From owner-freebsd-net Wed May 8 19:42:18 2002 Delivered-To: freebsd-net@freebsd.org Received: from jonkmans.com (dns01.jonkmans.com [64.239.6.30]) by hub.freebsd.org (Postfix) with ESMTP id F325A37B40A for ; Wed, 8 May 2002 19:42:10 -0700 (PDT) Received: from XP120634 (localhost.jonkmans.com [127.0.0.1]) by jonkmans.com (8.11.6/8.11.6) with SMTP id g492gEV86950 for ; Wed, 8 May 2002 21:42:14 -0500 (CDT) (envelope-from matt@jonkmans.com) Message-ID: <00dc01c1f703$1ddf71b0$2301070a@XP120634> From: "Matt Jonkman" To: Subject: MPD PPTP Routing problem Date: Wed, 8 May 2002 21:41:48 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm using mpd 3.2 on a freebsd 4.3 machine, ipfw with a pass any policy and a nat. The FreeBSD machine is a firewall with an internal network of 10.0.0.0/24, internal interface 10.0.0.65. I've got mpd configured to make the pptp connection, authentication and negotiation works beautifully. Client is an XP machine. I can send packets down the tunnel and can see them if I tcpdump the ng0 interface on the firewall, however I cannot get them any further than the ng0 interface it seems. A tcpdump of the internal interface shows absolutely no packets coming out, not even an arp request. The routing table on the client seems correct with a default route up the tunnel. I can ping the internal IP of the firewall, and the firewall can ping the tunnel ip of the client. What am I missing? This has got to be something simple. Can someone help me out? The relevant config snippets are below: mpd.conf: default: load pptp pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface route 10.0.0.0/24 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp ranges 10.0.0.65/32 10.0.0.200/32 set ipcp dns 10.0.0.65 set ipcp nbns 10.0.0.3 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless mpd.links: pptp: set link type pptp set pptp self set pptp enable incoming set pptp disable originate Any help is greatly appreciated. Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message