Comments on: FreeBSD VPN http://www.clearchain.com/blog/posts/freebsd-vpn -= Daily Happenings =- Sun, 14 Mar 2010 14:04:03 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Benjamin Close http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-383 Benjamin Close Thu, 14 Jan 2010 21:10:28 +0000 http://www.clearchain.com/blog/?p=60#comment-383 It seems this article may now be a little out of date for the new pptp/ppp. A possible fix to your problem may be: 1> Remove the line: disable ipv6cp from ppp.conf 2> Make sure you have this line correct: set server /var/run/pptp_ppp_%d "" 0700 3> Create the directory /var/run/pts 4> If things still don't work try modifying the line in 2> to read: set server /var/run/pts/%d.if "" 0700 It seems this article may now be a little out of date for the new pptp/ppp.
A possible fix to your problem may be:

1> Remove the line: disable ipv6cp from ppp.conf
2> Make sure you have this line correct: set server /var/run/pptp_ppp_%d “” 0700
3> Create the directory /var/run/pts
4> If things still don’t work try modifying the line in 2> to read: set server /var/run/pts/%d.if “” 0700

]]> By: SIFE http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-381 SIFE Thu, 14 Jan 2010 14:15:56 +0000 http://www.clearchain.com/blog/?p=60#comment-381 salamo alikom , i get this problem can you correct me : Jan 14 03:10:27 localhost pptp[37402]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established. Jan 14 03:10:28 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' Jan 14 03:10:29 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply. Jan 14 03:10:29 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 41984). Jan 14 03:10:29 localhost kernel: tun0: link state changed to UP Jan 14 03:10:29 localhost ppp[37402]: tun0: Warning: disable ipv6cp: Invalid command Jan 14 03:10:29 localhost ppp[37402]: tun0: Warning: disable ipv6cp: Failed 1 Jan 14 03:10:29 localhost ppp[37402]: tun0: Alert: deflink: Can't create /var/run/pts/2.if: No such file or directory Jan 14 03:10:31 localhost pptp[37407]: anon log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled) Jan 14 03:10:31 localhost kernel: tun0: link state changed to DOWN Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: Unable to set physical to speed 0 Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: Unable to set physical to speed 0 Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: tcsetattr: Unable to restore device settings Jan 14 03:10:31 localhost ppp[37402]: tun0: Alert: deflink: Can't remove /var/run/pts/2.if: No such file or directory Jan 14 03:10:31 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request' Jan 14 03:10:31 localhost pptp[37407]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state) salamo alikom ,
i get this problem can you correct me :
Jan 14 03:10:27 localhost pptp[37402]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 ‘Start-Control-Connection-Request’
Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Jan 14 03:10:27 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Jan 14 03:10:28 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 ‘Outgoing-Call-Request’
Jan 14 03:10:29 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Jan 14 03:10:29 localhost pptp[37407]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer’s call ID 41984).
Jan 14 03:10:29 localhost kernel: tun0: link state changed to UP
Jan 14 03:10:29 localhost ppp[37402]: tun0: Warning: disable ipv6cp: Invalid command
Jan 14 03:10:29 localhost ppp[37402]: tun0: Warning: disable ipv6cp: Failed 1
Jan 14 03:10:29 localhost ppp[37402]: tun0: Alert: deflink: Can’t create /var/run/pts/2.if: No such file or directory
Jan 14 03:10:31 localhost pptp[37407]: anon log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
Jan 14 03:10:31 localhost kernel: tun0: link state changed to DOWN
Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: Unable to set physical to speed 0
Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: Unable to set physical to speed 0
Jan 14 03:10:31 localhost ppp[37402]: tun0: Warning: deflink: tcsetattr: Unable to restore device settings
Jan 14 03:10:31 localhost ppp[37402]: tun0: Alert: deflink: Can’t remove /var/run/pts/2.if: No such file or directory
Jan 14 03:10:31 localhost pptp[37407]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 ‘Call-Clear-Request’
Jan 14 03:10:31 localhost pptp[37407]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)

]]> By: Benjamin Close http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-122 Benjamin Close Thu, 25 Jun 2009 23:00:12 +0000 http://www.clearchain.com/blog/?p=60#comment-122 One thing that might be useful is if your using openBSD's pf then you can't use the antispoof clause: # # Watch Antispoofing, we can't use this at the moment as it breaks # vpn support # ##### #antispoof for { $internalif, $externalif } Might help with your setup, might not One thing that might be useful is if your using openBSD’s pf then you can’t use the antispoof clause:

#
# Watch Antispoofing, we can’t use this at the moment as it breaks
# vpn support
#
#####
#antispoof for { $internalif, $externalif }

Might help with your setup, might not

]]> By: dqueue http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-121 dqueue Thu, 25 Jun 2009 18:12:54 +0000 http://www.clearchain.com/blog/?p=60#comment-121 Thank you for this. This configuration works well for me under FreeBSD 6.4p5. Believe me, this is a relief. Under OpenBSD, I have problems with Mac-based clients; some connect, but do not route traffic for some reason. Cheers. Thank you for this. This configuration works well for me under FreeBSD 6.4p5. Believe me, this is a relief. Under OpenBSD, I have problems with Mac-based clients; some connect, but do not route traffic for some reason.

Cheers.

]]> By: Benjamin Close http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-114 Benjamin Close Thu, 28 May 2009 06:22:56 +0000 http://www.clearchain.com/blog/?p=60#comment-114 You may have to create the file pptp.conf from memory it isn't installed by default. You may have to create the file pptp.conf from memory it isn’t installed by default.

]]> By: Josh http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-112 Josh Mon, 25 May 2009 18:24:35 +0000 http://www.clearchain.com/blog/?p=60#comment-112 Im new to freebsd but after the install i dont have a pptp.conf in that dir the one i have is ppp is the same or are those different. Thanks Im new to freebsd but after the install i dont have a pptp.conf in that dir the one i have is ppp is the same or are those different.

Thanks

]]> By: Benjamin Close http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-48 Benjamin Close Thu, 04 Dec 2008 01:37:30 +0000 http://www.clearchain.com/blog/?p=60#comment-48 Hi Dan, In regards to the IP's: > localip 192.168.2.1 > remoteip 192.168.2.56-75 > # Listen on the outside interface only > listen 130.220.37.202 The local/remote ones here really don't do anything appart from configuring a range. The listen is the external network interface of the server. > set ifaddr 192.168.1.1 192.168.1.56-192.168.1.74 255.255.255.255 > set dns 192.168.0.1 > set nbns 192.168.0.1 192.168.1.1 is the internal address allocated to the tun* device and is what the client ends up talking too. With 192.168.1.56-192.168.1.74 being the dynamic range allocated to clients. In regards to dns/nbns ip this is the address of the internal network card of the servers Ie: When clients connect you end up with a tun* device created on the server which is: inet 192.168.1.1 --> 192.168.1.56 whilst the client ends up with: inet 192.168.1.56 --> 192.168.1.1 Routing on this network then handles 192.168.1/24 -> 192.168.0/24 Hi Dan,
In regards to the IP’s:

> localip 192.168.2.1
> remoteip 192.168.2.56-75

> # Listen on the outside interface only
> listen 130.220.37.202

The local/remote ones here really don’t do anything appart from configuring a range. The listen is the external network interface of the server.

> set ifaddr 192.168.1.1 192.168.1.56-192.168.1.74 255.255.255.255
> set dns 192.168.0.1
> set nbns 192.168.0.1

192.168.1.1 is the internal address allocated to the tun* device and is what the client ends up talking too. With 192.168.1.56-192.168.1.74 being the dynamic range allocated to clients. In regards to dns/nbns ip this is the address of the internal network card of the servers

Ie: When clients connect you end up with a tun* device created on the server which is:

inet 192.168.1.1 –> 192.168.1.56

whilst the client ends up with:

inet 192.168.1.56 –> 192.168.1.1

Routing on this network then handles 192.168.1/24 -> 192.168.0/24

]]> By: Dan Alexander http://www.clearchain.com/blog/posts/freebsd-vpn/comment-page-1#comment-47 Dan Alexander Wed, 03 Dec 2008 03:16:54 +0000 http://www.clearchain.com/blog/?p=60#comment-47 Maybe I missed something, but I need to know where those ip addresses are coming from. Which ones are my dynamically assigned address and which is my users dynamically assigned address. Maybe I missed something, but I need to know where those ip addresses are coming from. Which ones are my dynamically assigned address and which is my users dynamically assigned address.

]]>