Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#335896 - 08/08/2010 13:11 pptpd lan to lan routing question
andym
carpal tunnel

Registered: 17/01/2002
Posts: 3996
Loc: Manchester UK
I'm currently trying to set up a VPN between two sites at work.

The main site router PC runs pptpd which is then connected to by users in the field and also a pptp client running on a router PC at the other site which is then used as a LAN to LAN VPN connection. The individual clients work just fine, the lan to lan connection works as well but requires a small amount of manual intervention to get the routes set up once connected. I've solved the problem on the client end, but not the server.

Main Site:
192.168.2.0/24
172.28.0.0/24

Other Site:
10.0.0.0/24

Once the client connects, a script located in /etc/ppp/ip-up.d on that machine is called which adds two routes to 192.168... and 172.28... to the pppX adaptor connected by pptp. This ensures all the traffic to go over the VPN goes through the right adaptor.

Now to the problem. PPTPD accepts connections from individual users PC's and it adds the relevant route to allow those individual PCs to access all the machines on the main site. When my pptp client connects, it too can access all the machines, but as soon as a machine on the remote network wants access, it doesn't work. So I type the following into a console on the pptpd machine:

sudo route add -net 10.0.0.0 netmask 255.255.255.0 dev ppp0

This makes everything work. However, if the tunnel goes down for whatever reason, while it is automatically reconnected and the routes are added by the script at the client end, nothing currently executes the command on the server side. Also, there's no guarantee that ppp0 will be the adaptor assigned, especially if someone else is already logged in.

Does anyone know of a way to call a script from pptpd or pppd that will ensure that when my client connects (it has it's own specific login name) that a script can be run to ensure that the route is assigned to the correct adaptor. I've looked it up on the pptpd website, but they only seem to discuss road warrior configs. Lan to Lan is mentioned on the pptp site, but it doesn't discuss what to do on the server side.
_________________________
Cheers,

Andy M

Top
#335898 - 08/08/2010 14:31 Re: pptpd lan to lan routing question [Re: andym]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
You should be able to use /etc/ppp/ip-up. You're supposed to be able to access $IFNAME and $PEERNAME as environment variables.
_________________________
Bitt Faulk

Top
#335899 - 08/08/2010 17:42 Re: pptpd lan to lan routing question [Re: wfaulk]
andym
carpal tunnel

Registered: 17/01/2002
Posts: 3996
Loc: Manchester UK
Lovely, changing $PPP_IPPARAM to $PEERNAME in my bash script did the trick. It had worked on the client side, but not on the server side.

Thanks Bitt.
_________________________
Cheers,

Andy M

Top
#335903 - 08/08/2010 21:09 Re: pptpd lan to lan routing question [Re: andym]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31602
Loc: Seattle, WA
Man. The caliber of problem solving on this BBS... Just amazing. I love all you people.
_________________________
Tony Fabris

Top