[ previous ] [ next ] [ threads ]
 
 From:  "ryanag at zoominternet dot net" <ryanag at zoominternet dot net>
 To:  Braden McGrath <braden at mcmail dot homeip dot net>
 Cc:  Zach Lowry <zach at zachlowry dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Problem with IPSec routing w/ PPPoE and Routed Block
 Date:  Thu, 24 Mar 2005 21:16:32 -0500
ISPs can assign as many IPs as they choose with PPPoE. Its no different
than getting multiple IP addresses over dial up (ppp) ISDN back in the
old days. ;-)

Although most ISPs don't route blocks over PPPoE connections, some do.
Check Covad's documentation on how to set up PPPoE with multiple IPs
(for example).
http://www.covad.com/onlinesupportcenter/faqs/ip_config/telesoho_configuration.shtml

On Thu, 2005-03-24 at 20:20 -0500, Braden McGrath wrote:
> I'm confused here.  You say you get multiple IPs, yet you still have to
> login via PPPoE?
> 
> I don't have PPPoE here; will m0n0 allow you to self-assign a static IP
> on your PPPoE link, or does it have to be dynamic?
> 
> If it's dynamic, seems like you're SOL, unless you can get the ISP to
> change which IP is handed out to the PPPoE authenticator...
> 
> I'm not sure on any of this though, as I don't have multiple IPs on my
> m0n0wall's WAN interface.
> 
> --Braden 
> 
> > -----Original Message-----
> > From: Zach Lowry [mailto:zach at zachlowry dot net] 
> > Sent: Thursday, March 24, 2005 1:55 PM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: Re: [m0n0wall] Problem with IPSec routing w/ PPPoE 
> > and Routed Block
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > 
> > Did I ask a stupid question, or a really good one?
> > 
> > Zach Lowry wrote:
> > | I have a routed block of 5 IPs from my DSL provider, which I access 
> > | through a PPPoE Connection. I want my LAN to be NATed behind one of 
> > | those IPs, so I have it listed in "Server IPs" and 
> > "Advanced Outbound 
> > | NAT" enabled. This seems to work fine, causing all traffic from my 
> > | local lan to come from that IP.
> > |
> > | However, now I am trying to set up an IPsec VPN to a Cisco PIX.
> > | Apparently, when the racoon daemon sends the authentication 
> > packets, 
> > | these packets appear to originate from my "dynamic" IP from 
> > the PPPoE 
> > | connection, not the static IP I have set in Server IPs. The 
> > | authentication with the Cisco fails, due to the fact that the 
> > | originating IP does not match the IP used for the identity. 
> > How can I 
> > | get around this?
> > 
> > - 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> > 
> > 
> > - --
> > Zach Lowry
> > MTSU, Murfreesboro, TN
> > zach at zachlowry dot net
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.5 (GNU/Linux)
> > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> > 
> > iQCVAwUBQkMNA0lgWWUxLyqhAQEGyAP/YZbK6k+tBaG0W1fEvfZpBGEEhRuLvbQR
> > lmkpi12lA2/MAL3VUm82iOCGMU6mpSvB6T4BCd+hT2ZlnXPWtw427iPcBJQUZott
> > 9oO9Odso2a51A4dUHW2U8DZZ6xHSYdja4uUBsx94mBRjJ7CoQ/20iVaYhy0wxOJZ
> > e9TW7X4D/OY=
> > =tEf1
> > -----END PGP SIGNATURE-----
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>