[pptp-server] Easy PPP question (using PoPToP)

John Hovell john.hovell at home.com
Mon Aug 21 01:00:08 CDT 2000


Hello all --

Usually when we have problems with computers, we think we have
everything set up correctly, and we can't figure out why it *still*
won't work.

Well, my problem is that I have a setup that seems bizarre and
incorrect; but it works.

Basically, I am configuring a PPTP gateway using PoPToP... and I am
trying to decide what IP ranges I should use for local and remote.

My masq'ed network on the PoPToP gateway is 172.16.0.0 ... and I
assigned remote and local IP addresses _on_ this network.  To my
surprise, everything works fine.  I was led somewhat vaguely by examples
to believe that you are supposed to choose a new subnet for each (local
and remote).  (If I do that, it doesn't work... duh, unless you set the
defroute on the client with PPP, it will never know where to send the
data.)

Someone please help me out here.  What would be intelligent and proper
ranges to choose for local and remote (I want communication from the
PPTP client to the 172.16.0.0 network.)

Thanks...
-- John

P.S.  If anyone has any tips on setting up MS VPN's with Linux using
IPSec, I'm all ears ... PGPNet is the biggest piece of junk I have ever
seen.  I got it to work successfully on 1 out of 4 computers I tested it
with (and on 2 it completely disabled networking with 3com cards)... and
I don't know of any alternatives.

I am *really* scared to use MS PPTP for a VPN, considering what I read
(dated 1998) here:
http://www.counterpane.com/pptp-faq.html

Does anyone know if this is still true?  I mean, I might as well not
apply the patch to include encryption... and I sure hope that this
doesn't mean my PoPToP server is subject to the same DoS attacks that
supposedly MS servers are prone to...

I have tried everything... I even tried out my Checkpoint SecuRemote
client that I have for the corporate LAN.  sheesh... i'm practically
ready to write my own program to do this... and Win 2K supposedly is
really not-so-compatible with L2TP, X.509, and Kerberos.

You think there would be a real demand for this sort of thing.  PPTP
seems to me to be a deathtrap.

Thanks again for any suggestions/help...




More information about the pptp-server mailing list