Date: Thu, 01 Nov 2001 21:20:00 From: "Thor Legvold" <tlegvold@hotmail.com> To: newbies@freebsd.org Cc: questions@freebsd.org Subject: Questions about VPN's (pptp/ppp) [LONG] Message-ID: <F104en9JntYnHC0G1zX00003c72@hotmail.com>
next in thread | raw e-mail | index | archive | help
Well, I guess we all get to be newbies sometime. It's a long time since I've worked actively with networking, and I see much has changed since BSD Unix 4.3 (what I used for years). I'm on FBSD4.4-Stable, set up as a dual homed host. dc0 connects to a switch, which each computer is connected to (home LAN). Each computer has a static IP, with the FBSD machine as default route/gateway. Everything works (which isn't much, as I only use the BSD box at present as a shared internet connection - I'll get to samba, sendmail, apache, etc later...one thing at a time :-). The second NIC is an Orinoco/Wavelan, which does DHCP to my ISP's server (access point) to get an IP address, all traffic to the FBSD machine get's routed to the access point gateway address, DNS server, etc. So far no problems. I'm running natd and ipfw, although my ruleset isn't ideal yet (but that's another thing for another post). The IP's given via DHCP are class A non routable (10.10.2.0), which the ISP re-nat's out to the I'net. It all works, is stable and I'm satisfied. From monday next week my ISP goes over to PPTP (VPN), running on a Linux server at their site. I have no idea what is is, although I've read the man pages (twice) and read extensively on Deja. It's a long time since I've worked with this stuff, like I said :-) From what was described to me, I connect on the outbound interface (Wavelan) as before to get a DHCP supplied address (still in the 10.10.2.0 range). Then I point my pptp client (have installed the linux version from the ports) at a specific address in that Class A internal net range that gives me a *real* routable IP address, which I then use as the default gateway, etc etc. Meaning all routing info etc will be rewritten when I connect via DHCP, and will then need to be rewritten again when I get a routable IP for the other end of the connection. Somewhere up in all this PPTP (and I thing PPP) comes into the picture. Where and how, I'm not really sure about. From what I've read, it seems that pptp is to be used together with ppp (user or kernel). But ppp is for dialup connection on the serial port, right? I don't see how it can be configured to run over an ethernet (albeit wireless, not that that should have any influence), although I know there is a special version for that (PPPoE). The speed settings allowed for ppp end far under the bandwidth I have! The ISP uses the VPN (PPTP) system only as a means of authenticating users and controlling bandwidth (2Mb/sec is the package offered) and getting a real IP to each client/customer. So, I want to do DHCP via ethernet to a machine to get another address to run PPTP over PPP (also via ethernet) to NAT my local net out to the Internet, changing my routing tables and ifconfig info twice in the process???? Or what? Where does natd and ipfw fit in in this case, if at all? I used to be good at this. Guess I'm getting older ;-) I don't understand why the ISP doesn't simply use a simpler method for all of this, LOL! (Actually they do, the CD provided autoconfigures everything in Windows! I won't stoop that low ;-) The more I write, the more confused I get. I'll go read over the man pages one more time, in the meantime if anyone could lend a hand in configuring all of this (just tell me where to look/the general stuff, I'll figure out the details) I would be most appreciative. Regards, Thor _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F104en9JntYnHC0G1zX00003c72>