Date: Fri, 23 Jan 2004 14:23:29 -0600 From: "Lance E. Lott" <lancelot@at-vantage.com> To: jacob.hunt@comcast.net Cc: freebsd-questions@freebsd.org Subject: Re: DSL with User PPP and Static IP Message-ID: <6.0.1.1.2.20040123142257.01c04ec0@mail.at-vantage.com> In-Reply-To: <200401231947.i0NJlCuw092120@kyder.com> References: <MIEPLLIBMLEEABPDBIEGIEOGFFAA.fbsd_user@a1poweruser.com> <200401231947.i0NJlCuw092120@kyder.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--=======5ABC909======= Content-Type: text/plain; x-avg-checked=avg-ok-71454B02; charset=us-ascii; format=flowed Content-Transfer-Encoding: 8bit try adding this line to your ppp.conf file. disable ipv6cp See if that makes a difference. Lance At 01:47 PM 1/23/2004, you wrote: >Thanks for the suggestions. > >I have implemented all the changes including disabling the IPFW firewall >NAT. I simplified the /etc/ppp/ppp.conf file and made sure it still worked >using the dynamic config of "set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 >0.0.0.0". I then proceeded to change that line to "set ifaddr 69.37.6.193 >69.37.6.198 255.255.255.248". It is my assumption that this will set my >address to .193, with a gateway of .198 and a netmask of .248. > >After making these changes, tun0 is once again opened by a pid, but nothing >connects. I am including updated copies of the ppp.conf file and >/var/log/ppp.log. > >Thanks again for your help, > > >Jacob @ Jerry's Transmission Service >Guilford, CT > >-------SAMPLE PPP.CONF------- >default: > set log Phase tun > set timeout 0 > >sbcglobal: > set device PPPoE:dc0: > set authname jerry.transmission@sbcglobal.net > set authkey snet03 > set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 > add default HISADDR > enable dns > >loop: > set timeout 0 > set log phase chat connect lcp ipcp command > set device localhost:pptp > set dial > set login > set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 > set server /tmp/loop "" 0177 > >loop-in: > set timeout 0 > set log phase lcp ipcp command > allow mode direct > >pptp: > load loop > enable loop > disable pap > enable passwdauth > enable proxy > accept dns > set dns 192.168.0.1 192.168.0.2 > set nbns 192.168.0.15 192.168.0.16 > set device !/etc/ppp/secure > >-------END PPP.CONF------- > >-------SAMPLE PPP.LOG------- >Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: Using interface: tun0 >Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: deflink: Created in >closed state >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: PPP Started (ddial >mode). >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: bundle: Establish >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: closed -> >opening >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: >Connected! >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: opening >-> dial >Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: dial -> >carrier >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received >NGM_PPPOE_ACNAME (hook "62031090089590-") >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received >NGM_PPPOE_SESSIONID >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received >NGM_PPPOE_SUCCESS >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: carrier >-> login >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: login -> >lcp >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Warning: deflink: >Reducing configured MRU from 1500 to 1492 >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: bundle: >Authenticate >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: his = >PAP, mine = none >Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Pap Output: >jerry.transmission@sbcglobal.net ******** >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: Pap Input: SUCCESS >() >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: lcp -> >open >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: bundle: Network >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP >protocol reject closes IPV6CP ! >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP >protocol reject closes IPV6CP ! >Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Warning: ff02:8::/32: >Change route failed: errno: Network is unreachable >Jan 23 14:27:33 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP >protocol reject closes IPV6CP ! >Jan 23 14:27:42 jerrystransmission last message repeated 3 times > >-------END PPP.LOG------- > > > > > > > Jacob > > Your rc.conf is all wrong, you are doing the nat process in both > > 'user ppp' and IPFW, this is wrong. > > The default IPFW firewall rules are useless in protecting you. > > If you want stateful ipfw rules which will give you max in > > protection and that will work as is for your situation let me know. > > > > -------SAMPLE RC.CONF------- > > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > > ifconfig_dc0=up > > ppp_enable="YES" > > ppp_mode="ddial" > > ppp_nat="YES" > > ppp_profile="dialisp" > > gateway_enable="YES" > > firewall_enable="YES" > > firewall_type="OPEN" > > -------END RC.CONF------- > > > > > > > > see if this works for you. Please let me know the out come. > > > > #################### start of DSL ppp.conf ################### > > default: > > > > set log Phase tun #use to avoid excessive log sizes > > set timeout 0 # no idle time out, will not > disconnect > > > > > > dialisp: > > set device PPPoE:XXX # replace xxx with your Nic card > > device name > > set authname YOURLOGINNAME # Replace with your ISP account IP > > set authkey YOURPASSWORD # Replace with your ISP account > > password > > add default HISADDR # Add a (sticky) default route > > (Mandatory) > > enable dns # Gets the ISP's DNS IP address & places > > them > > # in resolv.conf for reference by > FBSD box. > > > > > > > > ############### End of DSL ppp.conf > > ################################# > > > > > > > > Replace the XXX in the [set device PPPoE:XXX] statement with the Nic > > card FBSD interface name. Sometimes it will be necessary to use a > > service tag to establish your connection depending on how your ISP > > and/or the phone company has it's DSL network configured. Service > > tags are used to distinguish between different PPPoE servers > > attached to a given network. You should have been given any required > > service tag information in the documentation provided by your ISP. > > If you cannot locate it there, ask your ISP's tech support > > personnel. This is the format of the command with the service tag > > added > > > > set device PPPoE:XXX:service_tag > > > > > > The xxxx is the FBSD interface name used by PPPoE, the interface > > must be UP, (IE: enabled). It is only used as transport, and does > > not need to be assigned an IP address. This can be done > > automatically at boot time by updating the /etc/rc.conf file. The > > format of the statement to add is ifconfig_xxxx=up where xxxx is > > Nic card FBSD interface name used by PPPoE that you specified in the > > /etc/ppp/ppp.conf file. > > > > ee /etc/rc.conf add following statement > > > > ifconfig_xxxx=up > > > > > > To setup user ppp to dial your ISP automatically at FBSD boot time, > > you have to add the following statements to the rc.conf file. The > > ddial option means to redial every time the connection to the ISP > > gets dropped. > > > > ee /etc/rc.conf > > > > # Activate user ppp auto start at boot time > > ppp_enable="YES" # Start User ppp task > > ppp_mode="ddial" # ddial, auto, background > > ppp_profile="dialisp" # section in ppp.conf to > > > > -----Original Message----- > > From: owner-freebsd-questions@freebsd.org > > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Jerrys > > Transmission > > Sent: Friday, January 23, 2004 9:40 AM > > To: freebsd-questions@freebsd.org > > Subject: DSL with User PPP and Static IP > > > > Hello, > > > > I have just started working for a local auto transmission repair > > shop and am > > trying to get the local server up and running. Specifically, the > > server > > works great with dynamic IPs assigned from the DSL provider (using > > PPPoE) > > but it burps when I attempt a static IP as per the handbook's "Using > > User > > PPP" section. > > > > Our business was given the following values for connecting to the > > Internet: > > > > Net: 69.37.6.192 > > Gateway: 69.37.6.198 > > Netmask: 255.255.255.248 > > Broadcast: 69.37.6.199 > > Static IPs 193-197 > > > > > > When I change /etc/ppp/ppp.conf (sample attached) to: > > > > set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 > > > > tun0 is "Opened by PID xxx" but does not show any IP addresses, and > > the > > connection does not work. If I leave the ifaddr to the dynamic > > setting > > (which includes the 0.0.0.0) everything works fine. I am including > > a sample > > of our local ppp.conf, ifconfig output, and relevant parts of > > rc.conf for reference. > > Please note, the ifconfig output shows the missing inet line when a > > static > > config is attempted. > > > > Any help would be greatly appreciated. > > > > Thanks again, > > > > Jacob @ Jerry's Transmission Service > > Guilford, CT 06437 > > > > > > --------SAMPLE PPP.CONF------- > > default: > > set log Phase Chat LCP IPCP CCP tun command > > nat enable yes > > nat same_ports yes > > nat use_sockets yes > > set redial 15 28800 > > set reconnect 15 28800 > > > > sbcglobal: > > set device PPPoE:dc0: > > set mru 1492 > > set mtu 1492 > > set speed sync > > enable lqr > > set lqrperiod 5 > > set cd 5 > > set dial > > set login > > set timeout 0 > > set authname [CENSORED] > > set authkey [CENSORED] > > set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 > > add default HISADDR > > enable dns > > > > loop: > > set timeout 0 > > set log phase chat connect lcp ipcp command > > set device localhost:pptp > > set dial > > set login > > set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 > > set server /tmp/loop "" 0177 > > > > loop-in: > > set timeout 0 > > set log phase lcp ipcp command > > allow mode direct > > > > pptp: > > load loop > > enable loop > > disable pap > > enable passwdauth > > enable proxy > > accept dns > > set dns 192.168.0.1 192.168.0.2 > > set nbns 192.168.0.15 192.168.0.16 > > set device !/etc/ppp/secure > > > > -------END PPP.CONF------- > > > > > > -------SAMPLE IFCONFIG------- > > dc0: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu > > 1492 > > inet6 fe80::204:5aff:fe7f:75d4%dc0 prefixlen 64 scopeid 0x1 > > inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255 > > ether 00:04:5a:7f:75:d4 > > media: Ethernet autoselect (100baseTX <full-duplex>) > > status: active > > em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > > options=3<rxcsum,txcsum> > > inet6 fe80::207:e9ff:fe70:801b%em0 prefixlen 64 scopeid 0x2 > > inet 192.168.2.1 netmask 0xffff0000 broadcast > > 192.168.255.255 > > ether 00:07:e9:70:80:1b > > media: Ethernet autoselect (100baseTX <half-duplex>) > > status: active > > lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 > > sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552 > > faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 > > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > > inet6 ::1 prefixlen 128 > > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 > > inet 127.0.0.1 netmask 0xff000000 > > ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500 > > tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 > > Opened by PID 501 > > -------END IFCONFIG------- > > > > > > -------SAMPLE RC.CONF------- > > network_interfaces="auto" > > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > > ifconfig_dc0="inet 10.0.0.1 mtu 1492 netmask 255.0.0.0 -arp up" > > ppp_enable="YES" > > ppp_mode="ddial" > > ppp_nat="YES" > > ppp_profile="sbcglobal" > > gateway_enable="YES" > > firewall_enable="YES" > > firewall_type="OPEN" > > natd_enable="YES" > > natd_interface="tun0" > > natd_flags="-u -m -dynamic -s" > > named_enable="YES" > > -------END RC.CONF------- > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > > > > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.564 / Virus Database: 356 - Release Date: 1/19/2004 --=======5ABC909======= Content-Type: text/plain; charset=us-ascii; x-avg=cert; x-avg-checked=avg-ok-71454B02 Content-Disposition: inline --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.564 / Virus Database: 356 - Release Date: 1/19/2004 --=======5ABC909=======--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.1.1.2.20040123142257.01c04ec0>