From owner-freebsd-isp Fri Dec 21 8:58:49 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtpzilla1.xs4all.nl (smtpzilla1.xs4all.nl [194.109.127.137]) by hub.freebsd.org (Postfix) with ESMTP id EC91337B416 for ; Fri, 21 Dec 2001 08:58:43 -0800 (PST) Received: from grand.canyon.xs4all.nl (canyon.xs4all.nl [194.109.195.185]) by smtpzilla1.xs4all.nl (8.12.0/8.12.0) with ESMTP id fBLGwaBE025519; Fri, 21 Dec 2001 17:58:42 +0100 (CET) Received: by grand.canyon.xs4all.nl (Postfix, from userid 1000) id BCB575F37; Fri, 21 Dec 2001 17:58:36 +0100 (CET) Received: from meandrix.tunix.nl (localhost [127.0.0.1]) by grand.canyon.xs4all.nl (Postfix) with ESMTP id 56DB25D1A; Fri, 21 Dec 2001 17:58:36 +0100 (CET) Date: Fri, 21 Dec 2001 17:37:27 +0100 Subject: Re: PPTP Behind NAT? Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v480) Cc: freebsd-isp@freebsd.org To: "Blake Crosby" From: Rene de Vries In-Reply-To: Message-Id: <052DACBA-F631-11D5-BF09-00039357FA7A@canyon.xs4all.nl> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.480) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Blake, What is the ruleset used for ipnat? Did you remember to also add a line for non tcp/udp natting (pptp uses GRE). Rene On Thursday, December 20, 2001, at 03:47 PM, Blake Crosby wrote: > I'm having trouble getting tcp/ip working once I connect to a machine > using > PPTP. Here is my network setup. > > pptp server (freebsd 4.4 - using mpd-netgraph) > | > | > Internet > | > | > Gateway, running ipnat (freebsd 4.3) > | > | > Windows XP Machine. > > I can connect fine, except I can't really do much from that point on. > The > server has the ip address 192.168.0.1 and the client has 192.168.0.2. > When > I try to ping the clients ip address from the server I get this: > > PING 192.168.0.2 (192.168.0.2): 56 data bytes > ping: sendto: Permission denied > ping: sendto: Permission denied > > according to ifconfig, the tunnel seems to be up: > > ng0: flags=88d1 mtu 1500 > inet 192.168.0.1 --> 192.168.0.2 netmask 0xffffffff > > my mpd.conf file looks like: > > pptp: > new -i ng0 pptp pptp > set iface disable on-demand > set iface enable proxy-arp > set iface idle 1800 > set bundle disable multilink > set link yes acfcomp protocomp > set link no pap chap > set link enable chap > set link keep-alive 10 60 > set ipcp yes vjcomp > set ipcp ranges 192.168.0.1/32 192.168.0.2/30 > set ipcp dns xxx.xxx.xxx.xxx <--- IP address of external > interface > (yes a dns server is listening) > > set bundle enable compression > set ccp yes mppc > set ccp yes mpp-e40 > set ccp yes mpp-e128 > set ccp yes mpp-stateless > > and mpd.links: > > pptp: > set link type pptp > set pptp self xxx.xxx.xxx.xxx <-- External IP address > set pptp enable incoming > set pptp disable originate > > any idea what could be wrong? Is this a nat problem? > > Blake -- Rene de Vries TUNIX Open System Consultants BV Wijchenseweg 111, 6538 SW Nijmegen, the Netherlands phone: +31-(0)24-3455000 / fax: +31-(0)24-3455001 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message