Доброго времени суток, господа.Столкнулся со следующей проблемой:
Есть ISP, раздает IP адреса по DHCP, а внешний канал по VPN. Я настраиваю mpd.--cut of /etc/rc.conf--
ifconfig_rl0="DHCP"
--cut of /etc/rc.conf----/usr/local/etc/mpd/mpd.conf--
default:
load vpnvpn:
new -i ng0 vpn vpn
set iface disable on-demand
set iface idle 0
set iface route default
set bundle disable multilink
set bundle authname "test"
set bundle password "test"
set link yes acfcomp protocomp
set link accept chap chap-msv2
set iface enable proxy-arp
open
--end of /usr/local/etc/mpd/mpd.conf----/usr/local/etc/mpd/mpd.links--
vpn:
set link type pptp
set pptp peer 10.110.0.10
set pptp disable windowing
set pptp enable originate incoming outcall--end of /usr/local/etc/mpd/mpd.links--
Дальше запускаю mpd -b
--/var/log/mpd.log--
May 11 22:22:30 mpd: mpd: pid 558, version 3.18 (root@freebsd.org 22:43 3-Apr-2005)
May 11 22:22:30 mpd: [vpn] ppp node is "mpd558-vpn"
May 11 22:22:30 mpd: mpd: local IP address for PPTP is 0.0.0.0
May 11 22:22:30 mpd: [vpn] using interface ng0
May 11 22:22:30 mpd: [vpn] IFACE: Open event
May 11 22:22:30 mpd: [vpn] IPCP: Open event
May 11 22:22:30 mpd: [vpn] IPCP: state change Initial --> Starting
May 11 22:22:30 mpd: [vpn] IPCP: LayerStart
May 11 22:22:30 mpd: [vpn] bundle: OPEN event in state CLOSED
May 11 22:22:30 mpd: [vpn] opening link "vpn"...
May 11 22:22:30 mpd: [vpn] link: OPEN event
May 11 22:22:30 mpd: [vpn] LCP: Open event
May 11 22:22:30 mpd: [vpn] LCP: state change Initial --> Starting
May 11 22:22:30 mpd: [vpn] LCP: LayerStart
May 11 22:22:30 mpd: [vpn] device: OPEN event in state DOWN
May 11 22:22:30 mpd: pptp0: connecting to 10.110.0.10:1723
May 11 22:22:30 mpd: [vpn] device is now in state OPENING
May 11 22:22:30 mpd: pptp0: connected to 10.110.0.10:1723
May 11 22:22:30 mpd: pptp0: attached to connection with 10.110.0.10:1723
May 11 22:22:30 mpd: pptp0-0: outgoing call connected at 64000 bps
May 11 22:22:30 mpd: [vpn] PPTP call successful
May 11 22:22:30 mpd: [vpn] device: UP event in state OPENING
May 11 22:22:30 mpd: [vpn] device is now in state UP
May 11 22:22:30 mpd: [vpn] link: UP event
May 11 22:22:30 mpd: [vpn] link: origination is local
May 11 22:22:30 mpd: [vpn] LCP: Up event
May 11 22:22:30 mpd: [vpn] LCP: state change Starting --> Req-Sent
May 11 22:22:30 mpd: [vpn] LCP: phase shift DEAD --> ESTABLISH
May 11 22:22:30 mpd: [vpn] LCP: SendConfigReq #1
May 11 22:22:30 mpd: ACFCOMP
May 11 22:22:30 mpd: PROTOCOMP
May 11 22:22:30 mpd: MRU 1500
May 11 22:22:30 mpd: MAGICNUM 38e44542
May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Request #78 link 0 (Req-Sent)
May 11 22:22:30 mpd: MRU 1500
May 11 22:22:30 mpd: MAGICNUM 60e8a571
May 11 22:22:30 mpd: AUTHPROTO CHAP MSOFTv2
May 11 22:22:30 mpd: [vpn] LCP: SendConfigAck #78
May 11 22:22:30 mpd: MRU 1500
May 11 22:22:30 mpd: MAGICNUM 60e8a571
May 11 22:22:30 mpd: AUTHPROTO CHAP MSOFTv2
May 11 22:22:30 mpd: [vpn] LCP: state change Req-Sent --> Ack-Sent
May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Reject #1 link 0 (Ack-Sent)
May 11 22:22:30 mpd: ACFCOMP
May 11 22:22:30 mpd: PROTOCOMP
May 11 22:22:30 mpd: [vpn] LCP: SendConfigReq #2
May 11 22:22:30 mpd: MRU 1500
May 11 22:22:30 mpd: MAGICNUM 38e44542
May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
May 11 22:22:30 mpd: MRU 1500
May 11 22:22:30 mpd: MAGICNUM 38e44542
May 11 22:22:30 mpd: [vpn] LCP: state change Ack-Sent --> Opened
May 11 22:22:30 mpd: [vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE
May 11 22:22:30 mpd: [vpn] LCP: auth: peer wants CHAP, I want nothing
May 11 22:22:30 mpd: [vpn] LCP: LayerUp
May 11 22:22:30 mpd: [vpn] CHAP: rec'd CHALLENGE #1
May 11 22:22:30 mpd: Name: ""
May 11 22:22:30 mpd: Using authname "test"
May 11 22:22:30 mpd: [vpn] CHAP: sending RESPONSE
May 11 22:22:31 mpd: [vpn] CHAP: rec'd SUCCESS #1
May 11 22:22:31 mpd: MESG: S=1624C804A00BD39694B8A28FFC56D6FD4B4836F9
May 11 22:22:31 mpd: [vpn] LCP: authorization successful
May 11 22:22:31 mpd: [vpn] LCP: phase shift AUTHENTICATE --> NETWORK
May 11 22:22:31 mpd: [vpn] setting interface ng0 MTU to 1500 bytes
May 11 22:22:31 mpd: [vpn] up: 1 link, total bandwidth 64000 bps
May 11 22:22:31 mpd: [vpn] IPCP: Up event
May 11 22:22:31 mpd: [vpn] IPCP: state change Starting --> Req-Sent
May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #1
May 11 22:22:31 mpd: IPADDR 10.102.197.229
May 11 22:22:31 mpd: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Request #146 link 0 (Req-Sent)
May 11 22:22:31 mpd: IPADDR *.*.81.193
May 11 22:22:31 mpd: *.*.81.193 is OK
May 11 22:22:31 mpd: [vpn] IPCP: SendConfigAck #146
May 11 22:22:31 mpd: IPADDR *.*.81.193
May 11 22:22:31 mpd: [vpn] IPCP: state change Req-Sent --> Ack-Sent
May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol CCP on link 0, rejecting
May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol ECP on link 0, rejecting
May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Reject #1 link 0 (Ack-Sent)
May 11 22:22:31 mpd: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #2
May 11 22:22:31 mpd: IPADDR 10.102.197.229
May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol CCP on link 0, rejecting
May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Nak #2 link 0 (Ack-Sent)
May 11 22:22:31 mpd: IPADDR *.*.87.55
May 11 22:22:31 mpd: *.*.87.55 is OK
May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #3
May 11 22:22:31 mpd: IPADDR *.*.87.55
May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Ack #3 link 0 (Ack-Sent)
May 11 22:22:31 mpd: IPADDR *.*.87.55
May 11 22:22:31 mpd: [vpn] IPCP: state change Ack-Sent --> Opened
May 11 22:22:31 mpd: [vpn] IPCP: LayerUp
May 11 22:22:31 mpd: *.*.87.55 -> *.*.81.193
May 11 22:22:31 mpd: [vpn] IFACE: Up event
May 11 22:22:31 mpd: [vpn] setting interface ng0 MTU to 1500 bytes
May 11 22:22:31 mpd: [vpn] exec: /sbin/ifconfig ng0 *.*.87.55 *.*.81.193 netmask 0xffffffff -link0
May 11 22:22:31 mpd: [vpn] no interface to proxy arp on for *.*.81.193
May 11 22:22:31 mpd: [vpn] exec: /sbin/route add *.*.87.55 -iface lo0
May 11 22:22:31 mpd: [vpn] IFACE: Up event--end of /var/log/mpd.log--
--ifconfig--
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::230:4fff:fe27:8880%rl0 prefixlen 64 scopeid 0x1
inet 10.102.197.229 netmask 0xffff0000 broadcast 10.102.255.255
ether 00:30:4f:27:88:80
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1500
inet *.*.87.55 --> *.*.81.193 netmask 0xffffffff
inet6 blah-blah-blah%ng0 prefixlen 64 scopeid 0x4
--end of ifconfig----netstat -rn--
Routing tablesInternet:
Destination Gateway Flags Refs Use Netif Expire
default 10.102.0.1 UGS 0 34 rl0
10.102/16 link#1 UC 0 0 rl0
10.102.0.1 00:14:69:1a:60:1c UHLW 1 0 rl0 1200
10.102.187.253 00:a0:cc:2c:8c:52 UHLW 0 515 rl0 1069
10.102.197.229 127.0.0.1 UGHS 0 0 lo0
*.*.81.193 *.*.87.55 UH 0 0 ng0
*.*.87.55 lo0 UHS 0 0 lo0
127.0.0.1 127.0.0.1 UH 1 64 lo0--end of netstat -rn--
mpd поднимает линк, провайдер и логи говорят что auth прошел успешно.
поднимается vpn между *.*.87.55 --> *.*.81.193, где *.*.87.55 - реальный ИП,
который выдает мне ISP.(сетка *.*. это сетка этого ISP). Только ничего по
этому линку не бегает. Пингую яндекс - пинг не идет. Думаю, что проблема в default
route. Добавляю яндекс в таблицу: route add 213.180.204.8 *.*.81.193 - пинг идет. И так с
любым хостом. Меняю default route:
route delete default
route add default *.*.81.193 <---- после этой команды, вылетает приглашение bash,как
и положено, но система встает жутким колом. Даже NumLock и иже с ними не работают.--uname -a--
FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC 2005 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
--end of uname -a----mpd -v--
Version 3.18 (root@freebsd.org 22:43 3-Apr-2005)
--end of mpd -v--10.110.0.10 <- VPN сервер
10.102.197.229 <- IP выдаваемый мне по ifconfig_rl0="DHCP"
*.*.81.193 <- IP на другом конце VPN (я так понимаю, реальный IP VPN сервера)
*.*.87.55 <- мой статический IPПодскажите, как мне настроить VPN соединение с провайдером?
p.s.: у провайдера FreeBSD тоже.
с ув. keydet
>Доброго времени суток, господа.
>
>Столкнулся со следующей проблемой:
>Есть ISP, раздает IP адреса по DHCP, а внешний канал по VPN.
>Я настраиваю mpd.
>
>--cut of /etc/rc.conf--
>ifconfig_rl0="DHCP"
>--cut of /etc/rc.conf--
>
>--/usr/local/etc/mpd/mpd.conf--
>
>default:
> load vpn
>
>vpn:
> new -i ng0 vpn
>vpn
> set iface disable on-demand
>
> set iface idle 0
>
> set iface route default
>
> set bundle disable multilink
>
> set bundle authname "test"
>
> set bundle password "test"
>
> set link yes acfcomp
>protocomp
> set link accept chap
>chap-msv2
> set iface enable proxy-arp
>
> open
>--end of /usr/local/etc/mpd/mpd.conf--
>
>--/usr/local/etc/mpd/mpd.links--
>
>vpn:
> set link type pptp
>
> set pptp peer 10.110.0.10
>
> set pptp disable windowing
>
> set pptp enable originate
>incoming outcall
>
>--end of /usr/local/etc/mpd/mpd.links--
>
>Дальше запускаю mpd -b
>
>--/var/log/mpd.log--
>May 11 22:22:30 mpd: mpd: pid 558, version 3.18 (root@freebsd.org 22:43
> 3-Apr-2005)
>May 11 22:22:30 mpd: [vpn] ppp node is "mpd558-vpn"
>May 11 22:22:30 mpd: mpd: local IP address for PPTP is
>0.0.0.0
>May 11 22:22:30 mpd: [vpn] using interface ng0
>May 11 22:22:30 mpd: [vpn] IFACE: Open event
>May 11 22:22:30 mpd: [vpn] IPCP: Open event
>May 11 22:22:30 mpd: [vpn] IPCP: state change Initial --> Starting
>May 11 22:22:30 mpd: [vpn] IPCP: LayerStart
>May 11 22:22:30 mpd: [vpn] bundle: OPEN event in state CLOSED
>
>May 11 22:22:30 mpd: [vpn] opening link "vpn"...
>May 11 22:22:30 mpd: [vpn] link: OPEN event
>May 11 22:22:30 mpd: [vpn] LCP: Open event
>May 11 22:22:30 mpd: [vpn] LCP: state change Initial --> Starting
>May 11 22:22:30 mpd: [vpn] LCP: LayerStart
>May 11 22:22:30 mpd: [vpn] device: OPEN event in state DOWN
>
>May 11 22:22:30 mpd: pptp0: connecting to 10.110.0.10:1723
>May 11 22:22:30 mpd: [vpn] device is now in state OPENING
>
>May 11 22:22:30 mpd: pptp0: connected to 10.110.0.10:1723
>May 11 22:22:30 mpd: pptp0: attached to connection with 10.110.0.10:1723
>May 11 22:22:30 mpd: pptp0-0: outgoing call connected at 64000 bps
>
>May 11 22:22:30 mpd: [vpn] PPTP call successful
>May 11 22:22:30 mpd: [vpn] device: UP event in state OPENING
>
>May 11 22:22:30 mpd: [vpn] device is now in state UP
>
>May 11 22:22:30 mpd: [vpn] link: UP event
>May 11 22:22:30 mpd: [vpn] link: origination is local
>May 11 22:22:30 mpd: [vpn] LCP: Up event
>May 11 22:22:30 mpd: [vpn] LCP: state change Starting --> Req-Sent
>May 11 22:22:30 mpd: [vpn] LCP: phase shift DEAD --> ESTABLISH
>May 11 22:22:30 mpd: [vpn] LCP: SendConfigReq #1
>May 11 22:22:30 mpd: ACFCOMP
>May 11 22:22:30 mpd: PROTOCOMP
>May 11 22:22:30 mpd: MRU 1500
>May 11 22:22:30 mpd: MAGICNUM 38e44542
>May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Request #78 link
>0 (Req-Sent)
>May 11 22:22:30 mpd: MRU 1500
>May 11 22:22:30 mpd: MAGICNUM 60e8a571
>May 11 22:22:30 mpd: AUTHPROTO CHAP MSOFTv2
>May 11 22:22:30 mpd: [vpn] LCP: SendConfigAck #78
>May 11 22:22:30 mpd: MRU 1500
>May 11 22:22:30 mpd: MAGICNUM 60e8a571
>May 11 22:22:30 mpd: AUTHPROTO CHAP MSOFTv2
>May 11 22:22:30 mpd: [vpn] LCP: state change Req-Sent --> Ack-Sent
>May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Reject #1 link
>0 (Ack-Sent)
>May 11 22:22:30 mpd: ACFCOMP
>May 11 22:22:30 mpd: PROTOCOMP
>May 11 22:22:30 mpd: [vpn] LCP: SendConfigReq #2
>May 11 22:22:30 mpd: MRU 1500
>May 11 22:22:30 mpd: MAGICNUM 38e44542
>May 11 22:22:30 mpd: [vpn] LCP: rec'd Configure Ack #2 link
>0 (Ack-Sent)
>May 11 22:22:30 mpd: MRU 1500
>May 11 22:22:30 mpd: MAGICNUM 38e44542
>May 11 22:22:30 mpd: [vpn] LCP: state change Ack-Sent --> Opened
>May 11 22:22:30 mpd: [vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE
>May 11 22:22:30 mpd: [vpn] LCP: auth: peer wants CHAP, I
>want nothing
>May 11 22:22:30 mpd: [vpn] LCP: LayerUp
>May 11 22:22:30 mpd: [vpn] CHAP: rec'd CHALLENGE #1
>May 11 22:22:30 mpd: Name: ""
>May 11 22:22:30 mpd: Using authname "test"
>May 11 22:22:30 mpd: [vpn] CHAP: sending RESPONSE
>May 11 22:22:31 mpd: [vpn] CHAP: rec'd SUCCESS #1
>May 11 22:22:31 mpd: MESG: S=1624C804A00BD39694B8A28FFC56D6FD4B4836F9
>May 11 22:22:31 mpd: [vpn] LCP: authorization successful
>May 11 22:22:31 mpd: [vpn] LCP: phase shift AUTHENTICATE --> NETWORK
>May 11 22:22:31 mpd: [vpn] setting interface ng0 MTU to 1500
>bytes
>May 11 22:22:31 mpd: [vpn] up: 1 link, total bandwidth 64000
>bps
>May 11 22:22:31 mpd: [vpn] IPCP: Up event
>May 11 22:22:31 mpd: [vpn] IPCP: state change Starting --> Req-Sent
>May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #1
>May 11 22:22:31 mpd: IPADDR 10.102.197.229
>May 11 22:22:31 mpd: COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Request #146 link
>0 (Req-Sent)
>May 11 22:22:31 mpd: IPADDR *.*.81.193
>May 11 22:22:31 mpd: *.*.81.193 is OK
>May 11 22:22:31 mpd: [vpn] IPCP: SendConfigAck #146
>May 11 22:22:31 mpd: IPADDR *.*.81.193
>May 11 22:22:31 mpd: [vpn] IPCP: state change Req-Sent --> Ack-Sent
>May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol CCP on link
>0, rejecting
>May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol ECP on link
>0, rejecting
>May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Reject #1 link
>0 (Ack-Sent)
>May 11 22:22:31 mpd: COMPPROTO VJCOMP, 16 comp. channels, no
>comp-cid
>May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #2
>May 11 22:22:31 mpd: IPADDR 10.102.197.229
>May 11 22:22:31 mpd: [vpn] rec'd unexpected protocol CCP on link
>0, rejecting
>May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Nak #2 link
>0 (Ack-Sent)
>May 11 22:22:31 mpd: IPADDR *.*.87.55
>May 11 22:22:31 mpd: *.*.87.55 is OK
>May 11 22:22:31 mpd: [vpn] IPCP: SendConfigReq #3
>May 11 22:22:31 mpd: IPADDR *.*.87.55
>May 11 22:22:31 mpd: [vpn] IPCP: rec'd Configure Ack #3 link
>0 (Ack-Sent)
>May 11 22:22:31 mpd: IPADDR *.*.87.55
>May 11 22:22:31 mpd: [vpn] IPCP: state change Ack-Sent --> Opened
>May 11 22:22:31 mpd: [vpn] IPCP: LayerUp
>May 11 22:22:31 mpd: *.*.87.55 -> *.*.81.193
>May 11 22:22:31 mpd: [vpn] IFACE: Up event
>May 11 22:22:31 mpd: [vpn] setting interface ng0 MTU to 1500
>bytes
>May 11 22:22:31 mpd: [vpn] exec: /sbin/ifconfig ng0 *.*.87.55 *.*.81.193 netmask
>0xffffffff -link0
>May 11 22:22:31 mpd: [vpn] no interface to proxy arp on
>for *.*.81.193
>May 11 22:22:31 mpd: [vpn] exec: /sbin/route add *.*.87.55 -iface lo0
>
>May 11 22:22:31 mpd: [vpn] IFACE: Up event
>
>--end of /var/log/mpd.log--
>
>--ifconfig--
>rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=8<VLAN_MTU>
> inet6 fe80::230:4fff:fe27:8880%rl0 prefixlen 64
>scopeid 0x1
> inet 10.102.197.229 netmask 0xffff0000
>broadcast 10.102.255.255
> ether 00:30:4f:27:88:80
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
>plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
>lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
> inet 127.0.0.1 netmask 0xff000000
>
> inet6 ::1 prefixlen 128
>
> inet6 fe80::1%lo0 prefixlen 64
>scopeid 0x3
>ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1500
> inet *.*.87.55 --> *.*.81.193 netmask 0xffffffff
> inet6 blah-blah-blah%ng0 prefixlen 64
>scopeid 0x4
>--end of ifconfig--
>
>--netstat -rn--
>Routing tables
>
>Internet:
>Destination Gateway
> Flags
> Refs Use Netif Expire
>
>default
>10.102.0.1 UGS
> 0
> 34 rl0
>10.102/16 link#1
>
>UC 0
> 0
>rl0
>10.102.0.1 00:14:69:1a:60:1c UHLW
> 1
> 0 rl0
>1200
>10.102.187.253 00:a0:cc:2c:8c:52 UHLW
> 0 515
> rl0 1069
>10.102.197.229 127.0.0.1
> UGHS
>0 0
> lo0
>*.*.81.193 *.*.87.55
> UH
> 0
> 0 ng0
>*.*.87.55 lo0
>
> UHS
> 0 0
> lo0
>127.0.0.1 127.0.0.1
> UH
> 1
> 64 lo0
>
>--end of netstat -rn--
>
>mpd поднимает линк, провайдер и логи говорят что auth прошел успешно.
>поднимается vpn между *.*.87.55 --> *.*.81.193, где *.*.87.55 - реальный ИП,
>который выдает мне ISP.(сетка *.*. это сетка этого ISP). Только ничего по
>
>этому линку не бегает. Пингую яндекс - пинг не идет. Думаю, что
>проблема в default
>route. Добавляю яндекс в таблицу: route add 213.180.204.8 *.*.81.193 - пинг идет.
>И так с
>любым хостом. Меняю default route:
>route delete default
>route add default *.*.81.193 <---- после этой команды, вылетает приглашение bash,как
>и положено, но система встает жутким колом. Даже NumLock и иже с
>ними не работают.
>
>--uname -a--
>FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC
>2005 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>--end of uname -a--
>
>--mpd -v--
>Version 3.18 (root@freebsd.org 22:43 3-Apr-2005)
>--end of mpd -v--
>
>10.110.0.10 <- VPN сервер
>10.102.197.229 <- IP выдаваемый мне по ifconfig_rl0="DHCP"
>*.*.81.193 <- IP на другом конце VPN (я так понимаю, реальный IP
>VPN сервера)
>*.*.87.55 <- мой статический IP
>
>Подскажите, как мне настроить VPN соединение с провайдером?
>
>p.s.: у провайдера FreeBSD тоже.
>
>с ув. keydetпопробуйте в rc.conf
static_routes="vpn"
route_vpn="-host ваш_ip ip_сервера"
defaultrouter убрать
>попробуйте в rc.conf
>static_routes="vpn"
>route_vpn="-host ваш_ip ip_сервера"
>defaultrouter убратьОбязательно попробую сегодня вечером. Только мне все равно, почему система
встает колом при изменении default route на конечный из VPN ng0 вместо rl0.
>попробуйте в rc.conf
>static_routes="vpn"
>route_vpn="-host ваш_ip ip_сервера"
мой ИП какой? который на моем конце VPN? или который раздался мне по DHCP? и ip_сервера какой - который 10.110.0.10, или который на другом конце VPN у меня?>defaultrouter убрать
root@# cat /etc/rc.conf# -- sysinstall generated deltas -- # Sat Apr 29 15:50:37 2006
# Created: Sat Apr 29 15:50:37 2006
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
font8x14="cp866-8x14"
font8x16="cp866b-8x16"
font8x8="cp866-8x8"
keymap="ru.koi8-r"
keyrate="normal"
mousechar_start="3"
saver="blank"
scrnmap="koi8-r2cp866"
sshd_enable="YES"
usbd_enable="YES"
ifconfig_rl0="DHCP"
static_routes="vpn"
route_vpn="-host *.*.87.55 *.*.81.193"root@# netstat -rn
Routing tablesInternet:
Destination Gateway Flags Refs Use Netif Expire
default 10.102.0.1 UGS 1 37 rl0
10.102/16 link#1 UC 0 0 rl0
10.102.0.1 00:14:69:1a:60:1c UHLW 1 0 rl0 1200
10.102.187.253 00:a0:cc:2c:8c:52 UHLW 0 111 rl0 1112
10.102.197.229 127.0.0.1 UGHS 0 0 lo0
*.*.81.195 *.*.87.55 UH 0 0 ng0
*.*.87.55 *.*.81.195 UGHS 0 0 rl0
127.0.0.1 127.0.0.1 UH 1 58 lo0root@#
defaultrouter по умолчанию NO.
не работает =(
Может дефаултроутер выхватывается по дхцп?
Схема такая (по крайней мере у меня. всё работает)Пишем 2 скрипта(сделать выполняемыми) и вставляем соответствующие опции в конфиг
set iface up-script /usr/local/etc/mpd/io-up.sh
#!/bin/sh
/sbin/route add <IP ISP VPN> <IP IF to ISP>
/sbin/route delete default
/sbin/route add default <IP VPN GW ISP>
/sbin/natd -a <IP VPN>Где
<IP ISP VPN> - адрес ВПН сервера провайдера
<IP IF to ISP> - интерфейс через который видно ВПН провайдера без ВПН соединения
<IP VPN GW ISP> - Шлюз для ВПН подключенияset iface down-script /usr/local/etc/mpd/io-down.sh
#!/bin/sh
/sbin/route delete default
/sbin/route add default <IP GW ISP>
/usr/bin/killall -9 natdГде
<IP GW ISP> - Шлюз для локальной сети провайдера