Есть машина FreeBSD c 2-мя сетевухами соответственно одна смотрит в нет, другая в локалку
rc.conf
defaultrouter="z.z.z.z"
hostname="FreeBSD"
ifconfig_xl0="inet 192.168.15.113 netmask 255.255.255.0" # локальная сеть
ifconfig_xl1="inet x.x.x.x netmask y.y.y.y"
keymap="ru.koi8-r"
usbd_enable="YES"
sshd_enable="YES"
ntpdate_enable="YES"
ntpd_enable="YES"
mpd_enable="YES"mpd.conf
default:
load pptp0
pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 192.168.101.1/32 192.168.101.2/32
load pptp_standart
pptp_standart:
set iface disable on-demand
set bundle disable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp dns 192.168.15.2
set ipcp nbns 192.168.15.2
set iface enable proxy-arp
set iface enable proxy-arp
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle yes crypt-reqd
set pptp self 192.168.15.113
set pptp enable incoming
set pptp disable originatempd.secret
user1 "111" *mdp.links
pptp0:
set link type pptpИнтерфес поднимается ng0: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
Клиент WinXP не коннектиться ...
Может адреса не так задал set ipcp ranges 192.168.101.1/32 192.168.101.2/32
Какие тут адреса надо задавать ?
>Есть машина FreeBSD c 2-мя сетевухами соответственно одна смотрит в нет, другая
>в локалку
>rc.conf
>defaultrouter="z.z.z.z"
>hostname="FreeBSD"
>ifconfig_xl0="inet 192.168.15.113 netmask 255.255.255.0" # локальная сеть
>ifconfig_xl1="inet x.x.x.x netmask y.y.y.y"
>keymap="ru.koi8-r"
>usbd_enable="YES"
>sshd_enable="YES"
>ntpdate_enable="YES"
>ntpd_enable="YES"
>mpd_enable="YES"
>
>mpd.conf
>default:
> load pptp0
>pptp0:
> new -i ng0 pptp0
>pptp0
> set ipcp ranges 192.168.101.1/32
>192.168.101.2/32
> load pptp_standart
>pptp_standart:
> set iface disable on-demand
>
> set bundle disable multilink
>
> set link yes acfcomp
>protocomp
> set link no pap
>chap
> set link enable chap
>
> set link keep-alive 60
>180
> set ipcp yes vjcomp
>
> set ipcp dns 192.168.15.2
>
> set ipcp nbns 192.168.15.2
>
> set iface enable proxy-arp
>
> set iface enable proxy-arp
>
> set bundle enable compression
>
> set ccp yes mppc
>
> set ccp yes mpp-e40
>
> set ccp yes mpp-e128
>
> set ccp yes mpp-stateless
>
> set bundle yes crypt-reqd
>
> set pptp self 192.168.15.113
>
> set pptp enable incoming
>
> set pptp disable originate
>
>
>mpd.secret
>user1 "111" *
>
>mdp.links
>pptp0:
> set link type pptp
>
>Интерфес поднимается ng0: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
>Клиент WinXP не коннектиться ...
>Может адреса не так задал set ipcp ranges 192.168.101.1/32 192.168.101.2/32
>Какие тут адреса надо задавать ?В ядре:
------
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT="100"
options IPDIVERT
options DUMMYNET
options NETGRAPH #netgraph(4) system
options NETGRAPH_ASYNC
options NETGRAPH_BPF
options NETGRAPH_ECHO
options NETGRAPH_ETHER
options NETGRAPH_HOLE
options NETGRAPH_IFACE
options NETGRAPH_KSOCKET
options NETGRAPH_L2TP
options NETGRAPH_LMI
# MPPC compression requires proprietary files (not included)
#options NETGRAPH_MPPC_COMPRESSION
options NETGRAPH_MPPC_ENCRYPTION
options NETGRAPH_ONE2MANY
options NETGRAPH_PPP
options NETGRAPH_PPTPGRE
options NETGRAPH_RFC1490
options NETGRAPH_SOCKET
options NETGRAPH_TEE
options NETGRAPH_TTY
options NETGRAPH_UImpd.conf
---------
default:
load pptp0
load pptp1pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 192.168.100.1/32 192.168.100.100/32
load vpn_standartpptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 192.168.100.1/32 192.168.100.101/32
load vpn_standartvpn_standart:
set iface disable on-demand
set bundle disable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp dns 192.168.50.250 #мой внутренний DNS сервер
set iface enable proxy-arp
set bundle enable compression#Включаем компрессию данных, совсестимую с Microsoft-клиентами
set ccp yes mppc
#Включаем шифрование, совместимое с Microsoft-клиентами
set ccp yes mpp-e40
set ccp yes mpp-e56
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle yes crypt-reqd#Разрешаем входящие соединения
set pptp enable incoming
set pptp disable originateset iface mtu 1500
set link mtu 1500
# set link mru 1396
# set iface mtu 1396
# set link mtu 1396
# set link mru 1396
mpd.links
---------
pptp0:
set link type pptp
pptp1:
set link type pptpmpd.secret
----------
vpn vpn *
vpnuser 12345678 192.168.100.200
Спасибо, ВПН - поднялся :)
теперь такая проблема : сеть не видна
ни одна машина не пингуется :(
Зато пингуються все "железные" устройства : принт-серверы, свичеры.
VPN-сервер не является для компов сети шлюзом по умолчанию, я подозреваю что в этом проблема.
как данная ситуация решается ?
использовал этот конфиг - вот вывод с mpd.log. Клиенты не коннектятся
Jun 22 12:39:25 gate mpd: mpd: pid 1170, version 3.18 (root@gate.age.com.ua 11:53 16-Jun-2007)
Jun 22 12:39:25 gate mpd: mpd: warning: line too long, truncated
Jun 22 12:39:25 gate mpd: mpd: entry "pptp0" not found in mpd.conf
Jun 22 12:39:25 gate mpd: mpd: warning: line too long, truncated
Jun 22 12:39:25 gate mpd: mpd: entry "pptp1" not found in mpd.conf
Jun 22 12:39:25 gate mpd: pptp0:: unknown command. Try "help".
Jun 22 12:39:25 gate mpd: [pptp0] ppp node is "mpd1170-pptp0"
Jun 22 12:39:25 gate mpd: pptp1:: unknown command. Try "help".
Jun 22 12:39:25 gate mpd: [pptp0] device type already set to pptp
Jun 22 12:39:25 gate mpd: mpd: warning: line too long, truncated
Jun 22 12:39:25 gate mpd: [pptp0] using interface ng0
Jun 22 12:39:25 gate mpd: mpd: warning: line too long, truncated
Jun 22 12:39:25 gate mpd: mpd: entry "vpn_standart" not found in mpd.conf
Jun 22 12:39:25 gate mpd: pptp1:: unknown command. Try "help".
Jun 22 12:39:25 gate mpd: [pptp1] ppp node is "mpd1170-pptp1"
Jun 22 12:39:25 gate mpd: mpd: warning: line too long, truncated
Jun 22 12:39:25 gate mpd: [pptp1] using interface ng1
а у меня не создаються ng0-ng1
в ядре есть все что описано сдесь
rc.conf такойже
вообщем все такоеже
в итоге в виндах пишет 800 - нету сервера
в логах mpd
vpn# vi /var/log/mpd.log
Jan 23 15:55:03 vpn mpd: mpd: pid 46214, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 15:55:03 vpn mpd: mpd: already running as process 44796
Jan 23 16:02:52 vpn mpd: mpd: pid 753, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:03:00 vpn mpd: mpd: process 753 terminated
Jan 23 16:04:35 vpn mpd: mpd: pid 806, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:06:04 vpn mpd: mpd: caught fatal signal term
Jan 23 16:06:06 vpn mpd: mpd: process 806 terminated
Jan 23 16:06:06 vpn mpd: mpd: pid 846, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:06:56 vpn mpd: mpd: pid 847, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:06:56 vpn mpd: mpd: already running as process 846
Jan 23 16:11:43 vpn mpd: mpd: caught fatal signal term
Jan 23 16:11:45 vpn mpd: mpd: process 846 terminated
Jan 23 16:11:45 vpn mpd: mpd: pid 892, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:18:48 vpn mpd: mpd: pid 540, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:47:15 vpn mpd: mpd: caught fatal signal term
Jan 23 16:47:17 vpn mpd: mpd: process 540 terminated
Jan 23 16:47:17 vpn mpd: mpd: pid 850, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 16:47:17 vpn mpd: [pptp0] ppp node is "mpd850-pptp0"
Jan 23 16:47:17 vpn mpd: [pptp0] using interface ng0
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp0" is unspecified
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp0" is unspecified
Jan 23 16:47:17 vpn mpd: mpd: warning: line too long, truncated
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp0" is unspecified
Jan 23 16:47:17 vpn mpd: [pptp1] ppp node is "mpd850-pptp1"
Jan 23 16:47:17 vpn mpd: [pptp1] using interface ng1
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp1" is unspecified
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp1" is unspecified
Jan 23 16:47:17 vpn mpd: mpd: warning: line too long, truncated
Jan 23 16:47:17 vpn mpd: mpd: type of link "pptp1" is unspecified
Jan 23 17:01:30 vpn mpd: mpd: pid 7991, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 17:01:30 vpn mpd: mpd: already running as process 850
Jan 23 17:01:50 vpn mpd: mpd: caught fatal signal term
Jan 23 17:01:50 vpn mpd: [pptp0] IPCP: Down event
Jan 23 17:01:50 vpn mpd: [pptp0] IFACE: Close event
Jan 23 17:01:50 vpn mpd: [pptp1] IPCP: Down event
Jan 23 17:01:50 vpn mpd: [pptp1] IFACE: Close event
Jan 23 17:01:52 vpn mpd: mpd: process 850 terminated
Jan 23 17:01:53 vpn mpd: mpd: pid 8013, version 3.18 (root@vpn 14:18 23-Jan-2008)
Jan 23 17:01:53 vpn mpd: [pptp0] ppp node is "mpd8013-pptp0"
/var/log/mpd.log: unmodified: line 1####
в итоге всетаки встали но конекта нетуrl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet XXX.XXX.XXX.XXX netmask 0xfffffff8 broadcast XXX.XXX.XXX.XXX
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 192.168.50.3 netmask 0xffffff00 broadcast 192.168.50.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
ng0: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng1: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
все сделал.
почитал еще раз выше. нашол ошибки синтаксися (TAB)
все заработало