020
*mangle
:PREROUTING ACCEPT [2389663:2223369265]
:INPUT ACCEPT [71252:5711760]
:FORWARD ACCEPT [2315173:2216543896]
:OUTPUT ACCEPT [69345:4850505]
:POSTROUTING ACCEPT [2384509:2221393609]
COMMIT
# Completed on Sat Aug 8 19:03:19 2020
# Generated by xtables-save v1.8.2 on Sat Aug 8 19:03:19 2020
*nat
:PREROUTING ACCEPT [32628:3689408]
:INPUT ACCEPT [15627:877847]
:POSTROUTING ACCEPT [141:8204]
:OUTPUT ACCEPT [1089:72631]
-A PREROUTING -p tcp -m tcp --dport 9998 -j DNAT --to-destination 192.168.1.241:22
-A PREROUTING -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.212:80
-A PREROUTING -p tcp -m tcp --dport 4114 -j DNAT --to-destination 192.168.1.214:3389
-A PREROUTING -p tcp -m tcp --dport 4113 -j DNAT --to-destination 192.168.1.213:3389
-A PREROUTING -p tcp -m tcp --dport 4142 -j DNAT --to-destination 192.168.1.211:3389
-A POSTROUTING -o ppp+ -j MASQUERADE
COMMIT
16:07:09.501747 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [S], seq 4089111234, win 64240, options [mss 1460,sackOK,TS val 826564688 ecr 0,nop,wscale 7], length 0
16:07:09.520373 IP 93.170.1.178.1723 > 192.168.1.20.55186: Flags [S.], seq 1373936282, ack 4089111235, win 5792, options [mss 1460,sackOK,TS val 18308840 ecr 826564688,nop,wscale 1], length 0
16:07:09.521383 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [.], ack 1, win 502, options [nop,nop,TS val 826564736 ecr 18308840], length 0
16:07:09.521849 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [P.], seq 1:157, ack 1, win 502, options [nop,nop,TS val 826564737 ecr 18308840], length 156: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(AS) BEARER_CAP(DA) MAX_CHAN(65535) FIRM_REV(1) HOSTNAME(local) VENDOR(cananian)
16:07:09.540375 IP 93.170.1.178.1723 > 192.168.1.20.55186: Flags [.], ack 157, win 2896, options [nop,nop,TS val 18308845 ecr 826564737], length 0
16:07:09.542899 IP 93.170.1.178.1723 > 192.168.1.20.55186: Flags [P.], seq 1:157, ack 157, win 2896, options [nop,nop,TS val 18308846 ecr 826564737], length 156: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
16:07:09.730366 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [.], ack 157, win 501, options [nop,nop,TS val 826564945 ecr 18308846], length 0
16:07:10.669862 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [P.], seq 157:325, ack 157, win 501, options [nop,nop,TS val 826565737 ecr 18308846], length 168: pptp CTRL_MSGTYPE=OCRQ CALL_ID(39104) CALL_SER_NUM(0) MIN_BPS(2400) MAX_BPS(10000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(3) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
16:07:10.670362 IP 192.168.1.20.45270 > waw07s02-in-f14.1e100.net.http: Flags [.], ack 1, win 501, options [nop,nop,TS val 2015910691 ecr 2476600748], length 0
16:07:10.690336 IP 93.170.1.178.1723 > 192.168.1.20.55186: Flags [P.], seq 157:189, ack 325, win 2896, options [nop,nop,TS val 18309132 ecr 826565737], length 32: pptp CTRL_MSGTYPE=OCRP CALL_ID(7) PEER_CALL_ID(39104) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(10000000) RECV_WIN(3) PROC_DELAY(0) PHY_CHAN_ID(0)
16:07:10.690362 IP waw07s02-in-f14.1e100.net.http > 192.168.1.20.45270: Flags [.], ack 1, win 261, options [nop,nop,TS val 2476610995 ecr 2015798423], length 0
16:07:10.691399 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [.], ack 189, win 501, options [nop,nop,TS val 826565906 ecr 18309132], length 0
16:07:10.692268 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 1, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:13.469248 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 2, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:13.590998 IP 192.168.1.20.45270 > waw07s02-in-f14.1e100.net.http: Flags [F.], seq 1, ack 1, win 501, options [nop,nop,TS val 2015913621 ecr 2476610995], length 0
16:07:13.611090 IP waw07s02-in-f14.1e100.net.http > 192.168.1.20.45270: Flags [F.], seq 1, ack 2, win 261, options [nop,nop,TS val 2476613916 ecr 2015913621], length 0
16:07:13.612105 IP 192.168.1.20.45270 > waw07s02-in-f14.1e100.net.http: Flags [.], ack 2, win 501, options [nop,nop,TS val 2015913642 ecr 2476613916], length 0
16:07:16.471249 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 3, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:19.475250 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 4, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:19.477729 IP 192.168.1.20.56572 > dns.google.domain: 40468+ [1au] PTR? 20.1.168.192.in-addr.arpa. (54)
16:07:19.499361 IP dns.google.domain > 192.168.1.20.56572: 40468 NXDomain 0/0/1 (54)
16:07:19.501829 IP 192.168.1.20.56572 > dns.google.domain: 40468+ PTR? 20.1.168.192.in-addr.arpa. (43)
16:07:19.523457 IP dns.google.domain > 192.168.1.20.56572: 40468 NXDomain 0/0/0 (43)
16:07:19.534002 IP 192.168.1.20.35950 > dns.google.domain: 64802+ [1au] PTR? e.f.a.b.7.6.e.f.f.f.5.6.e.e.a.b.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa. (101)
16:07:19.571009 IP dns.google.domain > 192.168.1.20.35950: 64802 NXDomain 0/1/1 (165)
16:07:19.577153 IP 192.168.1.20.35950 > dns.google.domain: 64802+ PTR? e.f.a.b.7.6.e.f.f.f.5.6.e.e.a.b.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa. (90)
16:07:19.613871 IP dns.google.domain > 192.168.1.20.35950: 64802 NXDomain 0/1/0 (154)
16:07:22.477854 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 5, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:25.477166 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 6, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:28.480473 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 7, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:31.485456 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 8, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:34.488352 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 9, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:34.801223 IP 192.168.1.20.ntp > pugot.canonical.com.ntp: NTPv4, Client, length 48
16:07:34.852220 IP pugot.canonical.com.ntp > 192.168.1.20.ntp: NTPv4, Server, length 48
16:07:35.800946 IP 192.168.1.20.ntp > golem.canonical.com.ntp: NTPv4, Client, length 48
16:07:35.851249 IP golem.canonical.com.ntp > 192.168.1.20.ntp: NTPv4, Server, length 48
16:07:37.491757 IP 192.168.1.20 > 93.170.1.178: GREv1, call 7, seq 10, length 36: LCP, Conf-Request (0x01), id 1, length 22
16:07:38.801238 IP 192.168.1.20.ntp > chilipepper.canonical.com.ntp: NTPv4, Client, length 48
16:07:38.848247 IP chilipepper.canonical.com.ntp > 192.168.1.20.ntp: NTPv4, Server, length 48
16:07:40.526548 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [P.], seq 325:341, ack 189, win 501, options [nop,nop,TS val 826595737 ecr 18309132], length 16: pptp CTRL_MSGTYPE=CCRQ CALL_ID(39104)
16:07:40.529590 IP 192.168.1.20.55186 > 93.170.1.178.1723: Flags [F.], seq 341, ack 189, win 501, options [nop,nop,TS val 826595737 ecr 18309132], length 0
16:07:40.580446 IP 93.170.1.178.1723 > 192.168.1.20.55186: Flags [.], ack 342, win 2896, options [nop,nop,TS val 18316606 ecr 826595737], length 0
16:07:42.052741 IP 192.168.1.20.37611 > dns.google.domain: 42338+ [1au] AAAA? connectivity-check.ubuntu.com. (58)
16:07:42.072774 IP dns.google.domain > 192.168.1.20.37611: 42338 0/1/1 (119)
16:07:42.075372 IP 192.168.1.20.54936 > dns.google.domain: 12553+ [1au] AAAA? connectivity-check.ubuntu.com. (58)
16:07:42.097683 IP dns.google.domain > 192.168.1.20.54936: 12553 0/1/1 (119)