Sorry I should add, in the second 'for' it should start with 0 if you're
not using the first interface for another vpn (ie openvpn) or connection
(ie dsl/dialup).
Andy Dills wrote:
I'm trying to setup pptpd to enable VPN connections. This worked well in
all versions of FreeBSD prior to 7.
Now, however, the interface in the routing table is incorrectly set to
that of the ethernet card, rather than the appropriate tun interface.
There is a months-old bug report detailing this:
http://www.freebsd.org/cgi/query-pr.cgi?pr=122068&cat=
He mentions two workarounds:
there are two way to fix it.
1. use differenet subnet for vpn. Don't use the same subnet for vpn
routing. user-ppp will set the correct routing table.
2. downgrade to FreeBSD 6.2
#2 isn't really an option, and #1 isn't clear to me. I tried a couple of
different configurations and the interface never seems to get set
correctly.
I have a similar problem on one server that I manage.
I run the following script every 30 secs.
not exactly elegant, but does the job.
#!/usr/local/bin/bash
LNET='10.10' # local network
DEFIP='254' # default gateway ip
INT='fxp0' # interface
for i in `/usr/bin/netstat -nr |grep $INT |awk '{print $1}'|grep
$LNET|grep -v $DEFIP|grep -v '/'`; do
/sbin/route delete $i
done
for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
IP=`ifconfig tun$i 2>/dev/null|grep inet|head -n 2 |tail -n 1|awk
'{print $4}'`
if [ -n "$IP" ];then
RO=`netstat -nr | grep $IP |grep tun$i`
if [ -z "$RO" ]; then
/sbin/route add $IP -iface tun$i
fi
fi
done
HTH
cya
Andrew
Suggestions?
Thanks,
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
