pptpd server on a Samba PDC

Nikos Vassiliadis nvass at teledomenet.gr
Tue Mar 18 14:31:32 UTC 2008 

On Tuesday 18 March 2008 14:28:22 Jon Theil Nielsen wrote:
> My goal is to make our PDC (FreeBSD 7.0 - Samba 3.0.28) available
> through VPN from Windows clients so clients can authenticate via
> Winbind, join the domain and access there home shares.
> I have tried to follow the instructions by Andrew Bartlett (
> http://samba.org/ftp/unpacked/lorikeet/pppd/final-report.pdf) - without
> success.
>
> My main configuration file /usr/local/etc/httpd.conf looks like
> option /etc/ppp/options.pptp
> localip 192.168.1.4
> remoteip 192.168.1.150-155
> pidfile /var/run/pptpd.pid
> # TAG: bcrelay <if>
> bcrelay eth0
>
> And the /etc/ppp/options.pptp:
> lock
> noauth
> nobsdcomp
> lcp-echo-failure 10
> lcp-echo-interval 10
>
> I have another file /etc/ppp/options:
> lock
> noauth
> nobsdcomp
> lcp-echo-failure 10
> lcp-echo-interval 10
> mflserver3# less /etc/ppp/options
> name mflserver3
> noipdefault
> noauth
> lock
> local
> lcp-echo-interval 30
> lcp-echo-failure 4
> lcp-max-configure 60
> lcp-restart 2
> idle 600
> noipx
> file /etc/ppp/filters
> proxyarp
> ms-dns 192.168.1.4
> ms-wins 192.168.1.4
> refuse-chap
> refuse-mschap
>
> Finally, I have both pap-secrets and chap-secrets.
>
> With the existence of a /etc/ppp/ppp.conf looking like:
> pptp:
>     set timeout 0
>     set log phase chat connect lcp ipcp command
>     set dial
>     set login
>     enable mssfixup
>     set ifaddr 192.168.1.4 192.168.150-192.168.1.155 255.255.255.0
>     set server /tmp/loop "" 0177
>     disable pap
>     # Authenticate against /etc/passwd
>     enable passwdauth
>     disable ipv6cp
>     enable proxy
>     accept dns
>     enable MSChapV2
>     enable mppe
>     disable deflate pred1
>     deny deflate pred1
>     set dns 195.184.96.2
>     set device !/etc/ppp/secure
>
> I got the following in my log:
> ppp[67205]: Warning: Label /etc/ppp/options.pptp rejected -direct
> connection: Configuration label not found
>
> When I removed ppp.conf, I got:
>  ppp[67267]: Warning: Label /etc/ppp/options.pptp rejected -direct
> connection: /etc/ppp/ppp.conf : File not found
>
> I am a bit confused. It seems that the reference to the options file
> makes something go wrong. And it seems that pptpd needs the ppp
> configuration file to work.

Yes, this configuration guide you've read is for Linux, thus it will
use pppd by Paul Mackeras. pppd is in the base system(/usr/sbin/pppd),
but it's an older version than the Linux one, since most people on FreeBSD
use user-ppp(/usr/sbin/ppp). So, bad news first:
pppd probably won't work(at least won't work by copying
a configuration file you've found on the internet). I have many
doubts that FreeBSD's pppd can be used with pptp.

The good news are, that poptop is supported(it's in the ports), 
you just have to use user-ppp(which you seem to already use, since
the name of the process above is ppp). Isn't the pptp entry on
/etc/ppp/ppp.conf, installed from the port???
Did you search the package for configuration samples?

>
> Does anyone have a working example of poptop-based vpn server

The pptp server/client of preference for a FreeBSD system, is in my humble
opinion net/mpd. I suggest you to use that. There many guides on "pptp
and mpd" lying around on the net.

HTH, Nikos

More information about the freebsd-questions mailing list