Date: Tue, 20 Jul 2004 20:32:42 -0400 (EDT) From: "Mike Jakubik" <mikej@rogers.com> To: freebsd-current@freebsd.org, freebsd-net@freebsd.org Subject: NATD no longer works for outgoing PPTP VPN? Message-ID: <1407.192.168.0.200.1090369962.squirrel@192.168.0.200>
next in thread | raw e-mail | index | archive | help
Hello,
I have recently discovered, after long periods of trying to debug a VPN
server, that i can not establish PPTP VPN connections any more. The
culprit seems to be natd not forwarding GRE properly. I have tried adding
a 'redirect_proto gre' option to natd, but same behaviour occurs. I could
swear that not too long ago all my PPTP connection worked fine, as i have
a few clients defined in my windows pc. I have tried 3 different VPN
server, ranging from Windows 2000 server to FBSD with MPD, none work.
Plugging Internet directly to my PC works fine. Here is what the setup
looks like:
Me (Windows XP) FreeBSD 5-C w/ NATD Internet VPN server
192.168.0.200 192.168.0.1 69.193.41.53 66.11.183.182
Here is rc.conf
---
gateway_enable="YES"
natd_enable="YES"
natd_interface="xl0"
natd_flags="-f /etc/natd.conf"
Here is natd.conf:
---
interface xl0
dynamic yes
use_sockets yes
same_ports yes
redirect_port tcp win2000:3389 3389
#redirect_proto gre win2000
And here is a log from natd -v when trying to estabish a VPN connection
(it looks like GRE is not being aliased correctly, windows pc just sits at
'Verifying username...'):
---
natd[32158]: Aliasing to 69.193.41.53, mtu 1500 bytes
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
Out {default} 0000ffff[47] [47] 192.168.0.200 -> 66.11.183.182 aliased to
[47] 192.168.0.200 -> 66.11.183.182
In {default} 0000ffff[47] [47] 66.11.183.182 -> 69.193.41.53 aliased to
[47] 66.11.183.182 -> 69.193.41.53
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Out {default} 0000ffff[TCP] [TCP] 192.168.0.200:1108 ->
66.11.183.182:1723 aliased to
[TCP] 69.193.41.53:1108 -> 66.11.183.182:1723
In {default} 0000ffff[TCP] [TCP] 66.11.183.182:1723 -> 69.193.41.53:1108
aliased to
[TCP] 66.11.183.182:1723 -> 192.168.0.200:1108
Thank You.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1407.192.168.0.200.1090369962.squirrel>