I'm currently setting up an L2TP VPN with npppd. I've got the VPN piece working, and can send packets between the client and the openbsd box running the vpn. However, I'm currently using ospfd for routing between the rest of the network and the openbsd box, and it doesn't seem to be pushing routes for the IP addresses in use by the clients.
So, after a couple VPN clients connect, there are pppx interfaces: pppx0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1360 description: henson priority: 0 groups: pppx inet 10.128.120.1 --> 10.128.120.82 netmask 0xffffffff pppx1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1360 description: henson priority: 0 groups: pppx inet 10.128.120.1 --> 10.128.120.121 netmask 0xffffffff and the local routing tables know how to get to them: Destination Gateway Flags Refs Use Mtu Prio Iface 10.128.120.82 10.128.120.1 UH 0 10 - 4 pppx0 10.128.120.121 10.128.120.1 UH 0 63 - 4 pppx1 ospfd seems to know *something* about the /24 I've allocated to the VPN: flags: * = valid, O = OSPF, C = Connected, S = Static Flags Prio Destination Nexthop *C 4 10.128.110.0/24 link#7 4 10.128.120.43/32 10.128.120.1 4 10.128.120.45/32 10.128.120.1 4 10.128.120.82/32 10.128.120.1 4 10.128.120.107/32 10.128.120.1 4 10.128.120.121/32 10.128.120.1 4 10.128.120.160/32 10.128.120.1 4 10.128.120.163/32 10.128.120.1 4 10.128.120.165/32 10.128.120.1 4 10.128.120.208/32 10.128.120.1 4 10.128.120.212/32 10.128.120.1 4 10.128.120.214/32 10.128.120.1 4 10.128.120.219/32 10.128.120.1 4 10.128.120.223/32 10.128.120.1 4 10.128.120.233/32 10.128.120.1 4 10.128.120.246/32 10.128.120.1 4 10.128.120.248/32 10.128.120.1 *O 32 10.128.130.0/24 10.128.0.14 But it doesn't have the active ones marked as valid, and it's not pushing them, so there's no traffic flow between the vpn client and the network. I currently have ospfd set to: redistribute default redistribute connected While I am pushing a default route, I also have lower priority null routes set on the other network equipment: ip route 10.0.0.0 255.0.0.0 Null0 254 ip route 172.16.0.0 255.240.0.0 Null0 254 ip route 192.168.0.0 255.255.0.0 Null0 254 So they will blackhole any address space not valid on the network. Am I missing some configuration that will make ospfd push out routes to the client VPN addresses? Thanks...