[pptp-server] Past the VPN Server

Cowles, Steve Steve.Cowles at infohiiway.com
Wed Sep 27 01:10:47 CDT 2000

> -----Original Message-----
> From: Patrick Childers [mailto:pchilders at pharsalia.com]
> Sent: Wednesday, September 27, 2000 1:05 AM
> To: PPTP List
> Subject: [pptp-server] Past the VPN Server
> I am having trouble routing past the VPN server,
> and I read all the how-tos, but I'm still stumped.
> Here is the setup:
> CLIENT connects to PPTP IP:
> CLIENT gets IP :
> I need to be able to ping all inside servers
> NOTE: I can ping

A couple of things that you might want to check:

1) Do you have "proxyarp" specified in your /etc/ppp/options file? Without
proxyarp, the other systems on your network will not be able to route to
your remote system.

You should see an entry in your /var/log/messages file when you establish
your VPN like...
pppd[30864]: found interface eth0 for proxy arp

2) IP_FORWARDING must be enabled on the pptp server so that packets can be
routed (forwarded) from eth* to ppp* devices (and vice-versa).

> Also, the server sends all the wins/dns info through 
> ppp/options correctly. But the gateway shows as the
> client's IP. Shouldn't the gateway be the pptpd server.

Not necessarily. In fact, I usually discourage specifying the gateway being
the pptpd server with PPTP VPN's. When you do so, ALL internet traffic
including your local LAN traffic is routed through your PPTP server. Is this
really what you are wanting?

All you really need to communicate with your network (in
addition to what is mentioned above) is a static route (on the remote pptp
client) that defines that is routed through the PPTP clients
local address. This route addition should be created automatically on
windows based PPTP clients when you establish the VPN. netstat -rn should
confirm this. Your default route should still be pointing to your ISP's
router or your ppp address (not pptp address) if using dialup. 

> If I'm correct how would I specify this?

If your PPTP client is Windows based and you "still" want to use the pptpd
server as the default gateway, then enable "Use default gateway on remote
network" in your PPTP profile connection. This will add a second default
route in addition to the current one that should already be pointing to your
ISP's gateway (or ppp address if using dialup). Note that the "metric" value
should be changed from 1 to 2 on the original default route while the PPTP
VPN is active.

Steve Cowles

> Thanks
> Patrick Childers

More information about the pptp-server mailing list