Roaming tunnel (IPSEC or something).

Lewis Thompson lewiz at fajita.org
Fri Aug 27 14:06:53 PDT 2004


On Fri, Aug 27, 2004 at 07:29:49PM +0100, Lewis Thompson wrote:
> On Fri, Aug 27, 2004 at 01:08:04PM -0500, uidzero wrote:
> > Sorry to bother you directly but, I too have been looking into doing 
> > this, Could you possibly send me any URLs you might have used or if you 
> > documented it somehow, send tht to me as well?
> 
> No problem.  I used the following:
> 
> http://reallydodgy.org/~jrose/index.php?content=mpd.html
> http://www.itga.com.au/~gnb/vpn/pptp-serv.html
> http://freebsdaddicts.org/modules.php?name=Sections&op=viewarticle&artid=9
> 
>   My biggest piece of advice is to use mpd at both ends (if you're using
> a FreeBSD client).  I had trouble with pptpclient (protocol errors at
> the server end) but mpd as a client worked perfectly.
> 
>   I've not really made any notes but I'm just about to clean up my
> config files, I'll email these when I've done them.

Here you go.  Basically my server is 192.168.0.1 on the network
192.168.0.0.  It's external address is 10.0.0.42.

mpd.conf (server):

default:
        load pptp0
        load pptp1
        load pptp2
        load pptp3
        load pptp4

pptp_common:
        set bundle enable crypt-reqd
        set bundle enable compression

        set iface route 192.168.0.0/24
        set iface idle 7200
        set iface enable proxy-arp

        set ipcp dns 192.168.0.1
        set ipcp nbns 192.168.0.2

        set link keep-alive 10 60
        set link no pap chap
        set link enable chap

        set ccp yes mppc
        set ccp no mpp-e40
        set ccp no mpp-e56
        set ccp yes mpp-e128
        set ccp yes mpp-stateless

pptp0:  
        new -i ng0 pptp0 pptp0
        set ipcp ranges 192.168.0.1/32 192.168.0.50/32
        load pptp_common

pptp1:  
        new -i ng1 pptp1 pptp1
        set ipcp ranges 192.168.0.1/32 192.168.0.51/32
        load pptp_common

pptp2:  
        new -i ng2 pptp2 pptp2
        set ipcp ranges 192.168.0.1/32 192.168.0.52/32
        load pptp_common

pptp3:  
        new -i ng3 pptp3 pptp3
        set ipcp ranges 192.168.0.1/32 192.168.0.53/32
        load pptp_common

pptp4:  
        new -i ng4 pptp4 pptp4
        set ipcp ranges 192.168.0.1/32 192.168.0.54/32
        load pptp_common

mpd.links (server):

pptp0:
        set link type pptp
        set pptp self 10.0.0.42
        set pptp enable incoming
        set pptp disable originate

pptp1:
        set link type pptp
        set pptp self 10.0.0.42
        set pptp enable incoming
        set pptp disable originate

pptp2:
        set link type pptp
        set pptp self 10.0.0.42
        set pptp enable incoming
        set pptp disable originate

pptp3:
        set link type pptp
        set pptp self 10.0.0.42
        set pptp enable incoming
        set pptp disable originate

pptp4:
        set link type pptp
        set pptp self 10.0.0.42
        set pptp enable incoming
        set pptp disable originate

mpd.secret (server):

user		"password"	*

mpd.conf (client):

default:
        load pptp0

pptp0:
        new -i ng0 pptp0 pptp0

        set bundle enable crypt-reqd
        set bundle enable compression
        set bundle authname "user"
        set bundle password "pass"

        set iface disable on-demand
        set iface idle 0

        set ipcp ranges 0.0.0.0/0 192.168.0.0/24

        set link keep-alive 10 60
        set link no pap
        set link yes chap

        set link enable no-orig-auth

        set ccp yes mppc
        set ccp no mpp-e40
        set ccp no mpp-e56
        set ccp yes mpp-e128
        set ccp yes mpp-stateless

        open

mpd.links (client):

pptp0:
        set link type pptp
        set pptp peer 10.0.0.42
        set pptp disable incoming
        set pptp enable originate outcall

  I hope this is some use to you!  Best wishes,

-lewiz.

-- 
I was so much older then, I'm younger than that now.  --Bob Dylan, 1964.
------------------------------------------------------------------------
-| msn:purple at lewiz.net | jabber:lewiz at jabber.org | url:www.lewiz.org |-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040827/281ab0d2/attachment.bin


More information about the freebsd-questions mailing list