Linux-Distributionen VPN auf dem FreeNAS

Dieses Thema im Forum "Software" wurde erstellt von Crainex, 21. Jan. 2011.

  1. Crainex

    Crainex VIP Mitglied

    Registriert seit:
    8. Dez. 2007
    Beiträge:
    1.227
    Zustimmungen:
    0
    Hallo,
    ich möchte aus verschiedenen Gründen einen VPN Dienst namens Poptop auf unserem FreeNAS installieren. Die Installation hat wunderbar geklappt! Die Einrichtung und das Starten des Dienstes machten erst probleme die ich aber nun gelöst habe. Die Verbindung soll erst im LAN laufen. Wenn alles klappt mache ich die Verbindung per DynDNS

    Nun stehe ich vor einem anderen Problem. Hier mal der Log.
    Code:
    Jan 21 23:07:53 	freenas 	pptpd[2471]: CTRL: PTY read or GRE write failed (pty,gre)=(7,6)
    Jan 21 23:07:53 	freenas 	pptpd[2471]: GRE: read(fd=7,buffer=8058a60,len=8196) from PTY failed: status = 0 error = No error
    Mit dem Log kann ich überhaupt nichts anfagen. Deswegen frage ich mal hier ;)

    Hier sind noch die restlichen Configs.

    pptpd.conf
    Code:
    ##############################################################################
    # $Id: pptpd.conf,v 1.8 2004/04/28 11:36:07 quozl Exp $
    #
    # Sample Poptop configuration file /etc/pptpd.conf
    #
    # Changes are effective when pptpd is restarted.
    ###############################################################################
    
    # TAG: ppp
    #	Path to the pppd program, default '/usr/sbin/pppd' on Linux
    #
    ppp /usr/sbin/pptpd
    
    # TAG: option
    #	Specifies the location of the PPP options file.
    #	By default PPP looks in '/etc/ppp/options
    #
    option /etc/pptpd.conf
    
    # TAG: debug
    #	Turns on (more) debugging to syslog
    #
    #debug
    
    # TAG: stimeout
    #	Specifies timeout (in seconds) on starting ctrl connection
    #
    # stimeout 10
    
    # TAG: noipparam
    #       Suppress the passing of the client's IP address to PPP, which is
    #       done by default otherwise.
    #
    #noipparam
    
    # TAG: logwtmp
    #	Use wtmp(5) to record client connections and disconnections.
    #
    logwtmp
    
    # TAG: bcrelay <if>
    #	Turns on broadcast relay to clients from interface <if>
    #
    #bcrelay eth1
    
    # TAG: localip
    # TAG: remoteip
    #	Specifies the local and remote IP address ranges.
    #
    #       Any addresses work as long as the local machine takes care of the
    #       routing.  But if you want to use MS-Windows networking, you should
    #       use IP addresses out of the LAN address space and use the proxyarp
    #       option in the pppd options file, or run bcrelay.
    #
    #	You can specify single IP addresses seperated by commas or you can
    #	specify ranges, or both. For example:
    #
    #		192.168.0.234,192.168.0.245-249,192.168.0.254
    #
    #	IMPORTANT RESTRICTIONS:
    #
    #	1. No spaces are permitted between commas or within addresses.
    #
    #	2. If you give more IP addresses than MAX_CONNECTIONS, it will
    #	   start at the beginning of the list and go until it gets 
    #	   MAX_CONNECTIONS IPs. Others will be ignored.
    #
    #	3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238,
    #	   you must type 234-238 if you mean this.
    #
    #	4. If you give a single localIP, that's ok - all local IPs will
    #	   be set to the given one. You MUST still give at least one remote
    #	   IP for each simultaneous client.
    #
    # (Recommended)
    localip 10.1.60.1
    remoteip 10.1.60.10-20
    # or
    #localip 192.168.0.234-238,192.168.0.245
    #remoteip 192.168.1.234-238,192.168.1.245
    
    options.ptppd
    Code:
    ###############################################################################
    # $Id: options.pptpd,v 1.9 2005/08/02 11:33:32 quozl Exp $
    #
    # Sample Poptop PPP options file /etc/ppp/options.pptpd
    # Options used by PPP when a connection arrives from a client.
    # This file is pointed to by /etc/pptpd.conf option keyword.
    # Changes are effective on the next connection.  See "man pppd".
    #
    # You are expected to change this file to suit your system.  As
    # packaged, it requires PPP 2.4.2 and the kernel MPPE module.
    ###############################################################################
    
    
    # Authentication
    
    # Name of the local system for authentication purposes 
    # (must match the second field in /etc/ppp/chap-secrets entries)
    name pptpd
    
    # Strip the domain prefix from the username before authentication.
    # (applies if you use pppd with chapms-strip-domain patch)
    #chapms-strip-domain
    
    
    # Encryption
    # (There have been multiple versions of PPP with encryption support,
    # choose with of the following sections you will use.)
    
    
    # BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o
    # {{{
    refuse-pap
    refuse-chap
    refuse-mschap
    # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
    # Challenge Handshake Authentication Protocol, Version 2] authentication.
    require-mschap-v2
    # Require MPPE 128-bit encryption
    # (note that MPPE requires the use of MSCHAP-V2 during authentication)
    require-mppe-128
    # }}}
    
    
    # OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o
    # {{{
    #-chap
    #-chapms
    # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
    # Challenge Handshake Authentication Protocol, Version 2] authentication.
    #+chapms-v2
    # Require MPPE encryption
    # (note that MPPE requires the use of MSCHAP-V2 during authentication)
    #mppe-40	# enable either 40-bit or 128-bit, not both
    mppe-128
    #mppe-stateless
    # }}}
    
    
    # Network and Routing
    
    # If pppd is acting as a server for Microsoft Windows clients, this
    # option allows pppd to supply one or two DNS (Domain Name Server)
    # addresses to the clients.  The first instance of this option
    # specifies the primary DNS address; the second instance (if given)
    # specifies the secondary DNS address.
    #ms-dns 10.0.0.1
    #ms-dns 10.0.0.2
    
    # If pppd is acting as a server for Microsoft Windows or "Samba"
    # clients, this option allows pppd to supply one or two WINS (Windows
    # Internet Name Services) server addresses to the clients.  The first
    # instance of this option specifies the primary WINS address; the
    # second instance (if given) specifies the secondary WINS address.
    #ms-wins 10.0.0.3
    #ms-wins 10.0.0.4
    
    # Add an entry to this system's ARP [Address Resolution Protocol]
    # table with the IP address of the peer and the Ethernet address of this
    # system.  This will have the effect of making the peer appear to other
    # systems to be on the local ethernet.
    # (you do not need this if your PPTP server is responsible for routing
    # packets to the clients -- James Cameron)
    proxyarp
    
    
    # Logging
    
    # Enable connection debugging facilities.
    # (see your syslog configuration for where pppd sends to)
    #debug
    
    # Print out all the option values which have been set.
    # (often requested by mailing list to verify options)
    #dump
    
    
    # Miscellaneous
    
    # Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
    # access.
    lock
    
    # Disable BSD-Compress compression
    nobsdcomp 
    
    # Disable Van Jacobson compression 
    # (needed on some networks with Windows 9x/ME/XP clients, see posting to
    # poptop-server on 14th April 2005 by Pawel Pokrywka and followups,
    # http://marc.theaimsgroup.com/?t=111343175400006&r=1&w=2 )
    novj
    novjccomp
    
    # turn off logging to stderr, since this may be redirected to pptpd, 
    # which may trigger a loopback
    nologfd
    
    # put plugins here 
    # (putting them higher up may cause them to sent messages to the pty)
    
    
    chap-secrets
    Code:
    # PPP CHAP secrets file.
    # See pppd(1) for file format.
    
    # Secrets for authentication using CHAP
    # client        server  secret          IP addresses
    #username       pptpd   password        *
    username pptpd password 10.1.60.11
    
    # For ppp patched with smbauth you use
    # *	pptpd	&/etc/samba/smbpasswd	*
    
    Die Fehlermeldungen wechseln bei jedem Versuch eine Verbindung aufzubauen. Manchmal sind es die Ports, dann ist es ein Tunnelfehler und zuletzt ein Fehlercode :fresse
     
  2. Protector

    Protector VIP Mitglied

    Registriert seit:
    7. Apr. 2007
    Beiträge:
    14.565
    Zustimmungen:
    41