What I am wishing to do is to have my MT box do my resdential gateway for my DSL. That works fine. Plug in a MASQ rule and PPPoE Client and bam, i'm out.
The next step, is to have a PPTP connection to my work, and there private network, 192.168.x.x. My private network now is 10.0.0.x, so it should work. I can get it to connect just fine.
How do I add the routes in MT to say 192.168.1.x is on the PPTP conneciton and 192.168.2.x is on the PPTP connection?
I want to go out to the net with my own stuffs
Dennis
I have a similar setup.
ISDN at home (ADSL is sad my side of the world), with my own subnet 192.168.0.x.
Permanent line at the office, with a subnet of 192.168.16.x.
I created a PPTP tunnel from my home (client) to the office (server) and gave the two ends of the link IPs from a /30 non-routable subnet (192.168.8.1 and 192.168.8.2)
Then I just added a static route to each side pointing at the PPTP IP on the other side...
So at home anything destined for 192.168.16.x goes through the 192.168.8.1 gateway and everything else (default) goes through the ISDN interface.
And at the office everything destined for 192.168.0.x goes through the 192.168.8.2 gateway and the default out through the permanent link.
I'd give examples, but the link is down at the moment so everything is listed as unreachable/invalid :P
ISDN at home (ADSL is sad my side of the world), with my own subnet 192.168.0.x.
Permanent line at the office, with a subnet of 192.168.16.x.
I created a PPTP tunnel from my home (client) to the office (server) and gave the two ends of the link IPs from a /30 non-routable subnet (192.168.8.1 and 192.168.8.2)
Then I just added a static route to each side pointing at the PPTP IP on the other side...
So at home anything destined for 192.168.16.x goes through the 192.168.8.1 gateway and everything else (default) goes through the ISDN interface.
And at the office everything destined for 192.168.0.x goes through the 192.168.8.2 gateway and the default out through the permanent link.
I'd give examples, but the link is down at the moment so everything is listed as unreachable/invalid :P
Setup your PPTP server and a client so that you get a connection. Setup your login/password to give the following IP numbers. 192.168.8.1 for the server side and 192.168.8.2 for the client side. The add in the two static routes with the (unknown) INTERFACE (these will show up as the PPTP interfaces when they are in use and (unknown) if the link is down.
Very basically setup like this...There are things you can do to tweak it I think.., But I believe in leaving something alone if it is working...
PPTP SECRET CONFIGURATION
[admin@HTDBN-GW] ppp secret> print detail
5 name="username" service=pptp caller-id="" password="password" profile=VPN Default local-address=192.168.8.1 remote-address=192.168.8.2 routes=""
SERVER SIDE ROUTING TABLE (I've removed the routes not applicable)
# DST-ADDRESS G GATEWAY DISTANCE INTERFACE
0 S 0.0.0.0/0 r xxx.xxx.xxx.xxx 1 public1
1 IS 192.168.0.0/24 u 192.168.8.2 1 (unknown)
6 DC xxx.xxx.xxx.xxx/30 r 0.0.0.0 0 public1
8 DC 192.168.16.0/24 r 0.0.0.0 0 ether1
CLIENT SIDE ROUTING TABLE (I've removed the routes not applicable)
# DST-ADDRESS G GATEWAY DISTANCE INTERFACE
0 S 0.0.0.0/0 r xxx.xxx.xxx.xxx 1 public
1 IS 192.168.16.0/24 u 192.168.8.1 1 (unknown)
6 DC xxx.xxx.xxx.xxx/24 r 0.0.0.0 0 public
8 DC 192.168.0.0/24 r 0.0.0.0 0 local
Very basically setup like this...There are things you can do to tweak it I think.., But I believe in leaving something alone if it is working...
PPTP SECRET CONFIGURATION
[admin@HTDBN-GW] ppp secret> print detail
5 name="username" service=pptp caller-id="" password="password" profile=VPN Default local-address=192.168.8.1 remote-address=192.168.8.2 routes=""
SERVER SIDE ROUTING TABLE (I've removed the routes not applicable)
# DST-ADDRESS G GATEWAY DISTANCE INTERFACE
0 S 0.0.0.0/0 r xxx.xxx.xxx.xxx 1 public1
1 IS 192.168.0.0/24 u 192.168.8.2 1 (unknown)
6 DC xxx.xxx.xxx.xxx/30 r 0.0.0.0 0 public1
8 DC 192.168.16.0/24 r 0.0.0.0 0 ether1
CLIENT SIDE ROUTING TABLE (I've removed the routes not applicable)
# DST-ADDRESS G GATEWAY DISTANCE INTERFACE
0 S 0.0.0.0/0 r xxx.xxx.xxx.xxx 1 public
1 IS 192.168.16.0/24 u 192.168.8.1 1 (unknown)
6 DC xxx.xxx.xxx.xxx/24 r 0.0.0.0 0 public
8 DC 192.168.0.0/24 r 0.0.0.0 0 local
Ok.
Server side IP 192.168.1.205
Client IP is PPPoE.
I get my L2TP connection just fine. I set the secert for the right username and password, the remote IP is 192.168.1.207 and the local is 192.168.1.205.
I can now ping the 205 box accross the conneciton. I added 192.168.11.x to my Cisco 2600 that has all my core routes in it, and nothen :( I still can't ping it from my remote network.
Server side IP 192.168.1.205
Client IP is PPPoE.
I get my L2TP connection just fine. I set the secert for the right username and password, the remote IP is 192.168.1.207 and the local is 192.168.1.205.
I can now ping the 205 box accross the conneciton. I added 192.168.11.x to my Cisco 2600 that has all my core routes in it, and nothen :( I still can't ping it from my remote network.
ALL Right. To post on my own learning experices, I am going to go over the short and skimly of L2TP for anyone who may have trouble. The IMAGE in the 2.8 MT documents showing the IP tunnel and the IPs assoicated with it is the key.
First, you have two networks. 192.168.1.x and 192.168.11.x (this is in my case)
Enable the L2TP server.
Then create the PPP user. This is the key, the LOCAL and REMOTE IPs must be off on some strange subnet. I used. 192.168.100.1 and 100.2.
Now, on the 1.x network, first you need to tell any routers you have that 100.x is on the IP of the MT box, then say that the remote network 11.x is connected via the REMOTE network. in my case, 100.2. THen on the client side, add your static routes for the rest of your network, and tell it that its gateway is the LOCAL side IP, or 100.1, and bingo! It is smooth as can be!
Thanx to all that helped me out!
First, you have two networks. 192.168.1.x and 192.168.11.x (this is in my case)
Enable the L2TP server.
Then create the PPP user. This is the key, the LOCAL and REMOTE IPs must be off on some strange subnet. I used. 192.168.100.1 and 100.2.
Now, on the 1.x network, first you need to tell any routers you have that 100.x is on the IP of the MT box, then say that the remote network 11.x is connected via the REMOTE network. in my case, 100.2. THen on the client side, add your static routes for the rest of your network, and tell it that its gateway is the LOCAL side IP, or 100.1, and bingo! It is smooth as can be!
Thanx to all that helped me out!