VPN Client behind linux firewall

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I have a VPN Setup in different place and from my network I have
installed VPN Client and trying to connect to VPN Server. I have DSL
Connection and a linux firewall. If i connect to the VPN server through
the dialup i am able to connect but if i try to connect through the DSL
connection which is connected to the linux firewall i am not able to
connect with the error "Secure VPN Connection terminated locally by the
client. Reason 412: The remote peer is no longer responding". I have
opened all the ports needed for vpn to connect in the iptables still i
am getting this error.

Can any one help me on this issue. It is very urgent my boss is sitting
on my head

Thanks in advance


Re: VPN Client behind linux firewall

Vinod wrote:
Quoted text here. Click to load it

  It would help considerably if you actually told us which VPN software
 you were using, pptpd (poptop), openvpn, or something else?

  If it's the former (pptpd) then you'll need to enable GRE as well as
 the required port.  If it's the latter you should just need to open
 the tcp/udp port.

  It could well be the case that your cable modem doesn't support VPNs
 some don't, but given you don't describe what you use, and what you're
 connecting to it's hard to say.

  If you're behind a cable modem you're presumably on a NAT'd
 which you're likely not when you connect with a dialup.  Could the
 local IP address 192.168.x.x (or whatever) be the same range as your
 local cable modem gives you, or does that give you a true routable
 IP address?

  Details would help:

   1.  What VPN software are you using, what distribution, versions
   2.  What kind of connection are you using / NAT / static IP /
dynamic IP.
   3.  Why are you asking here when your boss is chasing you, you want
free tech support? ;)


Re: VPN Client behind linux firewall

Quoted text here. Click to load it

There is no problem in general with doing this: we use a CyberGuard
SG-series firewall (nee SnapGear) which runs embedded Linux and uses
iptables for firewalling. We can connect with both PPTP and IPSec behind
the firewall to VPN servers on clients' sites. You can do this even with
the firewall itself acting as a VPN end-point for other tunnels at the
same time.

Without knowing your what iptable rules are or your VPN config, it's
hard to give specific advice, but it can be done. If your DSL router is
NATing, it's quite possible that it is the culprit rather than the Linux
box: some SOHO-class routers can only NAT icmp, tcp and udp traffic not


Sak Wathanasin
Network Analysis Limited

Re: VPN Client behind linux firewall


I am using Cisco VPN Client

Re: VPN Client behind linux firewall

Hi Steve

I am using Cisco VPN Client and DSL T1 line with a static ip,



Site Timeline