Re: npppd troubles
On 11/03/2016 03:36 PM, Stefan Sperling wrote: > On Thu, Nov 03, 2016 at 03:17:40PM -0400, Marina Brown wrote: >> Hi All: >> >> I have been trying to create an nppp connection across my property - >> about 100M for one of my friends who lives here. He wants less security >> than i like behind my firewall. I have not been able to get OpenBSD to >> route his connection out of the network. Here are my settings. > >> # NAT Rule to translate from internal to External NET >> pass out on em0 inet from em1:network to any nat-to (em0) > > You're using NAT when passing out on em0 here, and... > >> external = em0 > >> pass out quick on $external from 10.0.0.103/32 to any > > ... my guess is that you're missing 'nat-to ($external)' here ^ > Thanks - is there a way to exclude the npppd users from the nat altogether. That is the reason for the excersize. If i put him behind the nat we are right where we started. He runs games that don't play well with strict NAT settings and i don't want the rest of my network exposed to reduced security. I thought he would be on pppx0. Is there a way to do this. --- Marina Brown signature.asc Description: OpenPGP digital signature
npppd troubles
Hi All: I have been trying to create an nppp connection across my property - about 100M for one of my friends who lives here. He wants less security than i like behind my firewall. I have not been able to get OpenBSD to route his connection out of the network. Here are my settings. # uname -a OpenBSD bernie.mesh.local 6.0 GENERIC.MP#2319 amd64 - # $OpenBSD: npppd.conf,v 1.2 2014/03/22 04:32:39 yasuoka Exp $ # sample npppd configuration file. see npppd.conf(5) tunnel L2TP protocol l2tp tunnel PPTP protocol pptp tunnel PPPOE protocol pppoe { listen on interface em1 } ipcp IPCP { pool-address 10.0.0.2-10.0.0.254 dns-servers 208.67.222.222 8.8.8.8 } interface tun0 address 10.0.0.1 ipcp IPCP authentication LOCAL type local { users-file "/etc/npppd/npppd-users" } bind tunnel from L2TP authenticated by LOCAL to tun0 bind tunnel from PPTP authenticated by LOCAL to tun0 bind tunnel from PPPOE authenticated by LOCAL to tun0 --- --- # more /etc/npppd/npppd npppd-users npppd.conf npppd.conf.OLD # more /etc/npppd/npppd-users # $OpenBSD: npppd-users,v 1.1 2012/09/20 12:51:43 yasuoka Exp $ # sample npppd-users file. see npppd-users(5) #taro:\ # :password=taro's password:\ # :framed-ip-address=10.0.0.101: #hana:\ # :password=hana's password:\ # :framed-ip-address=10.0.0.102: kevin:\ :password=XX:\ :framed-ip-address=10.0.0.103: laura:\ :password=testvpn:\ :framed-ip-address=10.0.0.104: # --- # npppctl session all Ppp Id = 33 Ppp Id : 33 Username: kevin Realm Name : LOCAL Concentrated Interface : tun0 Assigned IPv4 Address : 10.0.0.103 Tunnel Protocol : PPPoE Tunnel From : 74:44:01:7a:13:e7 Start Time : 2016/11/03 12:53:59 Elapsed Time: 3149 sec (52 minutes) Input Bytes : 69314 (67.7 KB) Input Packets : 1986 Input Errors: 1056 (34.7%) Output Bytes: 13021 (12.7 KB) Output Packets : 1100 Output Errors : 0 (0.0%) # -- # route show Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultc-73-114-67-1.hsd1 UGS 432 27284883 - 8 em0 BASE-ADDRESS.MCAST localhost URS0 205 32768 8 lo0 10.0.0.128/26 localhost UGB00 3276856 lo0 10.0.0.64/26 localhost UGB00 3276856 lo0 10.0.0.192/27 localhost UGB00 3276856 lo0 10.0.0.32/27 localhost UGB0 14 3276856 lo0 10.0.0.8/29localhost UGB01 3276856 lo0 10.0.0.4/30localhost UGB0 20 3276856 lo0 10.0.0.2/31localhost UGB00 3276856 lo0 10.0.0.1 tun0 UHl1 45 - 1 tun0 10.0.0.1/3210.0.0.1 UC 00 - 4 tun0 10.0.0.1 localhost UGH00 3276856 lo0 10.0.0.16/28 localhost UGB00 3276856 lo0 10.0.0.103 10.0.0.1 UGH0 55 149256 tun0 10.0.0.224/28 localhost UGB00 3276856 lo0 10.0.0.240/29 localhost UGB00 3276856 lo0 10.0.0.248/30 localhost UGB00 3276856 lo0 10.0.0.252/31 localhost UGB00 3276856 lo0 10.0.0.254/32 localhost UGB00 3276856 lo0 73.114.67/24 c-73-114-67-57.hsd UC 10 - 4 em0 c-73-114-67-1.hsd1 00:5f:86:93:c4:22 UHLc 1 225 - 4 em0 c-73-114-67-57.hsd 00:00:24:d2:16:e0 UHLl 0 396542 - 1 em0 73.114.67.255 c-73-114-67-57.hsd UHb00 - 1 em0 loopback localhost UGRS 00 32768 8 lo0 localhost localhost UHl 15 15 32768 1 lo0 192.168.1/24 apache UC 6 749 - 4 em1 apache 00:00:24:d2:16:e1 UHLl 0 137387 - 1 em1 192.168.1.15 40:8d:5c:18:94:22 UHLc 0 2505472 - 4 em1 192.168.1.22 40:8d:5c:83:01:16 UHLc 1 4272213 - 4 em1 192.168.1.29 d0:50:99:7c:c7:95 UHLc 3 4213308 - 4 em1 192.168.1.51 90:6e:bb:03:3e:ff UHLc 0 466079 - 4 em1 192.168.1.56 10:1f:74:5e:8b:67 UHLc 0 1173 - 4 em1 192.168.1.126 4c:cc:6a:09:fd:14 UHLc 0 4434626 - 4 em1 192.168.1.255 apache UHb0