|
||||||||
Hi folks, with the release of m0n0wall pb6, there's finally (preliminary) VPN support in m0n0wall! Yes, there's a PPTP server now that can handle 16 concurrent sessions and uses proxy ARP so you can assign IP addresses from your LAN subnet to your PPTP clients transparently! Setting up PPTP is straightforward: - upgrade to pb6 - enable the PPTP server - enter a server address (from LAN subnet; != LAN IP address) - enter the remote client subnet (should be part of the LAN subnet) - save - add PPTP users, apply changes - add a firewall rule to permit traffic from PPTP clients - connect! (to m0n0wall's WAN IP address) Your PPTP client should get an IP address from the remote client subnet and should be able to reach all hosts through m0n0wall as if it were physically connected to the LAN port. There's a caveat, however (there always is...): I don't know if it's just me, but it seems like MPD (which is used for the PPTP server) has problems with Windows XP. I can connect from XP, and the first few packets go through OK, but then packet loss starts to increase (over an otherwise loss-free connection) up to the point where almost no packets go through anymore. Windows 2000 and Mac OS X clients do not experience this problem. I wonder if anybody can confirm this behavior (and if there is a fix?). I've tried various settings (MTU [though this should not matter with pings], encryption [stateless/no encryption at all], multilink on/off), but to no avail. I did some Googling and found that others have the same problem, but the solutions listed did not work for me. Gosh... seems like I'll have to do some work with Ethereal to find out what's going on. On a side note, the mysterious MPD (& DHCPD?) crashes are not solved in pb5/pb6 - MPD still crashes on my production m0n0wall every 3-5 days. I have installed a modified version of truss on that m0n0wall now to watch mpd. I'll be damned if it doesn't just get a SIGKILL - the question is just where from. Enjoy, Manuel |