PPP over SSH support?
I've used PPP over SSH in cases where nothing else was possible, and it works just fine. However, the version of PPP that's running on 1.01, and today's CVS don't support several of the command line options normally used like "updetach" and "pty". Here's a very-simple one-liner that, with a tweak, usually works like a charm:
/usr/sbin/pppd updetach noauth silent nodeflate pty "/usr/bin/ssh root@XXX.XXX.XXX.XXX /usr/sbin/pppd nodetach notty noauth" ipparam vpn 10.0.0.1:10.0.0.254
Which fails on pfsense, complaining of:
"/usr/sbin/pppd: unrecognized option 'pty'"
In some cases people are behind such restrictive firewalls that thinks like IPSec and PPTP, and even OpenVPN won't fly. Getting a port open for SSH, on the other hand, can be a LOT easier.
Anyone have any suggestions/helps?
#1. This is not linux.
#2. We do not use the userland PPP, we use MPD. What your trying to do will surely not work.
1. Why should it matter?
2. Surely you're right…. wait a sec, what's this?
Working in background mode
Using interface: tun0
ppp0: flags=108010 <pointopoint,multicast,needsgiant>mtu 1500
tun0: flags=8051 <up,pointopoint,running,multicast>mtu 1500
inet 192.168.10.2 –> 192.168.10.1 netmask 0xffffffff
Opened by PID 2028
PING 192.168.10.1 (192.168.10.1): 56 data bytes
64 bytes from 192.168.10.1: icmp_seq=0 ttl=64 time=22.566 ms
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=31.621 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=22.810 ms
64 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=25.091 ms
64 bytes from 192.168.10.1: icmp_seq=4 ttl=64 time=23.252 ms
--- 192.168.10.1 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 22.566/25.068/31.621/3.394 ms
Nothing a little persistance won't solve….
now if there was only a plugin to the web interface for both client & server modes of this function.. damn I love PFsense…</up,pointopoint,running,multicast></pointopoint,multicast,needsgiant>
1. Sure it matters. Linux howto's don't generally apply to FreeBSD unless you using linux emulation, etc.
2. Good job. I have given you my standard canned response because what your doing is outside of normal pfSense support.