Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PPP over SSH support?

    Routing and Multi WAN
    2
    4
    2.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Blammo
      last edited by

      I've used PPP over SSH in cases where nothing else was possible, and it works just fine. However, the version of PPP that's running on 1.01, and today's CVS don't support several of the command line options normally used like "updetach" and "pty". Here's a very-simple one-liner that, with a tweak, usually works like a charm:

      /usr/sbin/pppd updetach noauth silent nodeflate pty "/usr/bin/ssh root@XXX.XXX.XXX.XXX /usr/sbin/pppd nodetach notty noauth" ipparam vpn 10.0.0.1:10.0.0.254

      Which fails on pfsense, complaining of:

      "/usr/sbin/pppd: unrecognized option 'pty'"

      In some cases people are behind such restrictive firewalls that thinks like IPSec and PPTP, and even OpenVPN won't fly. Getting a port open for SSH, on the other hand, can be a LOT easier.

      Anyone have any suggestions/helps?

      Links:
      http://www.faqs.org/docs/Linux-mini/ppp-ssh.html

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        #1.  This is not linux.

        #2.  We do not use the userland PPP, we use MPD.  What your trying to do will surely not work.

        1 Reply Last reply Reply Quote 0
        • B
          Blammo
          last edited by

          1. Why should it matter?
          2. Surely you're right…. wait a sec, what's this?

          ppp -background myremotessh

          Working in background mode
          Using interface: tun0
          PPP enabled

          ifconfig

          [snip]
          ppp0: flags=108010 <pointopoint,multicast,needsgiant>mtu 1500
          tun0: flags=8051 <up,pointopoint,running,multicast>mtu 1500
                  inet 192.168.10.2 –> 192.168.10.1 netmask 0xffffffff
                  Opened by PID 2028

          ping 192.168.10.1

          PING 192.168.10.1 (192.168.10.1): 56 data bytes
          64 bytes from 192.168.10.1: icmp_seq=0 ttl=64 time=22.566 ms
          64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=31.621 ms
          64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=22.810 ms
          64 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=25.091 ms
          64 bytes from 192.168.10.1: icmp_seq=4 ttl=64 time=23.252 ms
          ^C
          --- 192.168.10.1 ping statistics ---
          5 packets transmitted, 5 packets received, 0% packet loss
          round-trip min/avg/max/stddev = 22.566/25.068/31.621/3.394 ms

          –--------------------

          Nothing a little persistance won't solve….

          now if there was only a plugin to the web interface for both client & server modes of this function.. damn I love PFsense…</up,pointopoint,running,multicast></pointopoint,multicast,needsgiant>

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            1. Sure it matters.  Linux howto's don't generally apply to FreeBSD unless you using linux emulation, etc.

            2. Good job.  I have given you my standard canned response because what your doing is outside of normal pfSense support.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.