From owner-freebsd-questions@FreeBSD.ORG Tue Mar 18 12:28:25 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 70335106566B for ; Tue, 18 Mar 2008 12:28:25 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: from el-out-1112.google.com (el-out-1112.google.com [209.85.162.182]) by mx1.freebsd.org (Postfix) with ESMTP id 358B48FC1E for ; Tue, 18 Mar 2008 12:28:25 +0000 (UTC) (envelope-from jontheil@gmail.com) Received: by el-out-1112.google.com with SMTP id v27so2906038ele.12 for ; Tue, 18 Mar 2008 05:28:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=cMCkjaMiUtE4JTObw0zAdowwqm6Y/scLnJ7mMW554OY=; b=gP5u8bHjBT8uQL8bksUxOu870rDq/qofwnjQgeN8iFBhNlii+600+9iD//TYvWnxTToccK5jSWXEWFAOY2CC1J1HSJ5aM9ugY4t9NthBdt6a8FgglPcNHMYbXTq+VHRzpyCavJUQx7ZBRbBOzjfxTMCheH6OUPxhUngDSzQoPmk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=TYHEgNhsCrQrt1Jr4ky5o7RrjYXgblAMJLFMRIa3yN9aVRJMUXdcheY4wdjzDkDRz/GYhhfqFRHMcjYwQ4r5ceeGJx9o5mNuVYeqtr+swn7j+LLuBf82Eru9ItsEu9A46D1t0gcDhOE87P/eOuiPPr3nL7aK4B7/OSxrgdR/CfM= Received: by 10.115.22.1 with SMTP id z1mr1495839wai.48.1205843303000; Tue, 18 Mar 2008 05:28:23 -0700 (PDT) Received: by 10.114.168.6 with HTTP; Tue, 18 Mar 2008 05:28:22 -0700 (PDT) Message-ID: <8f82c35c0803180528g31ce1280icf2d8fb3f51f52ef@mail.gmail.com> Date: Tue, 18 Mar 2008 13:28:22 +0100 From: "Jon Theil Nielsen" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: pptpd server on a Samba PDC X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2008 12:28:25 -0000 My goal is to make our PDC (FreeBSD 7.0 - Samba 3.0.28) available through VPN from Windows clients so clients can authenticate via Winbind, join the domain and access there home shares. I have tried to follow the instructions by Andrew Bartlett ( http://samba.org/ftp/unpacked/lorikeet/pppd/final-report.pdf) - without success. My main configuration file /usr/local/etc/httpd.conf looks like option /etc/ppp/options.pptp localip 192.168.1.4 remoteip 192.168.1.150-155 pidfile /var/run/pptpd.pid # TAG: bcrelay bcrelay eth0 And the /etc/ppp/options.pptp: lock noauth nobsdcomp lcp-echo-failure 10 lcp-echo-interval 10 I have another file /etc/ppp/options: lock noauth nobsdcomp lcp-echo-failure 10 lcp-echo-interval 10 mflserver3# less /etc/ppp/options name mflserver3 noipdefault noauth lock local lcp-echo-interval 30 lcp-echo-failure 4 lcp-max-configure 60 lcp-restart 2 idle 600 noipx file /etc/ppp/filters proxyarp ms-dns 192.168.1.4 ms-wins 192.168.1.4 refuse-chap refuse-mschap Finally, I have both pap-secrets and chap-secrets. With the existence of a /etc/ppp/ppp.conf looking like: pptp: set timeout 0 set log phase chat connect lcp ipcp command set dial set login enable mssfixup set ifaddr 192.168.1.4 192.168.150-192.168.1.155 255.255.255.0 set server /tmp/loop "" 0177 disable pap # Authenticate against /etc/passwd enable passwdauth disable ipv6cp enable proxy accept dns enable MSChapV2 enable mppe disable deflate pred1 deny deflate pred1 set dns 195.184.96.2 set device !/etc/ppp/secure I got the following in my log: ppp[67205]: Warning: Label /etc/ppp/options.pptp rejected -direct connection: Configuration label not found When I removed ppp.conf, I got: ppp[67267]: Warning: Label /etc/ppp/options.pptp rejected -direct connection: /etc/ppp/ppp.conf : File not found I am a bit confused. It seems that the reference to the options file makes something go wrong. And it seems that pptpd needs the ppp configuration file to work. Does anyone have a working example of poptop-based vpn server for FreeBSD that can make workstations join the domain? Best regards, Jon Theil Nielsen