From owner-freebsd-questions@FreeBSD.ORG Fri Aug 27 21:06:53 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38D1D16A4CE for ; Fri, 27 Aug 2004 21:06:53 +0000 (GMT) Received: from infidel.fajita.org (oldhallfarm.demon.co.uk [80.176.128.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id C004C43D4C for ; Fri, 27 Aug 2004 21:06:51 +0000 (GMT) (envelope-from lewiz@fajita.org) Received: from majic.fajita.org (majic.fajita.org [192.168.0.4]) by infidel.fajita.org (8.12.10/8.12.10) with ESMTP id i7RL6iLv067691; Fri, 27 Aug 2004 22:06:44 +0100 (BST) (envelope-from lewiz@fajita.org) Received: (from lewiz@localhost) by majic.fajita.org (8.12.10/8.12.10/Submit) id i7RL6i2m067690; Fri, 27 Aug 2004 22:06:44 +0100 (BST) (envelope-from lewiz) Date: Fri, 27 Aug 2004 22:06:44 +0100 From: Lewis Thompson To: uidzero Message-ID: <20040827210644.GA66759@fajita.org> References: <20040825214441.GB3936@fajita.org> <200408270828.58841.aj@siegel-tech.net> <20040827144008.GB51524@fajita.org> <20040827180400.GA60073@fajita.org> <412F7884.70300@one-arm.com> <20040827182949.GA61738@fajita.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2oS5YaxWCcQjTEyO" Content-Disposition: inline In-Reply-To: <20040827182949.GA61738@fajita.org> X-GPG-Fingerprint: 90A4 939E 3847 A3E4 8103 2A48 22DA B428 542F ED3F X-GPG-Info: http://www.lewiz.org/~lewiz/pgpkey / horowitz.surfnet.nl User-Agent: Mutt/1.5.6i X-MailScanner-Information: Please contact the ISP for more information X-MailScanner: Found to be clean X-MailScanner-From: lewiz@fajita.org cc: FreeBSD-questions Subject: Re: Roaming tunnel (IPSEC or something). X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Aug 2004 21:06:53 -0000 --2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 27, 2004 at 07:29:49PM +0100, Lewis Thompson wrote: > On Fri, Aug 27, 2004 at 01:08:04PM -0500, uidzero wrote: > > Sorry to bother you directly but, I too have been looking into doing=20 > > this, Could you possibly send me any URLs you might have used or if you= =20 > > documented it somehow, send tht to me as well? >=20 > No problem. I used the following: >=20 > http://reallydodgy.org/~jrose/index.php?content=3Dmpd.html > http://www.itga.com.au/~gnb/vpn/pptp-serv.html > http://freebsdaddicts.org/modules.php?name=3DSections&op=3Dviewarticle&ar= tid=3D9 >=20 > My biggest piece of advice is to use mpd at both ends (if you're using > a FreeBSD client). I had trouble with pptpclient (protocol errors at > the server end) but mpd as a client worked perfectly. >=20 > I've not really made any notes but I'm just about to clean up my > config files, I'll email these when I've done them. Here you go. Basically my server is 192.168.0.1 on the network 192.168.0.0. It's external address is 10.0.0.42. mpd.conf (server): default: load pptp0 load pptp1 load pptp2 load pptp3 load pptp4 pptp_common: set bundle enable crypt-reqd set bundle enable compression set iface route 192.168.0.0/24 set iface idle 7200 set iface enable proxy-arp set ipcp dns 192.168.0.1 set ipcp nbns 192.168.0.2 set link keep-alive 10 60 set link no pap chap set link enable chap set ccp yes mppc set ccp no mpp-e40 set ccp no mpp-e56 set ccp yes mpp-e128 set ccp yes mpp-stateless pptp0: =20 new -i ng0 pptp0 pptp0 set ipcp ranges 192.168.0.1/32 192.168.0.50/32 load pptp_common pptp1: =20 new -i ng1 pptp1 pptp1 set ipcp ranges 192.168.0.1/32 192.168.0.51/32 load pptp_common pptp2: =20 new -i ng2 pptp2 pptp2 set ipcp ranges 192.168.0.1/32 192.168.0.52/32 load pptp_common pptp3: =20 new -i ng3 pptp3 pptp3 set ipcp ranges 192.168.0.1/32 192.168.0.53/32 load pptp_common pptp4: =20 new -i ng4 pptp4 pptp4 set ipcp ranges 192.168.0.1/32 192.168.0.54/32 load pptp_common mpd.links (server): pptp0: set link type pptp set pptp self 10.0.0.42 set pptp enable incoming set pptp disable originate pptp1: set link type pptp set pptp self 10.0.0.42 set pptp enable incoming set pptp disable originate pptp2: set link type pptp set pptp self 10.0.0.42 set pptp enable incoming set pptp disable originate pptp3: set link type pptp set pptp self 10.0.0.42 set pptp enable incoming set pptp disable originate pptp4: set link type pptp set pptp self 10.0.0.42 set pptp enable incoming set pptp disable originate mpd.secret (server): user "password" * mpd.conf (client): default: load pptp0 pptp0: new -i ng0 pptp0 pptp0 set bundle enable crypt-reqd set bundle enable compression set bundle authname "user" set bundle password "pass" set iface disable on-demand set iface idle 0 set ipcp ranges 0.0.0.0/0 192.168.0.0/24 set link keep-alive 10 60 set link no pap set link yes chap set link enable no-orig-auth set ccp yes mppc set ccp no mpp-e40 set ccp no mpp-e56 set ccp yes mpp-e128 set ccp yes mpp-stateless open mpd.links (client): pptp0: set link type pptp set pptp peer 10.0.0.42 set pptp disable incoming set pptp enable originate outcall I hope this is some use to you! Best wishes, -lewiz. --=20 I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:purple@lewiz.net | jabber:lewiz@jabber.org | url:www.lewiz.org |- --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBL6JkItq0KFQv7T8RAhPaAJ9bKRg3Hsb7e96QUwIRmuV8AwXJWACeIF4q HfVc745d7lco8OnBKbS9uXE= =b5KE -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO--