From owner-freebsd-questions Thu Sep 10 09:02:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA23899 for freebsd-questions-outgoing; Thu, 10 Sep 1998 09:02:12 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from smtp.manhattanprojects.com (host-024.manhattanprojects.com [207.181.119.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA23805 for ; Thu, 10 Sep 1998 09:01:53 -0700 (PDT) (envelope-from gerald@smtp.manhattanprojects.com) Received: from smtp.manhattanprojects.com ([10.0.0.14]) by smtp.manhattanprojects.com (8.9.1/8.8.7) with ESMTP id LAA18963; Thu, 10 Sep 1998 11:54:00 -0400 (EDT) (envelope-from gerald@smtp.manhattanprojects.com) Message-ID: <35F7F694.A471F0D0@smtp.manhattanprojects.com> Date: Thu, 10 Sep 1998 11:56:04 -0400 From: Gerald Abshez X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.5-RELEASE i386) MIME-Version: 1.0 To: brian@Awfulhak.org CC: freebsd-questions@FreeBSD.ORG Subject: Re: VPN's: PPP, SSH et al... Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >> Hi there, >> >> I'm trying to get a VPN going with SSH and PPP. >> More description about problem from me deleted... >First, try to get a working tunnel as per the example in >ppp.conf.sample. Assuming you can do that, you should then be able >to do it via ssh with something like: > set device !/etc/ppp/secure-connection >and create /etc/ppp/secure-connection (with execute permissions): >#! /bin/sh >exec &0 >exec ssh -f -L 1234:theothermachine:theothermachinesport theothermachine sleep 20 >theothermachine is the machine name of the peer, and theothermachinesport is >the port number that you used in /etc/services on the peer to listen for the >incoming ppp connection. >I'm afraid I've never tried this, but it *should* work :-) Ok, it almost works. ;-) The "set device" line barfs in my version of user ppp; I changed it to: set device localhost:1234 and ran "ppp -auto tcp-client" on that machine. Now, I have to run /etc/ppp/secure-connection by hand and the connection works. Two questions: 1) (A more basic PPP question) I can't see any machine other then the other end of the PPP connection. Yes, I did enable IP Forwarding. Some other config problem that I might have overlooked? 2) I'd like to automate the process. My hope is to get something going like the on-demand dialing function, where packets going to the remote network cause the ppp connection to happen. Am I dreaming? If I can figure this out, and do it in a nice way, I'm only more then willing to package the whole thing and donate it back to the project. Thanks, Gerald To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message