Hello Herbert I suppose you need a pppoe connection with pap if the ppp0 is there than you have a connection. at least with your provider, if the pppoe start wouldn't be successfull you don't have a ppp0 interface.
#comments to connections script inline. I wouldn't use my Providers dns ( but use dnscache) YMMV to test if that is the problem, ping only the ip address of a server that you know should be reachable. >I´m using Bering 1.1 floppy firewall. When the firewall starts, the most of >the times, the workstations don´t connect. I would appreciate if somebody >could give a hint. I don´t know if the problem caused by the firewalll or by >my ISP. >I check the connection with "ping www.yahoo.com" in the firewall. >The operator has to restart the firewall until the workstations connect >well. >I have to use "ifdown ppp0" and "ifup ppp0" one or more times until the >firewall connects well. >I have set my ISP DNS IPs in /etc/resolv.conf, but the connection also >fails. > >Even if the firewall connects or not, ppp0 is defined. The output of "ip add >show" allways is: > >3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:20:18:03:65:62 brd ff:ff:ff:ff:ff:ff >4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:00:21:86:92:56 brd ff:ff:ff:ff:ff:ff > inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1 >5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3 > link/ppp > inet 200.45.216.85 peer 200.3.62.137/32 scope global ppp0 > >and the "ip route show" is also the same with a good and a bad connection: >===== >200.3.62.137 dev ppp0 proto kernel scope link src 200.45.216.85 >192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1 >default via 200.3.62.137 dev ppp0 >===== > >The daemon.logs are different with a good and a bad connection. > >Daemon.log with a GOOD connection at startup >===== >Jul 1 11:00:22 firewall pppd[10802]: rcvd [LCP ConfReq id=0x81 <mru 1492> ><auth pap> <magic 0x7fb977c3>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 >Jul 1 11:00:22 firewall pppd[10802]: sent [LCP ConfAck id=0x81 <mru 1492> ><auth pap> <magic 0x7fb977c3>] # You agree to use pap # and the authentication is succesfull >Jul 1 11:00:22 firewall pppd[10802]: rcvd [PAP AuthAck id=0x1 ""] 00 00 00 >00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 ... >Jul 1 11:00:22 firewall pppd[10802]: sent [IPCP ConfReq id=0x1 <addr >0.0.0.0>] >Jul 1 11:00:22 firewall pppd[10802]: rcvd [IPCP ConfReq id=0x25 <addr >200.3.62.137>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 1 11:00:22 firewall pppd[10802]: sent [IPCP ConfAck id=0x25 <addr >200.3.62.137>] >Jul 1 11:00:22 firewall pppd[10802]: rcvd [IPCP ConfNak id=0x1 <addr >200.45.216.85>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 1 11:00:22 firewall pppd[10802]: sent [IPCP ConfReq id=0x2 <addr >200.45.216.85>] >Jul 1 11:00:22 firewall pppd[10802]: rcvd [IPCP ConfAck id=0x2 <addr >200.45.216.85>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 1 11:00:22 firewall pppd[10802]: local IP address 200.45.216.85 >Jul 1 11:00:22 firewall pppd[10802]: remote IP address 200.3.62.137 # you got a remote and local IP # and lcp pings are succesfull >Jul 1 11:00:25 firewall pppd[10802]: rcvd [LCP EchoReq id=0x1 >magic=0x7fb977c3 00 00 00 00] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 >Jul 1 11:00:25 firewall pppd[10802]: sent [LCP EchoRep id=0x1 >magic=0x839a0621 68 6f 61 40] >===== > >Daemon.log with a BAD connection at startup >===== >Jul 2 09:14:24 firewall pppd[5337]: rcvd [LCP EchoRep id=0x0 >magic=0x847ea138] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 # # here the pap authentication was succesfull too. >Jul 2 09:14:24 firewall pppd[5337]: rcvd [PAP AuthAck id=0x1 ""] 00 00 00 >00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 ... >Jul 2 09:14:24 firewall pppd[5337]: sent [IPCP ConfReq id=0x1 <addr >0.0.0.0>] >Jul 2 09:14:24 firewall pppd[5337]: rcvd [IPCP ConfReq id=0x19 <addr >200.3.62.137>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 2 09:14:24 firewall pppd[5337]: sent [IPCP ConfAck id=0x19 <addr >200.3.62.137>] >Jul 2 09:14:24 firewall pppd[5337]: rcvd [IPCP ConfNak id=0x1 <addr >200.82.32.224>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 2 09:14:24 firewall pppd[5337]: sent [IPCP ConfReq id=0x2 <addr >200.82.32.224>] >Jul 2 09:14:24 firewall pppd[5337]: rcvd [IPCP ConfAck id=0x2 <addr >200.82.32.224>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 00 >Jul 2 09:14:24 firewall pppd[5337]: local IP address 200.82.32.224 >Jul 2 09:14:24 firewall pppd[5337]: remote IP address 200.3.62.137 # # you got your address and will have set your route. # >Jul 2 09:14:28 firewall pppd[5337]: rcvd [LCP EchoReq id=0x1 >magic=0x847ea138 00 00 00 00] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 >Jul 2 09:14:28 firewall pppd[5337]: sent [LCP EchoRep id=0x1 >magic=0x77aa3ee9 68 6f 61 40] >Jul 2 09:14:38 firewall pppd[5337]: rcvd [LCP EchoReq id=0x2 >magic=0x847ea138 00 00 00 00] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >00 00 00 00 00 00 00 # # then a lot of successfull LCP pings are sent and received . # So your connection is setup to the route level. The problem will probably not be in the pppd or pppoe system. Did you set the clampmss Did you look at the connections you have after you put your router up. If you have lots of clients that starts to game and request a server list, you've got thousands of connections and that might just fill the nat-list. after some time the traffic is becoming less , and you can use the internet. The same might occur by filesharing. Also Check http://192.168.1.254 from an internal machine, look for current connections. . ping a ip number from your firewall to look if it is a dns problem. check back for further advice my 2eurocent ;) Eric Wolzak member of the Bering Crew ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
