[ previous ] [ next ] [ threads ]
 
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP mode, was many problems with...
 Date:  Thu, 27 May 2004 18:49:04 -0700 (PDT)
On Thu, 27 May 2004, C. Falconer wrote:

> {ISP gateway}---[Speedtouch]----------------firewall------------internal
> network
> 1.2.3.4       SomeIP     10.0.0.138     10.0.0.1  192.168.1.1    192.168.1.x
> 
> When I put my old Speedtouch DSL modem into PPTP mode it became more like
> this
> 
> {ISP gateway}---[Speedtouch]----------------firewall------------internal
> network
> 1.2.3.4               10.0.0.138     10.0.0.1  192.168.1.1    192.168.1.x
>                                    ppp0: someIP
> 
> In fact - I was quite lazy and did it this way...  All the internal hosts
> used 10.0.0.2
> as their gateway:
> {ISP gateway}---[Speedtouch]----+-------firewall eth0 10.0.0.2, ppp0 someIP
>                    10.0.0.1     +-------internal network 10.0.0.3 to 254
> 
> Sorry for the linux slant on this, but it was years ago.

OK, so what doesn't work?

What *should* happen is that your ISP should provide (via PPP
negotiations) a public IP for ppp0, as well as an IP for its router on the
other end of the PPP link, which should become the default gateway for the
firewall.  As long as the other machines have the firewall's LAN IP as
*their* default gateway, everything is in place to route outbound packets
to the Internet.

In the incoming direction, nobody outside will know that the firewall is a
gateway to your LAN, but as long as you use NAT to make the connections
appear to use the ppp0 IP, incoming packets should route properly as well.

Once the link is up, check the IP assignments and routing entries.

					Fred Wright