[pptp-server] complex VPN problem (fwd)
Scott M. Stone
sstone at taos.com
Mon Mar 6 15:44:30 CST 2000
I'm hoping that someone on this list can answer this one, cuz it's weird.
It's similar to one of the problems in the FAQ, but in my case, the pptp
server machine and the firewall machine are the SAME BOX... which makes it
a bit different... any help greatly appreciated.
--------------------------
Scott M. Stone, CCNA <sstone at taos.com>
UNIX Systems and Network Engineer
Taos - The SysAdmin Company
---------- Forwarded message ----------
Date: Mon, 6 Mar 2000 08:05:31 -0800 (PST)
From: Scott M. Stone <sstone at taos.com>
To: Taos Network List <network at vtc.teamtaos.com>
Subject: complex VPN problem
OK, this is a bit odd.. I have a Linux box with 2 ethernet cards. One
card goes directly to my DSL line, with a static IP. the other card goes
to an 8-port hub which has two other PCs attached to it.
Ok, so the IP masquerading/routing/firewalling/port forwarding seems to
work, all the machines can browse, etc, etc. I have ipsec on the router
box as well, to connect to my client site for doing email at home through
their notes server, that works great as well.
HOWEVER, I tried to set up a pptp connection last night to a friend of
mine who's using Windows 98. I installed and configured the linux pptpd
program, and installed PPP. The pptp connection is established, pppd
starts and assigns IP addresses (I assigned my friend's remote machine an
IP on my private subnet, 192.168.81.0/24, and I'm using proxyarp with
pppd). Now, pppd is working fine, or so I think. From my ROUTER machine
(which is 192.168.81.1 (eth1), 63.248.27.129 (eth0), and now
192.168.81.100 (ppp0)), I can see the remote pc (on 192.168.81.101). The
remote PC can ping ALL of the interfaces on the router, including
192.168.81.1. HOWEVER, the problem is that the remote PC cannot access
192.168.81.2, which is one of my internal PCs on my 8-port hub. Nor can
192.168.81.2 access the remote PC. However, .2 can access the 'net
through that same gateway, and can access the LAN pointed to by ipsec0
without any problems.
What am I doing wrong here? Should I be assigning ppp0 the same IP
address as eth1 (192.168.81.1?) I also tried assigning a different subnet
for the ppp interface and then setting up routing -- same results, no
connectivity.
Any help is greatly appreciated... thanks.
--------------------------
Scott M. Stone, CCNA <sstone at taos.com>
UNIX Systems and Network Engineer
Taos - The SysAdmin Company
More information about the pptp-server
mailing list