|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
||||||
poptop - Radioamateur needs help plz
Hello!
I am runing serveral public proxy for echolink radio amateur networks. Everthing is runing absolut perfect! For security reason i need to setup an easy VPN daemon. Therefore i picked up poptop. Hardware: 1 Server with 1 NIC. Distri: openBSD 3.9 (i do not want to ruin the uptime ) I´ve set up tun devices, did the options, pptpd.conf, chap secrets, etc. Unfortunately i get this error: Oct 14 08:11:09 hugo ppp[11791]: Warning: iface rm: ioctl(SIOCDIFADDR_IN6, fe80:9::204:75ff:febe:fc96/64): Can't assign requested address Here is my pptpd.conf: option /etc/ppp/options-pptpd Quote:
Quote:
Quote:
Quote:
Quote:
<root@hugo:47:~>$ ifconfig Quote:
I hope someone can help me. Fact is, i love openBSD and this is the very first time where i´ve not found a solutions in howtos, rtfms etc. |
|
|||
Quote:
ipv6.. yes thats the point. I do not know, why pptpd is offering ipv6 instead of ipv4. |
|
||||
Poptop is currently maintained by giovanni@. You could contact him, but .... you will likely be told to go upgrade your system. Here's why:
But ... the purpose of an OS is to run applications, isn't it? And you can't run this application, can you? -I- wouldn't describe that as running fine. By the way, PPTP is generally not considered a secure VPN technology -- due to Microsoft's implementation of it -- in comparison to SSL-based or IPSec-based VPNs. See http://www.schneier.com/pptp-faq.html for an opening discussion. Last edited by jggimi; 14th October 2009 at 12:32 PM. |
|
|||
This is something I hear often, and it causes me to scratch me head.
All of us here are aware how stable OpenBSD can be, but none of us are delusional enough to ignore that major security bugs (..both remote and local) have been fixed between 3.9/4.6. Uptime shouldn't be a competition, in fact.. we would be more impressed if you were running the latest release with all of the errata patches applied. As an example, if you run on i386.. a local user exploit.. it will cause a kernel panic on any release that isn't properly patched (..only 4.4-4.6 have an errata for it). Code:
#include <xmmintrin.h> #include <stdio.h> int main(void) { _MM_SET_EXCEPTION_MASK(_MM_GET_EXCEPTION_MASK() & ~(_MM_MASK_DIV_ZERO)); __m128 a = _mm_div_ss(_mm_set_ss(1.0F), _mm_set_ss(0.0F)); return 0; } $ gcc -msse example.c -o crash None of us are overly eager to support older releases, especially if the maintainer isn't being proactive about security.. which is apparent by your choice of VPN technology. Good luck. |
|
|||
Thanks for your answers. You are absolut right. The system should have been upgraded already some years ago.
Since the server is just offering echolink proxy, and runing absolutly perfect, i´ve not moved to a newer distri. I was hopeing, that even "old" distri can support an much older protocol. The only thing the server has to do, exkluding the proxy, is offering samba connections - so hams can mount a directory "local". I can remember, runing redhat 3.1 with pptpd It must have been arround 2002, 2003. Let´s stick to the point -> I will use 4.6 in the future. And i will Support the forum. I like it. |
|
|||
Forgotten - Thx 4 the link!!
schleier - i am not allowed to post links here - yet. |
|
|||
Quote:
I can still not believe, that pptp is not working with 3.9. I will give it one more day trying. At least i kick out ipv6 support. |
|
|||
Try to add "disable ipv6cp" to your /etc/ppp/ppp.conf, then pre-order a 4.6 cdrom and upgrade your computers
|
|
|||
I'll move to 4.6.
I've read serveral security issues about it. I will use ipsec. Thanks for your help!!! |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
poptop on OpenBSD 4.3 | bartman | OpenBSD Packages and Ports | 15 | 22nd September 2008 11:18 PM |