Re: Problem makeing a ppp-ssh tunnel.

["James R. Leu" <jleu@mindspring.com>]

[-- Attachment #1: Type: text/plain, Size: 3952 bytes --]

I'm not using a 2.6.11 kernel (I used FC3 + 2.6.9), but here is the
howto I used to setup PPPoSSH.  It uses the 'dialer' so the final command
line usage is much easier.  I've found that it is also a good idea to
use 'lcp-echo-interval' and 'lcp-echo-failure' as a keepalive so that
your TCP session doesn't get timeout by a firewall, and it helps detect
network failures quicker.

http://nsd.dyndns.org/pppossh/

One last note, if you set pppd to be setuid you do not need to setup
sudo access.

On Sun, Mar 13, 2005 at 11:23:36AM -0600, Bret Hughes wrote:
> On Sun, 2005-03-13 at 10:21, David Ronis wrote:
> > Hi,
> > 
> > I'm trying to use ssh and pppd to set up a ppp tunnel between my
> > laptop at home and a machine at work.  Both machines are running a
> > 2.6.11 kernel, slackware 10.[01] and have pppd 2.4.3 installed.  I
> > more or less followed the instructions in the ppp-ssh howto, which
> > essentially runs the following command as root:
> > 
> > /usr/sbin/pppd ktune noauth updetach passive pty 
> > 	"${REMOTE_COMMAND}" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
> > 
> > where
> > 
> > REMOTE_COMMAND=ssh -l ${SERVER_USERNAME} ${SERVER_HOSTNAME}  \
> > 	sudo /usr/sbin/pppd ktune noauth nodetach notty proxyarp ipparam vpn
> > 
> > where ${SERVER_USERNAME} has sudo privilages on ${SERVER_HOSTNAME}.
> > 
> > and where ${CLIENT_IFIPADDR} is the IP address my laptop has when it's
> > connected at work and where ${SERVER_IFIPADDR} is the IP address of
> > the server 132.206.205.86 and 132.206.205.91, respectively.
> > 
> > ifconfig shows:
> > 
> > ppp0      Link encap:Point-to-Point Protocol  
> >           inet addr:132.206.205.86  P-t-P:132.206.205.91  Mask:255.255.255.255
> >           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
> >           RX packets:4 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:3 
> >           RX bytes:62 (62.0 b)  TX bytes:4590 (4.4 Kb)
> > 
> > on the client and
> > 
> > ppp0      Link encap:Point-to-Point Protocol  
> >           inet addr:132.206.205.91  P-t-P:132.206.205.86  Mask:255.255.255.255
> >           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
> >           RX packets:4 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:3 
> >           RX bytes:62 (62.0 b)  TX bytes:4302 (4.2 Kb)
> > 
> > on the server.
> > 
> > pppd has created route entries:
> > 
> > 132.206.205.86  0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
> > 
> > on the server 
> > 
> > and 
> > 132.206.205.91  0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
> > 
> > on the client
> > 
> > If I ping 132.206.205.86 from the client I get a response, but if I
> > ping the server (132.206.205.91) I get nothing.
> > 
> > Similarly, pinging the client from the server doesn't get a reply.
> > 
> > Finally, the connection times out.
> > 
> > 
> > My suspicion is that I'm close, but am making some sort of trivial
> > mistake.  Any ideas?
> > 
> 
> I am certainly no expert but I would next try traceroute
> ip_of_remote_end  on bothe ends and try to figure out where the packets
> are going.  The route command output is curious it may be valid but I am
> used to seeing * instead of 0.0.0.0 for the gateway ip.
> 
> Looking at eh transmit and recieve byte counts looks like the packets
> are not getting there. I would delete the routes manually and recreate
> them if the packets are not getting there.
> 
> Bret
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
James R. Leu
jleu@mindspring.com

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]