Re: ppp

Web Server Talk > Unix and Linux reviews > Red Hat support > Red Hat Topics > Re: ppp
Last Thread Next Thread Next
Re: ppp
Steven Hook
10-16-04 01:46 AM

"Bill Unruh" <unruh@string.physics.ubc.ca> wrote in message
news:ckjhc8$a21$1@nntp.itservices.ubc.ca...
> "Steven Hook" <shook@NOTbowens.co.za> writes:
>
> ]I'm setting up a new dial-in server using RH9, nice new intel server
board
> ]and an eicon diva server bri card
> ]everything seems to be ok with the dialin, the call is answered and the
> ]caller's uname and password is authenticated right, but they can't see
> ]anything past that box;
> ]from comms I can ping any machine on the network, but from a machine that
> ]dialed into comms I can only ping comms.
> ]is it maybe a mgetty config thing?
>
>
> You probably want to make sure you have proxyarp as an option in
> /etc/ppp/options.

it is

> You also want to make sure that IP forwarding is enabled
> on the server (/etc/sysctl.conf  net.ipv4.ip_forward = 1)

it is

> Make sure that the firewall is configured properly. etc


> The assumption is that '/sbin/ifconfig -an' and '/sbin/route -n' on the
>dialin "server" does show a working ppp connection.

'/sbin/ifconfig -an'  doesn't work, but /sbin/ifconfig -a  looks right:

eth0      Link encap:Ethernet  HWaddr 00:11:11:5F:59:B5
inet addr:192.168.10.219  Bcast:192.168.10.255  Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:39587 errors:0 dropped:0 overruns:0 frame:0
TX packets:527 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2408510 (2.2 Mb)  TX bytes:54227 (52.9 Kb)
Interrupt:20 Base address:0xbc00 Memory:feafe000-feafe038

lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
UP LOOPBACK RUNNING  MTU:16436  Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4032 (3.9 Kb)  TX bytes:4032 (3.9 Kb)


>
>On the dialin "client" - does the routing table show a _default route_
>to the world using the dialin "server" IP address as the gateway?
>
>On the dialin "client" - does /etc/resolv.conf OR IT'S WINDOZE EQUIVALENT
>have entries for one to three (ONLY) working nameservers?
>
>On the dialin "server" - is it set for IPv4 forwarding? 'cat' the
contents
>of /proc/sys/net/ipv4/ip_forward (should be a '1'). Setting a variable
>in /etc/sysconfig/network will set this on boot or network restart.
>
>On the dialin "server" - did you set 'proxyarp' as an option to pppd? If
>not, do the rest of the hosts on your LAN know to send packets to the
>dialin "server" as a local gateway when they want to reach the dialin
>"client".
> 
that[vbcol=seagreen] 
>
>On the dialin "server" run 'tcpdump' to see what packets are going
through
>the server, and what might be happening with any replies.
> 
>
>The usual error is 'proxyarp' on the "server". There could also be a

proxyarp IS in /etc/ppp/options

>firewall problem - try /sbin/iptables -L to see what rules might be in
>place.

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:10000
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:20000
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:imap
ACCEPT     udp  --  anywhere             anywhere           udp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:imaps
ACCEPT     udp  --  anywhere             anywhere           udp dpt:imaps
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:squid
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere           udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:auth
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:5800
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:5900
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere           state
RELATED,ESTABL
ISHED

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  192.168.10.0/24      anywhere
ACCEPT     all  --  anywhere             anywhere           state
RELATED,ESTABL
ISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

>
>Note: The reason I'm quoting "server" and "client" is that ppp is a Peer
>to Peer connection, and there is no server or client - there are only
>peers.  Here, I'm using the word "client" as the one who initiates the
>connection - the one who dialed in.  The "server" is the one who answered
>the call.
>
>        Old guy
>
[ Post a follow-up to this message ]