Thanks, this basically confirms rather that I am doing it correctly, using the same initial ip and reassigning it on authentification.
The question of alternate authentification methods (ie: no plaintext passwords) remains ;^) > http://www.section6.net/help/pptphow.php > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Tuesday, May 18, 2004 10:26 AM > To: [EMAIL PROTECTED] > Subject: Love MPD, but a few questions > > Hi all, > > I've been using mpd as a pptp/vpn server for a few projects and I really > > like it with very few reservations. > > Thanks for a great port. > > I'm using FreeBSD 4.x and 5.2.1 and mpd-3.15_1 > > When I was first trying to set it up, I screwed around with the configs, > > until I could get it to work and I > now realize that I've likely left in some rather major fudges. > > Everything works really well. > I've set up scripts to manage users and rebuild the conf and links files > > and restart mpd for dynamic ip setups > > I'm from the school of 'if it ain't broke, don't fix it' > Nonetheless, I still feel that I'm not quite doing it right > > The mpd.conf, in particular is what I'm talking about > Below are some config samples > > Any suggestions would be appreciated > > Richard Sauvé - [EMAIL PROTECTED] > > ### CONFS, ETC BELOW ############3 > > Here is an example setup > > 172.19.45.1 is aliased to lo0 to keep samba and others happy at boot, as > > I've found it better to delay > mpd starting at boot time > > ## mpd.conf - reduced > > default: > load pptp0 > load pptp1 > load pptp2 > > pptp0: > new -i ng0 pptp0 pptp0 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp1: > new -i ng1 pptp1 pptp1 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp2: > new -i ng2 pptp2 pptp2 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp_standard: > set iface disable on-demand > set iface enable proxy-arp > set bundle enable multilink > set link yes acfcomp protocomp > set link no pap chap > set link enable chap > set link keep-alive 10 60 > set ipcp yes vjcomp > set ipcp dns 172.19.45.2 > set ipcp nbns 172.19.45.2 > set bundle enable compression > set ccp yes mppc > set ccp yes mpp-e40 > set ccp yes mpp-e128 > set ccp yes mpp-stateless > set bundle yes crypt-reqd > > ####################################### > ## mpd.links - 000.000.000.000 replaces the WAN ip > > pptp0: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > pptp1: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > pptp2: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > ##############################3 > ## mpd.secret > > user1 "ghi123" 172.19.45.101 > user2 "def123" 172.19.45.103 > user3 "abc123" 172.19.45.104 > > > thanks for any pointers in advance, > > Richard Sauvé - [EMAIL PROTECTED] > > PS: I've seen references to authenticating mpd with radius, or other > ways, but no how-to's. > It kind of bothers me to have plain-text passwords anywhere on the > system, even if only readable by root. > If root has them on a tty, they are world readable ! > > > 'It's good to be root' > > > > > --------------------------------------------- > This message was sent using SecureNet Mailman. > http://www.securenet.net/ > > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > --------------------------------------------- This message was sent using SecureNet Mailman. http://www.securenet.net/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"