PPTP/L2TP on interfaces
-
I have triad to do the same (Also 014 as ISP) but no joy.
Triad both l2tp & pptp.but just to be sure -
When I create the l2tp interface, I put the 212.179….. in the Gateway and leave the Local IP blank.
Am I correct ? -
Yes,
Where you got with it, dialed but no connection? nothing dialed ?
Notice that you must switch the vpn connection base interface to opt1 or it wont dial at all.
(enable & set opt1 to dhcp before that)And for L2TP I tested with the host name (hot.bezeqint.net = 212.25.127.14), for PPTP server I tried with the ip addresss
(212.179.61.76 - i dont know the host name)Also if you restart the box you'll have interface mismatch and you'll have to start everything from scratch.
-
What I am getting is: ~
Aug 6 08:01:36 ppp: [wan_link0] Link: reconnection attempt 8013 in 2 seconds Aug 6 08:01:38 ppp: [wan_link0] Link: reconnection attempt 8013 Aug 6 08:01:38 ppp: [wan_link0] PPTP call failed Aug 6 08:01:38 ppp: [wan_link0] Link: DOWN event Aug 6 08:01:38 ppp: [wan_link0] LCP: Down event Aug 6 08:01:38 ppp: [wan_link0] Link: reconnection attempt 8014 in 2 secondsand my virtual port is opt4.
I used 212.179.61.78 as the server for both L2TP and PPTP, as far as I know all 014's servers support both, so we might be able to connect using hot.bezeqint.net for both ppp's.Also - I think that I have a bug of some sort. the machine is trying to connect using L2TP and in the "Interfaces: Assign network ports" page I can assign l2tp0 to the port's but I don't have it on the "Interfaces: PPPs" page to work with.
seem to be a leftover from the test's… -
Never tried l2tp on 212.179 but i tried pptp on hot.bezeqint.net and it wont connect in windows,
so i think they use different servers ( i was surprised too as 013 use the same address )And what you describe happened to me several times, mainly if i restart one of the connection (or the entire box) or the opt interface is not enabled.
-
Until the moment where you are actualy connected to your ISP (014 in our case) and recives your static IP address from them, you are in the domain of HOT. They have the server that "sends" you to the ISP. SO hot's server can do it for all ISP's.
As far as I understand.
-
Where can I find the settings for pptp/l2tp links after I save them ?
I got a feeling that I have a ghost in my machine.My ppp logs show that the router is allways trying to dial out, but the ppp interface tab don't show that any link exist.
-
Show the section of patched code here, and the file /var/etc/mpd_wan.conf (or /var/etc/mpd_opt1.conf) and the output of these commands from the command line. (Uses page Diagnostics -> Command Prompt if you don't have terminal access).
ifconfig
ps auxw | grep mpd5
Also, show me the <ppps>section of /conf/config.xml
GB</ppps>
-
Show the section of patched code here, and the file /var/etc/mpd_wan.conf (or /var/etc/mpd_opt1.conf) and the output of these commands from the command line. (Uses page Diagnostics -> Command Prompt if you don't have terminal access).
ifconfig
ps auxw | grep mpd5
Also, show me the <ppps>section of /conf/config.xml
GB</ppps>
Hi, should i post it, or you were talking about Roi's configuration ?
And i don't know if this is the problem:
http://redmine.pfsense.org/issues/813But if L2TP set, after restart there is "interface mismatch" error and all the configuration lost.
Also is it possible to set the VPN to overwrite the DNSs ?
(to overwrite the 2 DNSs received from OPT1 DHCP)Thanks again for doing this options !!
-
Everybody should post the data I asked for.
GB
-
This is after i uncommented the part in interfaces.inc (and split the pptp and l2tp) set the interfaces,
mpd dialed and i changed the default route by doing:route delete default route add default 82.81.206.1ifconfig :
$ ifconfig re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=389b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_ucast,wol_mcast,wol_magic>ether 70:71:bc:09:3b:ec inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::7271:bcff:fe09:3bec%re0 prefixlen 64 scopeid 0x1 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>) status: active fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=219b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,tso4,wol_magic>ether 00:02:b3:2d:ad:5a inet6 fe80::202:b3ff:fe2d:ad5a%fxp0 prefixlen 64 scopeid 0x2 inet 172.28.142.143 netmask 0xffffe000 broadcast 255.255.255.255 nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>) status: active pflog0: flags=100 <promisc>metric 0 mtu 33200 enc0: flags=0<> metric 0 mtu 1536 lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 nd6 options=3 <performnud,accept_rtadv>pfsync0: flags=0<> metric 0 mtu 1460 syncpeer: 224.0.0.240 maxupd: 128 l2tp0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet 82.81.206.30 --> 82.81.206.1 netmask 0xffffffff inet6 fe80::7271:bcff:fe09:3bec%l2tp0 prefixlen 64 scopeid 0x7 nd6 options=3 <performnud,accept_rtadv></performnud,accept_rtadv></up,pointopoint,running,noarp,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,tso4,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_ucast,wol_mcast,wol_magic></up,broadcast,running,simplex,multicast>ps auxw | grep mpd5
$ ps auxw | grep mpd5 root 59903 0.0 0.4 9488 4308 ?? Ss 4:09PM 0:00.03 /usr/local/sbin/mpd5 -b -k -d /var/etc -f mpd_wan.conf -p /var/run/l root 63557 0.0 0.1 3656 1476 ?? S 4:21PM 0:00.00 sh -c ps auxw | grep mpd5 root 63867 0.0 0.1 3524 1256 ?? S 4:21PM 0:00.00 grep mpd5/conf/config.xml
<interfaces><wan><enable><if>l2tp0</if> <media><mediaopt><alias-address><alias-subnet>32</alias-subnet> <spoofmac><ipaddr>l2tp</ipaddr> <dhcphostname></dhcphostname></spoofmac></alias-address></mediaopt></media></enable></wan> <lan><enable><if>re0</if> <ipaddr>192.168.1.1</ipaddr> <subnet>24</subnet> <media><mediaopt></mediaopt></media></enable></lan> <opt1><if>fxp0</if> <enable><ipaddr>dhcp</ipaddr> <dhcphostname><alias-address><alias-subnet>32</alias-subnet> <spoofmac></spoofmac></alias-address></dhcphostname></enable></opt1></interfaces><ppps><ppp><ptpid>0</ptpid> <type>l2tp</type> <if>l2tp0</if> <ports>opt1</ports> <username>micky</username> <password>MjgzMxEw</password> <localip><subnet>31</subnet> <gateway>hot.bezeqint.net</gateway> <bandwidth></bandwidth></localip></ppp></ppps>Everything was taken on 2.0-BETA4-20100810-0228.
please tell me if there is anything more i can do to help. -
Changing this line (1195) in util.inc solves the interface mismatch message on restart
from
if (preg_match("/^enc|^cua|^tun|^pptp|^ppp|^ovpn|^gif|^gre|^lagg|^bridge|vlan|_wlan/i", $ifcfg['if'])) { $i++; }to
function is_interface_mismatch() { global $config, $g; /* XXX: Should we process only enabled interfaces?! */ $do_assign = false; $i = 0; foreach ($config['interfaces'] as $ifname => $ifcfg) { if (preg_match("/^enc|^cua|^tun|^pptp|^l2tp|^ppp|^ovpn|^gif|^gre|^lagg|^bridge|vlan|_wlan/i", $ifcfg['if'])) { $i++; } else if (does_interface_exist($ifcfg['if']) == false) { $do_assign = true; } else $i++; }(just added "l2tp")
And to Add the Connect/disconnect button in interfaces status page:
in pfsense-utils.inc in function get_interface_info changed (at line 1275)
/* PPTP interface? -> get status from virtual interface */ case "pptp": if ($ifinfo['status'] == "up" && !isset($link0)) /* get PPTP link status for dial on demand */ $ifinfo['pptplink'] = "up"; else $ifinfo['pptplink'] = "down"; break; /* PPP interface? -> get uptime for this session and cumulative uptime from the persistant log file in conf */ case "ppp": if ($ifinfo['status'] == "up") $ifinfo['ppplink'] = "up"; else $ifinfo['ppplink'] = "down" ; if (empty($ifinfo['status']))To (Inserted the l2tp part):
case "pptp": if ($ifinfo['status'] == "up" && !isset($link0)) /* get PPTP link status for dial on demand */ $ifinfo['pptplink'] = "up"; else $ifinfo['pptplink'] = "down"; break; case "l2tp": if ($ifinfo['status'] == "up" && !isset($link0)) /* get PPTP link status for dial on demand */ $ifinfo['l2tplink'] = "up"; else $ifinfo['l2tplink'] = "down"; break; /* PPP interface? -> get uptime for this session and cumulative uptime from the persistant log file in conf */ case "ppp": if ($ifinfo['status'] == "up") $ifinfo['ppplink'] = "up"; else $ifinfo['ppplink'] = "down" ;And in status_interfaces.php added
[" class="formbtns">](status_interfaces.php?action=Disconnect&if=<?php echo $ifdescr; ?>) [" class="formbtns">](status_interfaces.php?action=Connect&if=<?php echo $ifdescr; ?>)Under the similar PPTP block;
but the vpn won't connect on restart nor on connection loss (like wan unplugged or modem restart)
until i set the opt1 as default route (system->routing->opt1->default gateway ).
Then the l2tp connection can be established (no more server no response error in the log).
After it is established i need to change again the opt1 to "not default gateway" -by just pressing delete –
(it automaticly sets the wan [l2tp] as default route and i have internet on the client computers)Hope it helps..
-
Thanks fixed some of the suggestions.
-
So what is the status of L2TP/PPTP ?
Will I be able to connect to NezeqInt via Hot ? -
Well without any 'specification' on connecting to that service provider i cannot tell you or help you.
If you find out what needs to be done i can probably look at it.
-
Ermal,
I believe, both Micky and roi were talking about the same providers, which are Bezeqint (ISP) and HOT (cable).
But I think all the ISPs have the same type of connection when connecting via cable. The second option is ADSL, which already comes with modem/router, making this setup obsolete.Am I right, Micky,roi?
-
Yep. we are both on the same ISP. Bezeq Int & Hot (cable).
ADSL is not a problem here as there is support for PPPOE, and I understand that it's supported long time ago.
-
What is the issue than?!
-
Hi,
The main problems i have with the l2tp connection are
1. if a L2TP connection established there is no internet on the lan computers until the gateway/default route are changed, either by "route default delete" & "route default add xxx.xxx.xxx.xxx" in the console
or by setting the wan gateway default in the gui.2. if the connection lost or pfsense restart the L2TP wont dial until i reassign the interfaces again (then interface_configure() is called) or doing "status_interfaces.php?action=Connect&if=wan"
Then the L2TP will start dial but "server no response" error in pptp log until i press delete on the wan interface in the gui which sets the DHCP (OPT1 in my case) interface as default gateway.
Then it will connect and i have to set the new wan gateway as default again.Thanks a lot for looking into it
-
Can you please provide details on this!
Logs configuration screens or config.xml and stuff like that. -
I at the moment have stopped trying.
I am just following the subject trying to catch on to you when it will be sorted out.