[pptp-server] subnet gateway problem

George Vieira GeorgeV at citadelcomputer.com.au
Sun Sep 9 17:16:15 CDT 2001


I have been helping this person off the list emailing me as much detail as
possible and this was the interesting part when he emailed me this:

--------------------------------------------------
hi, 
i am sorry if i have communicated wrongly. 
our setup is like this. 

LAN -> 192.168.2.1    -> 192.168.2.76   (eth0 of the LINUX box) 
                         192.168.2.121(localip of PPP link)    ->
192.168.2.122(remoteip of PPP link) 
                         192.168.2.128(localip of PPTP)        ->
192.168.2.230 (remoteip of PPTP) 
i hope you got my picture in the right way. 
in my LAN, i have the subnet 192.168.2.1 and my linux box's ip address over
eth0 is 192.168.2.76. 
over PPP0(normal PPP link) (where, itself is the server), he has
192.168.2.121 as the ip address and remote client(win95) has 192.168.2.122 
over PPP1(pptp link) he has 192.168.2.128 (local ip of pptp server) and
remoteip was assigned as 192.168.2.230 
--------------------------------------------------

Every link uses the same subnet and must be confusing the PPTP link badly as
the PPP connections (dialup and pptp) have the same IP range.
So unless he uses host routing this is going to be a pain...

My suggestion was to use different IPs on the PPP link.. but then why run
PPTP over a dial up PPP account as this doesn't seem to be a ISP connection
since it's not a Public IP addres...


George Vieira.



-----Original Message-----
From: Cowles, Steve [mailto:Steve at SteveCowles.com]
Sent: Saturday, September 08, 2001 12:05 AM
To: pptp-server at lists.schulte.org
Subject: RE: [pptp-server] subnet gateway problem


This is a very confusing post. The lack of relevant data makes it hard to
understand.

After reading through all the related posts and your tcpdump capture, I have
a few comments.

Your referencing the following IP assignments from pptpd.conf:

localip 192.168.2.120-125 
remoteip 192.168.2.140-145

But yet the tcpdump capture seems to be referencing a remote PPTP client
that was assigned an IP address if .230

09:12:38.657558 ppp0 < gre-proto-0x880B (gre encap)
09:12:38.657558 ppp1 < 192.168.2.230 > 192.168.2.1: icmp: echo request

Based on what I can determine (more like decipher) from your tcpdump
capture... the lack of any response to a ping request from a PPTP client can
usually be attributed to one of the following:
 
1) In your case, eth0 not being set as a proxyarp for your PPTP connection.
2) IP_FORWARDING is not enabled on the PPTP server.
3) Firewall rules blocking any forwarding requests. ie. ipchain or iptables
 
For item one (1) above:
In your /var/log/messages file... do you see a line similar to the following
after the PPTP tunnel is brought up? Should be after the local/remote
assignments

   pppd[14500]: found interface eth0 for proxy arp

For item number two (2) above:
Is IP_FORWARDING enabled? To verify type:

# cat /proc/sys/net/ipv4/ip_forward
1

If IP_FORWARDNG is enabled, the output of the above command should be one
(1).

For item number three (3) above:
Type one of the following commands to insure that there are no firewall
rules blocking packets of data between eth0 and the ppp devices:
ipchain -L -n
iptables -L -n

Also, from the tcpdump capture:

I noticed you have alot of IPX traffic on your network. Not a problem,
unless the PPTP client also has this protocol bound in addition to TCP/IP
(protocol binding order). If this is the case, do yourself a favor and
temporarily remove the IPX protocol from the PPTP client (only) until you
get this routing problem resolved between the PPTP client and your LAN. Then
deal with getting multiple protocols (binding order) working across the
tunnel. 

Steve Cowles
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --



More information about the pptp-server mailing list