Date: Wed, 21 Nov 2001 14:25:29 +0000 (GMT) From: Humbug the Cat <humbug@honeybourne.viewp.co.uk> To: Thor Legvold <tlegvold@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Network setup questions Message-ID: <Pine.BSF.4.21.0111211421420.18763-100000@honeybourne.viewp.co.uk> In-Reply-To: <F86KbpG1KiaexdDAO2R0000ea33@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Thor, PPTP vpn's use two communication channels from your m/c (client) to the isp m/c (server) from the client to the server there is a tcp:1723 control session and from the server to the client there is a gre data session. you need to make sure that you are allowing these through your firewall, and once the session is esablished your traffic to the internet will be from the ng0 interface. HTH Richard On Wed, 21 Nov 2001, Thor Legvold wrote: > Hi Greg, > > >First, don't cross-post; stick to freebsd-questions for now. > > Done. > > >Second, what is your question? > > How to set up mpd-netgraph to connect over a wireless wan with pptp to an > ISP. Failing that, how to set up any available pptp client to do the same - > get on the net via my ISP. > > Details: > The existing WAN was setup by the ISP so that *any* WaveLan cards (which > they provide as part of their broadband package) within range of their > antennae would automatically get an IP via DHCP (10.10.2.0/24 range). They > in turn run NAT on the subnet, thus giving anyone with a WaveLan card direct > internet access, no other authorization or configuration needed. As the ISP > is new and noone else in the area offers or carries this equipment, it's > worked fine up to now. I set my home LAN up to use this and it's worked > fine. > > Because the situation is changing, the ISP is switching over to another > system (VPN). They have a linux PPTP server at 10.10.1.1 (i.e. still on > their local WAN), all WaveLan cards still get an internal IP (10.10.2.0/24) > via DHCP as before, but their NAT is now turned off/disabled. So anyone with > a WaveLan card can still get an internal IP, but you can't get to the > internet or do anything without going through the VPN/PPTP server. > > In order to access the internet now, one has to (after doing the DHCP stuff > mentioned above to get on the local WAN): contact/connect to the PPTP server > (10.10.1.1), login and authorize (chap and/or pap) and dynamically receive a > *routable* IP (as I recall they have 213.225.121.0/24 range available) from > the pool the ISP owns. Then one (as far as I know) is online and can use the > internet as usual. > > I had/have my home LAN set up on 192.168.128.0/24 and use the FBSD box as a > gateway/dual homed host for the LAN, using a dc0 card for the LAN and the > WaveLan (wi0) for the internet (outside network). I run ipfw and natd to > allow all the machines at home acccess to the net via the FBSD gateway. I've > had some small problems with natd & ipfw (natd complains about "cannot write > back" in some cases), and am currently looking into the ruleset to fix this. > I've tried testing my setup with closed and open firewall, but cannot seem > to get anywhere. > > I can post my mpd.conf, mpd.links and mpd.log if that would help. > > Regards, > Thor > > > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111211421420.18763-100000>