- Posts: 301
- Thank you received: 3
PPTP
18 years 1 month ago #16959
by Bublitz
The Bublitz
Systems Admin
Hospice of the Red River Valley
I tried to get the remote ip and local ip in the same network in the openbsd config.
When I do that I cannot get the VPN to ping the remote network at all...with or without using the remote as a Gateway.
If found some documentation suggesting thats normal for windows clients and that the remote and local need to be in different networks.
Here is some of my router config. I'm testing my connection with my work PC so I cannot just post my PC routes. Ill try and get a friend to help me there.
In the mean time here is my openbsd config.
/etc/pptpd.conf
bcrelay vr0 (my Lan adapter not sure if this is right)
localip 192.168.11.210-225
remoteip 192.168.12.210-225
/etc/ppp/options
lock
auth
usehostname
+MSChap-V2 mppe-128 mppe-stateless
/etc/ppp/options
pptp:
enable MSChapV2
/etc/ppp/ppp.secret
bublitz password 192.168.12.221
EDIT
Using route print I looked at the differences in the routes when I connect via using and not using remote gaeway.
Only 1 route difference
0.0.0.0 0.0.0.0 192.168.12.221 192.168.12.221 1
This route is added when connected via remote gateway
So I added this route when connect to vpn via not using remote gateway
route ADD 192.168.11.0 MASK 255.255.255.0 192.168.12.221 metric IF 192.168.12.221
Now I can do BOTH!
Anyone know how I can chnage my config so that route is added automaticlly?
Also my vpn connection just disconnects after a period of time think thats client side or server side setting?
When I do that I cannot get the VPN to ping the remote network at all...with or without using the remote as a Gateway.
If found some documentation suggesting thats normal for windows clients and that the remote and local need to be in different networks.
Here is some of my router config. I'm testing my connection with my work PC so I cannot just post my PC routes. Ill try and get a friend to help me there.
In the mean time here is my openbsd config.
/etc/pptpd.conf
bcrelay vr0 (my Lan adapter not sure if this is right)
localip 192.168.11.210-225
remoteip 192.168.12.210-225
/etc/ppp/options
lock
auth
usehostname
+MSChap-V2 mppe-128 mppe-stateless
/etc/ppp/options
pptp:
enable MSChapV2
/etc/ppp/ppp.secret
bublitz password 192.168.12.221
EDIT
Using route print I looked at the differences in the routes when I connect via using and not using remote gaeway.
Only 1 route difference
0.0.0.0 0.0.0.0 192.168.12.221 192.168.12.221 1
This route is added when connected via remote gateway
So I added this route when connect to vpn via not using remote gateway
route ADD 192.168.11.0 MASK 255.255.255.0 192.168.12.221 metric IF 192.168.12.221
Now I can do BOTH!
Anyone know how I can chnage my config so that route is added automaticlly?
Also my vpn connection just disconnects after a period of time think thats client side or server side setting?
The Bublitz
Systems Admin
Hospice of the Red River Valley
18 years 1 month ago #16961
by TheBishop
Glad to hear you're making progress
Don't know much about bsd; someone else will have to help you with the config there. However:
1) You're right; the two 'ends' of the VPN need to be in different IP networks otherwise your traffic can't route across the VPN
2) The timeout is probably just that. Look for an inactivity timer, idle timer etc on your VPN setup
3) As Chris explained the necessary routes should be established automatically on connection provided your IP addresses and subnet masks are correct at both ends of the VPN. Don't know why this isn't happening
Don't know much about bsd; someone else will have to help you with the config there. However:
1) You're right; the two 'ends' of the VPN need to be in different IP networks otherwise your traffic can't route across the VPN
2) The timeout is probably just that. Look for an inactivity timer, idle timer etc on your VPN setup
3) As Chris explained the necessary routes should be established automatically on connection provided your IP addresses and subnet masks are correct at both ends of the VPN. Don't know why this isn't happening
Time to create page: 0.131 seconds