From owner-freebsd-isp  Thu Dec 20  6:47:58 2001
Delivered-To: freebsd-isp@freebsd.org
Received: from infiniteloop.ca (infiniteloop.ca [216.126.86.53])
	by hub.freebsd.org (Postfix) with ESMTP id 543DA37B405
	for <freebsd-isp@freebsd.org>; Thu, 20 Dec 2001 06:47:52 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by infiniteloop.ca (Postfix) with ESMTP id 8E6DB1E4
	for <freebsd-isp@freebsd.org>; Thu, 20 Dec 2001 09:47:51 -0500 (EST)
Received: from blake (CPE0050da7c7e5d.cpe.net.cable.rogers.com [24.101.32.246])
	(using TLSv1 with cipher RC4-MD5 (128/128 bits))
	(Client did not present a certificate)
	by infiniteloop.ca (Postfix) with ESMTP id 6693013E
	for <freebsd-isp@freebsd.org>; Thu, 20 Dec 2001 09:47:50 -0500 (EST)
From: "Blake Crosby" <dev@samurai.com>
To: <freebsd-isp@freebsd.org>
Subject: PPTP Behind NAT?
Date: Thu, 20 Dec 2001 09:47:49 -0500
Message-ID: <JAEEIJKIHAONENKPFCCPGENLCBAA.dev@samurai.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Importance: Normal
X-Virus-Scanned: by AMaViS snapshot-20010714
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-isp.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-isp>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-isp>
X-Loop: FreeBSD.org

I'm having trouble getting tcp/ip working once I connect to a machine using
PPTP. Here is my network setup.

pptp server (freebsd 4.4 - using mpd-netgraph)
|
|
Internet
|
|
Gateway, running ipnat (freebsd 4.3)
|
|
Windows XP Machine.

I can connect fine, except I can't really do much from that point on. The
server has the ip address 192.168.0.1 and the client has 192.168.0.2. When
I try to ping the clients ip address from the server I get this:

PING 192.168.0.2 (192.168.0.2): 56 data bytes
ping: sendto: Permission denied
ping: sendto: Permission denied

according to ifconfig, the tunnel seems to be up:

ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1500
         inet 192.168.0.1 --> 192.168.0.2 netmask 0xffffffff

my mpd.conf file looks like:

pptp:
         new -i ng0 pptp pptp
         set iface disable on-demand
         set iface enable proxy-arp
         set iface idle 1800
         set bundle disable multilink
         set link yes acfcomp protocomp
         set link no pap chap
         set link enable chap
         set link keep-alive 10 60
         set ipcp yes vjcomp
         set ipcp ranges 192.168.0.1/32 192.168.0.2/30
         set ipcp dns xxx.xxx.xxx.xxx <--- IP address of external interface
(yes a dns server is listening)

         set bundle enable compression
         set ccp yes mppc
         set ccp yes mpp-e40
         set ccp yes mpp-e128
         set ccp yes mpp-stateless

and mpd.links:

pptp:
         set link type pptp
         set pptp self xxx.xxx.xxx.xxx <-- External IP address
         set pptp enable incoming
         set pptp disable originate

any idea what could be wrong? Is this a nat problem?

Blake


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message