Date: Wed, 19 May 2004 02:24:15 GMT From: <rsauve_admin@securenet.net> To: <thomasx.foster@intel.com> Cc: freebsd-questions@freebsd.org Subject: RE: Love MPD, but a few questions Message-ID: <20040519022415.16F0315ED37@ms.securenet.net>
next in thread | raw e-mail | index | archive | help
Thanks, this basically confirms rather that I am doing it correctly, using the same initial ip and reassigning it on authentification. The question of alternate authentification methods (ie: no plaintext passwords) remains ;^) > http://www.section6.net/help/pptphow.php > > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of > rsauve_admin@securenet.net > Sent: Tuesday, May 18, 2004 10:26 AM > To: freebsd-questions@freebsd.org > Subject: Love MPD, but a few questions > > Hi all, > > I've been using mpd as a pptp/vpn server for a few projects and I really > > like it with very few reservations. > > Thanks for a great port. > > I'm using FreeBSD 4.x and 5.2.1 and mpd-3.15_1 > > When I was first trying to set it up, I screwed around with the configs, > > until I could get it to work and I > now realize that I've likely left in some rather major fudges. > > Everything works really well. > I've set up scripts to manage users and rebuild the conf and links files > > and restart mpd for dynamic ip setups > > I'm from the school of 'if it ain't broke, don't fix it' > Nonetheless, I still feel that I'm not quite doing it right > > The mpd.conf, in particular is what I'm talking about > Below are some config samples > > Any suggestions would be appreciated > > Richard Sauvé - rsauve_admin@securenet.net > > ### CONFS, ETC BELOW ############3 > > Here is an example setup > > 172.19.45.1 is aliased to lo0 to keep samba and others happy at boot, as > > I've found it better to delay > mpd starting at boot time > > ## mpd.conf - reduced > > default: > load pptp0 > load pptp1 > load pptp2 > > pptp0: > new -i ng0 pptp0 pptp0 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp1: > new -i ng1 pptp1 pptp1 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp2: > new -i ng2 pptp2 pptp2 > set ipcp ranges 172.19.45.2/24 172.19.45.100/24 > load pptp_standard > > pptp_standard: > set iface disable on-demand > set iface enable proxy-arp > set bundle enable multilink > set link yes acfcomp protocomp > set link no pap chap > set link enable chap > set link keep-alive 10 60 > set ipcp yes vjcomp > set ipcp dns 172.19.45.2 > set ipcp nbns 172.19.45.2 > set bundle enable compression > set ccp yes mppc > set ccp yes mpp-e40 > set ccp yes mpp-e128 > set ccp yes mpp-stateless > set bundle yes crypt-reqd > > ####################################### > ## mpd.links - 000.000.000.000 replaces the WAN ip > > pptp0: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > pptp1: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > pptp2: > set link type pptp > set pptp self 000.000.000.000 > set pptp enable incoming > set pptp disable originate > > ##############################3 > ## mpd.secret > > user1 "ghi123" 172.19.45.101 > user2 "def123" 172.19.45.103 > user3 "abc123" 172.19.45.104 > > > thanks for any pointers in advance, > > Richard Sauvé - rsauve_admin@securenet.net > > PS: I've seen references to authenticating mpd with radius, or other > ways, but no how-to's. > It kind of bothers me to have plain-text passwords anywhere on the > system, even if only readable by root. > If root has them on a tty, they are world readable ! > > > 'It's good to be root' > > > > > --------------------------------------------- > This message was sent using SecureNet Mailman. > http://www.securenet.net/ > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > --------------------------------------------- This message was sent using SecureNet Mailman. http://www.securenet.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040519022415.16F0315ED37>