From owner-freebsd-questions Wed Dec 19 0:24:56 2001 Delivered-To: freebsd-questions@freebsd.org Received: from syndicate.tek-shop.com (tek-shop.com [63.206.17.223]) by hub.freebsd.org (Postfix) with ESMTP id 38B7637B405 for ; Wed, 19 Dec 2001 00:24:51 -0800 (PST) Received: from there (adsl-64-160-145-11.dsl.lsan03.pacbell.net [64.160.145.11]) by syndicate.tek-shop.com (8.11.5/8.11.5) with SMTP id fBJ8Okp39193 for ; Wed, 19 Dec 2001 00:24:46 -0800 (PST) (envelope-from eric@tek-shop.com) Message-Id: <200112190824.fBJ8Okp39193@syndicate.tek-shop.com> Content-Type: text/plain; charset="iso-8859-1" From: Eric Reply-To: eric@tek-shop.com Organization: TekShop To: freebsd-questions@freebsd.org Subject: VPN via mpd help Date: Wed, 19 Dec 2001 00:19:56 -0800 X-Mailer: KMail [version 1.3] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hey everyone... bear with me, lengthy description to follow... I want to set up a VPN from one office to another. I'm not looking for remote clients to be able to connect to the network. I just want my two buildings to appear as one seamless one. For now, I'm testing this from my office to my home. I'm running 4.4 release on both my work machine and my home machine. I have also compiled and installed mpd-netgraph on both machines. I haven't done anything special to either kernel (should I?). Work: The network lives in the 172.3.0.0/16 subnet. Before reaching the outside world, the connection travels thru a firewall. I have opened port 1723 and allowed GRE traffic to flow thru. Home: I have a DSL connection here with a semi-static IP. I use a Linksys switch/router to handle the pppoe stuff with the DSL modem. The Linksys limits my home network to 192.168.1.0/24. I've mapped port 1723 to my home bsd box, but I don't know if the Linksys understands GRE (might that be a problem?). I've done what research I can on the internet about VPN setup using mpd. There's not much. The mpd documentation is a bit lacking and misleading in some areas; extensive in others. In the mpd.conf file, there is a sample entry for a vpn. I'm using that, but I've modified the numbers to match mine. I have done the same at work. I have also used the vpn entry in the mpd.links file, but again modified the numbers. Then I start mpd as a daemon on both machines. According to the logs (they look the same at home and at work), neither box can connect to the other, so it says the link is DOWN. Most of the help online that I can find talks about Win 2000 clients connecting to a pptp server. I can't find any good help on simply setting up a transparent pipe. Whats the difference between pptp and vpn? ifconfig shows my ng0 interface on both machines. It labels it as pointopoint, but it doesn't show it as UP. Do I need to enable a tunnel device in my kernel? Or a PPP device? Do I need to configure ng0 with ifconfig, or will mpd do that for me once it's happy. If my Linksys router is a problem, can I plug the DSL modem directly into the bsd box and have bsd handle pppoe, and then run a tunnel over that? Is that all mpd's job? I apologize for sounding hopeless, ignorant, and naive but I've tried to solve my problems online, and have met with failure. I would appreciate any help anybody can give on setting up a "simple" tunnel. thanks eric www.tek-shop.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message