VPN Server Clinic: Why did my VPN server stop working?
#16
Join Date: Oct 2017
Posts: 78
Not from the logs he supplied. He did however paste the iptables -L outback back into the console and got a whole bunch of shell errors.
#17
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
The output from IPTables -L -vn is here:
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
#18
Join Date: Mar 2016
Location: CPT,AMS
Posts: 4,412
The output from IPTables -L -vn is here:
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
pkts bytes target prot opt in out source destination
23338 2913K logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 80 ACCEPT tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
0 0 logaccept tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723It shows 2 packets coming from VLAN2 (which is presumably your LAN side), and nothing from any other interface (including the WAN side), it also depends on when this was captured as counters may be reset in some cases.
When you try to connect, you can run the following command twice, once before and once after (this will further limit the amount of output)
iptables -L INPUT -vn
And then take a look if the 3rd line pkts/bytes column increases, also since it is sending packets to 'logaccept', log entries will be added to the syslog file.
#19
Join Date: Oct 2017
Posts: 78
The output from IPTables -L -vn is here:
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
http://www.paultauger.com/IPTable2List.txt
I'll have to try connecting while the syslog output is running later.
#20
Join Date: Oct 2017
Posts: 78
So these are the entries of interest:Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
23338 2913K logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 80 ACCEPT tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
0 0 logaccept tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723It shows 2 packets coming from VLAN2 (which is presumably your LAN side), and nothing from any other interface (including the WAN side), it also depends on when this was captured as counters may be reset in some cases.
When you try to connect, you can run the following command twice, once before and once after (this will further limit the amount of output)
iptables -L INPUT -vn
And then take a look if the 3rd line pkts/bytes column increases, also since it is sending packets to 'logaccept', log entries will be added to the syslog file.
pkts bytes target prot opt in out source destination
23338 2913K logaccept 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 80 ACCEPT tcp -- vlan2 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
0 0 logaccept tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723It shows 2 packets coming from VLAN2 (which is presumably your LAN side), and nothing from any other interface (including the WAN side), it also depends on when this was captured as counters may be reset in some cases.
When you try to connect, you can run the following command twice, once before and once after (this will further limit the amount of output)
iptables -L INPUT -vn
And then take a look if the 3rd line pkts/bytes column increases, also since it is sending packets to 'logaccept', log entries will be added to the syslog file.
#21
Join Date: May 2004
Location: Exclusively OMNI/PR, for Reasons
Posts: 4,188
Code:
root@Fred3:~# root@Fred3:~# # netstat -an | grep 1723 -sh: root@Fred3:~#: not found
But maybe you were referring to the "ran it again" part?
#22
Join Date: May 2004
Location: Exclusively OMNI/PR, for Reasons
Posts: 4,188
I'm pretty sure his telnet was to port 23; I had asked him to ssh into the router and he probably didn't have that enabled so used telnet instead ... and managed to grab the iptables dumps thereby
#25
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
Update.
It looks like a hardware problem in the router, as it started acting up in other ways. I've replaced it with a new router (not using dd-wrt this time) and everything's working fine.
Thanks, everyone!
It looks like a hardware problem in the router, as it started acting up in other ways. I've replaced it with a new router (not using dd-wrt this time) and everything's working fine.
Thanks, everyone!
#26
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,612
Did this also sort out your issue with PPTP that you mentioned on the other thread?
#27
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062