| View previous topic :: View next topic |
| Author |
Message |
soloslinger
n00b
Joined: 13 Oct 2006
Posts: 44
|
 Posted: Wed Jan 27, 2010 2:27 am Post subject: PPTP VPN Routing Issue |
 |
|
Hey all,
I have been working on getting Gentoo to connect to my company's MS PPTP VPN. I believe get authenticated/connected because a local ppp0 interface gets created and the interface gets assigned an appropriate IP address and the MS end sees the connection as persistent, alive, active. The problem is, I can't make any traffic reach the other end of the tunnel. I can ping the IP address assigned to the ppp0 interface and that is it.
/etc/ppp/options.pptp:
| Code: | lock
noauth
refuse-eap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
|
/etc/ppp/chap-secrets:
| Code: |
DOMAIN\\soloslinger PPTP 1234 *
PPTP DOMAIN\\soloslinger 1234 *
|
/etc/ppp/peers/myvpn:
| Code: |
pty "pptp vpn.publicip.com --nolaunchpppd"
name DOMAIN\\soloslinger
remotename PPTP
file /etc/ppp/options.pptp
ipparam myvpn
|
My network before connecting:
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
eth0 Link encap:Ethernet HWaddr 00:e0:4c:b1:3c:47
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:4cff:feb1:3c47/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26 errors:0 dropped:0 overruns:0 frame:0
TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3301 (3.2 KiB) TX bytes:1793 (1.7 KiB)
Interrupt:22 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
|
After connecting:
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
vpn.publicip.com 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
10.10.5.137 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
eth0 Link encap:Ethernet HWaddr 00:e0:4c:b1:3c:47
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:4cff:feb1:3c47/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58 errors:0 dropped:0 overruns:0 frame:0
TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6011 (5.8 KiB) TX bytes:4595 (4.4 KiB)
Interrupt:22 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.10.5.129 P-t-P:10.10.5.137 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:80 (80.0 B) TX bytes:86 (86.0 B)
|
I have done quite a bit of searching around trying solutions to this; changing default routes and such but haven't been able to find the solution. That being said it is possible my mistake is there. Can anyone give me some hints as to what I might possibly be missing?
Worse still, it seems as if a few folk have bumped into this on this forum, but the thread feels dead and there wasn't a cut and dry [SOLVED] in there. https://forums.gentoo.org/viewtopic-t-738641.html I think I have the same problem.
I appreciate any help,
soloslinger |
|
| Back to top |
|
 |
malern
Apprentice
Joined: 19 Oct 2006
Posts: 170
|
| Posted: Thu Jan 28, 2010 4:35 pm Post subject: |
|
|
Currently your routing will only allow you to talk to the PPTP server itself. You probably want to setup a route to the rest of the remote network as well. Try this command
ip route add 10.10.5.0/24 dev ppp0 |
|
| Back to top |
|
|
soloslinger
n00b
Joined: 13 Oct 2006
Posts: 44
|
| Posted: Mon Feb 01, 2010 6:25 am Post subject: |
|
|
Unfortunately, that wasn't it. The route got added to the table but I still couldn't ping the other side.
soloslinger |
|
| Back to top |
|
|
soloslinger
n00b
Joined: 13 Oct 2006
Posts: 44
|
| Posted: Wed Feb 03, 2010 6:22 am Post subject: |
|
|
Welp, I was advised that I might need to do some snazzy advanced routing via iptables. I am kinda new to iptables, I don't suppose anyone could give me some pointers on how to make this work?
Still lookin for thoughts on this if anyone wouldn't mind spending some knowledge on me.
soloslinger |
|
| Back to top |
|
|
|
Networking & Security
