[pptp-server] network neighborhood HELP!!!

Alan Chung alan at silveregg.co.jp
Wed Oct 11 23:59:09 CDT 2000 

Thanks for the message.

I actually set up the network of VPN the same as internal network 
(192.168.0.0/24), using certain range of IPs.  In this case, do I still 
need add routes manually for each internal machine in order to see dial-up 
in VPN client?


>When the client pings 10.10.10.3 or .2, it knows how to talk to it because
>your VPN Server knows how to route to those address.  The problem is, the
>computer 10.10.10.3 does not know that packets from 192.168.0.x have to be
>sent to the VPN server at 10.10.10.3 (because then the VPN server forwards
>them to the 192.168.0.x network).


Actually, my problem is reverse.  In this example, I can ping from 
10.10.10.2 to 192.168.0.201 but not reversely.  I even tried to use

ms-dns
ms-wins

for internal WINS server, it didn't work out.


>So, for your 10.10.10.3 type computer, you'll add a route that tells it that
>192.168.0.0 network packets are forwarded to 10.10.10.2 (the internal IP of
>the VPN server).
>
>Adam Lang
>Systems Engineer
>Rutgers Casualty Insurance Company
>----- Original Message -----
>From: "Alan Chung" <alan at silveregg.co.jp>
>To: "Adam Lang" <aalang at rutgersinsurance.com>
>Sent: Wednesday, October 11, 2000 3:15 AM
>Subject: Re: [pptp-server] network neighborhood HELP!!!
>
>
> > Thanks for your help.
> >
> > As you mentioned, do I have to add routes on both VPN clients and pptp
> > server for them to know each other?  It seems that pptp server alread know
> > where client is (since I can ping it) but client doesn't.  I am not sure
> > how to add a route on window platform  but it looks like this,
> >
> > route add [ip] mask [netmask] [gateway]
> >
> > I have tried this but it doesn't work.
> >
> > Also I have ipchains rules setup as following,
> >
> > $REMOTENET = 0/0
> > $OUTERIP = IP address of external interface on firewall
> > $OUTERNET = $OUTERIP/netmask
> > $OUTERIF = external interface of firewall
> > $pptp_interip = internal IP address of pptp server
> >
> >
> > #--------------------------
> > # port forwarding for 1723
> > #--------------------------
> > ipmasqadm portfw -a -P tcp -L $OUTERIP 1723 -R $pptp_interip 1723
> >
> >
> > #----------------------
> > # redirect protocol 47
> > #----------------------
> > /usr/local/sbin/ipfwd --masq --syslog $pptp_interip 47 &
> >
> >
> > #-----------------------
> > # ipchains part for VPN
> > #-----------------------
> >
> >
> > ipchains -A input -p tcp -s $REMOTENET -d $OUTERNET 1723 -i $OUTERIF -j
>ACCEPT
> > ipchains -A input -p 47  -s $REMOTENET -d $OUTERNET        -i $OUTERIF -j
> > ACCEPT
> >
> >
> > ipchains -A output -p tcp -s $OUTERNET -d $REMOTENET 1723 -i $OUTERIF -j
>ACCEPT
> > ipchains -A output -p 47  -s $OUTERNET -d $REMOTENET        -i $OUTERIF -j
> > ACCEPT
> >
> >
> > Do you have any idea what could be wrong?
> >
> > Thanks.
> >
> > Alan
> >
> > At 午前 09:22 00/10/06 -0400, you wrote:
> > >You need to add a route on the internal computers that points to the VPN
> > >server fo ryour 192.168.0.0 network.
> > >
> > >By default, I believe your VPN server should know how to talk to the PPTP
> > >client.
> > >
> > >Also, do you have ipchains setup in your ip-up.local file on the server?
> > >
> > >Adam Lang
> > >Systems Engineer
> > >Rutgers Casualty Insurance Company
> > >----- Original Message -----
> > >From: "Alan Chung" <alan at silveregg.co.jp>
> > >To: <pptp-server at lists.schulte.org>
> > >Sent: Friday, October 06, 2000 4:28 AM
> > >Subject: [pptp-server] network neighborhood HELP!!!
> > >
> > >
> > > > I think I got so close but there was still a bit (big?) problem.
> > > >
> > > > Now I can dial up to my internal VPN server (running PopTop server on
>a
> > > > Linux box) from a EXTERNAL window 98 client without any problem, the
> > > > connection seems there (ppp0 connection showed by ifconfig with a
>remote
> > > > IP, let's say 192.168.0.10), and I can ping from any internal machine
>to
> > > > 192.168.0.10.  But now I have two major problems:
> > > >
> > > > 1. I can't ping from that win98 VPN  client to any remote internal
> > >machine.
> > > > (I even tried to add a route for 192.168.0.10 on VPN server). Does it
> > > > mean that the ipchains firewalling rules is not correctly setup yet?
>But
> > > > pinging is not a problem except this though.  I can ping to/from
>anywhere
> > > > except this.
> > > >
> > > > 2. I am not able to see/browse any internal machine in network
> > > > neighbothood.  (I have set up /etc/ppp/options with ms-wins and ms-dns
>in
> > > > it to specify WINS server, which is also a NT PDC internally).
> > > >
> > > > Please give me some advice if anybody knows or has the same
>experience.
> > > >
> > > > Thanks in advance.
> > > >
> > > > Alan
> > > > _______________________________________________
> > > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > > List services provided by www.schulteconsulting.com!
>
>_______________________________________________
>pptp-server maillist  -  pptp-server at lists.schulte.org
>http://lists.schulte.org/mailman/listinfo/pptp-server
>List services provided by www.schulteconsulting.com!

More information about the pptp-server mailing list