plugout.net

[maf112]

Hello,

First of all, thank you for the great firmware!

I've installed the firmware today and have been some experimented with it.
I enabled the VPN option on the Network space Vs2 (Lite). And connect to it via my iPhone.

The connection is succesfull and i get an 10.2.1.200 address.
I can access the nas config panel but i am unable to visit other devices on my lan network.

I've searched the forum for an answer but i didn't find any. What do I have to edit to get this working as well?

Ps. Sorry for my bad English.

Edit:

After some research I edited the /proc/sys/net/ipv4/ip_forward file and changed the 0 to an 1. I rebooted the system but still no internet access. I think it is in the iptables. But this kernel has not iptables ?

[fvdw]

in principle thats by design
It is a vpn network so nobody else can connect to it. if you connect with another second PC using vpn then you should be able to see to other PC and iphone using their vpn ip addresses. Unfortunate vpn doesn't let you browse the vpn network to see which other computers are there, thats not a malfunction but a limitation of linux as far as I know.

No internet access.
Your NAS is not the gateway to the internet, that is probably your router, so using vpn connection to the NAS then means no internet access. To make that work some ip address mapping will be required, but that is currently not implemented in the firmware yet
In windows you can adjust settings to use for internet the normal gateway by unchecking "Use default gateway on remote network" in the network tab of the vpn connection

[maf112]

Thank you for you response.
I misunderstood the principe of VPN.
I can't wait to see the ip mapping feature in the firmware. Just as an web server (vhosts etc.)

[firwareslut]

You need to have iptables installed on the NAS and forward to your gateway to get internet access to work.

Depending on your router you can see if there is custom firmware available to get vpn working there.

[maf112]

I've received the iptables for this devices.

My goal is to setup an VPN server with internet access.

After some experiments with the iptables and the VPN server it is working!

First of all I edited the /etc/ppp/options.pptpd
And added the following rule

Code: Select all

ms-dns 192.168.0.1

(This is my primary DNS server, My router)

Then I added the following rules to iptables

Code: Select all

iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
iptables -A POSTROUTING -t nat -o ppp+ -j MASQUERADE


And saved the configuration in an file on the root of the file system.

Code: Select all

iptables-save /pptp-Routering.fw

After an reboot I only have to run the

Code: Select all

iptables-restore < /pptp-Routering.fw

and my VPN is ready to go.

Currently I am looking for an possibility to run that code on startup.

[Jocko]

Thank you very much for this work. :applause :thumbup

I had planned to watch this point during the Christmas holiday. I want make a VPN between my workplace and home to use my personal internet connection.

My proxy administrator locks too many sites. :whistle

With your work, I just have to find a solution to run the PPTP network on port 443 on the work side. (Port pptp closed)

Note:
options.pptpd file are not overwritten after rebooting (same with your file /pptp-Routering.fw) So you will keep your work.
Simply add one line in the rcS file (/etc/initd)
I recommend adding your line

Code: Select all

/yourfullpath/iptables-restore < /pptp-Routering.fw

after the followingline (~390)

Code: Select all

chmod 777 /etc

(yourfullpath : path where you saved iptables-restore)

!	Warning: after modification you MUST check that the owner is still root, the run permissions are always set and the file kept its "unix" format (no sequence \r\n)

[maf112]

Thank you for you comment.

I've added the recommend line at my /etc/init.d/rcS file.
The nas will now restore the iptables on the boot.

[maf112]

The steps in my previous post will also works in version 14. The latest firmware version.

[matigev]

Hi guys,
Its quite a while ago since ive been here.
Many nice updates, keep up the good work guys!
I would like to get this VPN working, so I could use the safety of my own internet on my Android phone from anywhere.
If anyone could send me the iptables binary I will try the instructions above ;)
Happy new year everybody!
Greetings
Matigev

[Jocko]

Hi matigev,

No need to send you the binary because it's included in the version 14.0 ;)

Code: Select all

root@Kappa:/ # iptables -h
iptables v1.4.12.2

Usage: iptables -[ACD] chain rule-specification [options]
       iptables -I chain [rulenum] rule-specification [options]
       iptables -R chain rulenum rule-specification [options]
       iptables -D chain rulenum [options]
       iptables -[LS] [chain [rulenum]] [options]
       iptables -[FZ] [chain] [options]
       iptables -[NX] chain
       iptables -E old-chain-name new-chain-name
       iptables -P chain target [options]
       iptables -h (print this help information)


So you can use it directly. May be in the next version, an iptable menu will be added.