[pptp-server] Win2k client route wrong- how to manually add client route?

Bill Petrisko bill at limelightnetworks.COM
Mon Mar 4 19:10:28 CST 2002 

Ok.. i've got two issues.

The first is probably an unsolvable Win2k issue:

Upon establishing a pptp connection, Win2k puts a route in the routing table
that is the classful (/24 in this case) route for the network of the
assigned IP address.

Note that "use default gateway on remote server" is not checked in the Win2k
vpn config.  I only want to route the local company nets via the vpn tunnel.

Example 1 (proxy arp, using local/remoteip on same network):
    PPTP server eth0 address 208.1.0.40/26
    PPTP localip 208.1.0.40
    PPTP remoteip 208.1.0.42-49
    My pptp server assigns the user 208.1.0.43
    Win2k puts a route in the routing table for 208.1.0.0/24 -> 208.1.0.43
    This should be a /26 route!

  Network Destination    Netmask      Gateway       Interface  Metric
     208.1.0.0    255.255.255.0     208.1.0.193  208.1.0.193       1
     208.1.0.40   255.255.255.255   208.1.0.193  208.1.0.193       1


Example 2 (using routed network for ppp side):
    PPTP server eth0 address 208.1.0.40/26
    PPTP localip 208.1.0.40
    PPTP remoteip 208.1.1.193-254
    My pptp server assigns the user 208.1.1.43
    Win2k puts a route in the routing table for 208.1.1.0/24 -> 208.1.1.4
    Again, this should be a /26 route!

  Network Destination    Netmask      Gateway         Interface  Metric
     208.1.1.0    255.255.255.0     208.1.1.193  208.48.141.193       1
     208.1.0.40   255.255.255.255   208.1.1.193  208.48.141.193       1

Does Win2k only do classful routing on automatically installed routes when a
VPN connection comes up?  Is there any way to change that behavior?


Second issue:

VPN CLIENT          PPTP SERVER         ROUTER
208.1.1.193---------208.1.0.40/26-------208.1.0.1/26          HOST
                                        208.55.55.0/24----208.55.55.10

I only want to route to networks behind my firewall over the VPN tunnel.
"Use default gateway on remote server" is not checked in the Win2k vpn
config.  Once the VPN tunnel comes up, the vpn client installs a route
"208.1.1.0/24 -> 208.1.1.193"- so far, so good.

Is there a way to "push" more routes to the VPN client (from the PPTP
server) that will get installed when this connection comes up?  I'd like to
route 208.1.0.0/24 and 208.55.55.0/24 via the vpn/ppp connection as well,
without having to install manual routes on the vpn client.

This configuration is tested and working, but I have to do a:
    route add 208.1.0.0 mask 255.255.255.0 208.1.1.193
    route add 208.55.55.0 mask 255.255.255.0 208.1.1.193
on the client side, every time the connection is established, in order for
it to work.

Does pptpd have a way to push more routes (or a script) to the Win2k client
once the tunnel is established?

Does MS have a way to run a script or add routes automatically once the
tunnel is established?

Any suggestions appreciated.

thanks
bill

More information about the pptp-server mailing list