My goal is to make VPN access to our Samba PDC (FreeBSD 7.0) so that users can access there home shares from Windows clients. I have read the instructions at http://samba.org/ftp/unpacked/lorikeet/pppd/final-report.pdf, but I can't make it work. Don't know if is due to my lack of skills or has something to do with the Popop functionality in FreeBSD. Following the instructions, i made a file /usr/local/etc/pptpd.conf: option /etc/ppp/options.pptpd localip 192.168.1.4 remoteip 192.168.1.150-155 and another file /etc/ppp/options.pptpd: lock debug noauth name pptpd nobsdcomp refuse-pap refuse-chap refuse-MSCHAP require-MSCHAP-v2 require-mppe ms-wins 192.168.1.4 ms-dns 195.184.96.2 213.173.225.86 defaultroute plugin winbind.so ntlm_auth-helper /usr/local/bin/ntlm_auth --helper-protocol=ntlm-server-1 This configuration does not work - the log says: Warning: Label /etc/ppp/options.pptpd rejected -direct connection: Configuration label not found>From reading several howto's on Poptop on FreeBSD I ended up with apartially working solution. I removed the reference to the option file in /usr/local/etc/pptpd.conf and modified /etc/ppp/ppp.conf like this: pptp: set timeout 0 set log phase chat connect lcp ipcp command set dial set login enable mssfixup set ifaddr 192.168.1.4 192.168.150-192.168.1.155 255.255.255.0 set server /tmp/loop "" 0177 disable pap # Authenticate against /etc/passwd enable passwdauth disable ipv6cp enable proxy accept dns enable MSChapV2 enable mppe disable deflate pred1 And I added the file /etc/ppp/secure: #!/bin/sh exec /usr/sbin/ppp -direct loop-in And finaly the file /etc/ppp/ppp.secrets containing usernames and passwords. After restarting the server, I can now connect from a Windows client. But will lose me access to the Internet (missing DNS), and I cannot join the Samba domain. I hope someone and lead me in the rigth direction... Regards, Jon -- Jon Theil Nielsen
Jon Theil Nielsen wrote:> My goal is to make VPN access to our Samba PDC (FreeBSD 7.0) so that users > can access there home shares from Windows clients. > I have read the instructions at > http://samba.org/ftp/unpacked/lorikeet/pppd/final-report.pdf, but I can't > make it work.<snip>> Regards, > JonJon, I do it this way: pptp VPN server /etc/pptpd.conf option /etc/ppp/options.pptp debug (comment out after testing) localip 192.168.7.12 remoteip 192.168.7.2-5 pidfile /var/run/pptpd.pid /etc/ppp/options.pptp lock noauth nobsdcomp lcp-echo-failure 10 lcp-echo-interval 10 /etc/ppp/options name bonza.rbpllc.com noipdefault noauth lock local lcp-echo-interval 30 lcp-echo-failure 4 lcp-max-configure 60 lcp-restart 2 idle 600 noipx file /etc/ppp/filters proxyarp ms-dns 192.168.7.15 ms-wins 192.168.7.15 refuse-chap refuse-mschap /etc/ppp/pap-secrets * bonza.rbpllc.com "" <username> <yourserver.yourdomain.com> <password> * /etc/ppp/chap-secrets <username> * <password> * Of course, use your own information and get rid of the "< >" in the pap and chap-secret files. Good luck. This works like a charm. Just don't forget to open [port 1723] in your firewall and router for accessing the server locally as well as remotely. Also, you may need: # TAG: bcrelay <if> bcrelay eth0 in /etc/pptpd.conf if you are running an older version of pptpd to improve remote browsing. -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com