[ previous ] [ next ] [ threads ]
 From:  "=?ISO-8859-1?Q?Dennis_=D6stergren?=" <swedennis at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Fwd: [m0n0wall] Using pptp client, default route over pptp interface on wan.
 Date:  Fri, 5 Jan 2007 21:05:18 +0100
> Hi Dennis,

Hello :)


It's not totally clear to me what you want to do. You mention that the above
> mentioned method is *not* what you need, yet I fail to see any problem,
> except for the lack of DNS access.
> Or do you need some "combined" connection method, like first connecting to
> an ISP via, for example, PPPoE and then tunneling though this connection
> via
> PPTP? In such a case, I guess the easiest way would be to cascade two
> m0n0walls (the outer for the PPoE connection and the inner one for the
> connection). The DNS issue will still persist, though.

My connection to my isp is through a standard ethernet connection, with no
PPPoE involved, no ADSL, just ethernet. It's a standard connection, not
requiring pptp, nor do they support it.

This connection gives me my ip, default route and dns via dhcp.
What I would like to do is, keeping the above connection, since it's all I
have from my ISP, but after this connection is made, create a pptp tunnel to
a remote pptp server, and pretty much set my default route to route all LAN
traffic through the newly created pptp tunnel, but using my isp connection
only to get to the pptp server.

Having 2 m0n0walls is certainly an option that I hadn't thought about, only
downside would be the two physical machines, but I guess you can't have it
all :)
My original thinking was that since there is a pptp client present, I ought
to be able to create a tunnel using it, and then somehow modify the routing
table on the m0n0wall box to direct traffic to the pptp server through the
normal interface, and using the pptp tunnel endpoint as default route for
all other traffic, using only the one m0n0wall installation.

To put it more concise, I wish to use the relakks service,
https://www.relakks.com/?cid=gb and providing the service to all LAN
clients, without having to have a pptp tunnel created on each and every one
of the clients.

Anybody else have any ideas about this?
Even though the idea to have a second box, for the pptp part, might well
work, it seems like somewhat overkill, no?

As a temporary meassure, a second box it is, and I'm greatful for the
suggestion, but I can't warrant having a separate box in the long run, only
for the sake of pptp access, then it's off somewhere else for me I'm afraid.

If anybody else sees the benefit of being able to do this inside of a single
m0n0wall installation, I'd be the first in line to co-provide some donation
money to compensate for somebodys official development efforts, or somebodys
unofficial hacking efforts, or some time spent guiding me on what to do.

Have I perhaps missed some technical aspects of how pptp works? It's quite
possible :) Is there a fundamental reason why it wouldn't be doable to
provide a single access point for the LAN clients, albeit unencrypted since
I trust my internal LAN, in order for them to share a single pptp tunnel
towards the outside world?

Any further input would be highly appreciated.



My sincere apologies if this messages has appeared out of order. I just
noticed that my previous messages was sent directly to Klaus, the original
commenter, so this is  a forwarded message with some slight additions.

Best rgeards, KLaus