On Wed, 19 Mar 2014 16:45:46 -0700
Paul B. Henson hen...@acm.org wrote:
After successfully setting up an L2TP VPN with npppd and pppx, I tried
to add a second VPN subnet with a different authentication base. I was
working remotely, and after starting npppd in debug mode:
pppx will be fixed
On Thu, Mar 20, 2014 at 10:22:51AM +0900, YASUOKA Masahiko wrote:
pppx will be fixed.
Great :). This is a known bug then? Should I just keep an eye on the
changelog for mention of pppx changes to tell when it's safe to try
again?
You can use tun(4) instead if you want to use multiple
On Wed, 19 Mar 2014 21:05:35 -0700
Paul B. Henson hen...@acm.org wrote:
On Thu, Mar 20, 2014 at 10:22:51AM +0900, YASUOKA Masahiko wrote:
pppx will be fixed.
Great :). This is a known bug then?
It's new for me. I had not even try MAKEDEV pppx1 yet.
Should I just keep an eye on the
On 2014-03-02, Paul B. Henson hen...@acm.org wrote:
On Sat, Mar 01, 2014 at 12:56:16PM +0900, YASUOKA Masahiko wrote:
As the default, npppd doesn't use the local tunnel endpoint address
and broadcast addresses in class network (10.0.0.0 and 10.255.255.255)
for the clients. Do you worry about
the explicit
restriction on the / in the above define fix it, or I am missing
something more subtle?
As the default, npppd doesn't use the local tunnel endpoint address
and broadcast addresses in class network (10.0.0.0 and 10.255.255.255)
for the clients. Do you worry about 10.128.120.0
.
However, if I try to specify an address-mask:
ipcp IPCP {
pool-address 10.128.120.0/24
dns-servers 10.128.0.4
allow-user-selected-address no
}
It says there's a syntax error:
2014-02-28 11:48:24:NOTICE: Starting npppd pid=31351 version=5.0.0
2014-02-28 11:48:24:WARNING: pptpd
After getting the basic functionality of an L2TP VPN working with npppd,
I tried turning on the l2tp-require-ipsec option, as that seemed
desirable; I don't really want an l2tp session set up that's not
encapsulated in ipsec.
However, with that option on, the attempted VPN connection doesn't seem
functionality of an L2TP VPN working with npppd,
I tried turning on the l2tp-require-ipsec option, as that seemed
desirable; I don't really want an l2tp session set up that's not
encapsulated in ipsec.
However, with that option on, the attempted VPN connection doesn't seem
to get to npppd. After the ipsec
On Fri, Feb 28, 2014 at 01:54:13PM -0800, Jeff Goettsch wrote:
That's a known bug:
http://www.openbsd.org/cgi-bin/man.cgi?query=npppdapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html#end
Ah, I see; I hadn't actually looked at the npppd man page, only the
npppd.conf man page
:
2014-02-28 11:48:24:NOTICE: Starting npppd pid=31351 version=5.0.0
2014-02-28 11:48:24:WARNING: pptpd GRE protocol not allowed
2014-02-28 11:48:24:CRIT: /etc/npppd/npppd.conf:12: syntax error
2014-02-28 11:48:24:CRIT: /etc/npppd/npppd.conf:17: ipcp IPCP is not found
2014-02-28 11:48:24:CRIT: /etc
Hi,
On Mon, 2 Dec 2013 19:34:57 +0200 (IST)
Or Elimelech o...@xwise.com wrote:
I'm having trouble configuring Windows clients with l2tp over ipsec,
This config works great on OSX/iOS/Android/Linux
I do not know which type of auth/enc/group I should use for Windows clients
I currently
The mail I replied to was too old.. sorry.
On Mon, 16 Dec 2013 18:52:25 +0900 (JST)
YASUOKA Masahiko yasu...@yasuoka.net wrote:
On Mon, 2 Dec 2013 19:34:57 +0200 (IST)
Or Elimelech o...@xwise.com wrote:
I'm having trouble configuring Windows clients with l2tp over ipsec,
This config works
helpful. The problem can be from misconfiguration on npppd, pf rules,
routing issues, or problems with the windows clients itself. Things
like, anti-virus firewalls, etc. They could all be the problem. Try to
elaborate a little more on the next one.
Cheers,
--
Giancarlo Razzolini
GPG: 4096R
:54:42 PM
Subject: Re: NPPPD
Em 09-12-2013 05:38, Or Elimelech escreveu:
Hi,
I've configured nppd server and clients for Linux, Android, iOS, OSX and
Windows.
This works on all platforms when routing all traffic through VPN except for
Windows clients.
I can connect to the vpn and I get
...@xwise.com, OpenBSD general usage list
misc@openbsd.org
Sent: Monday, December 9, 2013 2:54:42 PM
Subject: Re: NPPPD
Em 09-12-2013 05:38, Or Elimelech escreveu:
Hi,
I've configured nppd server and clients for Linux, Android, iOS, OSX and
Windows.
This works on all platforms when routing all
: Giancarlo Razzolini grazzol...@gmail.com
To: Or Elimelech o...@xwise.com
Cc: OpenBSD general usage list misc@openbsd.org
Sent: Monday, December 9, 2013 3:54:58 PM
Subject: Re: NPPPD
Em 09-12-2013 11:11, Or Elimelech escreveu:
npppd.conf
# Global
## Max sessions
set max-session 100
## Max user
but no where else.
If it connects to the vpn, and you see it on the npppd logs and can also
see a state entry with netstat, then it appears to me that the vpn is
doing it's job. It can be either routing issues or firewall issues. On
either sides or even on both. In these hours, tcpdump is your best
friend
On Mon, 9 Dec 2013 09:38:50 +0200 (IST)
Or Elimelech o...@xwise.com wrote:
I've configured nppd server and clients for Linux, Android, iOS, OSX
and Windows. This works on all platforms when routing all traffic
through VPN except for Windows clients.
Usually npppd can work with Windows client
Hi,
I've configured nppd server and clients for Linux, Android, iOS, OSX and
Windows.
This works on all platforms when routing all traffic through VPN except for
Windows clients.
I can connect to the vpn and I get a route for 0.0.0.0 mask 0.0.0.0 vpn
interface
but ipconfig shows me
Thanks, I fixed it using the same config I wrote
The problem is my npppd server is behind NAT and my windows needed registry
modification AssumeUDP
Thank you again
Sent from my iPhone
On Dec 3, 2013, at 12:28 AM, Frans Haarman franshaar...@gmail.com wrote:
I have used this with windows 7
Hi,
I'm having trouble configuring Windows clients with l2tp over ipsec,
This config works great on OSX/iOS/Android/Linux
I do not know which type of auth/enc/group I should use for Windows clients
I currently use OpenBSD 5.4 with the following
ike passive esp transport \
proto udp from
I have used this with windows 7 and osx:
ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth hmac-sha1 enc 3des group modp1024 \
quick auth hmac-sha1 enc aes \
psk
2013/12/2 Or Elimelech o...@xwise.com
Hi,
I'm having trouble
This works with Windows 8, OSX, Android and iOS:
ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth hmac-sha1 enc aes group modp1024 \
quick auth hmac-sha1 enc aes \
psk $psk
On 03 Dec 2013, at 00:28, Frans Haarman
Hi,
first of all, thanks @sthen for your answer (OP has no net access atm).
We are to the point where the clients get ip (windows/linux/OpenBSD) and
traffic is passing through the server as expected.
There is a very strange problem with ssh service though. While internet
traffic
is being routed
What does /etc/ssh/ssh_config look like on the OpenBSD client?
--
Jeff Goettsch
Agricultural and Resource Economics
University of California, Davis
http://agecon.ucdavis.edu/
On Fri, November 22, 2013 6:52 am, haris wrote:
Hi,
first of all, thanks @sthen for your answer (OP has no net access
On Fri, Nov 22, 2013 at 06:41:37PM +0200, Jeff Goettsch wrote:
What does /etc/ssh/ssh_config look like on the OpenBSD client?
The file is the default that comes with OpenBSD. No change there...
--
A: Because we read from top to bottom, left to right.
Q: Why should I start my reply below the
too.
Things you can try to fix it:
- lower MTU on the ppp interface
- tcp-mss-adjust yes in npppd
- pf match ... scrub (max-mss $somevalue)
On 2013-11-20, anon ymous ramrunner0...@gmail.com wrote:
Hello list!
If anyone could shed some light to the following i would be thankful..
i have 2 5.4-current boxes, one acting as an npppd server over ipsec
and the other one wishing to be a client.
My understanding is that to accomplish
Hello list!
If anyone could shed some light to the following i would be thankful..
i have 2 5.4-current boxes, one acting as an npppd server over ipsec
and the other one wishing to be a client.
My understanding is that to accomplish that the client needs
to use xl2tpd from ports.
The problem
...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
Can you try again with below patch? I'd like to get log for debug.
Index: npppd/pap.c
===
RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v
retrieving revision 1.7
diff
: Sun Oct 13 15:54:12 MDT 2013
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
Can you try again with below patch? I'd like to get log for debug.
Index: npppd/pap.c
===
RCS file: /cvs/openbsd/src/usr.sbin
...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
Can you try again with below patch? I'd like to get log for debug.
Index: npppd/pap.c
===
RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v
retrieving revision 1.7
diff
/compile/GENERIC
Can you try again with below patch? I'd like to get log for debug.
Index: npppd/pap.c
===
RCS file: /cvs/openbsd/src/usr.sbin/npppd/npppd/pap.c,v
retrieving revision 1.7
diff -u -p -r1.7 pap.c
--- npppd/pap.c 18 Sep 2012 13
Hello,
I meet some troubles on setup a PPPOE server with npppd daemon. I've
done some
test on release and snaptshot and had differents problems.
First my config files..
#/etc/nppp/npppd-users :
taro:\
:password=taro:\
:framed-ip-address=10.0.0.101:
#/etc/npppd/npppd.conf
Hi,
On Wed, 16 Oct 2013 13:39:31 +0200
Gruel Bruno b.gr...@sdnet.info wrote:
### On OBSD 5.3 release :
(snip)
Segmentation fault
After de DISCOVERY message the server crash with Segmentation fault
This bug had been fixed on April 16. PPPoE server (by npppd) on 5.3
is completely broken
server (by npppd) on 5.3
is completely broken.
### On OBSD 5.3 snapshot (2weeks ago version) :
I'm doing some tests last night and got other problems. I don't have
my snapshots stations here but the symptom is :
I believe this will work.
npppd logs side somthings like that :
...unable
Hi @misc,
I can't find any way/option to log npppd sessions on a VPN gateway.
What I need to log:
- username
- user's source_IP
- user's VPN_internal_IP
- session start_time
- session end_time
Current npppd sessions I can see via npppctl session all/brief but I need a
history log.
Thanks
Quoting Radek alee...@gmail.com:
Hi @misc,
I can't find any way/option to log npppd sessions on a VPN gateway.
What I need to log:
- username
- user's source_IP
- user's VPN_internal_IP
- session start_time
- session end_time
Current npppd sessions I can see via npppctl session all/brief
On Tue, 13 Aug 2013 14:24:49 +0200
Radek alee...@gmail.com wrote:
Hi @misc,
I can't find any way/option to log npppd sessions on a VPN gateway.
What I need to log:
- username
- user's source_IP
- user's VPN_internal_IP
- session start_time
- session end_time
I do accounting, as well
It was my fault.
I started npppd -d (for test only), so logs went to stdout and there was
nothing in /var/log/*.
If I start it as a daemon, session logs go to /var/log/daemon and
/var/log/messages.
I do accounting, as well as authentication, by help of radius server.
VPN with RADIUS - it's
Hi,
On Sun, 30 Jun 2013 15:03:58 +
Brad Brad braddeic...@hotmail.com wrote:
Hi, setting up npppd I get the following in the logs when connecting from
Iphone 5
Jun 30 22:23:43 fire53 npppd[17905]: ppp id=0 layer=lcp No authentication
protocols are agreeable. peer's auth proto=eap
Hi, setting up npppd I get the following in the logs when connecting from
Iphone 5
Jun 30 22:23:43 fire53 npppd[17905]: ppp id=0 layer=lcp No authentication
protocols are agreeable. peer's auth proto=eap
I saw a message saying eap was removed and will be re-added later, and Iphone
isn't
.
mpd doesn't have the ability to generate Proxy auth AVPs, I currently
use both mpd and others without proxied avps, afaic it isn't breaking
rfc to restart lcp at every point (which is how I work things
currently)
npppd itself is in Link Establishment Phase. As RFC 1661 section
3.4.,
| Any
them.
mpd doesn't have the ability to generate Proxy auth AVPs, I currently
use both mpd and others without proxied avps, afaic it isn't breaking
rfc to restart lcp at every point (which is how I work things
currently)
npppd itself is in Link Establishment Phase. As RFC 1661 section
3.4
YASUOKA Masahiko wrote:
On Wed, 08 May 2013 12:32:16 +0100
Joe Holden li...@rewt.org.uk wrote:
YASUOKA Masahiko wrote:
On Tue, 07 May 2013 22:38:46 +0100
Joe Holden li...@rewt.org.uk wrote:
I'm testing out npppd as a termination device which is being fed from
existing LACs (in this particular
On Wed, 08 May 2013 12:32:16 +0100
Joe Holden li...@rewt.org.uk wrote:
YASUOKA Masahiko wrote:
On Tue, 07 May 2013 22:38:46 +0100
Joe Holden li...@rewt.org.uk wrote:
I'm testing out npppd as a termination device which is being fed from
existing LACs (in this particular setup, mpd on FreeBSD
Hi,
YASUOKA Masahiko wrote:
Hi,
On Tue, 07 May 2013 22:38:46 +0100
Joe Holden li...@rewt.org.uk wrote:
I'm testing out npppd as a termination device which is being fed from
existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC
begins LCP to challenge the client for it's
Hi all,
I'm testing out npppd as a termination device which is being fed from
existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC
begins LCP to challenge the client for it's username in order to lookup
the destination LNS, npppd just repeats the following until it gives up
Hi,
On Tue, 07 May 2013 22:38:46 +0100
Joe Holden li...@rewt.org.uk wrote:
I'm testing out npppd as a termination device which is being fed from
existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC
begins LCP to challenge the client for it's username in order to
lookup
Hello,
I'm currently discovering NPPPD daemon and L2TP\Ipsec VPN.
My VPN server is in a DMZ an run with OpenBSD 5.3.
Client (192.168.1.137) - (192.168.1.233) OBSD FW (192.168.21.233) -
VPN (192.168.21.14)
I correctly configured NPPPD and IPsec to let my client connect directly
Why don't you run npppd directly on OBSD FW (192.168.21.233) ?
On 25 apr 2013, at 09:49, Bastien Ceriani bastien.ceri...@bulkypix.com wrote:
Hello,
I'm currently discovering NPPPD daemon and L2TP\Ipsec VPN.
My VPN server is in a DMZ an run with OpenBSD 5.3.
Client (192.168.1.137
Hi,
My boss asked me to do like that.
But VPN requests will not decrease router performances ?
On Thu, Apr 25, 2013 at 11:54 AM, mxb m...@alumni.chalmers.se wrote:
Why don't you run npppd directly on OBSD FW (192.168.21.233) ?
Depends on hardware you are using and configuration.
Use weaker crypto if you can.
Like aes128 instead of aes256 and hmac-md5 instead of sha1 in ipsec.conf.
Or maybe use aggressive instead of main in ipsec.conf too.
To run npppd on top of 192.168.21.233 will make your life easier.
On 25 apr
crypto if you can.
Like aes128 instead of aes256 and hmac-md5 instead of sha1 in ipsec.conf.
Or maybe use aggressive instead of main in ipsec.conf too.
To run npppd on top of 192.168.21.233 will make your life easier.
On 25 apr 2013, at 14:36, Bastien Ceriani bastien.ceri...@bulkypix.com
wrote
Dear Yasuoka.
Thanks for your suggestion. And test again.
Actually every thing going to be all right!:)
#today's process and log.
a)setup
#server
#/etc/hostname.bge0
-inet6
up
#/etc/npppd/npppd-users
taro:
:password=taro:
:framed-ip-address=10.0.0.2:
#/etc/npppd/npppd.conf
authentication
Yasuoka thanks for your suggestion!
I tried today's -current version. 2013-04-21
It seems to be fine:)
I have question. npppd pppx session need the inet6?
I usually kill the interface's inet6.
npppd pppoe connection for tun0 work.
but, pppx0's didn't work!
#server
#/etc/hostname.bge0
-inet6
up
Hi,
Thank you for your feedbacks.
On Sun, 21 Apr 2013 16:09:36 +0900
trick star freeu...@inbox.com wrote:
I have question. npppd pppx session need the inet6?
No, it doesn't matter the inet6.
I usually kill the interface's inet6.
npppd pppoe connection for tun0 work.
but, pppx0's didn't
Hi,
On Sat, 20 Apr 2013 01:00:14 +0900
trick star freeu...@inbox.com wrote:
hi, I have problem in the OpenBSD -snapshots 5.3 npppd pppoe setting!
server's npppd was down for segmantation fault. when client to attache
the server.
before -current version was fine. but new -snapshots is suck
hi, I have problem in the OpenBSD -snapshots 5.3 npppd pppoe setting!
server's npppd was down for segmantation fault. when client to attache
the server.
before -current version was fine. but new -snapshots is suck.
if anyone could help my problem. please suggest for me.
#server
#/etc
hi, I have problem in the OpenBSD -snapshots 5.3 npppd pppoe setting!
server's npppd was down for segmantation fault. when client to attache
the server.
before -current version was fine. but new -snapshots is suck.
if anyone could help my problem. please suggest for me.
#server
#/etc
, inbound is set to block in log all, with holes opened for the
appropriate ports for vpn and ssh)
2013-03-05 16:26:10:NOTICE: Starting npppd pid=5729 version=5.0.0
...
2013-03-05 16:26:19:INFO: l2tpd ctrl=1 SendSCCRP
2013-03-05 16:26:21:NOTICE: l2tpd ctrl=2 logtype=Started RecvSCCRQ
from=x.x.x
I had a problem with tun interfaces and npppd. Try the pppx interface instead.
Sent form my iFoe.
On Mar 5, 2013, at 13:35, Jason Markowitz jma...@gmail.com wrote:
Hello,
I'm receiving the following errors when attempting to establish a vpn
session via l2tp, the ipsec side works fine
On 2013-02-18, Claudio Jeker cje...@diehard.n-r-g.com wrote:
Even though L2TP has L2 in its name it is not built to create ethernet
layer 2 tunnels. It is just tunneling PPP packets inside of UDP.
So the only thing you can do is proxyarp (which npppd does not support
natively) or route
thing you can do is proxyarp (which npppd does not support
natively) or route the traffic.
Routing the traffic is probably the easiest way for this. Use a different
subnet for the PPP-assigned addresses and add a static route on the gateway
(and ideally on other machines which the PPP-connected
. It is just tunneling PPP packets inside of UDP.
So the only thing you can do is proxyarp (which npppd does not support
natively) or route the traffic.
Routing the traffic is probably the easiest way for this. Use a different
subnet for the PPP-assigned addresses and add a static route
Hi all,
I'm having a bit of trouble getting l2tp working from behind a firewall.
Here's the setup:
OpenBSD with isakmpd and npppd -- Home Router -- Internet -- Cell Network --
iPhone/Laptop
Basically, the idea is to make a VPN for use when I'm travelling.
I can connect just fine and put
I think this is on TODO-list. This is why npppd considered to be not ready
and thus not linked to build.
//mxb
On 17 feb 2013, at 16:32, Stuart McMurray kd5...@gmail.com wrote:
Hi all,
I'm having a bit of trouble getting l2tp working from behind a firewall.
Here's the setup:
OpenBSD
On Sun, Feb 17, 2013 at 11:03:44PM +0100, mxb wrote:
I think this is on TODO-list. This is why npppd considered to be not ready
and thus not linked to build.
It is linked to the build and has been for 5 months.
--
This message has been scanned for viruses and
dangerous content by MailScanner
On Sun, Feb 17, 2013 at 10:32:33AM -0500, Stuart McMurray wrote:
Hi all,
I'm having a bit of trouble getting l2tp working from behind a firewall.
Here's the setup:
OpenBSD with isakmpd and npppd -- Home Router -- Internet -- Cell Network --
iPhone/Laptop
Basically, the idea
On Sun, Feb 17, 2013 at 5:13 PM, Claudio Jeker cje...@diehard.n-r-g.comwrote:
On Sun, Feb 17, 2013 at 10:32:33AM -0500, Stuart McMurray wrote:
Hi all,
I'm having a bit of trouble getting l2tp working from behind a firewall.
Here's the setup:
OpenBSD with isakmpd and npppd -- Home
a firewall.
Here's the setup:
OpenBSD with isakmpd and npppd -- Home Router -- Internet -- Cell
Network -- iPhone/Laptop
Basically, the idea is to make a VPN for use when I'm travelling.
I can connect just fine and put traffic on the network, but arp requests
from other hosts
Thx
It works as expected.
2013/1/31 YASUOKA Masahiko yasu...@yasuoka.net:
Hi,
On Tue, 29 Jan 2013 20:20:24 +0100
csszep css...@gmail.com wrote:
I tried to start npppd with the default config with tun0 interface on
my Alix board:
I get the following error message:
# npppd -d
2013-01
===
RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd_auth.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- npppd_auth.c22 Sep 2012 20:22:48 - 1.11
+++ npppd_auth.c31 Jan 2013 09:44:21 - 1.12
@@ -1,4 +1,4 @@
-/* $OpenBSD: npppd_auth.c,v
Hi,
I run in to a issue using npppd with radius. It look to me the parsing
of radius port info is not working.
I have: authentication section:
authentication RADIUS type radius {
authentication-server {
address 192.168.0.1 port 1812 secret hogehoge
Yasuoka forgot to commit his fix.
I have it working.
//maxim
On 30 jan 2013, at 11:54, Robert Blacquiere open...@blacquiere.nl wrote:
Hi,
I run in to a issue using npppd with radius. It look to me the parsing
of radius port info is not working.
I have: authentication section
Hi,
On Tue, 29 Jan 2013 20:20:24 +0100
csszep css...@gmail.com wrote:
I tried to start npppd with the default config with tun0 interface on
my Alix board:
I get the following error message:
# npppd -d
2013-01-29 19:54:38:NOTICE: Starting npppd pid=13464 version=5.0.0
2013-01-29 19:54:38
Hello Misc!
I tried to start npppd with the default config with tun0 interface on
my Alix board:
I get the following error message:
# npppd -d
2013-01-29 19:54:38:NOTICE: Starting npppd pid=13464 version=5.0.0
2013-01-29 19:54:38:NOTICE: Load configuration
from='/etc/npppd/npppd.conf
mxb m...@alumni.chalmers.se wrote:
I hope this ever can be updated or a real man page can show up.
I move from snap to snap and thus can not do it yet, until info is up2date.
in -current there is a man page for npppd.conf.
Cheers
Giovanni
YASUOKA Masahiko yasu...@yasuoka.net wrote:
Please refer
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/npppd/Attic/HOWTO_PIPEX_NPPPD.txt?rev=1.8;content-type=text%2Fplain
revision 1.8 or upgrade to the latest snapshot.
keep in mind that latest snap has a totally different
refer
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/npppd/Attic/HOWTO_PIPEX_NPPPD.txt?rev=1.8;content-type=text%2Fplain
revision 1.8 or upgrade to the latest snapshot.
keep in mind that latest snap has a totally different configuration syntax.
Giovanni
Hi,
On Tue, 16 Oct 2012 22:29:44 +0400
pavel pocheptsov lilit-aibo...@mail.ru wrote:
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/npppd/Attic/HOWTO_PIPEX_NPPPD.txt?rev=1.3;content-type=text%2Fplain
(snip)
# uname -vrp
5.1 GENERIC.MP#188 i386
HOWTO_PIPEX_NPPPD.txt revsion 1.3
I'm trying to setup npppd as change for poptop.
I'm able connect to server from Internet,
but I'm not able to get access to resources
behind server and even server.
I repeat all step from here except 1, 2, 3, 6:
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/npppd/Attic
if you use a
framed-ip-address on a different subnet than those in the pool.
Bananas! I don't recommend this error. ^^)
npppd will assign ip address dynamically on that case.
Can you explain your recommendation?
I only managed to replicate the error using pool-address [ip4] [ip4
Hello again,
On 28 September 2012 03:17, YASUOKA Masahiko
yasu...@yasuoka.netjavascript:;
wrote:
Hi,
On Thu, 27 Sep 2012 13:41:52 -0400
Andrew Ngo andrew@gmail.com javascript:; wrote:
Hm. I can't seem to get npppd to map users to static addresses in the
npppd-users file, after trying
Hi,
On Thu, 27 Sep 2012 13:41:52 -0400
Andrew Ngo andrew@gmail.com wrote:
Hm. I can't seem to get npppd to map users to static addresses in the
npppd-users file, after trying various permutations of pool-address
##-## for static and such. The client is an iPhone running iOS 6.0
Hm. I can't seem to get npppd to map users to static addresses in the
npppd-users file, after trying various permutations of pool-address
##-## for static and such. The client is an iPhone running iOS 6.0,
and is definitely able to set up a working vpn over l2tp/ipsec with
the npppd server (many
npppd, only L2TP. I've tested with it
activated, and the config with pptpd.enabled: false
I've configured a very basic npppd.conf, per the instructions in
http://www.undeadly.org/cgi?action=articlesid=20120427125048 and
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt
pipex in kernel:
# sysctl -a | grep -E '(pipex|gre)'
net.inet.gre.allow=0
net.inet.gre.wccp=0
net.pipex.enable=1
Before anyone asks, yes, I had GRE enabled as well. But, I'm not
looking to run PPTP via npppd, only L2TP. I've tested with it
activated, and the config with pptpd.enabled: false
enabled as well. But, I'm not
looking to run PPTP via npppd, only L2TP. I've tested with it
activated, and the config with pptpd.enabled: false
I've configured a very basic npppd.conf, per the instructions in
http://www.undeadly.org/cgi?action=articlesid=20120427125048 and
http://www.openbsd.org/cgi
not
looking to run PPTP via npppd, only L2TP. I've tested with it
activated, and the config with pptpd.enabled: false
I've configured a very basic npppd.conf, per the instructions in
http://www.undeadly.org/cgi?action=articlesid=20120427125048 and
http://www.openbsd.org/cgi-bin/cvsweb/src
Hi,
On Wed, 29 Feb 2012 12:52:40 +0100
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
since there is the limitation in npppd that it doesn't support multiple
clients behind the same NAT host for IPSec/L2TP, I'm looking
into using PPTP with EAP-TLS authentication. But I'm wondering
Hi,
On Thursday, March 1, 2012 11:34 CET, YASUOKA Masahiko yasu...@yasuoka.net
wrote:
Hi,
On Wed, 29 Feb 2012 12:52:40 +0100
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
since there is the limitation in npppd that it doesn't support multiple
clients behind the same NAT
Hi,
since there is the limitation in npppd that it doesn't support multiple clients
behind the same NAT host for IPSec/L2TP, I'm looking
into using PPTP with EAP-TLS authentication. But I'm wondering, whether this is
supported by npppd.
The examples in the HOWTO_PIPEX_NPPPD.txt only use
like this limitation, you can use 'pppx mode'. In 'pppx
mode' npppd will create a pppx interface for each PPP session. You
can add any routes to the interface.
Unfortunately the ingress filter of `pipex' drops all these packets.
It's always on by default and not configurable. It should
:
On Tue, 17 Jan 2012 11:57:07 +0100
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
If you don't like this limitation, you can use 'pppx mode'. In 'pppx
mode' npppd will create a pppx interface for each PPP session. You
can add any routes to the interface.
Unfortunately
pppx_mode: true
to /etc/npppd/npppd.conf.
Sorry, above example was wrong. To test `pppx mode'
(1) create /dev/pppx0
% cd /dev
% sudo sh MAKEDEV pppx
(2) replace from `tun0' to `pppx0' in /etc/npppd/npppd.conf
(3) add interface.pppx0.pppx_mode: true to /etc/npppd
02:14:48 +0900 (JST)
YASUOKA Masahiko yasu...@yasuoka.net wrote:
To enable 'pppx mode', add
pppx_mode: true
to /etc/npppd/npppd.conf.
Sorry, above example was wrong. To test `pppx mode'
(1) create /dev/pppx0
% cd /dev
% sudo sh MAKEDEV pppx
(2) replace
Hello,
On Tue, 17 Jan 2012 11:57:07 +0100
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
npppd doesn't implement AVP38, but reading the RFC, it seems, since
its not mandatory, that should not be a problem.
xl2tpd is wrong, requiring AVP 38 as mandatory.
I belive this is a bug
Hi,
On Thu, 19 Jan 2012 02:14:48 +0900 (JST)
YASUOKA Masahiko yasu...@yasuoka.net wrote:
On Tue, 17 Jan 2012 11:57:07 +0100
Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote:
If you don't like this limitation, you can use 'pppx mode'. In 'pppx
mode' npppd will create a pppx interface
trying it with
a Linux client first. On the linux client I use strongswan-4.4.0-4.1.1, and
xl2tpd-1.2.4-2.7
I try to follow the instructions in the
/usr/src/usr.sbin/npppd/HOWTO_PIPEX_NPPPD.txt
This is my npppd.conf:
$ grep -v ^# /etc/npppd/npppd.conf
101 - 200 of 213 matches
Mail list logo
