PPTP VPN with CSF firewall

17. January 2016 SysAdmin 2
PPTP VPN with CSF firewall

Issue

  • PPTP VPN is not working after installing CSF firewall.
  • How to allow PPTP in cPanel server with CSF firewall ?

Solution

  • Create a file /etc/csf/csfpre.sh with the below contents.

    iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A OUTPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

  • Create a file /etc/csf/csfpost.sh with the below contents.

    service pptpd stop
service pptpd start

  • Now Restart csf with csf -r command. The VPN should work fine now.
0 0 votes
Article Rating
Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
philipp
philipp
5 years ago

cant access internet using pptp
IS this correct csfpre.sh?

iptables -A INPUT -i enp4s+ -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT -i enp4s+ -p gre -j ACCEPT
iptables -A OUTPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o enp4s+ -j MASQUERADE
iptables -t nat -A POSTROUTING -s 172.20.28.0/24 -j SNAT –to-source 103.15.104.16
iptables -A FORWARD -i ppp+ -o enp4s+ -j ACCEPT
iptables -A FORWARD -i enp4s+ -o ppp+ -j ACCEPT

0
Reply
Jobin Joseph
Author
Jobin Joseph
5 years ago
Reply to  philipp

Hi Philip, did you enable tcp forwarding from sysctl ?

0
Reply
wpdiscuz   wpDiscuz