[pptp-server] Specific subnet via VPN
Sam Johnston
samj at samj.net
Sun May 20 08:12:04 CDT 2001
I see how that would work for restricting access to the server to VPN
clients, however that's not really what I'm after - I just want to give
people remote access to the server, and ideally its subnet (and for
bonus points, subnet*s*) too.
I figure that during the connection process an entry needs to appear in
the route table that looks something like:
Dest Gateway Mask Interface
1.2.3.0 1.2.3.4 255.255.255.0 1.2.3.[5..10]
Hopefully PPP is capable of doing this (I suspect it is) and that the
Microsoft clients aren't broken (not so sure).
- samj
Justin Kreger wrote:
>
> I would use IPChains or IPTables to block the ip's from perticular
> things.
>
> If you need an example, I can write you one.
>
> Justin Kreger, MCP MCSE CCNA
> jkreger at earthling.2y.net jwkreger at uncg.edu jkreger at aristotle.wss.net
>
> On Sun, 20 May 2001, Sam Johnston wrote:
>
> > Hi,
> >
> > I want to create a VPN connection to a server and have all traffic
> > destined for that server and ideally the server's local subnet sent over
> > it (say, 1.2.3.4/24 - subnet 1.2.3.0, server 1.2.3.4, netmask
> > 255.255.255.0). I do not want to have *all* traffic sent over the link,
> > just traffic for aforementioned server/subnet. Clients would be
> > 9X/NT/2k. Configuration should be done via PPP only (ie no route
> > scripts).
> >
> > I currently have something like:
> >
> > localip 1.2.3.4
> > remoteip 1.2.3.5-10
> >
> > and can connect OK but win98 wants to add the default route anyway
> > (unless I tell it not to in the properties for the connection). The
> > subnet mask (specified in pptpd-options as netmask 255.255.255.0)
> > doesn't seem to be working either.
> >
> > Bonus poitnts for multiple protected subnets (although I'm fairly sure
> > I'm asking a bit much there!).
> >
> > Please CC me as I'm not on the list. Thanks.
> >
> > - samj
> >
> >
> > _______________________________________________
> > pptp-server maillist - pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
> >
More information about the pptp-server
mailing list