I have a FreeBSD server in one of the smaller offices I support using ppp and nat to provide an Internet connection to the people in the office. Now, they want to connect to the corporate network using pptp.
My plan here is to simply connect the FreeBSD box to the corporate network using pptp and then allow the clients to use the FreeBSD box as their gateway to the corporate network.
I am able to connect to the VPN using the pptpclient port without any problems. However, from the FreeBSD box, I am only able to ping the IP address assigned to tun1 (created by the VPN). The routes appear to be correct.
Following is the output of netstat -rn
Routing tablestun0 is created by ppp and tun1 is created by pptp.
Internet: Destination Gateway Flags Refs Use Netif Expire default 209.248.48.3 UGSc 2 65 tun0 10.129/16 10.129.10.10 UGSc 0 11 tun1 10.129.10.10 10.129.10.140 UH 2 2 tun1 127.0.0.1 127.0.0.1 UH 0 0 lo0 192.168.40 10.129.10.10 UGSc 0 0 tun1 209.248.48.3 209.248.48.149 UH 3 0 tun0
Following is my ppp.conf file.
Following are the errors I am seeing in ppp.log################################################################ # PPP Sample Configuration File # Originally written by Toshiharu OHNO # Simplified 5/14/1999 by [EMAIL PROTECTED] # # See /usr/share/examples/ppp/ for some examples # # $FreeBSD: src/etc/ppp/ppp.conf,v 1.2.2.5 2001/07/13 10:55:23 brian Exp $ #################################################################
default: set log Phase Chat LCP IPCP CCP tun command ident user-ppp VERSION (built COMPILATIONDATE)
# Ensure that "device" references the correct serial port # for your modem. (cuaa0 = COM1, cuaa1 = COM2) # set device /dev/cuaa0
set speed 115200 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" set timeout 180 # 3 minute idle timer (the default) enable dns # request DNS info (for resolv.conf)
papchap: # # edit the next three lines and replace the items in caps with # the values which have been assigned by your ISP. #
set phone AAA-BBBB
set authname XXXXX
set authkey YYYYY
set timeout 0
set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255
add default HISADDR # Add a (sticky) default route
# nat enable yes
mneavpn:
set log phase chat lcp ipcp ccp tun command
set timeout 0
# enable dns
set authname CCCCC
set authkey DDDDD
# set mppe 128 stateless
set ifaddr 0 0 add 10.129.0.0/16 HISADDR
# add 172.16.8.0/255.255.248.0 HISADDR
add 192.168.40.0/24 HISADDR
# alias enable yes
Sep 16 16:19:10 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) Sep 16 16:19:10 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened Sep 16 16:19:13 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) Sep 16 16:19:13 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: Phase: deflink: HDLC errors -> FCS: 0, ADDR: 0, COMD: 0, PROTO: 3 Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened Sep 16 16:19:31 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) Sep 16 16:19:31 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened
These errors occur whenever I try to access something on the remote network via tun1.
gateway_enable="YES" is enabled in rc.conf and router_enable="NO" is also set.
Any suggestions as to what might be wrong would be greatly appreciated. I'm sure this is something simple that I have overlooked.
Thanks in advance for your assistance.
Jay Hall
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
