Question

11

pptpd VPN: No internet access after connecting

rated 0 times [ 11] [ 0] / answers: 1 / hits: 32175 / 2 Years ago, sat, march 19, 2022, 8:49:34

I've followed the instructions in this tutorial to set up a vpn server, so that I can connect to that and surf the internet virtually from another location. So far from windows, I can connect to it but there is no internet access.

The ip addresses that I used in the conf file is exactly the same as in the tutorial

localip 192.168.0.1

remoteip 192.168.0.100-200

Same for the DNS which is 8.8.8.8.

(Everything you need to know about what I've done is already in that link)

What do you think could be the problem ?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

istictroubli

Add To Favorites

Follow

Total Points: 306

Total Questions: 96

Total Answers: 114

Location: Sao Tome and Principe

Member since Wed, Jul 13, 2022

2 Years ago

istictroubli questions

1 Ubuntu 22.10 and nvidia drivers not working

Sun, Jun 5, 22, 14:23, 2 Years ago

1 When I type "code ." in wsl with ubuntu distro, it prompts something and asks me "y/N". How to remove that prompt?

Sun, Feb 26, 23, 15:40, 1 Year ago

1 Inconsistent Sound Volume Ubuntu 20.04

Fri, Mar 31, 23, 06:07, 1 Year ago

1 Cannot dual boot Ubuntu/Windows 10 on HP laptop

Mon, Jan 23, 23, 16:45, 1 Year ago

1 GNOME Screenshot area selection causing freezes

Tue, Nov 16, 21, 09:20, 3 Years ago

View All

answered 2 Years ago dileble · Accepted Answer

If your main purpose of setting up the VPN server is to access website, So traffic has to be forwarded out of the VPN server’s public network interface.Thus, kindly enable port forwarding by editing the sysctl.conf file. I assume “net.ipv4.ip_forward” is commented in the /etc/sysctl.conf file:

nano /etc/sysctl.conf

Add or find and comment out the following line

net.ipv4.ip_forward=1

Save, close the file and run the following command to make the changes take effect.

sysctl -p

The following iptables firewall rules allow port 1723, GRE and perform NAT

iptables -I INPUT -p tcp --dport 1723 -m state --state NEW -j ACCEPT

iptables -I INPUT -p gre -j ACCEPT

iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE

In the last rule replace “eth0″ with the interface connecting to the internet on your VPN server. Finally the following rule is required to ensure websites load properly

iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -s 172.20.1.0/24 -j TCPMSS  --clamp-mss-to-pmtu

Replace 172.20.1.0/24 with the IP address range used in the “remoteip” option in the /etc/pptpd.conf this firewall rule is used to ensure a proper MTU value is used to prevent fragmentation.

Hope it could help.