[pptp-server] New to PoPToP, routing issues..?

Chris Storer cstorer at infinitisystems.com
Tue Aug 21 10:30:05 CDT 2001 

Hi.  I just recently got the PoPToP pptpd server up and running.  Got
everything patched and recompiled without incident, and it works beautifully
for authentication with MS clients.

The problem I'm having is that traffic from pptp clients is not routing
to/from the LAN that the pptp server is on.  Once a client authenticates, I
can ping either IP address on the pptp server (it's multi-homed, bridging
between 2 LANS), but I can't ping either LAN beyond the pptp server.

The setup looks something like this... (Please pardon my horrid artwork!)


               10.19.33.1|---------|10.19.23.22
10.19.33.0<--------------|pptpserv |----------------->10.19.23.0
                         |_________|
                              |
                              |pptp client
                              |10.19.33.201
                              V

There is also, on the 10.19.23.0 network, a Cisco router that does 1-1 NAT,
providing a static DNAT mapping from a public IP to 10.19.23.22

Once the client authenticates, I can ping both 10.19.33.1 and 10.19.23.22
(the 2 ip's on the server).

I can also ping the IP's assigned to the pptp tunnel, although I think I may
be a little confused on the configuration of these.  Currently, in my
/etc/pptpd.conf file I have:

localip 10.19.33.200
remoteip 10.19.33.201-205

In the sample pptpd.conf provided with PoPToP it says you can use just 1
localip if desired, so I'm assuming this is ok.  I'm not sure if the local
and remote can be in the same range...?

Although I'm not very good with routing, the routing tables appear ok.  Once
the client authenticates there is a route statement for the client's IP on
ppp0.

IP forwarding is enabled, and I am running iptables, although at this point
all chains are empty and set to default ACCEPT, so I don't believe that's
the problem... I am able to move traffic between 10.19.23.0 and 10.19.33.0
locally...

Any insights highly appreciated.  I really feel like I'm missing something
stupid here, I'm hoping that's the case!  Thanks in advance for any
information!

Chris Storer
IT Consultant
Infiniti Systems Group, Inc.
A Weatherhead 100 Company
www.infinitisystems.com
cstorer at infinitisystems.com

More information about the pptp-server mailing list