Re: DSL with User PPP and Static IP
try adding this line to your ppp.conf file. disable ipv6cp See if that makes a difference. Lance At 01:47 PM 1/23/2004, you wrote: Thanks for the suggestions. I have implemented all the changes including disabling the IPFW firewall NAT. I simplified the /etc/ppp/ppp.conf file and made sure it still worked using the dynamic config of "set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0". I then proceeded to change that line to "set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248". It is my assumption that this will set my address to .193, with a gateway of .198 and a netmask of .248. After making these changes, tun0 is once again opened by a pid, but nothing connects. I am including updated copies of the ppp.conf file and /var/log/ppp.log. Thanks again for your help, Jacob @ Jerry's Transmission Service Guilford, CT ---SAMPLE PPP.CONF--- default: set log Phase tun set timeout 0 sbcglobal: set device PPPoE:dc0: set authname [EMAIL PROTECTED] set authkey snet03 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 add default HISADDR enable dns loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 set server /tmp/loop "" 0177 loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct pptp: load loop enable loop disable pap enable passwdauth enable proxy accept dns set dns 192.168.0.1 192.168.0.2 set nbns 192.168.0.15 192.168.0.16 set device !/etc/ppp/secure ---END PPP.CONF--- ---SAMPLE PPP.LOG--- Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: Using interface: tun0 Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: deflink: Created in closed state Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: PPP Started (ddial mode). Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: bundle: Establish Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: closed -> opening Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: Connected! Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: opening -> dial Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: dial -> carrier Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_ACNAME (hook "62031090089590-") Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SESSIONID Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SUCCESS Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: carrier -> login Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: login -> lcp Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Warning: deflink: Reducing configured MRU from 1500 to 1492 Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: bundle: Authenticate Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: his = PAP, mine = none Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Pap Output: [EMAIL PROTECTED] Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: Pap Input: SUCCESS () Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: lcp -> open Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: bundle: Network Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Warning: ff02:8::/32: Change route failed: errno: Network is unreachable Jan 23 14:27:33 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:42 jerrystransmission last message repeated 3 times ---END PPP.LOG--- > > Jacob > Your rc.conf is all wrong, you are doing the nat process in both > 'user ppp' and IPFW, this is wrong. > The default IPFW firewall rules are useless in protecting you. > If you want stateful ipfw rules which will give you max in > protection and that will work as is for your situation let me know. > > ---SAMPLE RC.CONF--- > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > ifconfig_dc0=up > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="dialisp" > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > ---END RC.CONF--- > > > > see if this works for you. Please let me know the out come. > > start of DSL ppp.conf ### > default: > > set log Phase tun #use to avoid excessive log sizes > set timeout 0# no idle time out, will not disconnect > > > dialisp: > set device PPPoE:XXX # replace xxx with your Nic card > device name > set authname YOURLOGINNAME# Replace with your ISP account IP > set authkey YOURPASSWORD # Replace with your ISP ac
Re: DSL with User PPP and Static IP
Thanks for the suggestions. I have implemented all the changes including disabling the IPFW firewall NAT. I simplified the /etc/ppp/ppp.conf file and made sure it still worked using the dynamic config of "set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0". I then proceeded to change that line to "set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248". It is my assumption that this will set my address to .193, with a gateway of .198 and a netmask of .248. After making these changes, tun0 is once again opened by a pid, but nothing connects. I am including updated copies of the ppp.conf file and /var/log/ppp.log. Thanks again for your help, Jacob @ Jerry's Transmission Service Guilford, CT ---SAMPLE PPP.CONF--- default: set log Phase tun set timeout 0 sbcglobal: set device PPPoE:dc0: set authname [EMAIL PROTECTED] set authkey snet03 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 add default HISADDR enable dns loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 set server /tmp/loop "" 0177 loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct pptp: load loop enable loop disable pap enable passwdauth enable proxy accept dns set dns 192.168.0.1 192.168.0.2 set nbns 192.168.0.15 192.168.0.16 set device !/etc/ppp/secure ---END PPP.CONF--- ---SAMPLE PPP.LOG--- Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: Using interface: tun0 Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: deflink: Created in closed state Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: PPP Started (ddial mode). Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: bundle: Establish Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: closed -> opening Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: Connected! Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: opening -> dial Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: dial -> carrier Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_ACNAME (hook "62031090089590-") Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SESSIONID Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SUCCESS Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: carrier -> login Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: login -> lcp Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Warning: deflink: Reducing configured MRU from 1500 to 1492 Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: bundle: Authenticate Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: his = PAP, mine = none Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Pap Output: [EMAIL PROTECTED] Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: Pap Input: SUCCESS () Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: lcp -> open Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: bundle: Network Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Warning: ff02:8::/32: Change route failed: errno: Network is unreachable Jan 23 14:27:33 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:42 jerrystransmission last message repeated 3 times ---END PPP.LOG--- > > Jacob > Your rc.conf is all wrong, you are doing the nat process in both > 'user ppp' and IPFW, this is wrong. > The default IPFW firewall rules are useless in protecting you. > If you want stateful ipfw rules which will give you max in > protection and that will work as is for your situation let me know. > > ---SAMPLE RC.CONF--- > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > ifconfig_dc0=up > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="dialisp" > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > ---END RC.CONF--- > > > > see if this works for you. Please let me know the out come. > > start of DSL ppp.conf ### > default: > > set log Phase tun #use to avoid excessive log sizes > set timeout 0 # no idle time out, will not disconnect > > > dialisp: > set device PPPoE:XXX # replace xxx with your Nic card > device name > set authname YOURLOGINNAME# Replace with your ISP account IP > set authkey YOURPASSWORD # Replace with your ISP account > password > add default HISADDR # Add a (sticky) default route > (Mandatory
RE: DSL with User PPP and Static IP
Jacob Your rc.conf is all wrong, you are doing the nat process in both 'user ppp' and IPFW, this is wrong. The default IPFW firewall rules are useless in protecting you. If you want stateful ipfw rules which will give you max in protection and that will work as is for your situation let me know. ---SAMPLE RC.CONF--- ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" ifconfig_dc0=up ppp_enable="YES" ppp_mode="ddial" ppp_nat="YES" ppp_profile="dialisp" gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" ---END RC.CONF--- see if this works for you. Please let me know the out come. start of DSL ppp.conf ### default: set log Phase tun #use to avoid excessive log sizes set timeout 0 # no idle time out, will not disconnect dialisp: set device PPPoE:XXX # replace xxx with your Nic card device name set authname YOURLOGINNAME# Replace with your ISP account IP set authkey YOURPASSWORD # Replace with your ISP account password add default HISADDR # Add a (sticky) default route (Mandatory) enable dns # Gets the ISP's DNS IP address & places them # in resolv.conf for reference by FBSD box. ### End of DSL ppp.conf # Replace the XXX in the [set device PPPoE:XXX] statement with the Nic card FBSD interface name. Sometimes it will be necessary to use a service tag to establish your connection depending on how your ISP and/or the phone company has it's DSL network configured. Service tags are used to distinguish between different PPPoE servers attached to a given network. You should have been given any required service tag information in the documentation provided by your ISP. If you cannot locate it there, ask your ISP's tech support personnel. This is the format of the command with the service tag added set device PPPoE:XXX:service_tag The is the FBSD interface name used by PPPoE, the interface must be UP, (IE: enabled). It is only used as transport, and does not need to be assigned an IP address. This can be done automatically at boot time by updating the /etc/rc.conf file. The format of the statement to add is ifconfig_=up where is Nic card FBSD interface name used by PPPoE that you specified in the /etc/ppp/ppp.conf file. ee /etc/rc.conf add following statement ifconfig_=up To setup user ppp to dial your ISP automatically at FBSD boot time, you have to add the following statements to the rc.conf file. The ddial option means to redial every time the connection to the ISP gets dropped. ee /etc/rc.conf # Activate user ppp auto start at boot time ppp_enable="YES" # Start User ppp task ppp_mode="ddial" # ddial, auto, background ppp_profile="dialisp"# section in ppp.conf to -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jerrys Transmission Sent: Friday, January 23, 2004 9:40 AM To: [EMAIL PROTECTED] Subject: DSL with User PPP and Static IP Hello, I have just started working for a local auto transmission repair shop and am trying to get the local server up and running. Specifically, the server works great with dynamic IPs assigned from the DSL provider (using PPPoE) but it burps when I attempt a static IP as per the handbook's "Using User PPP" section. Our business was given the following values for connecting to the Internet: Net: 69.37.6.192 Gateway: 69.37.6.198 Netmask: 255.255.255.248 Broadcast: 69.37.6.199 Static IPs 193-197 When I change /etc/ppp/ppp.conf (sample attached) to: set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 tun0 is "Opened by PID xxx" but does not show any IP addresses, and the connection does not work. If I leave the ifaddr to the dynamic setting (which includes the 0.0.0.0) everything works fine. I am including a sample of our local ppp.conf, ifconfig output, and relevant parts of rc.conf for reference. Please note, the ifconfig output shows the missing inet line when a static config is attempted. Any help would be greatly appreciated. Thanks again, Jacob @ Jerry's Transmission Service Guilford, CT 06437 SAMPLE PPP.CONF--- default: set log Phase Chat LCP IPCP CCP tun command nat enable yes nat same_ports yes nat use_sockets yes set redial 15 28800 set reconnect 15 28800 sbcglobal: set device PPPoE:dc0: set mru 1492 set mtu 1492 set speed sync enable lqr set lqrperiod 5 set cd 5 set dial set login set timeout 0 set authname [CENSORED] set authkey [CENSORED] set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 add default HISADDR enable dns loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 set server /tmp/loop