Re: PPPD server routing problem? Mandrake/mgetty/pppd/D-link router

From: Clifford Kite (kite_at_see.signature.id)
Date: 10/06/03

• Next message: Dave Carrigan: "Re: VPN solutions for Linux?"
• Previous message: Mairhtin O'Feannag: "failover web and mail servers???"
• In reply to: martin02: "Re: PPPD server routing problem? Mandrake/mgetty/pppd/D-link router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Mon, 6 Oct 2003 10:06:50 -0500

martin02 <lutherpFORTY@bellsouth.net> wrote:
> Clifford Kite wrote:

>> If you have a small subnet alloted to you then assigning a second IP
>> address in that subnet to the PPP client should work. Otherwise the
>> only solution I can see would be to set up SNAT for the client on the
>> server through 192.168.0.133, and then you should be able to use any
>> private IP address (except 192.168.0.133) for the client.

> Well, from what I've read on any HowTo's that were even vaguely related,
> I have mgetty and pppd working 'as advertised'. When the win98 client is
> dialed in and logged on, I can do any normal operation over ppp that you
> could when connected to the internet. BUT!! only at/with the pppdserver
> machine only. No access to anything beyond the PPPD server. With the
> exception that some pings 'beyond' do work. Go figure.

I figured that sub-netting could be byting (sic) you. The DSL TA is
attached to the server by Ethernet and something is NATing the private
addresses within some IP range, as evidenced by the fact that it seems
that some of the other hosts on your LAN can access Internet sites.

But apparently at least one other host on the LAN can't, so it seems
here's a subnet assigned to you somewhere. That host had 110 as the last
octet in it's IP address, which is the last IP address a subnet resulting
from /28 (14 IP addresses) or smaller sub-netting. The server host ends
in 113 which is the first host on the subnet above one that includes 110.

However, saying that subnetting of 192.168.0.0 is causing the problem
*may* contradict your assertion that

Local LAN - Private IP addresses assigned by the D-Link router all in
the 192.168.0.0 net

but it depends on whether you meant "in the 192.168.0.0/16 network"
or not. The "assigned by the D-Link router" bothers me since that
could mean that the router doles out the IP addresses that it will
route via DHCP, not unreasonable since there is no sign in your
posts that PPPoE is directly involved on your side of the router.
That may mean the IP address assigned to the PPP client is ignored
by the router.

*Please note this is all speculation, since I've no experience with
anything similar to what you have.*

A straight-forward dial-in to a PPP "server" on a LAN with a subnet
of routable IP addresses works with proxyarp activated on the server
LAN interface for the dial-in's IP address (which must belong to the
LAN subnet) and a default route on the server to an Internet gateway
on the LAN. This I know because I've done it.

> That puts me into trying to figure out why iptables keeps giving me a
> "invalid argument" or "invalid target" errors for all my attempts
> to add a POSTROUTING chain. See my other thread here titled:
> " iptables - "invalid argument" error ? "

I was surprised that

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

produced that message. It worked here - without the message - when I
masqueraded an ISP PPP connection for a host on the same LAN subnet as
my dial-in host, using iptables version 1.2.6a. Iptables does make my
head hurt though. :) I started with a firewall/masquerade script off
the Internet and managed to tailor it to do what I wanted.

> You wouldn't think that hooking this up would be so head-bangingly fun!

Think of it as "gathering karma."

-- 
Clifford Kite                Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"
PPP-Q&A links, downloads:                      http://ckite.no-ip.net/
/* Microsoft is a great marketing organization.
 * It _has_ to be */

• Next message: Dave Carrigan: "Re: VPN solutions for Linux?"
• Previous message: Mairhtin O'Feannag: "failover web and mail servers???"
• In reply to: martin02: "Re: PPPD server routing problem? Mandrake/mgetty/pppd/D-link router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: ICS questions and confusion ... >>> has to be another subnet altogether. ... WHY does the LAN connection that connects my router to the ... >>host have to be on a different subnet than the 192.168.0.x one? ... >>where is that documented in all the how-to's on ICS, ... (microsoft.public.windowsxp.network_web) Re: VPN Gateway ... Your setup can only work by using the VPN server as a proxy for the remote. ... Gateway: ... With this configuration i can't ping any of my Lan ip's. ... the same IP subnet as your LAN machines. ... (microsoft.public.windows.server.networking) Re: VPN Gateway ... Gateway: ... With this configuration i can't ping any of my Lan ip's. ... Since these addresses come from your DHCP server they are in ... To put the remotes in their own subnet you use the static address pool ... (microsoft.public.windows.server.networking) Re: Help! Neophyte in the WIN2003-AD age ... On a LAN the existence of multiple subnets does not imply ... > Than the push to Exchange 2003, than ISA server, now to object oriented ... Should there be a Active directory server on each subnet? ... (microsoft.public.windows.server.networking) Re: SBS two adapter setup with Netopia Router. Help Save my weeked ... They were not both plugged into the Netopia. ... > also using as your LAN switch. ... > internal NIC into a different subnet and you should be up. ... >>I am trying to go to a two adapter set up for the SBS server. ... (microsoft.public.windows.server.sbs)

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint