- 论坛徽章:
- 0
|
本帖最后由 zzm183 于 2010-10-04 10:57 编辑
我用freebsd7做的 pptp pppoe服务器 pppoe能正常访问外网 pptp能拨上能分配地址,客户端ping服务器上的内网地址(172.16.100.100)和外网地址(比如说:10.201.20.2)都能ping通,但是外网上不去
pf.conf
wan_if="rl0"
int_if="rl1"
noroute="{127.0.0.1,255.255.255.255/32}"
routeip="172.16.100.100"
internal_net="172.16.0.0/16"
internal1_net="192.168.0.0/16"
wan_addr="X.X.X.X"
loop="lo0"
nat on $wan_if from !($wan_if) -> ($wan_if:0)
pass in all
pass out all
ipfw list
00050 divert 8668 ip4 from any to any via rl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
65000 allow ip from any to any
65535 deny ip from any to any
cat /etc/ppp/ppp.conf
pppoe:
set timeout 0
set device PPPoE:rl1
allow mode direct
set mru 1492
set mtu 1492
set speed sync
enable lqr
set lqrperiod 60
enable chap
enable pap
enable mppe
enable MSChap
enable MSChapv2
enable proxy
set cd 5
accept dns
# set radius /etc/radius.conf
set ifaddr 192.168.1.1 192.168.1.2-192.168.1.100
loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
# Server (local) IP address, Range for Clients, and Netmask
# if you want to use NAT use private IP addresses
set ifaddr 172.16.100.100 192.168.0.2-192.168.0.254 255.255.255.0
add default HISADDR
set server /tmp/loop "" 0177
loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct
pptp:
load loop
disable pap
# Authenticate against /etc/passwd
enable passwdauth
disable ipv6cp
enable proxy
accept dns
enable MSChapV2
enable mppe
disable deflate pred1
deny deflate pred1
set dns 202.101.172.35
set device !/etc/ppp/secure
cat /usr/local/etc/pptpd.conf
speed 115200
pidfile /var/run/pptpd.pid
# debug
nobsdcomp
proxyarp
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
lock
name pptp
auth
listen X.X.X.X
localip 172.16.100.100
remoteip 192.168.0.1-192.168.0.254
请帮忙看下,谢了~ |
|
免费注册
发表于 2010-10-04 10:26