Настройка mpd 4.2 (freebsd 5.3) vpn клиента

Категория: / Mine блог / Сервер (FreeBSD)

Настройка mpd 4.2 (freebsd 5.3) vpn клиента для подключения к интернету.

Ставим mpd4 из портов или сырцов (ставится быстро и без проблем).
Никаких netgraphов в ядро компилить не нужно, как многие говорят, все работает так.

Самый простой конфиг! НО РАБОТАЕТ!!!

/usr/local/etc/mpd4/mpd.conf

default:

    load vpn

 

vpn:

    new -i ng0 vpn vpn

    set iface disable on-demand

    set iface idle 0

    set bundle disable multilink

    set auth authname "login"

    set auth password "password"

    set link keep-alive 60 180

    set link accept chap

    set link no pap

    set bundle disable compression

    set ccp yes mpp-e40

    set ccp no mpp-e128

    set bundle disable crypt-reqd

    set ccp no mpp-stateless

    set ipcp no vjcomp

    set link mtu 1460

    set iface up-script /usr/local/etc/mpd4/link_up.sh

    set iface down-script /usr/local/etc/mpd4/link_down.sh

    open

Далее описываем интерфейс

/usr/local/etc/mpd4/mpd.links

vpn:

    set link type pptp

    set pptp peer PROVIDER_IP

    set pptp enable originate incoming outcall

И скрипты для поднятия и закрытия соединения (создание и убийство роутов по умолчанию. Взято с homenet.corbina.net)

/usr/local/etc/mpd4/link_up.sh

#!/bin/sh



route delete vpn.provider.ru

route add vpn.provider.ru 172.16.0.100

default_route_old=`route -n get default 2>&1 | grep gateway | awk '{print $2}'`

if [ $default_route_old ]; then

echo $default_route_old > /var/tmp/default_route_old

route -nq change default $4

else

rm -f /var/tmp/default_route_old

route -nq add default $4

/usr/local/etc/mpd4/link_down.sh

#!/bin/sh



if [ -r /var/tmp/default_route_old ]; then

default_route_old=`cat /var/tmp/default_route_old`

rm -f /var/tmp/default_route_old

route -nq change default $default_route_old

else

route -nq delete default

И последнее!
Если юзайте фаервол, то необходимо добавить правила (пример, ipfw)

allow tcp from me to provider dst-port 1723

allow gre from any to any

@author: surg30n
@date: Понедельник, 16 Июль 2007

Комментарии : 5

5] Гость - 00:25, 22 Январь, 2008

Эти скрипты устанавливают/восстанавливают дефолтные роуты при соединени/разрыве впн.

4] Гость - 09:17, 21 Январь, 2008

А можно поподробнее о скриптах
set iface up-script /usr/local/etc/mpd4/link_up.sh
set iface down-script /usr/local/etc/mpd4/link_down.sh ???

3] j4ck - 09:22, 18 Июль, 2007

Млин. супер.
А то у меня не поднимался впн на фре.
Че только не пробовал, через всякие pptp, ppp
Тока не втыкну почему компрессия не работает..
Биг 10x!

2] surg30n - 22:24, 16 Июль, 2007

Вот он

Jul 16 00:46:33 surhost mpd: PPTP: waiting for connection on 0.0.0.0
Jul 16 00:46:33 surhost mpd: [vpn] using interface ng0
Jul 16 00:46:33 surhost mpd: [vpn] link: OPEN event
Jul 16 00:46:33 surhost mpd: [vpn] LCP: Open event
Jul 16 00:46:33 surhost mpd: [vpn] LCP: state change Initial --> Starting
Jul 16 00:46:33 surhost mpd: [vpn] LCP: LayerStart
Jul 16 00:46:33 surhost mpd: pptp0: connecting to 192.168.1.100 1723
Jul 16 00:46:33 surhost mpd: pptp0: connected to 192.168.1.100 1723
Jul 16 00:46:33 surhost mpd: pptp0: attached to connection with 192.168.1.100 1723
Jul 16 00:46:33 surhost mpd: pptp0-0: outgoing call connected at 64000 bps
Jul 16 00:46:33 surhost mpd: [vpn] PPTP call successful
Jul 16 00:46:33 surhost mpd: [vpn] link: UP event
Jul 16 00:46:33 surhost mpd: [vpn] link: origination is local
Jul 16 00:46:33 surhost mpd: [vpn] LCP: Up event
Jul 16 00:46:33 surhost mpd: [vpn] LCP: state change Starting --> Req-Sent
Jul 16 00:46:33 surhost mpd: [vpn] LCP: SendConfigReq #1
Jul 16 00:46:33 surhost mpd: ACFCOMP
Jul 16 00:46:33 surhost mpd: PROTOCOMP
Jul 16 00:46:33 surhost mpd: ACCMAP 0x000a0000
Jul 16 00:46:33 surhost mpd: MRU 1500
Jul 16 00:46:33 surhost mpd: MAGICNUM 2b046128
Jul 16 00:46:33 surhost mpd: [vpn] LCP: rec'd Configure Request #218 (Req-Sent)
Jul 16 00:46:33 surhost mpd: ACFCOMP
Jul 16 00:46:33 surhost mpd: PROTOCOMP
Jul 16 00:46:33 surhost mpd: MRU 1500
Jul 16 00:46:33 surhost mpd: MAGICNUM 4f609820
Jul 16 00:46:33 surhost mpd: AUTHPROTO CHAP MSOFTv2
Jul 16 00:46:33 surhost mpd: [vpn] LCP: SendConfigAck #218
Jul 16 00:46:33 surhost mpd: ACFCOMP
Jul 16 00:46:33 surhost mpd: PROTOCOMP
Jul 16 00:46:33 surhost mpd: MRU 1500
Jul 16 00:46:33 surhost mpd: MAGICNUM 4f609820
Jul 16 00:46:33 surhost mpd: AUTHPROTO CHAP MSOFTv2
Jul 16 00:46:33 surhost mpd: [vpn] LCP: state change Req-Sent --> Ack-Sent
Jul 16 00:46:33 surhost mpd: [vpn] LCP: rec'd Configure Ack #1 (Ack-Sent)
Jul 16 00:46:33 surhost mpd: ACFCOMP
Jul 16 00:46:33 surhost mpd: PROTOCOMP
Jul 16 00:46:33 surhost mpd: ACCMAP 0x000a0000
Jul 16 00:46:33 surhost mpd: MRU 1500
Jul 16 00:46:33 surhost mpd: MAGICNUM 2b046128
Jul 16 00:46:33 surhost mpd: [vpn] LCP: state change Ack-Sent --> Opened
Jul 16 00:46:33 surhost mpd: [vpn] LCP: auth: peer wants CHAP, I want nothing
Jul 16 00:46:33 surhost mpd: [vpn] LCP: LayerUp
Jul 16 00:46:33 surhost mpd: [vpn] CHAP: rec'd CHALLENGE #1
Jul 16 00:46:33 surhost mpd: Name: ""
Jul 16 00:46:33 surhost mpd: Using authname "login"
Jul 16 00:46:33 surhost mpd: [vpn] CHAP: sending RESPONSE len:56
Jul 16 00:46:33 surhost mpd: [vpn] CHAP: rec'd SUCCESS #1
Jul 16 00:46:33 surhost mpd: MESG: S=B29F0126C450033C906EEC9DA070D351665FCEBB
Jul 16 00:46:33 surhost mpd: [vpn] LCP: authorization successful
Jul 16 00:46:33 surhost mpd: [vpn] Bundle up: 1 link, total bandwidth 64000 bps
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: Open event
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: state change Initial --> Starting
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: LayerStart
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: Up event
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: state change Starting --> Req-Sent
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: SendConfigReq #1
Jul 16 00:46:33 surhost mpd: IPADDR 172.16.66.66
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: rec'd Configure Request #152 (Req-Sent)
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.101.1
Jul 16 00:46:33 surhost mpd: 192.168.101.1 is OK
Jul 16 00:46:33 surhost mpd: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: SendConfigRej #152
Jul 16 00:46:33 surhost mpd: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Jul 16 00:46:33 surhost mpd: [vpn] rec'd unexpected protocol CCP, rejecting
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: rec'd Configure Nak #1 (Req-Sent)
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.66.66
Jul 16 00:46:33 surhost mpd: 192.168.103.115 is OK
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: SendConfigReq #2
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.66.66
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: rec'd Configure Request #153 (Req-Sent)
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.101.1
Jul 16 00:46:33 surhost mpd: 192.168.101.1 is OK
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: SendConfigAck #153
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.101.1
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: state change Req-Sent --> Ack-Sent
Jul 16 00:46:33 surhost mpd: [vpn] rec'd unexpected protocol CCP, rejecting
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: rec'd Configure Ack #2 (Ack-Sent)
Jul 16 00:46:33 surhost mpd: IPADDR 192.168.66.66
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: state change Ack-Sent --> Opened
Jul 16 00:46:33 surhost mpd: [vpn] IPCP: LayerUp
Jul 16 00:46:33 surhost mpd: 192.168.66.66 -> 192.168.101.1
Jul 16 00:46:33 surhost mpd: [vpn] IFACE: Up event

1] Гость - 10:48, 16 Июль, 2007

Было бы неплохо увидеть лог удачного соединения

--j4ck

Комментировать:

Код подтверждения: *
Введите подтверждающий код, так же как он отображен на картинке.
Надоело разбирать числа на картинке? Зарегистрируся, докажи что ты не робот!

@СКАЖИРЕКЛАМЕНЕТ@

« Мониторинг загрузки процессора, сети - collectd (графики rrdtool)

Шоткуты Midnight Commander aka MC »

Настройка mpd 4.2 (freebsd 5.3) vpn клиента

Комментарии : 5