[pptp-server] pptpd routing issues
Christopher Aedo
doc at aedo.net
Fri Jun 7 18:47:52 CDT 2002
Frank Cusack wrote:
>Meaning 192.168.0.81 and 192.168.0.80?
>
Correct, I can ping the VPN machine, and the IP address the VPN assigns
to the client, FROM the client.
>I would expect that ppp on the VPN server side is not doing proxy arp.
>
> enable proxy
>
>Does this enable proxy arp? I am unable to find documentation for this
>flavor of ppp on www.openbsd.org.
>
According to the man pages for openbsd ppp, this is supposed to enable
proxy arp.
>Get on another machine on 192.168.0/23 and see if you can ping 192.168.0.81
>(or whatever IP the client gets). Check the arp table after the ping to
>see what it says for 192.168.0.81. If it looks like
>
> ? (192.168.0.81) at <incomplete>
>
>then your VPN server is not doing proxy arp.
>
>If there is a MAC, verify that its the VPN server's MAC. If not, you
>have an IP conflict. If so, the pptp tunnel isn't working correctly.
>
>
Tried that, no good. Other machines are not able to ping the
VPN-assigned IP address (in this case .81). There was one strange
change between before connecting and after, when checking arp on the VPN
server:
[BEFORE CONNECTION]
? (192.168.0.1) at 00:d0:b7:c7:23:22
? (192.168.0.5) at (incomplete)
? (192.168.1.4) at 00:b0:d0:41:ea:dc
[AFTER CONNECTION]
? (192.168.0.1) at 00:d0:b7:c7:23:22
? (192.168.0.5) at 00:03:6d:16:24:e6
? (192.168.1.4) at 00:b0:d0:41:ea:dc
192.168.0.5 is the DNS server that is being sent to the VPN client.
That IP is NOT in the pool of possible IPs. It is not pingable from
the client side after connecting.
-Christopher
More information about the pptp-server
mailing list