I have VPN server on Debian stable. People in LAN (gray network) use this server for access to internet (WAN). But I also want to use this VPN server as something like "proxy" (connect from internet, and browse the web). I can connect to server from internet, but internet not work: client get IP from server, also can ping other clients, but can't ping default gateway (which is server's IP address inside GRE tun). Adding default route to gateway doesn't help.
My PPTPD configuration:
─➤ grep -v '^$\|^\s*\#' /etc/pptpd.conf
option /etc/ppp/pptpd-options
logwtmp
localip 192.168.4.1
remoteip 192.168.4.2-30
─➤ grep -v '^$\|^\s*\#' pptpd-options
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
nodefaultroute
debug
lock
nobsdcomp
─➤ sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1
Iptables rules:
iptables -t nat -I POSTROUTING -s 192.168.4.0/255.255.255.0 -j MASQUERADE
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
In logs everything just fine: client connects, getting IP. Server also connecting to internet via ISP VPN servers.
Best Answer
Reading your story my guess is you should explicitly allow ppp interfaces: