Date: Sat, 10 May 2003 15:19:22 -0700 From: Michael Collette <metrol@metrol.net> To: FreeBSD Security <freebsd-security@FreeBSD.org> Subject: Re: Down the MPD road Message-ID: <200305101519.22567.metrol@metrol.net> In-Reply-To: <3EBD0A81.50305@centtech.com> References: <200305100617.44245.metrol@metrol.net> <3EBD0A81.50305@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 10 May 2003 07:19 am, Eric Anderson wrote: > Ok, I saw these problems too.. Remember that the vpn'd client's data is > coming through the firewall, to the ng0 interface, and then leaving from > there (when "surfing the net"), so you will have to have NAT set up (of > some sort) and make sure your rules are open enough to allow the > firewall to send packets from the ng0 interface on out and have them > natted.. No NAT involved here. I'm dealing with an entirely routeable class C pool of addresses. Came with the T1, so we used 'em. I've considered setting up a NAT for the office, but that is way off in the future. > Some of your pages are probably loading from a cache, and not > others... I considered that, which is why I kept attempting to hit news.google.com. Lots of domains that I know this browser has never seen. The XP load on this box is pretty fresh, as I never did deploy this to an end user. I've also ran through and cleared the cache several times in the browser config. Also, while watching the link's property box I can see when I'm getting actual traffic through or not. > also, you may want to add these lines to mpd.conf: > set iface enable proxy-arp > set iface mtu 1440 I have the proxy line in there already. Tried turning that off, then back on during testing. It really wants it on. Setting the mtu for the iface made things extra unstable. Had problems connecting to the server at all. When it did connect I was getting a lot of the following... [pptp0] LCP: no reply to 1 echo request(s) [pptp0] LCP: no reply to 1 echo request(s) [pptp0] LCP: no reply to 2 echo request(s) [pptp0] LCP: no reply to 3 echo request(s) [pptp0] LCP: no reply to 4 echo request(s) In ipfw I have a rule to specifically log any denied icmp requests. Nothing is showing up there. > I found it fixed all my odd problems that I was having with XP clients.. Is it possible that mpd expects natd to be there to help route packets? That'd be fine, except the darn thing isn't totally dead. It is routing some packets, which is what is totally throwing me here. Thanks for the reply. I'll keep at it here and if I do stumble across a solution I'll be sure to post it up. Later on, -- "Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read." - Groucho Marx
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305101519.22567.metrol>