From owner-freebsd-net Thu Sep 14 10:50:58 2000 Delivered-To: freebsd-net@freebsd.org Received: from ebola.biohz.net (ebola.biohz.net [206.80.1.35]) by hub.freebsd.org (Postfix) with ESMTP id AAD5837B424 for ; Thu, 14 Sep 2000 10:50:55 -0700 (PDT) Received: from flu (localhost [127.0.0.1]) by ebola.biohz.net (Postfix) with SMTP id 24F6B3A3C2 for ; Thu, 14 Sep 2000 10:50:52 -0700 (PDT) Message-ID: <017b01c01e74$52d7fc20$0302010a@biohz.net> From: "Renaud Waldura" To: Subject: mpd-netgraph with multiple PPTP clients? Date: Thu, 14 Sep 2000 10:50:51 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org SUMMARY Does mpd-netgraph, configured as a PPTP server, allow multiple client connections? LONG VERSION Dear FreeBSD developers, I'm running mpd-netgraph on a 4.1 STABLE system. First allow me to congratulate the author(s) : this is a beautiful piece of software, well implemented and with excellent documentation -- a feature unfortunately too rare with open-source projects ! I configured mpd-netgraph (version 3.0) as a PPTP server, allowing VPN access to my internal network. I use the default configuration from mpd.conf_sample included in the distribution: ========= mpd.conf ========= pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp #set ipcp ranges 192.168.1.1/32 192.168.1.2/32 set ipcp ranges 192.168.1.1/32 192.168.1.222/24 <-- * set ipcp dns 192.168.1.1 (*) only change to the original config ========= mpd.links ========== pptp: set link type pptp set pptp self a.b.c.d set pptp enable incoming set pptp disable originate One Windows client (98/2000) connects perfectly. The performance is OK. I'm happy! But a second client, attempting to connect while the first client is still connected, is bounced with error "751 The remote computer refused the VPN connection". On the server side, mpd says: Sep 13 21:49:09 ebola mpd: pptp1: peer's outgoing call request denied Needless to say I went through the documentation, but even the "PPTP hints" section does not mention anything special about multiple client connections. At least they don't seem prohibited, although the original configuration (above) provisions for a single address. Which leaves with a strong doubt as to mpd's ability to actually handle multiple client connections... I browsed through the source code, and discovered the error message I'm getting means that no outgoing link is defined. This seems coherent to me, since I do not want to allow outgoing connections using this link. But I'm confused: why would the "peer" be requesting a "outgoing call"? Is there something fundamental I'm missing? I tried to configure mpd with multiple PPTP links, apparently this is not allowed. What am I missing here? Thank you very much for your time, your comments and suggestions are very much appreciated, --Renaud To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message