Date: Mon, 7 May 2001 00:55:26 -0400 (EDT) From: Jim Durham <durham@w2xo.pgh.pa.us> To: John Heyer <john@snake.supranet.net> Cc: freebsd-questions@freebsd.org Subject: Re: using mpd for PPTP server Message-ID: <Pine.BSF.4.21.0105070038400.70602-100000@shazam.int> In-Reply-To: <Pine.BSF.4.21.0105061720420.99255-100000@snake.supranet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 6 May 2001, John Heyer wrote:
>
> Nevermind..I found the problem. Yet another problem in mpd.links
>
> > set pptp disable incoming
>
> That would explain it! I am still wondering what I should have in my
> Kernel though.
You don't need anything in your kernel. The Netgraph stuff is loaded
on demand as a kernel module.
The first time I brought up mpd, I compiled netgraph into the kernel,
then found out I didn't need to do that.
OK... here is a very simple config file from here at home. I play
with stuff on my server here at the house in lieu of trying new stuff
on the production server at work. It keeps me employed!
Anyhow, here is mpd.conf...the LAN address of the dns and nbns
is 192.168.5.1 . The LAN network is 192.168.5.X . Here we are
making the server side of the VPN .100 and the client side 110.
If you want to support multiple connections at once, you will need
to put in a "pptp1: , pptp2, pptp3, etc in mpd.conf, and similar
entries in mpd.links. You need change only the first line of the
mpd.conf entry to say "new -i ng1 pptp1 pptp1" for the second
entry and make a second entry called "pptp1" in mpd.links,
copying the first "pptp" entry, but changing the client side
address by +1, like, in this case, 192.168.5.111 .
#--------------------------------------------------------------------------
#mpd.conf
default:
load pptp
pptp:
new -i ng0 pptp pptp
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set bundle disable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp ranges 192.168.5.100/32 192.168.5.110/32
set ipcp dns 192.168.5.1
set ipcp nbns 192.168.5.1
If you wanted MPPE encryption and had ng_mppc(8)...
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set bundle enable crypt-reqd
set ccp yes mpp-stateless
#________________________________________________________________________
#Now, mpd.links..
________________________________________________________________________
pptp:
set link type pptp
set pptp self PUT_YOUR_PUBLIC_IP_HERE
set pptp enable incoming
set pptp disable originate
#______________________________________________________________________
That should get you started.
I have never been able to get proxy arp to work, but I haven't put
much time in it. So, don't expect to gateway these callers onto
the internet 8-).
-Jim Durham
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0105070038400.70602-100000>