VPN Client behind linux firewall

Hi

I have a VPN Setup in different place and from my network I have
installed VPN Client and trying to connect to VPN Server. I have DSL
Connection and a linux firewall. If i connect to the VPN server through
the dialup i am able to connect but if i try to connect through the DSL
connection which is connected to the linux firewall i am not able to
connect with the error "Secure VPN Connection terminated locally by the
client. Reason 412: The remote peer is no longer responding". I have
opened all the ports needed for vpn to connect in the iptables still i
am getting this error.

Can any one help me on this issue. It is very urgent my boss is sitting
on my head

Thanks in advance

Vinod

Vinod wrote:
> Hi
>
> I have a VPN Setup in different place and from my network I have
> installed VPN Client and trying to connect to VPN Server. I have DSL
> Connection and a linux firewall. If i connect to the VPN server
through
> the dialup i am able to connect but if i try to connect through the
DSL
> connection which is connected to the linux firewall i am not able to
> connect with the error "Secure VPN Connection terminated locally by
the
> client. Reason 412: The remote peer is no longer responding". I have
> opened all the ports needed for vpn to connect in the iptables still
i
> am getting this error.
>
> Can any one help me on this issue. It is very urgent my boss is
sitting
> on my head

It would help considerably if you actually told us which VPN software
you were using, pptpd (poptop), openvpn, or something else?

If it's the former (pptpd) then you'll need to enable GRE as well as
the required port. If it's the latter you should just need to open
the tcp/udp port.

It could well be the case that your cable modem doesn't support VPNs
some don't, but given you don't describe what you use, and what you're
connecting to it's hard to say.

If you're behind a cable modem you're presumably on a NAT'd
environment
which you're likely not when you connect with a dialup. Could the
local IP address 192.168.x.x (or whatever) be the same range as your
local cable modem gives you, or does that give you a true routable
IP address?

Details would help:

1. What VPN software are you using, what distribution, versions
etc.
2. What kind of connection are you using / NAT / static IP /
dynamic IP.
3. Why are you asking here when your boss is chasing you, you want
free tech support? ;)


Steve
--
www.debian-administration.org

In article <1115365046.207670.20610@g14g2000cwa.googlegroups. com>,
"Vinod" <vinwin@gmail.com> wrote:

> I have a VPN Setup in different place and from my network I have
> installed VPN Client and trying to connect to VPN Server. I have DSL
> Connection and a linux firewall. If i connect to the VPN server through
> the dialup i am able to connect but if i try to connect through the DSL
> connection which is connected to the linux firewall i am not able to
> connect with the error "Secure VPN Connection terminated locally by the
> client. Reason 412: The remote peer is no longer responding". I have
> opened all the ports needed for vpn to connect in the iptables still i
> am getting this error.

There is no problem in general with doing this: we use a CyberGuard
SG-series firewall (nee SnapGear) which runs embedded Linux and uses
iptables for firewalling. We can connect with both PPTP and IPSec behind
the firewall to VPN servers on clients' sites. You can do this even with
the firewall itself acting as a VPN end-point for other tunnels at the
same time.

Without knowing your what iptable rules are or your VPN config, it's
hard to give specific advice, but it can be done. If your DSL router is
NATing, it's quite possible that it is the culprit rather than the Linux
box: some SOHO-class routers can only NAT icmp, tcp and udp traffic not
GRE or ESP/AH.

--

Sak Wathanasin
Network Analysis Limited
http://www.network-analysis.ltd.uk

Hi

I am using Cisco VPN Client

Hi Steve

I am using Cisco VPN Client and DSL T1 line with a static ip,

Regards,

vinod