I recently got a PPTP VPN up and running on my VPS, and if I disable my firewall it works great. However, I use CSF for my firewall, and if I enable it my VPN doesn't work quite right. Specifically, I can still connect to the VPN, and from there I can access my server, but nowhere else (can't get anywhere else on the Internet).
I've done a lot of searching about how to get CSF and PPTP to work together, and nearly everyone says to create a file, /etc/csf/csfpre.sh, with the following contents:
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A OUTPUT -p gre -j ACCEPT
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.84.1.0/24 -j SNAT --to-source ww.xx.yy.zz
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
(Well, they say to use the MASQUERADE line, which I commented out and replaced with the SNAT line since MASQUERADE isn't supported on my VPS. And of course I replace ww.xx.yy.zz with my server's public IP address.)
There's also /etc/csf/csfpost.sh, with the following:
service pptpd stop
service pptpd start
But I can't find any other suggestions. Again, my pptpd config seems to work fine, but the firewall is interfering. Any ideas on how to tweak it to get things working?
Thanks!