Hi Stepen, your problem is that your external interface has an ip of 10.64.64.64. To get an real IP you must get up your demand-dial link. This happens, when you want to send a packet to the external net, but this packet is dropped by the firewall rules and so can not bring up the link.
I solved this egg-chicken problem with a rule to accept this package. ipchains -I output 2 -i ppp0 -s 10.64.64.64 -j ACCEPT. Regards Manfred Stephen More schrieb: > > How I made Dachstein Dial: > > Assumptions: > > 1 Ethernet > Router IP will be 192.168.1.1 > Configs will be stored on floppy > > Before booting with CD-ROM > > 0. rawrite bootdisk.bin to floppy > 1. edit lrpkg.cfg on floppy > 2. add packages: > lncurses ( dependant for bash ) > lrdline2 ( dependant for bash ) > bash -optional > ppp -required > libpcap ( dependant for tcpdump ) > tcpdump -optional > vim -optional > ifconfig -optional > > After booting with floppy and CD-ROM > > 1. vi /etc/modules > add: > slhc ( needed for ppp ) > ppp > > uncomment: > 3c509 ( for my ethernet card ) > ip_masq_ipsec ( use of vpn behind router ) > > 2. vi /etc/network.conf > > IF_AUTO='eth0 ppp0' > > comment out all of eth0 > change eth1 to eth0 > eth0=192.168.1.1 > > Line 257: EXTERN_IF=ppp0 > > Line 319: EXTERN_UDP_PORTS="0/0_500" ( use of vpn behind router ) > Line 341: EXTERN_PROTO0="50 0/0" ( use of vpn behind router ) > > Line 348: INTERN_IF=eth0 > INTERN_IP=192.168.1.1 > > 3. vi /etc/ppp/peers/provider > > /dev/ttyS0 > 57600 > > 4. vi /etc/chatscripts/provider > > edit: > phone-number > username > password > > 5. backup etc, modules, ppp using lrcfg > > So far so good. A dedicated dialup router with VPN behind the router works > well. > > Now here is where I am having trouble: > I try to make it on demand dial by: > vi /etc/ppp/peers/provider > > add: > demand > idle 600 > > When I ping from a computer on the LAN ( which worked before I added > 'demand' ) I get: > > Feb 19 02:37:17 firewall kernel: Packet log: output DENY ppp0 PROTO=1 > 10.64.64.64:8 129.3.1.1:0 L=60 S=0x00 I=6659 F=0x0000 T=31 (#6) > > What do I need to do to allow that packet to pass and bring up ppp0 ? > > -Thanks > Steve More > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
