From owner-freebsd-questions Sun May 6 21:49: 1 2001 Delivered-To: freebsd-questions@freebsd.org Received: from w2xo.pgh.pa.us (18.gibs5.xdsl.nauticom.net [209.195.184.19]) by hub.freebsd.org (Postfix) with ESMTP id 3671037B422 for ; Sun, 6 May 2001 21:48:57 -0700 (PDT) (envelope-from durham@w2xo.pgh.pa.us) Received: from shazam (shazam [192.168.5.3]) by w2xo.pgh.pa.us (8.11.2/8.9.3) with ESMTP id f474kWb62500; Mon, 7 May 2001 04:46:33 GMT (envelope-from durham@w2xo.pgh.pa.us) Date: Mon, 7 May 2001 00:55:26 -0400 (EDT) From: Jim Durham X-Sender: durham@shazam.int To: John Heyer Cc: freebsd-questions@freebsd.org Subject: Re: using mpd for PPTP server In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 6 May 2001, John Heyer wrote: > > Nevermind..I found the problem. Yet another problem in mpd.links > > > set pptp disable incoming > > That would explain it! I am still wondering what I should have in my > Kernel though. You don't need anything in your kernel. The Netgraph stuff is loaded on demand as a kernel module. The first time I brought up mpd, I compiled netgraph into the kernel, then found out I didn't need to do that. OK... here is a very simple config file from here at home. I play with stuff on my server here at the house in lieu of trying new stuff on the production server at work. It keeps me employed! Anyhow, here is mpd.conf...the LAN address of the dns and nbns is 192.168.5.1 . The LAN network is 192.168.5.X . Here we are making the server side of the VPN .100 and the client side 110. If you want to support multiple connections at once, you will need to put in a "pptp1: , pptp2, pptp3, etc in mpd.conf, and similar entries in mpd.links. You need change only the first line of the mpd.conf entry to say "new -i ng1 pptp1 pptp1" for the second entry and make a second entry called "pptp1" in mpd.links, copying the first "pptp" entry, but changing the client side address by +1, like, in this case, 192.168.5.111 . #-------------------------------------------------------------------------- #mpd.conf default: load pptp pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp ranges 192.168.5.100/32 192.168.5.110/32 set ipcp dns 192.168.5.1 set ipcp nbns 192.168.5.1 If you wanted MPPE encryption and had ng_mppc(8)... set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless #________________________________________________________________________ #Now, mpd.links.. ________________________________________________________________________ pptp: set link type pptp set pptp self PUT_YOUR_PUBLIC_IP_HERE set pptp enable incoming set pptp disable originate #______________________________________________________________________ That should get you started. I have never been able to get proxy arp to work, but I haven't put much time in it. So, don't expect to gateway these callers onto the internet 8-). -Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message