Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED]pppd / pptpclient so near to working perfectly!
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Oyst3h
n00b
n00b


Joined: 12 Aug 2003
Posts: 27
PostPosted: Wed Dec 01, 2004 8:58 pm    Post subject: [SOLVED]pppd / pptpclient so near to working perfectly! Reply with quote
Finally, I have managed to get a working connection to the Win2k3 server at work using ppp 2.4.2 and pptpclient. Thanks to ytak for howto here.

But... I can't get my head around getting the routing and dns to update itself automatically. I'm not using the pptpconfig package (I don't have apache installed, and there's about 50Mb of dependencies to install just for a gui - so I'd rather not, if possible).

It's basically three issues that I would welcome some help with.

I've created /etc/ppp/peers/BMS with the correct params to connect to work. Now I can just run "pon BMS" or "pppd call BMS" and the VPN starts just fine. The /etc/ppp/ip-up script runs and changes my /etc/resolv.conf to use the nameservers at work. But I also need to add a static route for the work LAN (10.15.0.0/16). /etc/ppp/ip-up seems to check for a script at /etc/ppp/ip-up.local and executes this if it exists, so I have created the file /etc/ppp/ip-up.local, chmoded it executable, and added the following
Code:

#!/bin/sh
route add -net 10.15.0.0/16 ppp0

This should automatically create a route for the LAN on the other side of the VPN, but it doesn't. Works fine if I run it as a command once the VPN is up, but it's not running automatically. Any idea why?

Also, when I take the VPN down (kill -term [PID of pppd]) the /etc/ppp/ip-down script is supposed to reset my nameservers to their previous value, but it doesn't run. I have to manually type
Code:
mv /etc/resolv.conf.pppd-backup /etc/resolv.conf
to reset things (which is exactly what /etc/pp/ip-down should be doing). If I start the pppd with the nodetach option in a separate window, the process when terminated as above produces pages of "Terminating on signal 15." followed by "Segmentation fault". I'm sure this isn't right, and is probably why /etc/ppp/ip-down isn't running, but I've no idea what to do about it.

And I can't run pppd as a user. It's setuid root, but fails to start the VPN with an error about unable to open GRE socket. This is presumably a permissions issue, but again, I have no idea what (if anything) I can do about it.

Any response welcome, even if it's just sympathy! ;)

Last edited by Oyst3h on Fri Dec 10, 2004 2:10 pm; edited 1 time in total
Back to top
View user's profile Send private message
Oyst3h
n00b
n00b


Joined: 12 Aug 2003
Posts: 27
PostPosted: Mon Dec 06, 2004 1:15 am    Post subject: Reply with quote
OK

I have made progress...

The route wasn't coming up because the ip-up script has no path defined to /sbin, so I changed the script to "/sbin/route add ..." and it now works. This is documented, but it is amazing how easy it is to miss something so small, and yet so critical! :(

The ip-down script is now running, because the pppd process is terminating cleanly. Re-emerged ppp with the "mppe-mppc" flag and did NOT apply the patch from http://www.polbox.com/h/hs001/. This patch seems to work, but (possibly) caused this issue, so it is not only not necessary, but not advisable to apply the ppp patch against the current ppp ebuild (2.4.2)

Still can't run pppd as non-root, however.
Code:

anon warn[pptp_gre_bind:pptp_gre.c:82]: socket: Operation not permitted
anon fatal[main:pptp.c:251]: Cannot bind GRE socket, aborting.

this is the exact error that is logged. Still hoping for an explanation as to how I can maybe change a permission to allow this....
Back to top
View user's profile Send private message
Oyst3h
n00b
n00b


Joined: 12 Aug 2003
Posts: 27
PostPosted: Thu Dec 09, 2004 3:38 pm    Post subject: Reply with quote
Simple fix, and obvious now that I know.
Set pptp to be suid.

Thanks for listening! :)
Back to top
View user's profile Send private message
oldan
Tux's lil' helper
Tux's lil' helper


Joined: 11 Dec 2003
Posts: 137
Location: Atlanta, Georgia, USA
PostPosted: Sat Dec 25, 2004 3:42 am    Post subject: Re: [SOLVED]pppd / pptpclient so near to working perfectly! Reply with quote
Oyst3h wrote:
But... I can't get my head around getting the routing and dns to update itself automatically. I'm not using the pptpconfig package (I don't have apache installed, and there's about 50Mb of dependencies to install just for a gui - so I'd rather not, if possible).


That's what's stopping me from using pptpconfig too. Any ideas why emerge mistakenly thinks you need Apache to run pptpconfig?

--Oldan
Back to top
View user's profile Send private message
Parasietje
Apprentice
Apprentice


Joined: 25 Jan 2004
Posts: 194
PostPosted: Sat Dec 25, 2004 2:37 pm    Post subject: Reply with quote
Great topic! Very helpful for the community that you updated it. Maybe you could set the [Solved] tag in your topic title?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy