Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Sep 2000 20:53:03 -0400 (EDT)
From:      "Christopher T. Griffiths" <cgriffiths@quansoo.com>
To:        net@freebsd.org
Subject:   mpd-netgraph and vpn issues 
Message-ID:  <Pine.BSF.4.21.0009052043070.799-100000@defiant.quansoo.com>
next in thread | raw e-mail | index | archive | help 
In my continued attempts to connect my win2k client to a mpd-netgraph
server I have gotten this far:

My local lan behind my firewall in the dmz has internet routed address.
The mpd server is sitting in the dmz.

I need to be able to add vpn users to some block of address in the dmz 
so that they can access systems past my firewall.

I am also getting the following error when I connect:

[pptp] no interface to proxy arp on for 192.168.1.2

Do I need to change the 192.168.* address to my public dmz address to get
the systems to proxy arp?

My attempts to do so have caused my server system to hop off the local
network and only talk to the vpn client.  Not a good scenario.

The compression/encryption stuff is working great and I am sure it is
something so stupid in order to get network connectivity working.

If I add the following line I am able to ping back and forth between the
client and server machine but not out into the dmz:

set iface route 192.168.1.0/24

any help would be greatly appreciated.

Thanks

Chris


config:
pptp:
        new -i ng0 pptp pptp
        set iface disable on-demand
        set iface enable proxy-arp
        set iface idle 1800
        set bundle disable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set ipcp yes vjcomp
        set ipcp ranges 192.168.1.1/32 192.168.1.2/32
        set ipcp dns 12.40.126.75
        set bundle enable compression
        set ccp yes mppc
        set ccp yes mpp-e40
        set ccp yes mpp-e128
        set bundle enable crypt-reqd
        set ccp yes mpp-stateless


---
Christopher T. Griffiths	        
Quansoo Group Inc.
cgriffiths@quansoo.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009052043070.799-100000>