IPSEC l2tpd and Windows shares problem

From: Vicky Shrestha (mail_at_vickysh.wlink.com.np)
Date: 04/17/05

  • Next message: Brett Glass: "Re: Will 5.4 be an "Extended Life" release?" 
    To: freebsd-security@freebsd.org
Date: Sun, 17 Apr 2005 14:17:17 +0545

    Dear all,

    I am running IPSEC and l2tpd in FreeBSD 4.9.

    I am able to connect from WindowsXP to this FreeBSD box . I am also able to
    ping the Hosts behind the IPSEC gateway, connect to internal ftp servers,
    browse intranet websites etc.

    However I am not able to browse network shares (windows and samba both). It
    does prompts for Username/password when we try to access directly , but it
    will never show the network shares.

    If I connect to a linux IPSEC gateway using rp-l2tp there is no problem.

    /usr/local/etc/l2tp/l2tpd.conf
    ====================================
    [global]
    port = 1701

    [lns default]
    ip range = 192.168.0.129 - 192.168.0.254
    local ip = 192.168.0.2
    hostname = freebsdipsec
    name = freebsdipsec
    ppp debug = yes
    pppoptfile = /usr/local/etc/l2tp/options.l2tpd
    =======================================
    /usr/local/etc/l2tp/options.l2tpd
    =======================================
    noauth
    proxyarp
    lcp-echo-interval 30
    lcp-echo-failure 6
    ms-dns 192.168.0.3
    ms-dns 192.168.0.4
    ms-wins 192.168.0.6
    crtscts
    idle 1800
    mtu 1400
    mru 1400
    lock
    nodetach
    debug
    ====================================

    Note: the IP address of the Private Interface is 192.168.0.1/24 

    -- 
With regards,
Vicky Shrestha
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Brett Glass: "Re: Will 5.4 be an "Extended Life" release?"

    Relevant Pages

    • Re: FreeBSD NAT-T patch integration
      ... IPsec is about security and not features. ... mostly evenings and weekends that I can spend on FreeBSD. ... People ask about review. ...
      (freebsd-net)
    • Re: if_ipsec
      ... I am personally responsible for the network infrastructure of the company. ... My company network infrastructure is build using FreeBSD servers and Cisco equipment. ... The conventional way to build vpn is to build a tunnel of some sort. ... So, the industry invented a method: you use a gre/ipinip tunnel, you pass the dynamic routing information, and you encrypt this tunnel with ipsec. ...
      (freebsd-net)
    • IPSEC l2tpd and Windows shares problem
      ... I am running IPSEC and l2tpd in FreeBSD 4.9. ... I am able to connect from WindowsXP to this FreeBSD box. ... ms-dns 192.168.0.3 ...
      (freebsd-isp)
    • if_ipsec
      ... I am personally responsible for the network infrastructure of the company. ... My company network infrastructure is build using FreeBSD servers and Cisco equipment. ... The conventional way to build vpn is to build a tunnel of some sort. ... So, the industry invented a method: you use a gre/ipinip tunnel, you pass the dynamic routing information, and you encrypt this tunnel with ipsec. ...
      (freebsd-net)
    • Requesting assistance: IPsec-configured FreeBSD system sends unencrypted packets on the wrong in
      ... I'm setting up an IPsec tunnel between a OpenBSD/isakmpd box and a ... The FreeBSD server also runs OpenVPN, ... tcpdump shows packets destined for OPENBSD_NET (coming from ... 0x08ae310d auth hmac-sha2-256 enc aes ...
      (freebsd-questions)