Date: Tue, 16 Sep 2003 17:02:48 -0500 From: Jay Hall <jhall@vandaliamo.net> To: freebsd-questions@freebsd.org Subject: pptp and ppp Message-ID: <3F678888.2040009@vandaliamo.net>
next in thread | raw e-mail | index | archive | help
I have a FreeBSD server in one of the smaller offices I support using ppp and nat to provide an Internet connection to the people in the office. Now, they want to connect to the corporate network using pptp. My plan here is to simply connect the FreeBSD box to the corporate network using pptp and then allow the clients to use the FreeBSD box as their gateway to the corporate network. I am able to connect to the VPN using the pptpclient port without any problems. However, from the FreeBSD box, I am only able to ping the IP address assigned to tun1 (created by the VPN). The routes appear to be correct. Following is the output of netstat -rn >Routing tables > >Internet: >Destination Gateway Flags Refs Use Netif Expire >default 209.248.48.3 UGSc 2 65 tun0 >10.129/16 10.129.10.10 UGSc 0 11 tun1 >10.129.10.10 10.129.10.140 UH 2 2 tun1 >127.0.0.1 127.0.0.1 UH 0 0 lo0 >192.168.40 10.129.10.10 UGSc 0 0 tun1 >209.248.48.3 209.248.48.149 UH 3 0 tun0 > > > tun0 is created by ppp and tun1 is created by pptp. Following is my ppp.conf file. >################################################################ ># PPP Sample Configuration File ># Originally written by Toshiharu OHNO ># Simplified 5/14/1999 by wself@cdrom.com ># ># See /usr/share/examples/ppp/ for some examples ># ># $FreeBSD: src/etc/ppp/ppp.conf,v 1.2.2.5 2001/07/13 10:55:23 brian Exp $ >################################################################# > >default: > set log Phase Chat LCP IPCP CCP tun command > ident user-ppp VERSION (built COMPILATIONDATE) > > # Ensure that "device" references the correct serial port > # for your modem. (cuaa0 = COM1, cuaa1 = COM2) > # > set device /dev/cuaa0 > > set speed 115200 > set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ > \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" > set timeout 180 # 3 minute idle timer (the default) > enable dns # request DNS info (for resolv.conf) > >papchap: > # > # edit the next three lines and replace the items in caps with > # the values which have been assigned by your ISP. > # > > set phone AAA-BBBB > set authname XXXXX > set authkey YYYYY > set timeout 0 > set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255 > add default HISADDR # Add a (sticky) default route ># nat enable yes >mneavpn: > set log phase chat lcp ipcp ccp tun command > set timeout 0 ># enable dns > set authname CCCCC > set authkey DDDDD ># set mppe 128 stateless > set ifaddr 0 0 > add 10.129.0.0/16 HISADDR ># add 172.16.8.0/255.255.248.0 HISADDR > add 192.168.40.0/24 HISADDR ># alias enable yes > > Following are the errors I am seeing in ppp.log >Sep 16 16:19:10 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) >Sep 16 16:19:10 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened >Sep 16 16:19:13 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) >Sep 16 16:19:13 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened >Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: Phase: deflink: HDLC errors -> FCS: 0, ADDR: 0, COMD: 0, PROTO: 3 >Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) >Sep 16 16:19:19 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened >Sep 16 16:19:31 MNEA-Springfield ppp[243]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) >Sep 16 16:19:31 MNEA-Springfield ppp[243]: tun1: LCP: deflink: SendProtocolRej(3) state = Opened > > These errors occur whenever I try to access something on the remote network via tun1. gateway_enable="YES" is enabled in rc.conf and router_enable="NO" is also set. Any suggestions as to what might be wrong would be greatly appreciated. I'm sure this is something simple that I have overlooked. Thanks in advance for your assistance. Jay Hall
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F678888.2040009>