[pptp-server] Will this configuration work ?

tmk tmk at netmagic.net
Thu Jul 15 02:51:32 CDT 1999 

Yes, that config is the right way to do it.

linux doens't care what port you use, so if they block 1723 it would still
work with a minor change to on eof teh source code files, but windows
unfortunately must use port 1723.. sorry

As for your browsing problems:
1. check to make sure that IP forwarding is enabled in the kernel. To do
this, "echo 1 > /proc/sys/net/ipv4/ip_forward" That will enable IP
forawrding. You might also want to use the proxyarp option in pppd. 

2. you will probably want to install all the latest patches and whatnot on
the clinet and server machines. this means the dun1.3 patch for win95 and
i think there's one for win98 too. Service pack 5 for nt machines, and
install the pppd 2.8 patch for encryption in linux (get it on the pptpd
download page)


3. EXTERNALLY ONLY it's ok to block everything but 1723 (but internally
you need to be more open)

4. If you have a wins server at work on the private network, send that to
the clinets (there's a pppd option for that) and that should fix most
browsing problems, along with enabling ip_forwarding as described above.

5. if you can ping the other computers, try accessing them directly via
Start->run->\\computername instead of browsing via network neighborhood.

the browsing problem is most likely due to an incorrect subnet mask being
passed by pppd. This screws up the broadcast packets which are used to
browse the network. A wins server is a good solution, and i bet setting up
a proper samba (smbd and nmbd) server on the host linux box would work
too.

We're trying to figure out a way to fix the netmask problem. It seems like
all of our big problems are pppd related :) 

Kevin

 On Thu, 15 Jul 1999
L.Lanik at kommunalkredit.at wrote:

> Hi everybody !
> 
> I am new to this list and I hope my questions are not too silly ....
> 
> 
> I have to install home working for some people of a big company.
> This company is permanently connected to the internet. Most people of this
> company have got a permanent internet connection via TV cable at home (yes we
> have got this in Vienna/Austria !).
> The company is running various Microsoft products (Authentification via NT
> Domain, Pathworks and NT file services, Exchange Server, etc.) and some Unix
> hosts (and still some Vax's).
> The home workers have to access all this from home, as they were sitting in the
> office.
> The company is running some private network addresses inside their LAN (resp.
> WAN).
> The people are running Win95, Win98 or WinNT at home.
> 
> So, my suggestion is the following:
> 
> Install a linux server connected to the Internet with an official IP-address and
> to the LAN with a private one.
> Install PPTP on linux.
> Insert an entry in /etc/ppp/chap-secrets for every user.
> 
> Install Microsoft VPN on the home pc's with the linux box's ip address as vpn
> server.
> -------------------------------------
> That was my theory.
> -------------------------------------
> Now to you (-> the experts):
> 
> Will this configuration work ?
> Wil there be any difference for the people between office and home ?
> Can they connect drives to NT server etc. ?
> Do I have to install any extra software on client side - What about "Dial Up
> Networking Update 1.3" (On which OS I have to install this patch: Win98,
> Win95/OSR2, Win95/OSR1 ?)
> If there is a firewall between, is it enough to only open port 1723 ?
> If the TV cable company does block port 1723, is it possible to use another port
> ? How to configure on linux resp. WinXX ?
> 
> P.S.: I tried this configuration. I could ping every PC over the tunnel, but I
> was not able to browse any NT server ?
> 
> 
> Best regards
> 
> Laurenz Lanik
> IntelliNet EDV-Dienstleistungsges.m.b.H.
> -------------------------------------------------------------
> Telefon:  +43/1/5952388/21
> Mobil:         +43/664/432 5571
> Fax:      +43/1/5952390
> E-Mail:        L.Lanik at IntelliNet.at
> WWW:      http://www.intellinet.at/intellinet
> 
> 
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!
>

More information about the pptp-server mailing list