Jacob
Your rc.conf is all wrong, you are doing the nat process in both
'user ppp' and IPFW, this is wrong.
The default IPFW firewall rules are useless in protecting you.
If you want stateful ipfw rules which will give you max in
protection and that will work as is for your situation let me know.

-------SAMPLE RC.CONF-------
 ifconfig_em0="inet 192.168.2.1  netmask 255.255.0.0"
ifconfig_dc0=up
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="dialisp"
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
 -------END RC.CONF-------



see if this works for you. Please let me know the out come.

####################  start of DSL ppp.conf  ###################
default:

 set log Phase tun             #use to avoid excessive log sizes
 set timeout 0                   # no idle time out, will not disconnect


dialisp:
 set device PPPoE:XXX          # replace xxx with your Nic card
device name
 set authname YOURLOGINNAME    # Replace with your ISP account IP
 set authkey YOURPASSWORD      # Replace with your ISP account
password
 add default HISADDR           # Add a (sticky) default route
(Mandatory)
 enable dns                          # Gets the ISP's DNS IP address & places
them
                                     # in resolv.conf for reference by FBSD box.



 ###############   End of DSL ppp.conf
#################################



Replace the XXX in the [set device PPPoE:XXX] statement with the Nic
card FBSD interface name. Sometimes it will be necessary to use a
service tag to establish your connection depending on how your ISP
and/or the phone company has it's DSL network configured. Service
tags are used to distinguish between different PPPoE servers
attached to a given network. You should have been given any required
service tag information in the documentation provided by your ISP.
If you cannot locate it there, ask your ISP's tech support
personnel.  This is the format of the command with the service tag
added

set device PPPoE:XXX:service_tag


The xxxx is the FBSD interface name used by PPPoE, the interface
must be UP, (IE: enabled). It is only used as transport, and does
not need to be assigned an IP address. This can be done
automatically at boot time by updating the /etc/rc.conf file. The
format of the statement to add is  ifconfig_xxxx=up   where xxxx is
Nic card FBSD interface name used by PPPoE that you specified in the
/etc/ppp/ppp.conf file.

  ee /etc/rc.conf         add following statement

  ifconfig_xxxx=up


To setup user ppp to dial your ISP automatically at FBSD boot time,
you have to add the following statements to the rc.conf file. The
ddial option means to redial every time the connection to the ISP
gets dropped.

   ee /etc/rc.conf

   # Activate user ppp auto start at boot time
   ppp_enable="YES"             # Start User ppp task
   ppp_mode="ddial"             # ddial, auto, background
   ppp_profile="dialisp"        # section in ppp.conf to

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jerrys
Transmission
Sent: Friday, January 23, 2004 9:40 AM
To: [EMAIL PROTECTED]
Subject: DSL with User PPP and Static IP

Hello,

I have just started working for a local auto transmission repair
shop and am
trying to get the local server up and running.  Specifically, the
server
works great with dynamic IPs assigned from the DSL provider (using
PPPoE)
but it burps when I attempt a static IP as per the handbook's "Using
User
PPP" section.

Our business was given the following values for connecting to the
Internet:

Net:  69.37.6.192
Gateway:  69.37.6.198
Netmask:  255.255.255.248
Broadcast:  69.37.6.199
Static IPs 193-197


When I change /etc/ppp/ppp.conf (sample attached) to:

set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248

tun0 is "Opened by PID xxx" but does not show any IP addresses, and
the
connection does not work.  If I leave the ifaddr to the dynamic
setting
(which includes the 0.0.0.0) everything works fine.  I am including
a sample
of our local ppp.conf, ifconfig output, and relevant parts of
rc.conf for reference.
Please note, the ifconfig output shows the missing inet line when a
static
config is attempted.

Any help would be greatly appreciated.

Thanks again,

Jacob @ Jerry's Transmission Service
Guilford, CT  06437


--------SAMPLE PPP.CONF-------
default:
  set log Phase Chat LCP IPCP CCP tun command
  nat enable yes
  nat same_ports yes
  nat use_sockets yes
  set redial 15 28800
  set reconnect 15 28800

sbcglobal:
  set device PPPoE:dc0:
  set mru 1492
  set mtu 1492
  set speed sync
  enable lqr
  set lqrperiod 5
  set cd 5
  set dial
  set login
  set timeout 0
  set authname [CENSORED]
  set authkey [CENSORED]
  set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248
  add default HISADDR
  enable dns

loop:
  set timeout 0
  set log phase chat connect lcp ipcp command
  set device localhost:pptp
  set dial
  set login
  set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255
  set server /tmp/loop "" 0177

loop-in:
  set timeout 0
  set log phase lcp ipcp command
  allow mode direct

pptp:
  load loop
  enable loop
  disable pap
  enable passwdauth
  enable proxy
  accept dns
  set dns 192.168.0.1 192.168.0.2
  set nbns 192.168.0.15 192.168.0.16
  set device !/etc/ppp/secure

-------END PPP.CONF-------


-------SAMPLE IFCONFIG-------
dc0: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu
1492
        inet6 fe80::204:5aff:fe7f:75d4%dc0 prefixlen 64 scopeid 0x1
        inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
        ether 00:04:5a:7f:75:d4
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=3<rxcsum,txcsum>
        inet6 fe80::207:e9ff:fe70:801b%em0 prefixlen 64 scopeid 0x2
        inet 192.168.2.1 netmask 0xffff0000 broadcast
192.168.255.255
        ether 00:07:e9:70:80:1b
        media: Ethernet autoselect (100baseTX <half-duplex>)
        status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
        inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
        Opened by PID 501
-------END IFCONFIG-------


-------SAMPLE RC.CONF-------
network_interfaces="auto"
ifconfig_em0="inet 192.168.2.1  netmask 255.255.0.0"
ifconfig_dc0="inet 10.0.0.1 mtu 1492 netmask 255.0.0.0 -arp up"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES"
ppp_profile="sbcglobal"
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="tun0"
natd_flags="-u -m -dynamic -s"
named_enable="YES"
-------END RC.CONF-------
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to