From owner-freebsd-questions@FreeBSD.ORG  Fri Oct 17 21:53:01 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1767016A4B3
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Oct 2003 21:53:01 -0700 (PDT)
Received: from beta.stelesys.com (c-24-98-86-57.atl.client2.attbi.com
	[24.98.86.57])	by mx1.FreeBSD.org (Postfix) with ESMTP id 2209F43FCB
	for <freebsd-questions@freebsd.org>;
	Fri, 17 Oct 2003 21:53:00 -0700 (PDT)
	(envelope-from jerry@syslog.org)
Received: from [192.168.0.100] (helo=ATLLAP130)
	by beta.stelesys.com with asmtp (TLSv1:RC4-MD5:128)
	(Exim 4.24; FreeBSD 5.1)
	id 1AAj5H-0000FD-Lw; Sat, 18 Oct 2003 00:52:59 -0400
Message-ID: <068601c39533$b42aa430$1a0a0a0a@iss.net>
From: "Jerry Bell" <jerry@syslog.org>
To: "Jim Hatfield" <subscriber@insignia.com>,
	<freebsd-questions@freebsd.org>
References:
	<3203DF3DDE57D411AFF4009027B8C3674AF580@exchange-uk.isltd.insignia.com>
	<2a90pvkkm6b1c3s1k6bu94dmajh6gbbq5p@4ax.com>
Date: Sat, 18 Oct 2003 00:52:57 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Subject: Re: Using poptop....
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Oct 2003 04:53:01 -0000

It's really pretty easy.  I beat my head on the wall about a year ago, so I
don't recall where all the docs are, but this is what my configs look like:
/etc/ppp/ppp.conf:
pptp:
 set timeout 0
 set dial
 set login
 set ifaddr {IP address of internal interface} {IP address range
xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx}
 set server /var/run/pptp_ppp_%d "" 0700
 enable mschapv2 mppe          # <--- these two lines enable encryption
 set mppe * *                        #<---
 enable chap
 disable pap
 disable utmp
 disable passwdauth
 enable proxy
 accept dns
 set dns 192.168.x.x
 set nbns 192.168.x.x

/usr/local/etc/pptpd.conf:
option /etc/ppp/ppp.conf
localip {IP address of internal interface}
remoteip {IP address range xxx.xxx.xxx.2-255}
pidfile /var/run/pptpd.pid


You'll have to use the ppp.secret password file or a radius server (that's a
whole other story).  Other than that, this works like a champ, and is
encrypted.   Just for a point of clarification, omit the {}  I added those
for readability.

Hope that helps.

Jerry