Date: Fri, 23 Jan 2004 14:47:12 -0500 (EST) From: "Jacob D. Hunt" <jhunt@kyder.com> To: fbsd_user@a1poweruser.com Cc: Jerrys Transmission <jerrys@kyder.com> Subject: Re: DSL with User PPP and Static IP Message-ID: <200401231947.i0NJlCuw092120@kyder.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGIEOGFFAA.fbsd_user@a1poweruser.com> from "fbsd_user" at Jan 23, 2004 11:58:50 AM
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the suggestions. I have implemented all the changes including disabling the IPFW firewall NAT. I simplified the /etc/ppp/ppp.conf file and made sure it still worked using the dynamic config of "set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0". I then proceeded to change that line to "set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248". It is my assumption that this will set my address to .193, with a gateway of .198 and a netmask of .248. After making these changes, tun0 is once again opened by a pid, but nothing connects. I am including updated copies of the ppp.conf file and /var/log/ppp.log. Thanks again for your help, Jacob @ Jerry's Transmission Service Guilford, CT -------SAMPLE PPP.CONF------- default: set log Phase tun set timeout 0 sbcglobal: set device PPPoE:dc0: set authname jerry.transmission@sbcglobal.net set authkey snet03 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 add default HISADDR enable dns loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 set server /tmp/loop "" 0177 loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct pptp: load loop enable loop disable pap enable passwdauth enable proxy accept dns set dns 192.168.0.1 192.168.0.2 set nbns 192.168.0.15 192.168.0.16 set device !/etc/ppp/secure -------END PPP.CONF------- -------SAMPLE PPP.LOG------- Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: Using interface: tun0 Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: deflink: Created in closed state Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: PPP Started (ddial mode). Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: bundle: Establish Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: closed -> opening Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: Connected! Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: opening -> dial Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: dial -> carrier Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_ACNAME (hook "62031090089590-") Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SESSIONID Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received NGM_PPPOE_SUCCESS Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: carrier -> login Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: login -> lcp Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Warning: deflink: Reducing configured MRU from 1500 to 1492 Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: bundle: Authenticate Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: his = PAP, mine = none Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Pap Output: jerry.transmission@sbcglobal.net ******** Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: Pap Input: SUCCESS () Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: lcp -> open Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: bundle: Network Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Warning: ff02:8::/32: Change route failed: errno: Network is unreachable Jan 23 14:27:33 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP protocol reject closes IPV6CP ! Jan 23 14:27:42 jerrystransmission last message repeated 3 times -------END PPP.LOG------- > > Jacob > Your rc.conf is all wrong, you are doing the nat process in both > 'user ppp' and IPFW, this is wrong. > The default IPFW firewall rules are useless in protecting you. > If you want stateful ipfw rules which will give you max in > protection and that will work as is for your situation let me know. > > -------SAMPLE RC.CONF------- > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > ifconfig_dc0=up > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="dialisp" > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > -------END RC.CONF------- > > > > see if this works for you. Please let me know the out come. > > #################### start of DSL ppp.conf ################### > default: > > set log Phase tun #use to avoid excessive log sizes > set timeout 0 # no idle time out, will not disconnect > > > dialisp: > set device PPPoE:XXX # replace xxx with your Nic card > device name > set authname YOURLOGINNAME # Replace with your ISP account IP > set authkey YOURPASSWORD # Replace with your ISP account > password > add default HISADDR # Add a (sticky) default route > (Mandatory) > enable dns # Gets the ISP's DNS IP address & places > them > # in resolv.conf for reference by FBSD box. > > > > ############### End of DSL ppp.conf > ################################# > > > > Replace the XXX in the [set device PPPoE:XXX] statement with the Nic > card FBSD interface name. Sometimes it will be necessary to use a > service tag to establish your connection depending on how your ISP > and/or the phone company has it's DSL network configured. Service > tags are used to distinguish between different PPPoE servers > attached to a given network. You should have been given any required > service tag information in the documentation provided by your ISP. > If you cannot locate it there, ask your ISP's tech support > personnel. This is the format of the command with the service tag > added > > set device PPPoE:XXX:service_tag > > > The xxxx is the FBSD interface name used by PPPoE, the interface > must be UP, (IE: enabled). It is only used as transport, and does > not need to be assigned an IP address. This can be done > automatically at boot time by updating the /etc/rc.conf file. The > format of the statement to add is ifconfig_xxxx=up where xxxx is > Nic card FBSD interface name used by PPPoE that you specified in the > /etc/ppp/ppp.conf file. > > ee /etc/rc.conf add following statement > > ifconfig_xxxx=up > > > To setup user ppp to dial your ISP automatically at FBSD boot time, > you have to add the following statements to the rc.conf file. The > ddial option means to redial every time the connection to the ISP > gets dropped. > > ee /etc/rc.conf > > # Activate user ppp auto start at boot time > ppp_enable="YES" # Start User ppp task > ppp_mode="ddial" # ddial, auto, background > ppp_profile="dialisp" # section in ppp.conf to > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Jerrys > Transmission > Sent: Friday, January 23, 2004 9:40 AM > To: freebsd-questions@freebsd.org > Subject: DSL with User PPP and Static IP > > Hello, > > I have just started working for a local auto transmission repair > shop and am > trying to get the local server up and running. Specifically, the > server > works great with dynamic IPs assigned from the DSL provider (using > PPPoE) > but it burps when I attempt a static IP as per the handbook's "Using > User > PPP" section. > > Our business was given the following values for connecting to the > Internet: > > Net: 69.37.6.192 > Gateway: 69.37.6.198 > Netmask: 255.255.255.248 > Broadcast: 69.37.6.199 > Static IPs 193-197 > > > When I change /etc/ppp/ppp.conf (sample attached) to: > > set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 > > tun0 is "Opened by PID xxx" but does not show any IP addresses, and > the > connection does not work. If I leave the ifaddr to the dynamic > setting > (which includes the 0.0.0.0) everything works fine. I am including > a sample > of our local ppp.conf, ifconfig output, and relevant parts of > rc.conf for reference. > Please note, the ifconfig output shows the missing inet line when a > static > config is attempted. > > Any help would be greatly appreciated. > > Thanks again, > > Jacob @ Jerry's Transmission Service > Guilford, CT 06437 > > > --------SAMPLE PPP.CONF------- > default: > set log Phase Chat LCP IPCP CCP tun command > nat enable yes > nat same_ports yes > nat use_sockets yes > set redial 15 28800 > set reconnect 15 28800 > > sbcglobal: > set device PPPoE:dc0: > set mru 1492 > set mtu 1492 > set speed sync > enable lqr > set lqrperiod 5 > set cd 5 > set dial > set login > set timeout 0 > set authname [CENSORED] > set authkey [CENSORED] > set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248 > add default HISADDR > enable dns > > loop: > set timeout 0 > set log phase chat connect lcp ipcp command > set device localhost:pptp > set dial > set login > set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255 > set server /tmp/loop "" 0177 > > loop-in: > set timeout 0 > set log phase lcp ipcp command > allow mode direct > > pptp: > load loop > enable loop > disable pap > enable passwdauth > enable proxy > accept dns > set dns 192.168.0.1 192.168.0.2 > set nbns 192.168.0.15 192.168.0.16 > set device !/etc/ppp/secure > > -------END PPP.CONF------- > > > -------SAMPLE IFCONFIG------- > dc0: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu > 1492 > inet6 fe80::204:5aff:fe7f:75d4%dc0 prefixlen 64 scopeid 0x1 > inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255 > ether 00:04:5a:7f:75:d4 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=3<rxcsum,txcsum> > inet6 fe80::207:e9ff:fe70:801b%em0 prefixlen 64 scopeid 0x2 > inet 192.168.2.1 netmask 0xffff0000 broadcast > 192.168.255.255 > ether 00:07:e9:70:80:1b > media: Ethernet autoselect (100baseTX <half-duplex>) > status: active > lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 > sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552 > faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 > inet 127.0.0.1 netmask 0xff000000 > ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500 > tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 > Opened by PID 501 > -------END IFCONFIG------- > > > -------SAMPLE RC.CONF------- > network_interfaces="auto" > ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0" > ifconfig_dc0="inet 10.0.0.1 mtu 1492 netmask 255.0.0.0 -arp up" > ppp_enable="YES" > ppp_mode="ddial" > ppp_nat="YES" > ppp_profile="sbcglobal" > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > natd_enable="YES" > natd_interface="tun0" > natd_flags="-u -m -dynamic -s" > named_enable="YES" > -------END RC.CONF------- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401231947.i0NJlCuw092120>