[pptp-server] nt client routing tables

Fri Mar 9 20:21:28 CST 2001

Thanks a lot Steve, that did work.  How I have another problem.

When I try to connect to the VPN from a client that is behind a masqeraded
firewall, I get an error saying:

Error 619: The specified port is not connected.

I would assume I need to add some rules to my ipchains.  Do you know
off-hand what they are??

Thanks,

^_^_^_^_^_^_^_^_^_^_^_^

Christopher Tresco
Head Systems Administrator
MIT Dept of Economics
ctresco at mit.edu

-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Cowles, Steve
Sent: Friday, March 09, 2001 5:40 PM
To: 'Chris Tresco'; pptp-server at lists.schulte.org
Subject: RE: [pptp-server] nt client routing tables

> -----Original Message-----
> From: Chris Tresco [mailto:ctresco at mit.edu]
> Sent: Friday, March 09, 2001 3:38 PM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] nt client routing tables
>
>
> Hi,
>
> I am wondering how to solve a certain problem.
>
> I have my vpn box w/ eth1 as my external/routable ip address
> and eth0 as my internal lan that I am tunneling clients to.
>
> I am able to authenticate and login via an NT4 box without a
> problem.  I am also able to successfully access machines on
> the lan.
>
> The problem is that after the NT box connects, the routing
> tables are changed and the VPN routing takes precidence.
> I don't want this to be the case.  I would like to keep the
> current routing tables and add the VPN tables as a HIGHER
> metric number (lower precidence).  I can do it manually
> now, but I don't think my clients will want to mess with the
> route command in NT themselves. : )
>
> I have the following options in my ppp/options file:
>
> debug
> name foo
> auth
> require-chap
> netmask 255.255.255.255
> proxyarp
> logfile /var/log/vpn.ppp
> ms-dns 192.168.1.2
> ms-dns 192.168.1.4
>
> I have the following in my pptpd.conf file:
>
> speed 115200
> localip 192.168.1.130-132
> remoteip 192.168.1.133-135
>
>
> Thanks in advance for the help,
>
> Chris Tresco

Sounds like you need to un-check the "Use default gateway on remote network"
option in your Windows PPTP dialup profile settings. By doing so, Windows
will only add the LAN route (192.168.1.0/24 via the tunnel) instead of
adding both the LAN route and a new default route (with a metric of 1),
which then bumps the previous default route to a metric of 2 until the
tunnel is torn down.

Steve Cowles
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!