[pptp-server] New to PoPToP, routing issues..?

Tue Aug 21 17:23:32 CDT 2001

Your pptp client and the LAN are on different subnets you have 10.19.23.xx
and there is 10.19.33.xx.
Your problem is most likely an IP forwarding problem. Can you run tcpdump on
the LAN and check that packets are arriving?

If you don't route the 2 networks, you will have to use IP masquerading. Is
the Cisco NATing properly? I'd start checking there with tcpdumps.

Argh damn firedrill alarm.. I think I'll stay and burn with the
building.....

PS: Nice diagram ;-)

thanks,
George Vieira
Network Engineer
Citadel Computer Systems P/L
PH +(61)2 9955 2644
FX +(61)2 9955 2659

-----Original Message-----
From: Josh Howlett [mailto:Josh.Howlett at bristol.ac.uk]
Sent: Wednesday, August 22, 2001 1:40 AM
To: Chris Storer
Cc: pptp-server
Subject: Re: [pptp-server] New to PoPToP, routing issues..?

Hi,

Post your routing and arp tables when the client is connected.

josh.

On Tue, 21 Aug 2001, Chris Storer wrote:

> Hi.  I just recently got the PoPToP pptpd server up and running.  Got
> everything patched and recompiled without incident, and it works
beautifully
> for authentication with MS clients.
> 
> The problem I'm having is that traffic from pptp clients is not routing
> to/from the LAN that the pptp server is on.  Once a client authenticates,
I
> can ping either IP address on the pptp server (it's multi-homed, bridging
> between 2 LANS), but I can't ping either LAN beyond the pptp server.
> 
> The setup looks something like this... (Please pardon my horrid artwork!)
> 
> 
>                10.19.33.1|---------|10.19.23.22
> 10.19.33.0<--------------|pptpserv |----------------->10.19.23.0
>                          |_________|
>                               |
>                               |pptp client
>                               |10.19.33.201
>                               V
> 
> There is also, on the 10.19.23.0 network, a Cisco router that does 1-1
NAT,
> providing a static DNAT mapping from a public IP to 10.19.23.22
> 
> Once the client authenticates, I can ping both 10.19.33.1 and 10.19.23.22
> (the 2 ip's on the server).
> 
> I can also ping the IP's assigned to the pptp tunnel, although I think I
may
> be a little confused on the configuration of these.  Currently, in my
> /etc/pptpd.conf file I have:
> 
> localip 10.19.33.200
> remoteip 10.19.33.201-205
> 
> In the sample pptpd.conf provided with PoPToP it says you can use just 1
> localip if desired, so I'm assuming this is ok.  I'm not sure if the local
> and remote can be in the same range...?
> 
> Although I'm not very good with routing, the routing tables appear ok.
Once
> the client authenticates there is a route statement for the client's IP on
> ppp0.
> 
> IP forwarding is enabled, and I am running iptables, although at this
point
> all chains are empty and set to default ACCEPT, so I don't believe that's
> the problem... I am able to move traffic between 10.19.23.0 and 10.19.33.0
> locally...
> 
> Any insights highly appreciated.  I really feel like I'm missing something
> stupid here, I'm hoping that's the case!  Thanks in advance for any
> information!
> 
> Chris Storer
> IT Consultant
> Infiniti Systems Group, Inc.
> A Weatherhead 100 Company
> www.infinitisystems.com
> cstorer at infinitisystems.com
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
> 
> 

---------------------------------------
Josh Howlett, Network Supervisor,
Networking & Digital Communications,
Information Systems & Computing,
University of Bristol, U.K.
0117 928 7850 | josh.howlett at bris.ac.uk
---------------------------------------

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --