Date: Mon, 25 Feb 2002 08:00:31 -0500 From: "Joe & Fhe Barbish" <barbish@a1poweruser.com> To: "Wim Olivier" <wimo@mailbox.co.za> Cc: "FBSDQ" <questions@FreeBSD.ORG> Subject: RE: Incoming UserPPP in Fbsd 4.0-RELEASE Message-ID: <LPBBIGIAAKKEOEJOLEGOCEMHCIAA.barbish@a1poweruser.com> In-Reply-To: <200202251203.g1PC3jI20222@relay.mailbox.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
You are very close but you have to config ttys to listen
on the device you are calling to start things off.
Here read this and you should be able to figure it out for your self.
############################################################################
##
# /etc/ppp/ppp.conf File for dial out modem to ISP and Dial in modem for
# connection to this FBSD system.
# Written by Joe Barbish 12/10/2001
#
# This is a working ppp.conf file I use to dial in to my ISP and to connect
# my Win98 box by dialing in to this FBSD box and accessing the internet.
# There are options in this ppp.conf file that I do not use, But present
them
# here for you to turn on by un-commenting the statements to meet your
needs.
#
# This ppp.conf documentation is based on a fresh install of FBSD 4.4 with
# all file content as delivered with no user changes.
#
# NOTE Any FBSD documentation that says that the physical modem has to have
# it's default options profile set to, NO command echo ATE0 and NO results
# string ATQ1 and saved to the physical modems onboard non-volatile memory
# (NVRAM) or any references to using programs tip, kermit, mgetty, or
minicom
# to perform the dial function is obsolete and out dated as of FBSD 4.0.
#
# Setup Instructions.
# steps 4,5,6,7 only need to be done if you want support for dialin to this
box
# 1. Recompile kernel and change pseudo-device tun 1 to tun 4
# GENERIC kernel defaults to 1 and you need 1 tun device for each com
port
# 2. Add gateway_enable="YES" to /etc/rc.conf so dialin connection can gain
# access to internet.
# 3. Since a private internal IP address numbering scheme is used for IP
# addresses behind this FBSD box the -nat option must be included on the
# ppp command that starts the ppp task to dial the ISP.
# NAT = Network Address Translation. Changes your private internal IP
# address to your public IP address that you get from your ISP for
# outbound messages and does the reverse for inbound messages.
# From the command line example ppp -background -nat dialisp
# 4. Using root create file /etc/ppp/ppplogin
# Create file ppplogin with following 2 statements
# #! /bin/sh
# exec /usr/sbin/ppp -direct incoming
#
# incoming is the section label name in ppp.conf to be processed when
# ppp is started by this script's exec command.
#
# This script will be launched by getty when it detects a ppp dialin
# connection attempt. Program ppp belongs to group network, so you have
to
# change file ppplogin group to network and it's permissions to
read/write
# for the owner, read/execute for group, and none for everyone else.
# chgrp network ppplogin assign file ppplogin to group network
# chmod 650 ppplogin set permissions
# 5. Change the default section of /etc/gettytab file for automatic ppp
# recognition by specifying the pp capability. Add following
# :pp=/etc/ppp/ppplogin:
# 6. Edit /etc/ttys to enable a getty on the port where the dialin modem
# is attached. com2 = ttyd1 find statement like this
# ttyd1 "/usr/libexec/getty std.38400" dialup off secure
# Change off to on to activate. Verify line speed is correct (std.38400)
# This value is defined in /etc/gettytab. After saving edited results
# issue kill -1 1 command to spawn getty. Use ps ax to show active tasks.
# 7. cp /usr/share/examples/ppp/ppp.secret.sample /etc/ppp/ppp.secret
# Edit /etc/ppp/ppp.secret file adding the ID and password for each user
# that is authorized to login to this FBSD box using dialin modems.
# 8. TESTING Issue command ppp -background -nat dialisp to test
configuration
# Use commands ps ax to see task list. ifconfig -a to see if tun is
running
# netstat -ir to see routing. /var/log/ppp.log to view ppp log events
# ps ax to get ppp -background task number & kill -1 number to terminate.
# 9. Once you are done with testing, make functions permanent.
# Dial ISP at FBSD bootup. Add following to /etc/rc.conf file
# ppp_enable="YES"
# ppp_mode="ddial"
# ppp_profile="dialisp"
# ppp_nat="YES"
#
############################################################################
#
default:
# The default section is processed ever time user ppp is started.
# Ever thing set here applies to all the following section.
set log Phase Chat LCP IPCP CCP tun command #use for testing
#set log Phase tun #use to avoid excessive log
sizes
# If 115200 connection speed does not work (it should work with any modem
newer
# that 1998) step down to 57600 or 38400 or 19200 for legacy modems.
set speed 115200 # connection speed
set timeout 0 # no idle time out, will not disconnect
disable pred1 deflate lqr # compression features & line quality
reporting
deny pred1 deflate lqr # compression features & line quality reporting
dialisp:
# This label is used in the ppp -background -nat dialisp startup
# command for auto logon to ISP provider.
# Ensure that "device" references the correct serial port
# for your modem. (cuaa0 = COM1, cuaa1 = COM2)
# Only needed for dial out device.
set device /dev/cuaa0
# This dial string is needed for ISP's which use standard Unix style
# login. Not needed if ISP uses chap or pap login.
#
set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
\"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
# edit the next three lines and replace the values with
# the values which have been assigned by your ISP.
# Needed for Unix, chap, and Pap style logins.
#set phone 1111111:2222222:3333333 # if first number busy try next number
set phone 7777777 # only use this phone number
set authname xxxxxx # the ID you use to login to ISP
set authkey 555555 # the password you enter to login to
ISP
set redial 10 4 # if busy redial 4 times with 10 second pause
# Most ISP use Unix style logins so leave these commented out for first
test.
# look at /var/log/ppp.log to view ppp log events to see how your ISP logs
you in
# enable chap # select chap login authentication
# enable pap # select pap login authentication
# get dynamic IP address from ISP.
set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
# set static IP address your ISP assigned to you.
# s.s.s.s = your static IP address
# g.g.g.g = IP of machine you connect to at ISP or default to 10.0.0.0/0
# set ifaddr s.s.s.s g.g.g.g 255.255.255.255 0.0.0.0
add default HISADDR # Add a (sticky) default route (Mandatory)
enable dns # Gets the ISP's DNS IP address & places them
# in resolv.conf for reference by FBSD box.
incoming:
# Configuration for dial in modem access to this FBSD system.
# This label is used in ppp -direct incoming command
# which is buried in script /etc/ppp/ppplogin that starts
# the whole process of accepting the incoming call.
# Enable passwdauth forces use of /etc/passwd file
# instead of /etc/ppp/ppp.secret file for PAP only.
# CHAP must use ppp.secret because ppp must have access to
# unencrypted passwords. This is ok over dialin modem lines.
# A unique IP address is assigned to the ttyd activated in the
# /etc/ttys/ file from the internal Private IP pool range.
# Every user that will be using PPP login must have there login ID
# in the allow user command to authorize them to run ppp.
allow users barbish
# SECURITY WARNING - It is VITAL that either pap or chap are enabled. If
# one or the other is not, you are allowing anybody to establish an dialin
# ppp session with your FBSD box using any ID/password. There is no
# authentication being done on incoming ppp connections if pap or chap is
not
# enabled. SECURITY WARNING
# enable passwdauth #force pap to use passwd file
enable pap # uses ppp.secret file
accept dns # give dialin connection access to dns lookup
# To get access to other machines on the LAN
# enable proxy
# Assign static IP address to this dialin line
# 10.0.0.74 = static IP address for this dialin line
# 10.0.0.1 = IP address of this FBSD box
set ifaddr 10.0.0.1 10.0.0.74 255.255.255.255
# If I had 4 modems connected to com1-com4 for dialin access and activated
# ttyd0-ttyd3 in /etc/ttys file this ppp.conf section [incoming] will work
# as is. Set ifaddr command assigns dynamic IP address from a range of
# reserved IP address. 10.0.0.71 through 10.0.0.74 inclusive) is the
# IP address pool reserved for dialin users.
# set ifaddr 10.0.0.1 10.0.0.71-10.0.0.74 255.255.255.0
# $FreeBSD: /etc/gettytab
#
default:\
:cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\
:if=/etc/issue:\
:pp=/etc/ppp/ppplogin:
# The pp= line above added to activate ppp modem inbound login
#
# $FreeBSD: /etc/ttys
#
# name getty type status comments
#
# Serial terminals
# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
# MODIFIED ttyd1 11/13/2001 by JJB for com2 dial in modem
ttyd0 "/usr/libexec/getty std.57600" dialup off secure
ttyd1 "/usr/libexec/getty std.19200" dialup on secure
ttyd2 "/usr/libexec/getty std.57600" dialup off secure
ttyd3 "/usr/libexec/getty std.57600" dialup off secure
# /etc/ppp/ppplogin
#
#! /bin/sh
exec /usr/sbin/ppp -direct incoming
#
# /etc/ppp/ppp.secret
#
# Authname Authkey Peer's IP address Label Callback
barbish 777666
# /etc/rc.conf.
#
# JJB 11/15/01 added gateway & ppp options.
gateway_enable="YES"
ppp_enable="YES"
ppp_mode="ddial"
ppp_profile="dialisp"
ppp_nat="YES"
-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Wim Olivier
Sent: Monday, February 25, 2002 7:02 AM
To: freebsd-questions@freebsd.org
Cc: freebsd-isp@freebsd.org
Subject: Incoming UserPPP in Fbsd 4.0-RELEASE
Hi,
Having trouble logging into my 4.0-RELEASE box using PPP dialin from
Win2000 Pro.
Dialling in using HyperTerm and 9600 bps NO PROBLEM.
Can anyone shine some light on the topic for me please....
I have the following config in /etc/ppp/ppp.conf:
***************************************************** START OF
/etc/ppp/ppp.conf
*************************************************************
default:
#
# Make sure that "device" references the correct serial port
# for your modem. (cuaa0 = COM1, cuaa1 = COM2)
#
set device /dev/cuaa1
set log Phase Chat LCP IPCP CCP tun command
#set speed 115200
#set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK
ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
set timeout 120
#set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
#add default HISADDR
#enable dns
#papchap:
#
# edit the next three lines and replace the items in caps with
# the values which have been assigned by your ISP.
#
#set phone PHONE_NUM
#set authname USERNAME
#set authkey PASSWORD
incoming:
# Config info for incoming links
set ifaddr 192.168.10.1 192.168.10.2 255.255.255.0
accept dns
set dns 209.212.104.82 209.212.97.1
enable pap
enable lqr
#enable msext
enable passwdauth
enable proxy
add default HISADDR
allow user10
***************************************************** END OF
/etc/ppp/ppp.conf
*************************************************************
Here is my /var/log/ppp.log file:
***************************************************** START OF
/var/log/ppp.log
*************************************************************
Feb 25 11:13:38 osiris ppp[12026]: Warning: Label incoming rejected
-direct connection: Configuration label not found
Feb 25 11:32:41 osiris ppp[12030]: Warning: Label incoming rejected
-direct connection: User access denied
Feb 25 11:34:54 osiris ppp[12076]: Warning: allow jerry: Invalid
command
Feb 25 11:34:54 osiris ppp[12076]: Warning: allow jerry: Failed 1
Feb 25 11:34:54 osiris ppp[12076]: Warning: Label incoming rejected
-direct connection: User access denied
Feb 25 11:42:27 osiris ppp[12079]: Warning: allow jerry: Invalid
command
Feb 25 11:42:27 osiris ppp[12079]: Warning: allow jerry: Failed 1
Feb 25 11:42:27 osiris ppp[12079]: Warning: Label incoming rejected
-direct connection: User access denied
Feb 25 12:01:37 osiris ppp[12128]: Warning: allow jerry: Invalid
command
Feb 25 12:01:37 osiris ppp[12128]: Warning: allow jerry: Failed 1
Feb 25 12:01:37 osiris ppp[12128]: Warning: Label incoming rejected
-direct connection: User access denied
***************************************************** END OF
/var/log/ppp.log
*************************************************************
The user's (user10) shell is /usr/local/bin/ppplogin and looks like
this:
#! /bin/sh
exec /usr/sbin/ppp -direct incoming
Any help appreciated!
Kind Regards,
Wim Olivier
Mobile: +27 (0) 82 655 3599
_______________________________________________________________
http://www.webmail.co.za the South-African free email service
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LPBBIGIAAKKEOEJOLEGOCEMHCIAA.barbish>