Date: Sat, 16 Nov 2013 23:13:35 +0100 From: Florian Smeets <flo@smeets.im> To: "Dr. Rolf Jansen" <rj@obsigna.com>, freebsd-net@freebsd.org Subject: Re: MPD5 PPTP and L2TP server problem with FreeBSD 9.2-RELEASE-p1 Message-ID: <5287EE0F.3070800@smeets.im> In-Reply-To: <6066426D-84BE-40F6-904D-9FF97B128555@obsigna.com> References: <6066426D-84BE-40F6-904D-9FF97B128555@obsigna.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --gDT9FiLE0CcfnvM242jrxlHjlp6KMTSwq Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 16/11/13 22:48, Dr. Rolf Jansen wrote: > Hello! > > Now, the server behaves strange after a PPTP or a L2TP/IPsec-VPN > connection had been established. The VPN client can access resources > on the server, but not in the LAN and WAN, as it could on 9.1. Even > more bugging is, that LAN clients cannot access the internet anymore, > once a VPN connection was made, and the problem persists even after > the VPN was disconnected, and persists after the mpd5 and racoon were > killed, and any dangling SA and SPD had been flushed. netstat -nr and > sockstat -4 show nothing strange. For getting back WAN connectivity > for LAN clients, I need to restart the server. >=20 Do you set net.inet.ip.forwarding in /etc/sysctl.conf? Try setting gateway_enable=3D"YES" in /etc/rc.conf. This is caused by some changes in= the rc system and the scripts it calls on interface creation. This bit me too. It looks like directly setting net.inet.ip.forwarding in sysctl.conf has never been officially supported. Though the last time I used gateway_enable was probably in the 4.X days, and setting it in sysctl.conf has always worked for me, until now :) Florian --gDT9FiLE0CcfnvM242jrxlHjlp6KMTSwq Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJSh+4TAAoJEOcFPfn/hvB2jQcP/iutldAF42tgiPPr66AKIvfu HZY1KjNHmZSp0HgFUPQgFY0osTrffDPhRDXyRXEPLaoJZJ7ozgf7i7dMuH8g10aW IDTydnBCISS03LGsh8X/81CengYpbgKH2av0SHbm/zbS+Hgr7ykkmvWsuwvuZaQ5 gcH9hQXRYQJbHhypdmDxoseiPhqV6XliWxwGqNGhYHJ2Ws9tUVhG0OKbEDM4v6Zi +8U+Na7KYafkK30lX3dX9bkYNLO5tWVPvvBz2Zrfl4ZOnHeOm7Vez6YcC1bpbbCu +sCk2K9AA1tRvyFmi/OVj4a8h35Hl7ZVQDsEb28dqvNrAg4+svuRd2mfdLEN+w+k 1iJPQtwZUucc/IfsS5zOXEbEgd8e9TD4m2s3yGSM+U7WTyG9OfjtWTyTAN95osuG PiduYmTsHkToKt9n4GyVrYZKX7WeFnNCdHGkxg+h6eoZFa56/F8stHtIFyHKdap8 gVMmQWEp2stCwhMO1ouH9JnNwlB+6JvzEtaXQg5AdPhYshH7RdCTuZX72CE2ETI8 z1e3OgIqodTM8pJBllGWXm7g+BcrFtf96ktwu7mWRVqg5mvLXuD2eCn6OShPNohX VhxgYlrr9s981PX4qOO9ylb7qMBuO8GI3Xz6fSStddfC7dY0ppKMlC97QfsAMvEP YQgsMUVrROCiAVh+HvJM =8RWC -----END PGP SIGNATURE----- --gDT9FiLE0CcfnvM242jrxlHjlp6KMTSwq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5287EE0F.3070800>