[pptp-server] Allowing to access the lan.

Fri Sep 14 14:35:36 CDT 2001

> -----Original Message-----
> From: Dmitri Gofmekler [mailto:dmitri at arvid.ee]
> Sent: Friday, September 14, 2001 12:50 PM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] Allowing to access the lan.
> 
> 
> Hello all,
> 
> Probably you can help :)
> 
> Situation:
> 
> Server, that running pptpd (poptop.lineo.com), address is 
> 212.7.8.250 (this server does not plays any routing or masquerading role).
> 
> 2 local networks: Lan1 - 212.7.8.224/27 & Lan2 - 212.7.8.192/27, lan1
> router - 212.7.8.225, lan2->lan1 router 212.7.8.222, lan 2 
> def. route - 212.7.8.193. Lan 1 connected to internet thru lan2.
> 

OK, If I have drawn this correctly, your PPTP server is physically located
on LAN 1 at .250. Correct???

  PPTP server (250)
          |
----------------------
| 212.7.8.224/27  | (LAN 1)
----------------------
          | (225)
    ----------
   | Router |
    ----------
          | (222)
----------------------
| 212.7.8.192/27  | (LAN 2)
----------------------
          | (193)
    ----------
   | Router |
    ----------
          |
   (Internet)

In order to access this PPTP sever from the internet, you must go through
two routers. The first being the internet router on LAN 2 (193) and then the
router that hooks up LAN 2 -> LAN 1 (222). Whew!!! That's a lot of routers.
If possible, consider placing the PPTP server on LAN 2.

> -- cut from /etc/pptpd.conf --
> remote ip 212.7.8.251-253
> local ip 212.7.8.242-244
> Client, Windows NT 4.0.
> -- end of cut --
> 

Unless really needed, you do not need multiple addresses for the local ip.
i.e.
remote ip 212.7.8.251-253
local ip 212.7.8.242

> 
> Question:
> What exactly I have to do to get PPTP client ability to use all lan1 and
lan2
> resources, includes MS Network over TCP/IP and also to allow client to
> go to the Internet thri it's vpn connection? Can someone give 
> me explained configuration?
>

First of all, you have not explained your current problem. Just your end
goal. 
When you connect to your PPTP server...

1) Are you able to ping the PPTP server from the remote?
2) Are your able to ping any other nodes on LAN 1 from the remote. ie
proxyarp
3) I take it, your not able to ping anything on LAN 2 from the remote.

First, if your using a MS based PPTP client, it should create a summarized
route i.e. 212.7.8.0/24 when you establish the tunnel. This summarized route
should route all traffic for both networks through the tunnel. Which if I
understand your post correctly, is what you want.

Given the above...

1) Have you enabled IP_FORWARDING on the PPTP server????
2) Is the PPTP server correctly setting proxyarp for LAN 1 addresses
3) Does the router on LAN 2 (193) have a static route that points traffic
for LAN 1 through the router that joins the two LAN's??? ie...on the 193
router: route add 212.7.8.224/27 gw 212.7.8.222

Steve Cowles