On 10-12-03 10:43 AM, David Miller wrote:
Hi All;
I'm trying to bring up VPN access to an internal network via PPTP.
On the firewall (pfsense 2.0 BETA1, built 4/18 2010) I enabled 8 PPTP
users, setup a remote address of 172.30.0.64, used the WAN address for
the server address, and configured a user.
I went to firewall->rules->PPTP and added a rule to allow TCP
connections from any source/port to any dest/port.
On a mac (snowleopard) I configured the PPTP client with the WAN
address of the firewall as the server, enter the username & password.
I hit connect and the mac says it's connected fine. It's assigned an
IP address (172.30.0.65)
The mac shows this:
MacBook-Pro-2:~ root# ifconfig ppp0
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1444
inet 172.30.0.65 --> 24.39.39.202 netmask 0xffff0000
MacBook-Pro-2:~ root#
and this:
MacBook-Pro-2:~ root# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use
Netif Expire
default 10.0.1.1 UGSc 18 13 en1
default 24.39.39.202 UGScI 0 0 ppp0
10.0.1/24 link#5 UCS 2 0 en1
10.0.1.1 0:23:df:d9:8a:93 UHLWI 16 1031
en1 456
10.0.1.198 127.0.0.1 UHS 0 0 lo0
10.0.1.255 ff:ff:ff:ff:ff:ff UHLWbI 0 6 en1
24.39.39.202 10.0.1.1 UGHS 166 202 en1
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 1 18114 lo0
169.254 link#5 UCS 0 0 en1
172.30 ppp0 USc 2 0 ppp0
The problem is that I can't connect to anything else on the internal
(172.30.0.0/24) network. So what step did I miss?
This isn't exactly where I want to end up. I'd prefer to assign
another network to PPTP clients (172.30.1.0) and route them to the
internal network, but I'm taking one step at a time.
TIA,
--- David
Do tcpdump on LAN when pinging any LAN-connected device from your MAC.
Do you see packets?
Evgeny.
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org