Connecting to VPN Concentrator

nanard nanard at tou.nu
Fri Nov 21 07:49:08 PST 2003 

Hi Eric,

> In a previous email to this list, I thought you were asking how to
> connect FreeBSD and windows clients to  a VPN server (of any kind,
> possibly FreeBSD)?  If that's what you want, I can help you with that..

Yes, i installed a VPN server on FreeBSD 4.9 with MPD. (and SaMBa in a jail
of the server for the VPN user only).

I managed to connect Windows users to it.
But I didn't manage to connect FreeBSD client to it (using pptp-client).
The connexion works but nothing go though the tunnel (i did nothing in ipf)
and after 170 sec, the client close the connexion.
(i think because of idle  ?). Maybe there is something wrong with my route.
I don't know

But now, i ve a VPN concentrator server (CISCO 3000) and i've some clients
who would  like to connect from FreeBSD.
I don't know if it s possible so, i m asking now here.

For my last question in this list, i m open to know how do you use mpd as
client to connect FreeBSD to FreeBSD MPD server.

Thanks in advance.

Nicolas

OS: FreeBSD 4.9

Configuration of the FreeBSD client :

crysto$ cat /etc/ppp/ppp.conf
TEST:
        set authname nanard
        set authkey ******
        set timeout 0
        set ifaddr 0 0
        add 192.168.0.142/24 HISADDR
        alias enable yes

When i launch :

# pptp XX.YY.ZZ.AA TEST

tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1498
        inet 192.168.0.142 --> XX.YY.ZZ.AA netmask 0xffffffff
        Opened by PID 24918

$ ping 192.168.0.142
PING 192.168.0.142 (192.168.0.142): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C


In log of FreeBSD client:

In /var/log/pptp.log

Nov 20 14:23:46 crysto ppp[80154]: Phase: Using interface: tun0
Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: Created in closed state
Nov 20 14:23:46 crysto ppp[80154]: Warning: The alias command is deprecated
Nov 20 14:23:46 crysto ppp[80154]: Phase: PPP Started (direct mode).
Nov 20 14:23:46 crysto ppp[80154]: Phase: bundle: Establish
Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: closed -> opening
Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: Connected!
Nov 20 14:23:46 crysto ppp[80154]: Phase: deflink: opening -> carrier
Nov 20 14:23:47 crysto ppp[80154]: Phase: deflink: carrier -> lcp
Nov 20 14:23:47 crysto ppp[80154]: Phase: Unexpected chap input - dropped !
Nov 20 14:23:53 crysto last message repeated 3 times
Nov 20 14:23:54 crysto ppp[80154]: Phase: bundle: Authenticate
Nov 20 14:23:54 crysto ppp[80154]: Phase: deflink: his = CHAP 0x81, mine =
none
Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Input: CHALLENGE (16 bytes)
Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Output: RESPONSE (nanard)
Nov 20 14:23:54 crysto ppp[80154]: Phase: Chap Input: SUCCESS
(S=E1F1FE8196608716C90AEA4015D20E9D4CF864D8)
Nov 20 14:23:54 crysto ppp[80154]: Phase: deflink: lcp -> open
Nov 20 14:23:54 crysto ppp[80154]: Phase: bundle: Network
Nov 20 14:26:40 crysto ppp[80154]: Phase: Signal 15, terminate.
Nov 20 14:26:40 crysto ppp[80154]: Phase: Signal 15, terminate.
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: read (0): Got zero bytes
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: open -> lcp
Nov 20 14:26:40 crysto ppp[80154]: Phase: bundle: Terminate
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: Disconnected!
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: Connect time: 174 secs:
665 octets in, 666 octets out
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: 18 packets in, 16 packets
out
Nov 20 14:26:40 crysto ppp[80154]: Phase:  total 7 bytes/sec, peak 208
bytes/sec on Thu Nov 20 14:23:54 2003
Nov 20 14:26:40 crysto ppp[80154]: Phase: deflink: lcp -> closed
Nov 20 14:26:40 crysto ppp[80154]: Phase: bundle: Dead
Nov 20 14:26:40 crysto ppp[80154]: Phase: PPP Terminated (normal).
Nov 21 16:03:07 crysto ppp[24918]: Phase: Using interface: tun0
Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: Created in closed state
Nov 21 16:03:07 crysto ppp[24918]: Warning: The alias command is deprecated
Nov 21 16:03:07 crysto ppp[24918]: Phase: PPP Started (direct mode).
Nov 21 16:03:07 crysto ppp[24918]: Phase: bundle: Establish
Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: closed -> opening
Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: Connected!
Nov 21 16:03:07 crysto ppp[24918]: Phase: deflink: opening -> carrier
Nov 21 16:03:08 crysto ppp[24918]: Phase: deflink: carrier -> lcp
Nov 21 16:03:08 crysto ppp[24918]: Phase: Unexpected chap input - dropped !
Nov 21 16:03:13 crysto last message repeated 3 times
Nov 21 16:03:15 crysto ppp[24918]: Phase: bundle: Authenticate
Nov 21 16:03:15 crysto ppp[24918]: Phase: deflink: his = CHAP 0x81, mine =
none
Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Input: CHALLENGE (16 bytes)
Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Output: RESPONSE (nanard)
Nov 21 16:03:15 crysto ppp[24918]: Phase: Chap Input: SUCCESS
(S=9749F42989AFAEB5922F86A515C6C42C4C3DAAC3)
Nov 21 16:03:15 crysto ppp[24918]: Phase: deflink: lcp -> open
Nov 21 16:03:15 crysto ppp[24918]: Phase: bundle: Network


crysto# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.0.0.138         UGSc       18       20    dc0
10/24              link#1             UC          3        0    dc0
10.0.0.4           00:a0:cc:da:6a:7f  UHLW        0        5    lo0
10.0.0.5           00:a0:cc:da:6a:7f  UHLW        1       17    lo0 =>
10.0.0.5/32        link#1             UC          1        0    dc0
10.0.0.7/32        link#1             UC          0        0    dc0
10.0.0.8/32        link#1             UC          0        0    dc0
10.0.0.138         00:08:21:b8:c2:14  UHLW       16        0    dc0    715
10.0.0.255         ff:ff:ff:ff:ff:ff  UHLWb       3       49    dc0
127.0.0.1          127.0.0.1          UH          0       45    lo0
192.168.0          XX.YY.ZZ.AA      UGSc        0        3   tun0
192.168.1          link#1             UC          0        0    dc0
195.68.88.112/29   link#1             UC          0        0    dc0
XX.YY.ZZ.AA     192.168.0.142      UH          2        1   tun0

When it deconnect :

Nov 21 16:05:06 crysto ppp[24918]: Phase: Signal 15, terminate.
Nov 21 16:05:06 crysto ppp[24918]: Phase: Signal 15, terminate.
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: read (0): Got zero bytes
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: open -> lcp
Nov 21 16:05:06 crysto ppp[24918]: Phase: bundle: Terminate
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: Disconnected!
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: Connect time: 119 secs:
696 octets in, 661 octets out
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: 18 packets in, 16 packets
out
Nov 21 16:05:06 crysto ppp[24918]: Phase:  total 11 bytes/sec, peak 212
bytes/sec on Fri Nov 21 16:03:15 2003
Nov 21 16:05:06 crysto ppp[24918]: Phase: deflink: lcp -> closed
Nov 21 16:05:06 crysto ppp[24918]: Phase: bundle: Dead
Nov 21 16:05:06 crysto ppp[24918]: Phase: PPP Terminated (normal).


>
> Eric
>
> --
> ------------------------------------------------------------------
> Eric Anderson    Systems Administrator      Centaur Technology
> All generalizations are false, including this one.
> ------------------------------------------------------------------
>
>
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>

More information about the freebsd-isp mailing list