PPTP VPN with CSF firewall

17. January 2016 SysAdmin 2
PPTP VPN with CSF firewall

Issue

  • PPTP VPN is not working after installing CSF firewall.
  • How to allow PPTP in cPanel server with CSF firewall ?

Solution

  • Create a file /etc/csf/csfpre.sh with the below contents.

    iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
    iptables -A INPUT -i eth0 -p gre -j ACCEPT
    iptables -A OUTPUT -p gre -j ACCEPT
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
    iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

  • Create a file /etc/csf/csfpost.sh with the below contents.

    service pptpd stop
    service pptpd start

  • Now Restart csf with csf -r command. The VPN should work fine now.

2 thoughts on “PPTP VPN with CSF firewall”

  • 1
    philipp on September 17, 2018 Reply

    cant access internet using pptp
    IS this correct csfpre.sh?

    iptables -A INPUT -i enp4s+ -p tcp –dport 1723 -j ACCEPT
    iptables -A INPUT -i enp4s+ -p gre -j ACCEPT
    iptables -A OUTPUT -p gre -j ACCEPT
    iptables -t nat -A POSTROUTING -o enp4s+ -j MASQUERADE
    iptables -t nat -A POSTROUTING -s 172.20.28.0/24 -j SNAT –to-source 103.15.104.16
    iptables -A FORWARD -i ppp+ -o enp4s+ -j ACCEPT
    iptables -A FORWARD -i enp4s+ -o ppp+ -j ACCEPT

    • 2
      Jobin Joseph on September 17, 2018 Reply

      Hi Philip, did you enable tcp forwarding from sysctl ?

Leave a Reply

Your email address will not be published. Required fields are marked *