Re: PPTP with mpd
Morten, I'm no networking genius and I had trouble with poptop and with proxy-arp. I finally found this nice how-to and got mpd to work from a Win2k machine (with public IP) to a LAN (all private IPs): http://heyer.supranet.net/pptp/mpd/ I forward traffic through the firewall on port 1723 to vpn server IP The vpn server has gateway_enable=YES. I added a route on the LAN gateway to allow traffic to pass from LAN to vpn network via the vpn server, so that I could ping the win2k machine from the LAN. Make sure that gre is allowed to pass in and out through your fireall. Use terminal services or something like it to connect from your Win2k machine to any Windows machine on your LAN. I hope this helps, Cheers, Jeanne On Sun, 18 Jan 2004 17:36:49 +0100 Morten Winther [EMAIL PROTECTED] wrote: Hello I've been trying to get PPTP with mpd to work - but no luck so far. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PPTP with mpd
Hello I've been trying to get PPTP with mpd to work - but no luck so far. I've a W2K client at home on my ADSL and would like to connect a central server hosted in a datacenter to pass on trafic further to the internet. I connect just fine using the PPTP client in W2K, but there is no routing of trafic. I can't even ping the PPTP server from client when VPN is on. The server has IP 217.116.240.252 and I would like that mpd gives 217.116.240.153 and 217.116.240.153 to the clients. (all public IPs) Do I need to divert or do anything special in ipwf or compile the kernel with new options? I hope someone is able to give me some good hints. Best regards Morten Further info: W2K client: Ethernet netværkskort LAN-forbindelse: Forbindelsesspecifikt DNS-suffiks : IP-adresse. . . . . . . . . . . . : 192.168.0.23 Undernetmaske . . . . . . . . . . : 255.255.255.0 Standardgateway . . . . . . . . . : 192.168.0.1 PPP netværkskort VPN Gaia: Forbindelsesspecifikt DNS-suffiks : IP-adresse. . . . . . . . . . . . : 217.157.161.246 Undernetmaske . . . . . . . . . . : 255.255.255.255 Standardgateway . . . . . . . . . : 217.157.161.246 From log: Jan 18 16:52:59 gaia /kernel: arplookup 217.116.240.158 failed: host is not on local network Jan 18 16:52:59 gaia /kernel: arpresolve: can't allocate llinfo for 217.116.240.158rt IPFW: [EMAIL PROTECTED] [/usr/local/etc/mpd] # ipfw list 1 allow ip from any to any 00100 allow ip from any to any 00101 allow tcp from any to any 00102 allow gre from any to any 09000 allow icmp from any to any icmptype 0,3,4,8,11,12 1 allow ip from any to any frag 65535 deny ip from any to any [EMAIL PROTECTED] [/usr/local/etc/mpd] # cat mpd.conf default: load pptp0 load pptp1 pptp0: new -i ng0 pptp0 pptp0 set iface disable on-demand #set iface route 217.116.240.158 set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 600 1800 set ipcp yes vjcomp set ipcp ranges 217.116.240.252/32 217.116.240.153/28 set ipcp dns 212.242.40.3 #set ipcp nbns 192.168.71.120 log +pptp3 +bund +link +chat +lcp +auth +fsm +phys +ipcp set bundle enable compression set ccp yes mppc #set ccp yes mpp-e40 set ccp no mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set bundle yes crypt-reqd pptp1: new -i ng1 pptp1 pptp1 set iface disable on-demand #set iface route 217.116.240.158 set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 600 1800 set ipcp yes vjcomp set ipcp ranges 217.116.240.152/32 217.116.240.154/28 set ipcp dns 212.242.40.3 #set ipcp nbns 192.168.71.120 log +pptp3 +bund +link +chat +lcp +auth +fsm +phys +ipcp set bundle enable compression set ccp yes mppc #set ccp yes mpp-e40 set ccp no mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set bundle yes crypt-reqd [EMAIL PROTECTED] [/usr/local/etc/mpd] # cat mpd.links pptp0: set link type pptp set pptp self 217.116.240.152 set pptp enable incoming set pptp disable originate pptp1: set link type pptp set pptp self 217.116.240.152 set pptp enable incoming set pptp disable originate Setup: W2K pptp client | Cisco 667 Router with NAT | ADSL connection | My ISP | Internet | My dedicated server with mpd (PPTP server) Jan 18 16:55:25 gaia mpd: mpd: pid 2236, version 3.16 ([EMAIL PROTECTED] 16:56 17-Jan-2004) Jan 18 16:55:25 gaia mpd: [pptp0] ppp node is mpd2236-pptp0 Jan 18 16:55:25 gaia mpd: mpd: local IP address for PPTP is 217.116.240.152 Jan 18 16:55:25 gaia mpd: [pptp0] using interface ng0 Jan 18 16:55:25 gaia mpd: [pptp1] ppp node is mpd2236-pptp1 Jan 18 16:55:25 gaia mpd: [pptp1] using interface ng1 Jan 18 16:55:37 gaia mpd: mpd: PPTP connection from 217.157.161.246:17023 Jan 18 16:55:37 gaia mpd: pptp0: attached to connection with 217.157.161.246:17023 Jan 18 16:55:37 gaia mpd: pptp0: read ctrl data: Jan 18 16:55:37 gaia mpd: 00 9c 00 01 1a 2b 3c 4d 00 01 00 00 .+M Jan 18 16:55:37 gaia mpd: pptp0: got hdr Jan 18 16:55:37 gaia mpd: len=0x9c msgType=1 magic=0x1a2b3c4d type=1 Jan 18 16:55:37 gaia mpd: pptp0: read ctrl data: Jan 18 16:55:37 gaia mpd: 01 00 00 00 00 00 00 01 00 00 00 01 00 00 08 93 Jan 18 16:55:37 gaia mpd: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Jan 18 16:55:37 gaia last message repeated 3 times Jan 18 16:55:37 gaia mpd: 4d 69 63 72 6f 73 6f 66 74 20 57 69 6e 64 6f 77
Re: PPTP with mpd
Hello Morten I use PopTop a year a go without problrm (http://www.poptop.org). Regards, Martin Am Sun, Jan 18, 2004 at 05:36:49PM +0100 Morten Winther schrieb: Hello I've been trying to get PPTP with mpd to work - but no luck so far. I've a W2K client at home on my ADSL and would like to connect a central server hosted in a datacenter to pass on trafic further to the internet. I connect just fine using the PPTP client in W2K, but there is no routing of trafic. I can't even ping the PPTP server from client when VPN is on. The server has IP 217.116.240.252 and I would like that mpd gives 217.116.240.153 and 217.116.240.153 to the clients. (all public IPs) Do I need to divert or do anything special in ipwf or compile the kernel with new options? I hope someone is able to give me some good hints. Best regards Morten Further info: W2K client: Ethernet netværkskort LAN-forbindelse: Forbindelsesspecifikt DNS-suffiks : IP-adresse. . . . . . . . . . . . : 192.168.0.23 Undernetmaske . . . . . . . . . . : 255.255.255.0 Standardgateway . . . . . . . . . : 192.168.0.1 PPP netværkskort VPN Gaia: Forbindelsesspecifikt DNS-suffiks : IP-adresse. . . . . . . . . . . . : 217.157.161.246 Undernetmaske . . . . . . . . . . : 255.255.255.255 Standardgateway . . . . . . . . . : 217.157.161.246 From log: Jan 18 16:52:59 gaia /kernel: arplookup 217.116.240.158 failed: host is not on local network Jan 18 16:52:59 gaia /kernel: arpresolve: can't allocate llinfo for 217.116.240.158rt IPFW: [EMAIL PROTECTED] [/usr/local/etc/mpd] # ipfw list 1 allow ip from any to any 00100 allow ip from any to any 00101 allow tcp from any to any 00102 allow gre from any to any 09000 allow icmp from any to any icmptype 0,3,4,8,11,12 1 allow ip from any to any frag 65535 deny ip from any to any [EMAIL PROTECTED] [/usr/local/etc/mpd] # cat mpd.conf default: load pptp0 load pptp1 pptp0: new -i ng0 pptp0 pptp0 set iface disable on-demand #set iface route 217.116.240.158 set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 600 1800 set ipcp yes vjcomp set ipcp ranges 217.116.240.252/32 217.116.240.153/28 set ipcp dns 212.242.40.3 #set ipcp nbns 192.168.71.120 log +pptp3 +bund +link +chat +lcp +auth +fsm +phys +ipcp set bundle enable compression set ccp yes mppc #set ccp yes mpp-e40 set ccp no mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set bundle yes crypt-reqd pptp1: new -i ng1 pptp1 pptp1 set iface disable on-demand #set iface route 217.116.240.158 set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 600 1800 set ipcp yes vjcomp set ipcp ranges 217.116.240.152/32 217.116.240.154/28 set ipcp dns 212.242.40.3 #set ipcp nbns 192.168.71.120 log +pptp3 +bund +link +chat +lcp +auth +fsm +phys +ipcp set bundle enable compression set ccp yes mppc #set ccp yes mpp-e40 set ccp no mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set bundle yes crypt-reqd [EMAIL PROTECTED] [/usr/local/etc/mpd] # cat mpd.links pptp0: set link type pptp set pptp self 217.116.240.152 set pptp enable incoming set pptp disable originate pptp1: set link type pptp set pptp self 217.116.240.152 set pptp enable incoming set pptp disable originate Setup: W2K pptp client | Cisco 667 Router with NAT | ADSL connection | My ISP | Internet | My dedicated server with mpd (PPTP server) Jan 18 16:55:25 gaia mpd: mpd: pid 2236, version 3.16 ([EMAIL PROTECTED] 16:56 17-Jan-2004) Jan 18 16:55:25 gaia mpd: [pptp0] ppp node is mpd2236-pptp0 Jan 18 16:55:25 gaia mpd: mpd: local IP address for PPTP is 217.116.240.152 Jan 18 16:55:25 gaia mpd: [pptp0] using interface ng0 Jan 18 16:55:25 gaia mpd: [pptp1] ppp node is mpd2236-pptp1 Jan 18 16:55:25 gaia mpd: [pptp1] using interface ng1 Jan 18 16:55:37 gaia mpd: mpd: PPTP connection from 217.157.161.246:17023 Jan 18 16:55:37 gaia mpd: pptp0: attached to connection with 217.157.161.246:17023 Jan 18 16:55:37 gaia mpd: pptp0: read ctrl data: Jan 18 16:55:37 gaia mpd: 00 9c 00 01 1a 2b 3c 4d 00 01 00 00 .+M Jan 18 16:55:37 gaia mpd: pptp0: got hdr Jan 18 16:55:37 gaia mpd: len=0x9c msgType=1 magic=0x1a2b3c4d type=1 Jan 18 16:55:37 gaia mpd: pptp0: read ctrl data
