DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Ports and Packages

FreeBSD Ports and Packages Installation and upgrading of ports and packages on FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st December 2008
godfrank godfrank is offline
Port Guard
 
Join Date: Jun 2008
Posts: 14
Default PPTP Server, no internet connectivity (routing between interfaces?)

Hello folks!
I've been trying to setup a VPN server on my FreeBSD 7.0 box for a while now. As of today, I can login successfully to it from a Windows machine but I cannot get the Internet connectivity to work. FYI, I am using poptop for a "relatively secure" PPTP VPN that will be used mostly for my iPhone. My network's router is 192.168.0.1 and the machine on which the PPTP server is running is 192.168.0.25.

My theory is that I should do a bridge between the tun0 interface and my rl0 [CODE]interface but, being the networking neophyte that I am, I am not sure how to do so and if it really is what I need.

Here is a line I get when I log on to my VPN from a Windows machine:
Code:
/var/log/ppp.log
ppp[83612]: tun0: Warning: ff02:3::/32: Change route failed: errno: Network is unreachable
Here are my rl0 and tun0 interfaces:
Code:
$ ifconfig rl0
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:50:fc:33:0d:5e
        inet 192.168.0.25 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
$ ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1398
        inet 192.168.0.25 --> 192.168.0.205 netmask 0xffffff00
        Opened by PID 83612
$ cat /usr/local/etc/pptpd.conf
Code:
speed 115200

localip 192.168.0.25
remoteip 192.168.0.201-210

pidfile /var/run/pptpd.pid
# cat /etc/ppp/ppp.conf
Code:
pptp:
  set ifaddr 192.168.0.25 192.168.0.201-192.168.0.210 255.255.255.0
 set dns 192.168.0.1
  set nbns 192.168.0.1
 disable pap
 disable utmp
 disable passwdauth
 #enable chap     # MPPE Requirest chap81/MSChapV2
 enable MSChapV2
 enable mppe      # Enable Encrptions
 set log Phase Chat LCP IPCP CCP tun command  # Debugging
 set timeout 0   # Don't drop the connection
 defaultroute 192.168.0.1
 #
 # Force 128 bit encryption with a key change every packet
 # MacOSX only works with stateless connections and the are more
 # secure anyway - just less efficient.
 set mppe 128 stateless

 # Disable compression - freebsd clients try to use it but it breaks mppe
 disable deflate pred1
 deny deflate pred1
 set server /var/run/pptp_ppp_%d "" 0700
 accept dns              # Enable clients to request dns details
 disable ipv6cp          # Disable ipv6
 enable proxy            # Enable proxying addresses on the local net for clients


Thanks a lot!

Last edited by godfrank; 21st December 2008 at 03:47 PM.
Reply With Quote
  #2   (View Single Post)  
Old 22nd December 2008
stasi_agent stasi_agent is offline
New User
 
Join Date: May 2008
Posts: 1
Default

Is net.inet.ip.forwarding=1?
Reply With Quote
  #3   (View Single Post)  
Old 22nd December 2008
godfrank godfrank is offline
Port Guard
 
Join Date: Jun 2008
Posts: 14
Default

Hello,
it was set to 0, I set it to 1 and tried once again with the config info pasted in my initial message with no success.

Does my config looks alright? I followed tutorials and all of them said "put that in here, mix it up, and there you go". Maybe I put the wrong IP addresses somewhere? My network's router is 192.168.0.1 and the machine on which the PPTP server is running is 192.168.0.25. I want my PPTP clients to be in the range 192.168.0.201 to 192.168.0.210.


Thanks!
Frank
Reply With Quote
  #4   (View Single Post)  
Old 22nd December 2008
hamba hamba is offline
Fdisk Soldier
 
Join Date: Apr 2008
Posts: 71
Default

Hi

You could try /usr/ports/net/mpd5
I'm using it and its really easy to configure
Reply With Quote
  #5   (View Single Post)  
Old 26th March 2009
l2fl2f's Avatar
l2fl2f l2fl2f is offline
Real Name: Yves Guerin
Port Guard
 
Join Date: May 2008
Location: Montreal, Quebec, Canada
Posts: 25
Default

Hello,

I did the same thing with mpd (3.18), I am able to connect from my network and browse the web. Try to run tcpdump on the two interfaces to see if the packets pass through (tcpdump -i interface_name)

May be set the dns to your isp dns, because you have to run a dns on 192.168.0.1.

I added two statics routes on my vpn server:
wifi-network: route add -net 192.168.1.0/24 192.168.0.2 -iface fpx0
lan: route add -net 192.168.0.0/24 192 -iface xl0

VPN: is a gateway too, defaultrouter=192.168.0.1

my setup:
Code:
isp -- dhcp -- rl0 |FW/GW|xl0-192.168.0.1 --- hub1
hub1------- laptop fxp0-192.168.0.30
hub1------- xl0 192.168.0.3 |print server|
hub1------- xl0-192.168.0.2 |VPN| fpx0-192.168.1.1 ---- |wifi access point (192.168.1.2)| ----- w2k-192.168.1.21 - vpn 192.168.0.50
But I have a probleme my machine on the vpn can't see the others machines on 192.168.0.0/24 segment.

Any help to solve that ?

If you want I can post my mpd.conf stuff.

Regards.
Reply With Quote
  #6   (View Single Post)  
Old 15th April 2009
l2fl2f's Avatar
l2fl2f l2fl2f is offline
Real Name: Yves Guerin
Port Guard
 
Join Date: May 2008
Location: Montreal, Quebec, Canada
Posts: 25
Default

Easy:

rc.conf: arpproxy_all="YES", reboot
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
GRE throught OpenBSD 4.5 to 2K3 PPTP vpn There0 OpenBSD General 3 10th September 2009 12:54 PM
Problem with pptp gull OpenBSD General 2 21st January 2009 04:06 PM
PHP database interfaces TerryP Programming 6 11th September 2008 01:03 PM
Routing and routing some more! Weaseal FreeBSD General 1 19th August 2008 01:39 PM
OpenBSD and routing cchapman OpenBSD General 5 25th July 2008 05:55 PM


All times are GMT. The time now is 08:07 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick