Hello folks!
I've been trying to setup a VPN server on my FreeBSD 7.0 box for a while now. As of today, I can login successfully to it from a Windows machine but I cannot get the Internet connectivity to work. FYI, I am using poptop for a "relatively secure" PPTP VPN that will be used mostly for my iPhone. My network's router is 192.168.0.1 and the machine on which the PPTP server is running is 192.168.0.25.
My theory is that I should do a bridge between the tun0 interface and my rl0 [CODE]interface but, being the networking neophyte that I am, I am not sure how to do so and if it really is what I need.
Here is a line I get when I log on to my VPN from a Windows machine:
Code:
/var/log/ppp.log
ppp[83612]: tun0: Warning: ff02:3::/32: Change route failed: errno: Network is unreachable
Here are my rl0 and tun0 interfaces:
Code:
$ ifconfig rl0
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:50:fc:33:0d:5e
inet 192.168.0.25 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
$ ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1398
inet 192.168.0.25 --> 192.168.0.205 netmask 0xffffff00
Opened by PID 83612
$ cat /usr/local/etc/pptpd.conf
Code:
speed 115200
localip 192.168.0.25
remoteip 192.168.0.201-210
pidfile /var/run/pptpd.pid
# cat /etc/ppp/ppp.conf
Code:
pptp:
set ifaddr 192.168.0.25 192.168.0.201-192.168.0.210 255.255.255.0
set dns 192.168.0.1
set nbns 192.168.0.1
disable pap
disable utmp
disable passwdauth
#enable chap # MPPE Requirest chap81/MSChapV2
enable MSChapV2
enable mppe # Enable Encrptions
set log Phase Chat LCP IPCP CCP tun command # Debugging
set timeout 0 # Don't drop the connection
defaultroute 192.168.0.1
#
# Force 128 bit encryption with a key change every packet
# MacOSX only works with stateless connections and the are more
# secure anyway - just less efficient.
set mppe 128 stateless
# Disable compression - freebsd clients try to use it but it breaks mppe
disable deflate pred1
deny deflate pred1
set server /var/run/pptp_ppp_%d "" 0700
accept dns # Enable clients to request dns details
disable ipv6cp # Disable ipv6
enable proxy # Enable proxying addresses on the local net for clients
Thanks a lot!