[ previous ] [ next ] [ threads ]
 From:  "C. Falconer" <cfalconer at avonside dot school dot nz>
 To:  'Fred Wright' <fw at well dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  PPTP mode, was many problems with...
 Date:  Thu, 27 May 2004 09:19:27 +1200
{ISP gateway}---[Speedtouch]----------------firewall------------internal
network       SomeIP    192.168.1.x

When I put my old Speedtouch DSL modem into PPTP mode it became more like

{ISP gateway}---[Speedtouch]----------------firewall------------internal
network         192.168.1.x
                                   ppp0: someIP

In fact - I was quite lazy and did it this way...  All the internal hosts
as their gateway:
{ISP gateway}---[Speedtouch]----+-------firewall eth0, ppp0 someIP
              +-------internal network to 254

Sorry for the linux slant on this, but it was years ago.

-----Original Message-----
From: Fred Wright [mailto:fw at well dot com] 
Sent: Thursday, 27 May 2004 7:35 a.m.
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] many problems with... - could somebody please clear

On Wed, 26 May 2004, C. Falconer wrote:

> I thought the speedtouch (at least the old speedtouch home I used to 
> have) had PPTP functionality.
> So that the external IP could be given to the NIC that the speedtouch 
> is plugged into.

If by "external IP" you mean "WAN IP", then that's not how PPTP works in
this context.  The physical NIC needs a "local" IP in the same subnet as the
modem's "local" IP, and usually both are private network IPs.  This provides
IP connectivity to support the PPTP tunnel, which is then used for a
"virtual dialup" via PPP.  The WAN IP is assigned to the *virtual* NIC, not
the physical NIC.

Some PPTP-capable modems have a built-in DHCP server which can assign the
lower-level IPs automatically.  I'm not sure about the SpeedTouch, but in
any case m0n0wall doesn't appear to support this, so you need to configure
those IPs statically.  The factory default IP for the SpeedTouch is I'm not sure whether the default netmask is /8 or /24, but in
any case (if nothing else is on that physical link) it should be safe to
pick a 10.0.0.x address for the m0n0wall side, where x is something other
than 0, 138, or 255.