Userland PPP/PPTP tunneling problem
Sten Daniel Sørsdal
sten.daniel.sorsdal at wan.no
Thu Apr 17 11:18:59 PDT 2003
> I've got an interesting problem that I'm not sure how to solve. Here's
> the situation. A FreeBSD router is set up to allow a host outside, on the
> Internet, to tunnel into a LAN via PPTP. The router is running PoPToP and
> FreeBSD's userland PPP. The internal LAN uses the addresses 192.168/16,
> and the internal interface of the router is configured with the /16
> subnet mask.
> When the client (which is running Windows) connects, it's given a fixed
> IP, specified in the ppp.secret file, corresponding to the user who is
> tunneling in. But the client's routing table has a routing table entry
> that directs packets for 192.168/24 (NOT /16) to the PPTP connection.
> I can't find a way to cause userland PPP to tell the Windows client that
> it should be using a different subnet mask. (There's no way to specify
> one in the ppp.secret file.) How is this done?
This is a known issue with the Microsoft PPTP client. It adds the natural
netmask and not the specified one. In case of 192.168.x.x/16 that is a
255.255.255.0 netmask and with for example 80.80.80.0/24 is 80.0.0.0/8.
The only known workarounds AFAIK are requiring the client to default route
Through the tunnel - or - setup a (persistent?) route on the windows box.
Say if client gets 192.168.1.2 when client connects, you need to manually
Enter: route -p add 192.168.0.0 mask 255.255.0.0 192.168.1.2
On the windows client before connecting.
Microsoft doesnt seem to be interested in fixing this problem as the problem
persist even on Windows XP and has been known since Windows 98(??).
- Sten
More information about the freebsd-net
mailing list