Date: Wed, 20 Dec 2000 11:08:12 +0300 From: "Alexey" <Alexey.Dementsov@oggi.spb.ru> To: <questions@FreeBSD.org> Message-ID: <044801c06a5b$fff21fc0$0201040a@oggi.spb.ru>
next in thread | raw e-mail | index | archive | help
Good day.
I have a same dificult problem with tooling VPN based package poptop. I uses
FreeBDS 3.1 operation system. Client is VPN Microsoft. Connection in the
Local Aria Network was succesful.
FreeBSD is connected with Internet by PPP with fixed ip adress x.x.x.x
Client computer is connected whith Internet by dual-up with fixed ip-adress
y.y.y.y
Then I tried to connect through Internet . The messages "645 Dial-Up
Networking could not complete the connection to the server. Check your
configuration and try connection again." appeard after the check username
password.
My debug information:
mail pptpd[345]: GRE: xmit failed from decaps_hdlc: Permission denied
mail pptpd[345]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
mail pppd[346]: Modem hangup, connected for 1 minutes
mail pppd[346]: Connection terminated, connected for 1 minutes
mail pppd[348]: pppd 2.3.5 started by admin, uid 0
mail pppd[348]: Connect: ppp0 <--> /dev/ttyp1
mail pptpd[347]: GRE: xmit failed from decaps_hdlc: Permission denied
mail pptpd[347]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
..........................
..........................
MGR: Couldn't create host socket
pppd 2.3.5 started by admin, uid 0
Connect: ppp0 <--> /dev/ttyp1
LCP: timeout sending Config-Requests
Connection terminated, connected for 1 minutes
GRE: read(fd=4,buffer=804d218,len=8196) from PTY failed: status = 0 error =
No
CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Configuration files are wrote below:
/etc/rc.conf
ifconfig_ed1="inet 10.4.1.1 netmask 255.255.255.0"
defaultrouter="NO"
network_interfaces="ed1 lo0"
hostname="mail.oggi.spb.ru"
keymap=ru.koi8-r
keychange="61 ^[[K"
scrnmap=koi8-r2cp866
font8x16=cpp866b-8x16
font8x14=cpp866-8x14
font8x8=cp866-8x8
firewall_enable = "YES"
natd_enable="YES"
natd_interface="tun0"
natd_flags="-dynamic"
ppp_enable="YES"
ppp_mode="auto"
ppp_nat="YES"
/etc/rc.firewall
fwcmd="/sbin/ipfw"
$fwcmd -f flush
#################################################
# Allow all for test
#################################################
$fwcmd add allow all from any to any
$fwcmd add pass GRE from any to an
# Divert all packets through the tunnel interface.
$fwcmd add divert natd all from any to any via tun0
# Allow all data from my network card and localhost. Make sure you
# change your network card (mine was fxp0) before you reboot. :)
$fwcmd add allow ip from any to any via lo0
$fwcmd add allow ip from any to any via ed1
#Allow all data from warehouse
$fwcmd add allow all from y.y.y.y to any
# Allow all connections that I initiate.
$fwcmd add allow tcp from any to any out xmit tun0 setup
# Once connections are made, allow them to stay open.
$fwcmd add allow tcp from any to any via tun0 established
# Everyone on the internet is allowed to connect to the following
# services on the machine. This example shows that people may connect
# to ssh and apache
$fwcmd add allow tcp from any to any 25 setup
$fwcmd add reset log tcp from any to any 113 in recv tun0
.
$fwcmd add allow udp from any to 212.44.130.6 53 out xmit tun0
$fwcmd add allow udp from 212.44.130.6 53 to any in recv tun0
$fwcmd add 65435 allow icmp from any to any
$fwcmd add 65435 deny log ip from any to any
/etc/ppp/ppp.conf
default:
set redial 1 0
set filter dial 0 deny udp src eq 53
set filter dial 1 deny udp dst eq 53
set filter dial 2 permit 0/0 0/0
internet:
set device /dev/cuaa0
set speed 115200
disable pred1
deny pred1
disable lqr
deny lqr
set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK
ATE1Q0 OK
set authname name
set authkey password
set phone 123456
set timeout 600
set openmode active
accept chap
set ifaddr x.x.x.x 127.2.2.2/0 255.255.255.0
add 0 0 127.2.2.2
/etc/ppp/options
debug
name x.x.x.x
lock
require-chap
auth
proxyarp
/etc/ppp/chap-secrets
billy x.x.x.x bob *
/etc/pptpd.conf
speed 115200
options /etc/ppp/options
debug
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?044801c06a5b$fff21fc0$0201040a>