[pptp-server] IPSec *over* PPtP
John Hovell
john.hovell at home.com
Mon Sep 4 10:24:40 CDT 2000
Justin --
This is because PGPnet sucks so much, that for no discernable reason when I try
to bind PGPnet to my Ethernet card on one of the machines, I can't get any
network connectivity. I have reinstalled the ether card 3 times... and even
installed the driver files manually by hand. The card is a 3com PCMCIA 3c574
Cardbus card. It works beatifully without PGPnet... The reason I am doing the
bass-ackwards configuration is because PGPnet will at least bind to the VPN
dial-up adapter... but that may be just my problem.
Any other ideas? Thanks for your help...
Cheers,
John
Justin Kreger wrote:
> Why not setup two linux boxes to do the IPSec? and just have the windows
> boxes use pptp so they can browse the remote network if you dint setup your
> ipsec wan so it passes the Browser List.
> -LW
>
> -----Original Message-----
> From: John Hovell [mailto:john.hovell at home.com]
> Sent: Monday, September 04, 2000 1:58 AM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] IPSec *over* PPtP
>
> Hello all --
>
> I have some Win98 boxes that want to do IPSec over their PPTP
> connection... just transport mode from one computer to another. The
> IPSec SA is currently successful (both phase 1 and 2).. everything seems
> to be set up fine, until I atually try to send data. If I try to ping
> the remote VPN client from the IPSec machine on the local lan I get
> (from tcpdump):
>
> 01:47:56.877612 < 172.16.0.4 > 172.16.0.175: ip-proto-50 76
> 01:47:56.972086 > 172.16.0.175 > 172.16.0.4: icmp: 172.16.0.175 protocol
> 50 unreachable
>
> If I do the same thing from the remote host I get:
>
> 01:53:07.586184 < 172.16.0.175 > 172.16.0.4: icmp: echo request
>
> (note the lack of encryption despite the *established* SA...)
>
> Do I need to somehow enable protocol 50 (and 51)?? IPchains forward is
> set up to accept all traffic between these hosts. There is no
> masquerading between the two machines.
>
> Does anyone know what I am missing? FYI, I am using PGPnet 6.5.8
> Personal Privacy (freeware) on both Windows IPSec machines.
>
> TiA for any advice or help...
>
> Cheers,
> John
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
More information about the pptp-server
mailing list