From owner-freebsd-isp@FreeBSD.ORG Fri Nov 21 07:49:08 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7FEF16A4CF for ; Fri, 21 Nov 2003 07:49:08 -0800 (PST) Received: from smtp-ft4.fr.colt.net (smtp-ft4.fr.colt.net [213.41.78.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id 638B743FE3 for ; Fri, 21 Nov 2003 07:49:05 -0800 (PST) (envelope-from nanard@tou.nu) Received: from orion (noc-bes.adm.fr.colt.net [195.68.1.120]) by smtp-ft4.fr.colt.net with SMTP id hALFn1H13780; Fri, 21 Nov 2003 16:49:01 +0100 Message-ID: <030d01c3b046$fcaf92f0$51fd210a@orion> From: "nanard" To: "Eric Anderson" References: <02e701c3b039$caaebea0$51fd210a@orion> <3FBE2185.1040204@centtech.com> Date: Fri, 21 Nov 2003 16:49:02 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 cc: freebsd-isp@freebsd.org Subject: Re: Connecting to VPN Concentrator X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2003 15:49:08 -0000 Hi Eric, > In a previous email to this list, I thought you were asking how to > connect FreeBSD and windows clients to a VPN server (of any kind, > possibly FreeBSD)? If that's what you want, I can help you with that.. Yes, i installed a VPN server on FreeBSD 4.9 with MPD. (and SaMBa in a jail of the server for the VPN user only). I managed to connect Windows users to it. But I didn't manage to connect FreeBSD client to it (using pptp-client). The connexion works but nothing go though the tunnel (i did nothing in ipf) and after 170 sec, the client close the connexion. (i think because of idle ?). Maybe there is something wrong with my route. I don't know But now, i ve a VPN concentrator server (CISCO 3000) and i've some clients who would like to connect from FreeBSD. I don't know if it s possible so, i m asking now here. For my last question in this list, i m open to know how do you use mpd as client to connect FreeBSD to FreeBSD MPD server. Thanks in advance. Nicolas OS: FreeBSD 4.9 Configuration of the FreeBSD client : crysto$ cat /etc/ppp/ppp.conf TEST: set authname nanard set authkey ****** set timeout 0 set ifaddr 0 0 add 192.168.0.142/24 HISADDR alias enable yes When i launch : # pptp XX.YY.ZZ.AA TEST tun0: flags=8051 mtu 1498 inet 192.168.0.142 --> XX.YY.ZZ.AA netmask 0xffffffff Opened by PID 24918 $ ping 192.168.0.142 PING 192.168.0.142 (192.168.0.142): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host ^C In log of FreeBSD client: In /var/log/pptp.log Nov 20 14:23:46 crysto ppp[80154]: Phase: Using interface: tun0 Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: Created in closed state Nov 20 14:23:46 crysto ppp[80154]: Warning: The alias command is deprecated Nov 20 14:23:46 crysto ppp[80154]: Phase: PPP Started (direct mode). Nov 20 14:23:46 crysto ppp[80154]: Phase: bundle: Establish Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: closed -> opening Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: Connected! Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: opening -> carrier Nov 20 14:23:47 crysto ppp[80154]: Phase: deflink: carrier -> lcp Nov 20 14:23:47 crysto ppp[80154]: Phase: Unexpected chap input - dropped ! Nov 20 14:23:53 crysto last message repeated 3 times Nov 20 14:23:54 crysto ppp[80154]: Phase: bundle: Authenticate Nov 20 14:23:54 crysto ppp[80154]: Phase: deflink: his = CHAP 0x81, mine = none Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Input: CHALLENGE (16 bytes) Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Output: RESPONSE (nanard) Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Input: SUCCESS (S=E1F1FE8196608716C90AEA4015D20E9D4CF864D8) Nov 20 14:23:54 crysto ppp[80154]: Phase: deflink: lcp -> open Nov 20 14:23:54 crysto ppp[80154]: Phase: bundle: Network Nov 20 14:26:40 crysto ppp[80154]: Phase: Signal 15, terminate. Nov 20 14:26:40 crysto ppp[80154]: Phase: Signal 15, terminate. Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: read (0): Got zero bytes Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: open -> lcp Nov 20 14:26:40 crysto ppp[80154]: Phase: bundle: Terminate Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: Disconnected! Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: Connect time: 174 secs: 665 octets in, 666 octets out Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: 18 packets in, 16 packets out Nov 20 14:26:40 crysto ppp[80154]: Phase: total 7 bytes/sec, peak 208 bytes/sec on Thu Nov 20 14:23:54 2003 Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: lcp -> closed Nov 20 14:26:40 crysto ppp[80154]: Phase: bundle: Dead Nov 20 14:26:40 crysto ppp[80154]: Phase: PPP Terminated (normal). Nov 21 16:03:07 crysto ppp[24918]: Phase: Using interface: tun0 Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: Created in closed state Nov 21 16:03:07 crysto ppp[24918]: Warning: The alias command is deprecated Nov 21 16:03:07 crysto ppp[24918]: Phase: PPP Started (direct mode). Nov 21 16:03:07 crysto ppp[24918]: Phase: bundle: Establish Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: closed -> opening Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: Connected! Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: opening -> carrier Nov 21 16:03:08 crysto ppp[24918]: Phase: deflink: carrier -> lcp Nov 21 16:03:08 crysto ppp[24918]: Phase: Unexpected chap input - dropped ! Nov 21 16:03:13 crysto last message repeated 3 times Nov 21 16:03:15 crysto ppp[24918]: Phase: bundle: Authenticate Nov 21 16:03:15 crysto ppp[24918]: Phase: deflink: his = CHAP 0x81, mine = none Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Input: CHALLENGE (16 bytes) Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Output: RESPONSE (nanard) Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Input: SUCCESS (S=9749F42989AFAEB5922F86A515C6C42C4C3DAAC3) Nov 21 16:03:15 crysto ppp[24918]: Phase: deflink: lcp -> open Nov 21 16:03:15 crysto ppp[24918]: Phase: bundle: Network crysto# netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.138 UGSc 18 20 dc0 10/24 link#1 UC 3 0 dc0 10.0.0.4 00:a0:cc:da:6a:7f UHLW 0 5 lo0 10.0.0.5 00:a0:cc:da:6a:7f UHLW 1 17 lo0 => 10.0.0.5/32 link#1 UC 1 0 dc0 10.0.0.7/32 link#1 UC 0 0 dc0 10.0.0.8/32 link#1 UC 0 0 dc0 10.0.0.138 00:08:21:b8:c2:14 UHLW 16 0 dc0 715 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 3 49 dc0 127.0.0.1 127.0.0.1 UH 0 45 lo0 192.168.0 XX.YY.ZZ.AA UGSc 0 3 tun0 192.168.1 link#1 UC 0 0 dc0 195.68.88.112/29 link#1 UC 0 0 dc0 XX.YY.ZZ.AA 192.168.0.142 UH 2 1 tun0 When it deconnect : Nov 21 16:05:06 crysto ppp[24918]: Phase: Signal 15, terminate. Nov 21 16:05:06 crysto ppp[24918]: Phase: Signal 15, terminate. Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: read (0): Got zero bytes Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: open -> lcp Nov 21 16:05:06 crysto ppp[24918]: Phase: bundle: Terminate Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: Disconnected! Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: Connect time: 119 secs: 696 octets in, 661 octets out Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: 18 packets in, 16 packets out Nov 21 16:05:06 crysto ppp[24918]: Phase: total 11 bytes/sec, peak 212 bytes/sec on Fri Nov 21 16:03:15 2003 Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: lcp -> closed Nov 21 16:05:06 crysto ppp[24918]: Phase: bundle: Dead Nov 21 16:05:06 crysto ppp[24918]: Phase: PPP Terminated (normal). > > Eric > > -- > ------------------------------------------------------------------ > Eric Anderson Systems Administrator Centaur Technology > All generalizations are false, including this one. > ------------------------------------------------------------------ > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >