'Re: [Poptop-server] Proxy ARP issue?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       poptop-server
Subject:    Re: [Poptop-server] Proxy ARP issue?
From:       Hal Pomeranz <hal () deer-run ! com>
Date:       2008-11-24 5:49:23
Message-ID: 20081124054923.GC3196 () deer-run ! com
[Download RAW message or body]

> You never mentioned what version of openbsd or whether you had
> installed it from the ports/packages collection, but on versions of
> openbsd older than 4.4 you have to manually set the 'noipparam' option
> in the pptpd.conf file.

Actually, I mentioned it in my original email-- I'm running OpenBSD 4.4.

> Also, if you want to use the same IP of the network you are connecting
> to you have to use the arpd proxy from ports and don't forget to add
> the appropriate pf rules (set skip, nat, etc...) if you are using that.

An alternative approach is to just create static arp entries with the
"pub" (publish) flag and not have to worry about arpd.  I even tried
following your suggestion and creating a routed network connection
rather than using proxy arp, but no soap.

The BSD pppd is also frustrating in that there isn't a lot of
documentation out there-- particularly when it comes to interpeting
the debugging output.  It was easier to run Poptop on Linux than sit
around reading the source from the BSD pppd.

> I've successfully set it up a few dozen times on OpenBSD.
> Maybe I shoudl write a howto the next time around.

You probably should.  My research turned up postings from lots of
other people having similar problems on OpenBSD.  I suspect there are
a decent number of people out there using OpenBSD for their
firewall/VPN gateway.

Of course, what I really wish is that the iPhone supported an IPSEC
configuration other than the Cisco implementation.  I'd prefer to be
using IPSEC instead of PPTP, but any port in a storm...

-- 
Hal Pomeranz, Founder/CEO      Deer Run Associates      hal@deer-run.com
    Network Connectivity and Security, Systems Management, Training

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Poptop-server mailing list
Poptop-server@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic