Hi. I am trying to set up l2tp on smallwall. I am able to login with my user. I have created the l2tp firewallrule from the documentation as well. Seems however that the dns is not working, i am using the dns forwarder but i see i the log that port 53 is being blocked on the fw on the l2tp interface,and on the system log i see that the log says network unreachable. I even tried a fw rule on the l2tp interface accepting any on everything....
Any suggestions? I used to use the pptp vpn on smallwall/monowall earlier with no issues.
Ok, Not very fluent in network-language, but my network scope I understand you ask about how my network is set up- I use smallwall as home, and I connect to L2TP from "outside" so I can access my network at home (printer, PC etc) - I can use the internet with my home-IP since some tv-streamingsites are restricted to be used from my home IP, especially when i am travelling abroad. When I use PPTP, I just created 1 rule on the PPTP interface and it all just worked, I could access my PC at home with RDP via PPTP, I could surf the internet and when doing "whatsmyip" on a page I would see my home-IP. I am trying to do nslookup now, from a client (one of my laptops) connected to the internet via my cellphone used as a wifi-hotspot(192.168.43.1) and i have VPNed into my smallwall with L2TP. The 192.168.150.1 my smallwall internal LAN ip.
C:\>nslookup 126.96.36.199 *** Can't find server name for address 192.168.43.1: Non-existent domain DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.150.1: Timed out DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 188.8.131.52: Timed out *** Default servers are not available Server: UnKnown Address: 192.168.43.1
I am not sure what is wrong with the setup, since I have used PPTP without any issues and now the only thing that changes is the PPTP->L2TP part, and I can see I am able to ping my internal IPs when I am logged on the L2TP, but the DNS seems not to want to come through/over to the L2TP interface. Obviously I have altered the FWRule now for the L2TP interface as I am trying things out to see if there is any difference in regards to DNS issue I am experiencing.
I see now I am no able to ping my L2TP server IP 192.168.50.1 - I guess I should be able to do this ? I am not able to ping the LAN IP either, guess I should be able to do this as well - What the heck, now I am getting confused, since I am getting an IP from the L2TP, 192.168.50.128 -
The FW log entry looks like this: (blocking icon) 16:02:11.336087 L2TP 192.168.150.1 192.168.50.128, type echoreply/0 ICMP (blocking icon) 16:02:05.846869 L2TP 192.168.150.1 192.168.50.128, type echoreply/0 ICMP (blocking icon) 16:02:00.302651 L2TP 192.168.150.1 192.168.50.128, type echoreply/0 ICMP (blocking icon) 16:01:54.885585 L2TP 192.168.150.1 192.168.50.128, type echoreply/0 ICMP
I have the FW rule on my LAN interface saying: * LAN net * * * Default LAN -> any which is what it comes with as default I guess.
I am able to ping my freeNAS on my LAN though, so - but I cannot access my freenas using its servername/domainname.
Lee, got it to work now, - I looked again on the documentation, changed IPs on the L2TP interface to the same subnet as my LAN and now it seems to be better. I can ping the L2TP server IP now, I can surf the web as I want to be able to as well.