DSL with User PPP and Static IP
Jacob D. Hunt
jhunt at kyder.com
Fri Jan 23 11:47:46 PST 2004
Thanks for the suggestions.
I have implemented all the changes including disabling the IPFW firewall
NAT. I simplified the /etc/ppp/ppp.conf file and made sure it still worked
using the dynamic config of "set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0
0.0.0.0". I then proceeded to change that line to "set ifaddr 69.37.6.193
69.37.6.198 255.255.255.248". It is my assumption that this will set my
address to .193, with a gateway of .198 and a netmask of .248.
After making these changes, tun0 is once again opened by a pid, but nothing
connects. I am including updated copies of the ppp.conf file and
/var/log/ppp.log.
Thanks again for your help,
Jacob @ Jerry's Transmission Service
Guilford, CT
-------SAMPLE PPP.CONF-------
default:
set log Phase tun
set timeout 0
sbcglobal:
set device PPPoE:dc0:
set authname jerry.transmission at sbcglobal.net
set authkey snet03
set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0
add default HISADDR
enable dns
loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255
set server /tmp/loop "" 0177
loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct
pptp:
load loop
enable loop
disable pap
enable passwdauth
enable proxy
accept dns
set dns 192.168.0.1 192.168.0.2
set nbns 192.168.0.15 192.168.0.16
set device !/etc/ppp/secure
-------END PPP.CONF-------
-------SAMPLE PPP.LOG-------
Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: Using interface: tun0
Jan 23 14:27:27 jerrystransmission ppp[282]: Phase: deflink: Created in
closed state
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: PPP Started (ddial
mode).
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: bundle: Establish
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: closed ->
opening
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink:
Connected!
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: opening
-> dial
Jan 23 14:27:27 jerrystransmission ppp[283]: tun0: Phase: deflink: dial ->
carrier
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received
NGM_PPPOE_ACNAME (hook "62031090089590-")
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received
NGM_PPPOE_SESSIONID
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Received
NGM_PPPOE_SUCCESS
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: carrier
-> login
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: login ->
lcp
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Warning: deflink:
Reducing configured MRU from 1500 to 1492
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: bundle:
Authenticate
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: deflink: his =
PAP, mine = none
Jan 23 14:27:28 jerrystransmission ppp[283]: tun0: Phase: Pap Output:
jerry.transmission at sbcglobal.net ********
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: Pap Input: SUCCESS
()
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: lcp ->
open
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: bundle: Network
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP
protocol reject closes IPV6CP !
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP
protocol reject closes IPV6CP !
Jan 23 14:27:29 jerrystransmission ppp[283]: tun0: Warning: ff02:8::/32:
Change route failed: errno: Network is unreachable
Jan 23 14:27:33 jerrystransmission ppp[283]: tun0: Phase: deflink: IPV6CP
protocol reject closes IPV6CP !
Jan 23 14:27:42 jerrystransmission last message repeated 3 times
-------END PPP.LOG-------
>
> Jacob
> Your rc.conf is all wrong, you are doing the nat process in both
> 'user ppp' and IPFW, this is wrong.
> The default IPFW firewall rules are useless in protecting you.
> If you want stateful ipfw rules which will give you max in
> protection and that will work as is for your situation let me know.
>
> -------SAMPLE RC.CONF-------
> ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0"
> ifconfig_dc0=up
> ppp_enable="YES"
> ppp_mode="ddial"
> ppp_nat="YES"
> ppp_profile="dialisp"
> gateway_enable="YES"
> firewall_enable="YES"
> firewall_type="OPEN"
> -------END RC.CONF-------
>
>
>
> see if this works for you. Please let me know the out come.
>
> #################### start of DSL ppp.conf ###################
> default:
>
> set log Phase tun #use to avoid excessive log sizes
> set timeout 0 # no idle time out, will not disconnect
>
>
> dialisp:
> set device PPPoE:XXX # replace xxx with your Nic card
> device name
> set authname YOURLOGINNAME # Replace with your ISP account IP
> set authkey YOURPASSWORD # Replace with your ISP account
> password
> add default HISADDR # Add a (sticky) default route
> (Mandatory)
> enable dns # Gets the ISP's DNS IP address & places
> them
> # in resolv.conf for reference by FBSD box.
>
>
>
> ############### End of DSL ppp.conf
> #################################
>
>
>
> Replace the XXX in the [set device PPPoE:XXX] statement with the Nic
> card FBSD interface name. Sometimes it will be necessary to use a
> service tag to establish your connection depending on how your ISP
> and/or the phone company has it's DSL network configured. Service
> tags are used to distinguish between different PPPoE servers
> attached to a given network. You should have been given any required
> service tag information in the documentation provided by your ISP.
> If you cannot locate it there, ask your ISP's tech support
> personnel. This is the format of the command with the service tag
> added
>
> set device PPPoE:XXX:service_tag
>
>
> The xxxx is the FBSD interface name used by PPPoE, the interface
> must be UP, (IE: enabled). It is only used as transport, and does
> not need to be assigned an IP address. This can be done
> automatically at boot time by updating the /etc/rc.conf file. The
> format of the statement to add is ifconfig_xxxx=up where xxxx is
> Nic card FBSD interface name used by PPPoE that you specified in the
> /etc/ppp/ppp.conf file.
>
> ee /etc/rc.conf add following statement
>
> ifconfig_xxxx=up
>
>
> To setup user ppp to dial your ISP automatically at FBSD boot time,
> you have to add the following statements to the rc.conf file. The
> ddial option means to redial every time the connection to the ISP
> gets dropped.
>
> ee /etc/rc.conf
>
> # Activate user ppp auto start at boot time
> ppp_enable="YES" # Start User ppp task
> ppp_mode="ddial" # ddial, auto, background
> ppp_profile="dialisp" # section in ppp.conf to
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Jerrys
> Transmission
> Sent: Friday, January 23, 2004 9:40 AM
> To: freebsd-questions at freebsd.org
> Subject: DSL with User PPP and Static IP
>
> Hello,
>
> I have just started working for a local auto transmission repair
> shop and am
> trying to get the local server up and running. Specifically, the
> server
> works great with dynamic IPs assigned from the DSL provider (using
> PPPoE)
> but it burps when I attempt a static IP as per the handbook's "Using
> User
> PPP" section.
>
> Our business was given the following values for connecting to the
> Internet:
>
> Net: 69.37.6.192
> Gateway: 69.37.6.198
> Netmask: 255.255.255.248
> Broadcast: 69.37.6.199
> Static IPs 193-197
>
>
> When I change /etc/ppp/ppp.conf (sample attached) to:
>
> set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248
>
> tun0 is "Opened by PID xxx" but does not show any IP addresses, and
> the
> connection does not work. If I leave the ifaddr to the dynamic
> setting
> (which includes the 0.0.0.0) everything works fine. I am including
> a sample
> of our local ppp.conf, ifconfig output, and relevant parts of
> rc.conf for reference.
> Please note, the ifconfig output shows the missing inet line when a
> static
> config is attempted.
>
> Any help would be greatly appreciated.
>
> Thanks again,
>
> Jacob @ Jerry's Transmission Service
> Guilford, CT 06437
>
>
> --------SAMPLE PPP.CONF-------
> default:
> set log Phase Chat LCP IPCP CCP tun command
> nat enable yes
> nat same_ports yes
> nat use_sockets yes
> set redial 15 28800
> set reconnect 15 28800
>
> sbcglobal:
> set device PPPoE:dc0:
> set mru 1492
> set mtu 1492
> set speed sync
> enable lqr
> set lqrperiod 5
> set cd 5
> set dial
> set login
> set timeout 0
> set authname [CENSORED]
> set authkey [CENSORED]
> set ifaddr 69.37.6.193 69.37.6.198 255.255.255.248
> add default HISADDR
> enable dns
>
> loop:
> set timeout 0
> set log phase chat connect lcp ipcp command
> set device localhost:pptp
> set dial
> set login
> set ifaddr 192.168.0.1 192.168.0.200-192.168.0.253 255.255.255.255
> set server /tmp/loop "" 0177
>
> loop-in:
> set timeout 0
> set log phase lcp ipcp command
> allow mode direct
>
> pptp:
> load loop
> enable loop
> disable pap
> enable passwdauth
> enable proxy
> accept dns
> set dns 192.168.0.1 192.168.0.2
> set nbns 192.168.0.15 192.168.0.16
> set device !/etc/ppp/secure
>
> -------END PPP.CONF-------
>
>
> -------SAMPLE IFCONFIG-------
> dc0: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu
> 1492
> inet6 fe80::204:5aff:fe7f:75d4%dc0 prefixlen 64 scopeid 0x1
> inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
> ether 00:04:5a:7f:75:d4
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=3<rxcsum,txcsum>
> inet6 fe80::207:e9ff:fe70:801b%em0 prefixlen 64 scopeid 0x2
> inet 192.168.2.1 netmask 0xffff0000 broadcast
> 192.168.255.255
> ether 00:07:e9:70:80:1b
> media: Ethernet autoselect (100baseTX <half-duplex>)
> status: active
> lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
> sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
> faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet6 ::1 prefixlen 128
> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
> inet 127.0.0.1 netmask 0xff000000
> ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
> tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
> Opened by PID 501
> -------END IFCONFIG-------
>
>
> -------SAMPLE RC.CONF-------
> network_interfaces="auto"
> ifconfig_em0="inet 192.168.2.1 netmask 255.255.0.0"
> ifconfig_dc0="inet 10.0.0.1 mtu 1492 netmask 255.0.0.0 -arp up"
> ppp_enable="YES"
> ppp_mode="ddial"
> ppp_nat="YES"
> ppp_profile="sbcglobal"
> gateway_enable="YES"
> firewall_enable="YES"
> firewall_type="OPEN"
> natd_enable="YES"
> natd_interface="tun0"
> natd_flags="-u -m -dynamic -s"
> named_enable="YES"
> -------END RC.CONF-------
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
>
More information about the freebsd-questions
mailing list