?
Solved

openswan + l2tpd and ppp problem

Posted on 2005-04-06
15
Medium Priority
?
878 Views
Last Modified: 2010-04-20
i have win Xp box witj 192.168.65.1 ip netmask 25.255.255.0 behind NAT
i get 192.168.0.205 from l2tpd
NAT box with real wip
here is firewall with openswan +l2tpd an ppp
witj real IP on eth0
local l2tpd IP is 192.168.0.2
one local IP on eth1 is 192.168.0.1
and for third IP on et2 is 192.168.2.1
i'm connecting without problem but i can only ping iP addresses
starting with 192.168.0.1 to 255
i cat't ping 192.168.2.1 and 192.168.2.2
i try with changing option.l2tpd
yo defaltroute and nodefault route but without succseed
here is route for ppp0
192.168.0.205   *               255.255.255.255 UH    0      0        0 ppp0
and ifconfig for ppp0
ppp0      Link encap:Point-to-Point Protocol
          inet addr:192.168.0.2  P-t-P:192.168.0.205  Mask:255.255.255.255
whete is the problem
maybe some route problem ?
0
Comment
Question by:snedelchev
  • 7
  • 6
14 Comments
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13724420
> i cat't ping 192.168.2.1 and 192.168.2.2
1. You need to check the the ip forwarding is enabled or not on the firewall.
2. Your machine's default gateway show be 192.168.0.1 (eth1 on firewall)
Do
ipconfig /all
in XP command prompt

Wesly
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13727023
here is

There is no gateway for VPN connection
i think this is the reason why packets for 192.168.2.2 is going nowhere
but if i setup one
my internet is stoping

Microsoft wrote that if i have dial up conection and use default gateway on remote machnite for VPN if some adress is in acsesible from VPN will move trought dial up connection
But i have LAN conenction and my internet is stoping if i'm using default gatewan on VPN

How to solve this problem.
Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adap
ter
        Physical Address. . . . . . . . . : 00-0A-E6-99-5E-88
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.66.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.66.1
        DNS Servers . . . . . . . . . . . : 80.80.128.161
                                            80.80.128.193

PPP adapter WOW:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.205
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 192.168.0.10
                                            192.168.0.10
        Primary WINS Server . . . . . . . : 192.168.0.10
        Secondary WINS Server . . . . . . : 192.168.0.10

C:\Documents and Settings\stas>
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13728824
> But i have LAN conenction and my internet is stoping if i'm using default gatewan on VPN
In this case, you don't set the default gateway, you set the route to 192.168.2.x
On XP,
route add 192.168.2.0 mask 255.255.255.0 192.168.0.1 (or 192.168.0.10 ?)

Do
route ?
for more details.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 3

Author Comment

by:snedelchev
ID: 13730714
i solve it some how
i made my default gateway on my local internet where i'm geting internet with metric 20
and now it works

Cool :)
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13731378
Glad to hear that your problem solved.
Default gateway leave as it was.
Add a static route to 192.168.2.x
or
Change your VPN setting for add the route for the VPN client automatically.
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13734280
And here is my new oprions.l2tpd
i think without this corections this will not work

root@fw:~# cat /etc/ppp/options.l2tpd
ipcp-accept-local
ipcp-accept-remote
#ms-dns  192.168.0.10
#ms-wins 192.168.0.10
#noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
#nodefaultroute
debug
lock
proxyarp
connect-delay 5000
#silent

Thank you .
Wesly_Chen for good advices
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13734297
The problem was in Both side WinXP and Linux VPN
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13738306
You mean you comment out
#ms-dns  192.168.0.10   <-- this one
#nodefaultroute <-- or this one
?
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13743014
All of these

#ms-dns  192.168.0.10
#ms-wins 192.168.0.10
#noccp
#nodefaultroute
#silent
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13744461
Thanks for the confirm.
Then what is the output of "ipconfig /all" on Windows VPN client?
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13744469
Strange but working
C:\Documents and Settings\Smith>ipconfig/all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : langomir
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adap
ter
        Physical Address. . . . . . . . . : 00-0A-E6-99-5E-88
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.66.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.66.1
        DNS Servers . . . . . . . . . . . : 80.80.128.193
                                            80.80.128.161

PPP adapter WOW:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.205
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.0.205

C:\Documents and Settings\Smith>
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 13744489
> PPP
> Default Gateway . . . . . . . . . : 192.168.0.205
Hmm, can you ping 192.168.2.x network?
How about the routing table on Windows VPN client?
route print
0
 
LVL 3

Author Comment

by:snedelchev
ID: 13744590
i have add
route 192.168.2.0 netmask 255.255.255.0 gw 192.168.0.1
on linux VPN also

C:\Documents and Settings\Smith>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0a e6 99 5e 88 ...... SiS 900-Based PCI Fast Ethernet Adapter - P
cket Scheduler Miniport
0x40004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.0.205   192.168.0.205       1
          0.0.0.0          0.0.0.0     192.168.66.1    192.168.66.2       21
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.0.205  255.255.255.255        127.0.0.1       127.0.0.1       50
    192.168.0.255  255.255.255.255    192.168.0.205   192.168.0.205       50
     192.168.66.0    255.255.255.0     192.168.66.2    192.168.66.2       20
     192.168.66.2  255.255.255.255        127.0.0.1       127.0.0.1       20
   192.168.66.255  255.255.255.255     192.168.66.2    192.168.66.2       20
   213.91.208.250  255.255.255.255     192.168.66.1    192.168.66.2       20
        224.0.0.0        240.0.0.0     192.168.66.2    192.168.66.2       20
        224.0.0.0        240.0.0.0    192.168.0.205   192.168.0.205       1
  255.255.255.255  255.255.255.255    192.168.0.205   192.168.0.205       1
  255.255.255.255  255.255.255.255     192.168.66.2    192.168.66.2       1
Default Gateway:     192.168.0.205
===========================================================================
Persistent Routes:
  None

C:\Documents and Settings\Smith>
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 13788302
Question answered by asker or dialog deemed valuable.
Closed, 500 points refunded.
ee_ai_construct (replacement part #xm34)
Community Support Admin
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question