Re: [SLUG] vpn install problem

[Ben Donohue]

Hi Luke,

I've always found that using different network classes for VPN access 
seems to give me trouble free access.
Sounds weird but you might have in your routing setup classless network 
aggregation or supernetting which could be mucking things up.
Try using 172.16.1.0 network instead of one of the 192.168.x.x.
Also try using 10.1.1.0 network for another. You can still make them use 
a class C address or 256 addresses on these.
So in the end you would only have one range using 192.168.x.x and 
nothing else using any 192.168.x.x.
Also while troubleshooting don't use 192.168.0.x. Even though this can 
be used nowadays, there still could be equipment that doesn't like it. 
Use 192.168.1.x instead.

See how you go.
Ben



Luke Vanderfluit wrote:
Hi.

I hope there are people on this list with routing expertise.
My routing knowledge is limited.

Here's the problem.

I have set up a ubuntu box that acts as a VPN server.
It has pptpd running.
The VPN server has one ethernet i/f, eth0, its running ubuntu 9.04 
server.

The VPN is running on an 192.168.0.0 network and gives out ip 
addresses in the range of 192.168.101.200-245

I have the ADSL router on the 192.168.0.0 network portforwarding port 
1723 to the VPN box, which has ip of 192.168.0.14
It also has a static route that routes any traffic with destination of 
192.168.101.0 network to the VPN server....

I can connect to the box from externally on the internet with an XP 
client.
The XP client is successfully given an IP address of 192.168.101.200.

The XP client has its gateway set to that of the remote network, so 
the VPN servers network gateway, which is, not surprisingly, 192.168.0.1
It can successfully ping the vpn box (192.168.0.14) but cannot get out 
on the internet throught the VPN.

When the connection is initiated a route is added to the VPN box for 
the 192.168.101.200 address, so that everything for that address goes 
out on ppp0. Similarly when the ppp0 interface is brought down the 
route is removed.

This is one way I have tried to solve the VPN problem.

However, I could also remove the static route from the ADSL router, 
give the machines that need to be accessed additional ip addresses in 
the 192.168.101.0 range and setup routes on the VPN server to cope 
with that, however I have not been able to get that working either...

Can anyone help me with this...

That would be cool.

Thanks in advance.

Luke Vanderfluit.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html