Community discussions

MUM Europe 2020
 
shmali
just joined
Topic Author
Posts: 11
Joined: Thu Mar 09, 2006 6:00 am

Weird pptp problem, connected but no traffic past mt

Mon Mar 13, 2006 5:56 am

Heres the basic layout of my network. I've got one mt in my office (device1) set up as a pptp server and i have an mt set up offsite (device2) acting as the router for a network of mt access points as well as a pptp client. I've followed the examples in the manual and set up a pptp between the two and it runs fine. However the problem i'm running into is that i can't seem to communicate with any of the access points behind device2. heres the general configuration.

Device1
Setup as pptp server

Ip address
# ADDRESS NETWORK BROADCAST INTERFACE
1 192.168.0.1/24 192.168.0.0 192.168.0.255 wlan1
3 D 10.9.9.1/32 10.9.9.3 0.0.0.0 <pptp>


routes
# DST-ADDRESS PREFSRC G GATEWAY DISTANCE INTERFACE
0 AD 10.6.9.0/24 r 10.9.9.3 1 <pptp>
1 ADC 10.9.9.3/32 10.9.9.1 <pptp>

Device2
setup as pptp client
all other mt accesspoints are set up behind here on 10.6.9 network

ip address
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.6.9.1/24 10.6.9.0 10.6.9.255 bridge1
3 D 10.9.9.3/32 10.9.9.1 0.0.0.0 pptp-RockyPoint


Route
# DST-ADDRESS PREFSRC G GATEWAY DIS INTERFACE
1 ADC 10.6.9.0/24 10.6.9.1 bridge1
2 ADC 10.9.9.1/32 10.9.9.3 pptp
4 A S 192.168.0.0/24 r 10.9.9.1 pptp


now the funny thing is that i can ping users on the 192 network from device2, and i can ping users on the 10.6.9 network from device1. But i can't seem to ping/access any of the mt accesspoints behind device2 that are on the 10.6.9 network.

I've been searching old posts for any info bt haven't come up with anything yet. If anyone has any info or tips i would greatly apreciate it. Thanks
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1730
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Mon Mar 13, 2006 8:52 am

First ideas:

Routes, Firewall, address conflict!!
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
User avatar
mag
Member
Member
Posts: 378
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:

Mon Mar 13, 2006 9:37 am

if PPTP is using the same address-space as the LAN, proxy-arp has to be enabled on the LAN-interface.
 
shmali
just joined
Topic Author
Posts: 11
Joined: Thu Mar 09, 2006 6:00 am

Mon Mar 13, 2006 8:20 pm

mag, i had seen a post that talked about using proxy arp so i already had that turned on. But that idn't seem to make a difference.

macgaiver, i'm fairly new to this and a little confused. are you saying i need to use more routes and nat rules or that the nat rules and the routes will cause an address conflict.

I tried (with little success) to set up some nat rules that catch all traffic for the other subnets and route them over the pptp address. any suggestions on where i can find some examples relating to nat rules/routing with relation to pptp. the manual shows the route setup example for pptp but nothing concerning nat.
 
User avatar
andrewluck
Forum Veteran
Forum Veteran
Posts: 702
Joined: Fri May 28, 2004 9:05 pm
Location: Norfolk, UK

Tue Mar 14, 2006 12:11 pm

The only difference I an see between the two devices is that device 2 has a bridged interface on it. Can you provide some more details on this.

Regards

Andrew
 
User avatar
mag
Member
Member
Posts: 378
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:

Tue Mar 14, 2006 1:09 pm

this is working configuration-example, using 10.10.10.0 as transfer-net:
/ ppp secret 
	add name="user" service=pptp password="password" local-address=10.10.10.1 remote-address=10.10.10.2
/ interface pptp-server server 
	set enabled=yes 
/ interface pptp-server
	add user=user

/ip route add dst-address=<ip-network-client-side> gateway=10.10.10.2
/ interface pptp-client
	add connect-to=<public-ip-server> user=user  password="password" disabled=no

/ip route add dst-address=<ip-network-server-side> gateway=10.10.10.1

Who is online

Users browsing this forum: BlueTechnomage, HarolsdPhivy, msmeja, pe1chl and 128 guests