Re: ppp/peers/* files

That partially worked. I could only ping 192.168.1.1 on my local setup (router).

I used
$ mpd pptp0

However, I couldn't access the work DNS either. The latter output of
MPD looked like:
==========
pptp0] IPCP: rec'd Configure Ack #4 link 0 (Ack-Sent)
IPADDR <IP-ADDR-A>
[pptp0] IPCP: state change Ack-Sent --> Opened
[pptp0] IPCP: LayerUp
<IP-ADDR-A> -> <IP-ADDR-B>
[pptp0] IFACE: Up event
[pptp0] setting interface ng0 MTU to 1396 bytes
[pptp0] exec: /sbin/ifconfig ng0 <IP-ADDR-A> <IP-ADDR-B> netmask
0xffffffff -link0
[pptp0] exec: /sbin/route add <IP-ADDR-A> -iface lo0
[pptp0] exec: /sbin/route add 0.0.0.0 <IP-ADDR-B>
[pptp0] exec: command returned 256
==========


I could ping <IP-ADDR-A> and <IP-ADDR-B> after running mpd, but I
could not ping them before running it, or after shutting it down. Both
are valid IP addresses on my works internal network.

Aside from my nve0 and l0 devices, which look normal, ifconfig
displays the following:

==========
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1396
inet <IP-ADDR-A> --> <IP-ADDR-B> netmask 0xffffffff
==========

I could not ping the DNS servers.

Any suggestions?
Thanks,
-Jim Stapleton


On 6/24/07, Artyom Viklenko <artem@xxxxxxxxxxxxxx> wrote:
Jim Stapleton wrote:
> I can't find a way to specify mppe-128 for either pptp or pppd in the
> man files, and every doc I see (including the man pages examples,
> which don't work when I specify it in the file) seem to suggest that I
> use either "mppe-128" or "require-mppe-128" for pppd, neither of which
> work. Any suggestions?

As far as I know, pppd in FreeBSD does not support natively mppc and
needs patches. (Maybe this functionality provided by pptp.)

But MPD does! And it support it using in-kernel netgraph subsystem.
So, I suggest to install mpd and set it up to connect to your Windows
VPN server.

Your configs may look like this.

mpd.conf file:

default:
load pptp0

pptp0:
new -i ng0 pptp0 pptp0
set bundle enable compression
set bundle disable multilink
set bundle authname "your-username"
set bundle password "your-password"
set iface disable on-demand
set iface idle 0
set iface mtu 1460
set iface route default
set link yes acfcomp protocomp
set link disable pap
set link accept chap-md5 chap-msv1 chap-msv2 chap
set link enable no-orig-auth
set link mtu 1460
set link mru 1460
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e56
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp peer <ip-of-your-vpn-server>
set pptp disable incoming
set pptp enable originate out-call
set pptp disable windowing
set pptp disable delayed-ack
open iface

mpd.links file:

pptp0:
set link type pptp


Also make shure you have loaded (or compiled in kernel):

ng_bpf.ko
netgraph.ko
ng_ether.ko
ng_iface.ko
ng_ksocket.ko
ng_mppc.ko
rc4.ko
ng_netflow.ko
ng_ppp.ko
ng_pptpgre.ko
ng_socket.ko
ng_tee.ko
ng_vjc.ko
ng_tty.ko
ng_async.ko

Hope this helps.

--
Sincerely yours,
Artyom Viklenko.
-------------------------------------------------------
artem@xxxxxxxxxxxxxx | http://www.aws-net.org.ua/~artem
FreeBSD: The Power to Serve - http://www.freebsd.org

_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"