Date: Tue, 19 Feb 2002 10:25:04 -0800 (PST) From: Archie Cobbs <archie@dellroad.org> To: Lars Eggert <larse@ISI.EDU> Cc: Archie Cobbs <archie@dellroad.org>, Justin Hawkins <justin@hawkins.dropbear.id.au>, freebsd-net@FreeBSD.ORG Subject: Re: mpd-netgraph as VPN client to Cisco 2500 Message-ID: <200202191825.g1JIP4O96413@arch20m.dellroad.org> In-Reply-To: <3C728CA0.70809@isi.edu> "from Lars Eggert at Feb 19, 2002 09:34:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Lars Eggert writes: > How did you stop the Cisco box from stupidly trying to hand its own IP > address to the clients over and over? I don't even get past negotiation, > since the Cisco won't hand out any other addresses... (It also doesn't > help that the box isn't under my direct administration, but if I could > tell the support people "go look at page X in Cisco manual Y", that'd > probably allow them to fix it.) Newer versions of mpd will not even finish negotiation with a box that uses the same IP address inside & out... this was added as a safety check.. to disable this behavior and allow such negotiation, apply the patch below. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com Index: ipcp.c =================================================================== RCS file: /home/cvs/archie/mpd/src/ipcp.c,v retrieving revision 1.3 retrieving revision 1.2 diff -u -r1.3 -r1.2 --- ipcp.c 2001/12/16 03:47:25 1.3 +++ ipcp.c 2001/04/12 17:03:31 1.2 @@ -19,7 +19,6 @@ #include "custom.h" #include "msg.h" #include "ngfunc.h" -#include "pptp.h" #include <netgraph.h> #include <sys/mbuf.h> @@ -608,7 +607,7 @@ switch (mode) { case MODE_REQ: if (!IpAddrInRange(&ipcp->conf.peer_allow, *ip) || !ip->s_addr) { -nak_ip: if (ipcp->peer_addr.s_addr == 0) + if (ipcp->peer_addr.s_addr == 0) Log(LG_IPCP, (" %s", "no IP address available for peer!")); if (Enabled(&ipcp->conf.options, IPCP_CONF_PRETENDIP)) { Log(LG_IPCP, (" pretending that %s is OK, will ignore", @@ -621,17 +620,6 @@ Log(LG_IPCP, (" NAKing with %s", inet_ntoa(*ip))); FsmNak(fp, opt); break; - } - if (bund->links[0]->phys->type == &gPptpPhysType) { - struct in_addr pip; - - lnk = bund->links[0]; - pip = PptpGetPeerIp(); - if (ip->s_addr == pip.s_addr) { - Log(LG_IPCP, - (" Same as PPTP IP; would cause routing loop")); - goto nak_ip; - } } Log(LG_IPCP, (" %s is OK", inet_ntoa(*ip))); ipcp->peer_addr = *ip; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202191825.g1JIP4O96413>