[pptp-server] subnet gateway problem
Cowles, Steve
Steve at SteveCowles.com
Fri Sep 7 09:04:46 CDT 2001
This is a very confusing post. The lack of relevant data makes it hard to
understand.
After reading through all the related posts and your tcpdump capture, I have
a few comments.
Your referencing the following IP assignments from pptpd.conf:
localip 192.168.2.120-125
remoteip 192.168.2.140-145
But yet the tcpdump capture seems to be referencing a remote PPTP client
that was assigned an IP address if .230
09:12:38.657558 ppp0 < gre-proto-0x880B (gre encap)
09:12:38.657558 ppp1 < 192.168.2.230 > 192.168.2.1: icmp: echo request
Based on what I can determine (more like decipher) from your tcpdump
capture... the lack of any response to a ping request from a PPTP client can
usually be attributed to one of the following:
1) In your case, eth0 not being set as a proxyarp for your PPTP connection.
2) IP_FORWARDING is not enabled on the PPTP server.
3) Firewall rules blocking any forwarding requests. ie. ipchain or iptables
For item one (1) above:
In your /var/log/messages file... do you see a line similar to the following
after the PPTP tunnel is brought up? Should be after the local/remote
assignments
pppd[14500]: found interface eth0 for proxy arp
For item number two (2) above:
Is IP_FORWARDING enabled? To verify type:
# cat /proc/sys/net/ipv4/ip_forward
1
If IP_FORWARDNG is enabled, the output of the above command should be one
(1).
For item number three (3) above:
Type one of the following commands to insure that there are no firewall
rules blocking packets of data between eth0 and the ppp devices:
ipchain -L -n
iptables -L -n
Also, from the tcpdump capture:
I noticed you have alot of IPX traffic on your network. Not a problem,
unless the PPTP client also has this protocol bound in addition to TCP/IP
(protocol binding order). If this is the case, do yourself a favor and
temporarily remove the IPX protocol from the PPTP client (only) until you
get this routing problem resolved between the PPTP client and your LAN. Then
deal with getting multiple protocols (binding order) working across the
tunnel.
Steve Cowles
More information about the pptp-server
mailing list