Solved [Solved]help: mpd5, l2tp sharing internet connection

H

heyb

Hi,


CLIENT:

mpd5.conf
Code: 
startup:
        set user foo bar admin
        set console self 0.0.0.0 5005
        set console open
        set web self 0.0.0.0 5006
        set web open
default:
        load l2tp_client
l2tp_client:
        # Create the bundle
        create bundle template B
        # Enable compression
        set bundle enable compression
        set ccp yes deflate
        # Configure interface
        set iface enable tcpmssfix
        # Handle IPCP configuration
        set ipcp yes vjcomp
        # Create clonable template link ADSL1
        create link template L l2tp
        set link action bundle B
        set link enable multilink
        set link yes acfcomp protocomp
        set link keep-alive 10 30
        set link mtu 1460
        set l2tp secret blah
        # ADSL1
        create link static adsl1 L
        set l2tp peer 46.4.35.87
        set link latency 18000
        set link bandwidth 5900000
        open link

in rc.conf
Code: 
mpd_enable="YES"
mpd_flags="-b -s mpd5"


netstat -r
Code: 
Internet:
Destination             Gateway            Flags    Refs      Use  Netif Expire
10.9.8.1                link#4             UH          0        0    ng0
10.9.8.10               link#4             UHS         0        0    lo0
static.87.35.4.46   192.168.25.254     UGHS        0       82    em0
localhost                link#3             UH          0      248    lo0
192.168.25.0         link#1             U           0      810    em0
192.168.25.138     link#1             UHS         0        0    lo0

SERVER

mpd5.conf
Code: 
startup:
        set user foo bar admin
        set console self 0.0.0.0 5005
        set console open
        set web self 0.0.0.0 5006
        set web open
default:
        load l2tp_server
l2tp_server:
        # IP Pool
        set ippool add pool1 10.9.8.10 10.9.8.100
        # Create bundle template named B
        create bundle template B
        # Enable compression
        set bundle enable compression
        set ccp yes deflate
        # Configure interface
        set iface enable tcpmssfix
        # Handle the IPCP configuration
        set ipcp yes vjcomp
        set ipcp ranges 10.9.8.1/24 ippool pool1
        # Create clonable link template named adsl1
        create link template L l2tp
        set link action bundle B
        set link enable multilink
        set link yes acfcomp protocomp
        set link keep-alive 10 30
        set link mtu 1460
        set l2tp secret blah
        # ADSL1
        create link static adsl1 L
        set l2tp self 0.0.0.0
        set link latency 20000
        set link bandwidth 600000
        set link enable incoming

in rc.conf
Code: 
gateway_enable="YES"
mpd_enable="YES"
mpd_flags="-b -s mpd5"


when client and server are connected:

from client:
ping 10.9.8.1 OK

from server:
ping 10.9.8.10 OK


from client:
route add default 10.9.8.1

netstat -r
Code: 
Internet:
Destination              Gateway            Flags    Refs      Use  Netif Expire
default                   10.9.8.1           UGS         0        2    ng0
10.9.8.1                 link#4             UH          0        4    ng0
10.9.8.10               link#4             UHS         0        0    lo0
static.87.35.4.46 192.168.25.254     UGHS        0      154    em0
localhost               link#3             UH          0      248    lo0
192.168.25.0          link#1             U           0     1004    em0
192.168.25.138     link#1             UHS         0        0    lo0

ping google.it FAILED
why?

in the server gateway_enable="YES"...
 
Re: help: mpd5, l2tp sharing internet connection

What does it mean "ping failed" ? Can you maybe show traceroute -n google.com from the client?

Do you have NAT set for your 10.9.8.0/24 network on a server?
 
Re: help: mpd5, l2tp sharing internet connection

matoatlantis said:
What does it mean "ping failed" ? Can you maybe show traceroute -n google.com from the client?

Do you have NAT set for your 10.9.8.0/24 network on a server?
Click to expand...

Code: 
traceroute: Warning: google.com has multiple addresses; using 173.194.35.41
traceroute to google.com (173.194.35.41), 64 hops max, 40 byte packets
 1  10.9.8.1  88.387 ms  87.992 ms  89.592 ms
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * ........


How can I set nat ??
 
Re: help: mpd5, l2tp sharing internet connection

From the first look of it and information you've provided it seems you don't have NAT set in your setup. Do you have some sort of firewall enabled on your server?
If not, you can use PF to do a NAT (note no firewall rules are set in this exameple, only plain NAT).

If I assume your egress (internet facing) interface is em0, create file /etc/pf.conf:
Code: 
ext_if="em0"

IP_PUB="192.0.2.1"       # this is your public IP
NET_L2PT="10.9.8.0/24"

scrub in all

# nat l2pt traffic
nat pass on $ext_if from $NET_L2PT to any -> $IP_PUB

# demo only, passing all traffic
pass out
pass in
Add the following into your /etc/rc.conf:
Code: 
pf_enable="YES"
And start it:
Code: 
/etc/rc.d/pf start
Verify the pf:
Code: 
# pfctl -e
pfctl: pf already enabled
#
# pfctl -snat
Try ping from the client again.
 
You must log in or register to reply here.
Back
Top