1

I'm trying to create a VPN tunnel that forwards all data from the local machine to the VPN server. I'm using ppp-2.4.5 for this with the following configuration:

pty "pptp <VPNServer> --nolaunchpppd"
name <my login name>
remotename PPTP
usepeerdns
require-mppe-128
file /etc/ppp/options.pptp
persist
maxfail 0
holdoff 5

I have a script in if-up.d with the following content:

route del default eth0
route add default dev ppp0

Before starting the VPN tunnel my routing looks like:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    2      0        0 eth0
127.0.0.0       127.0.0.1       255.0.0.0       UG    0      0        0 lo
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0

After starting the tunnel (via pon) it looks like:

 Kernel IP routing table
 Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
 0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0
 12.34.56.1      0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
 127.0.0.0       127.0.0.1       255.0.0.0       UG    0      0        0 lo
 192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0

Now the problem is, that the VPN tunnel seems to be looped into itself. If I run ifconfig after a few seconds without any traffic:

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 192.168.0.10  netmask 255.255.0.0  broadcast 192.168.255.255
    ether 00:01:2e:2f:ff:35  txqueuelen 1000  (Ethernet)
    RX packets 39931  bytes 6784614 (6.4 MiB)
    RX errors 0  dropped 90  overruns 0  frame 0
    TX packets 34980  bytes 7633181 (7.2 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    device interrupt 20  memory 0xfbdc0000-fbde0000  

ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1496
    inet 12.34.56.78  netmask 255.255.255.255  destination 12.34.56.1
    ppp  txqueuelen 3  (Point-to-Point Protocol)
    RX packets 7  bytes 94 (94.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 782863  bytes 349257986 (333.0 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

It states that already over 300 MiB have been send, ppp0 is only online since a few seconds and the connection isn't working anyway.

Can someone please help me to fix the routing table, so that the traffic from ppp0 is not send again through ppp0 but instead goes to the remote server?

Update

I finally solved it by creating the following route:

   route add -host <VPNServer> gw 192.168.0.1
   route add -net default gw 12.34.56.1

so the only thing that was wrong was that I mixed up the end point of the VPN connection with the IP address of the VPN server itself.

Oliver
  • 13
  • 1
  • 4

1 Answers1

0

Just from a networking point of view, you will still need a route going out eth0 for the specific IP address for the VPN server (its external IP).

You could add a route for this in a startup script, or in the if-up script. It wont matter if it exists when the default route is already there going out eth0.

All other data should then go out ppp0 (which then goes out eth0..)

bandito
  • 136
  • 2
  • I tried this, I've even tried to use metrics like in the following: default dev ppp0 scope link metric 2
    12.34.56.1 dev eth0 scope link
    but the ppp0 device's output is still send back to ppp0     – Oliver Dec 01 '12 at 18:29