Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
From my home computer, I'd like to connect to my computer at work, which is connected to the corporate network there, and is running.
To the internet, I'm connected via DSL, and I've setup PPTPconfig, and also established a connection to the PPTP resp. VPN server:
Code:
Using interface ppp1pptpconfig: monitoring interface ppp1
Connect: ppp1 <--> /dev/pts/1
CHAP authentication succeeded
MPPE 128-bit stateless compression enabled
Cannot determine ethernet address for proxy ARP
local IP address 192.168.0.91
remote IP address 192.168.0.92
primary DNS address 192.168.0.20
pptpconfig: pppd process exit status 0 (started)
ip route replace 83.236.211.58 dev ppp0 src 84.131.89.58
pptpconfig: routes added to remote networks
pptpconfig: DNS changes made to /etc/resolv.conf
pptpconfig: connected
Currently there are two problems:
I cannot connect ( = ping) to other computers in the corporate network. (I tried to reach them by their computer names, but tried some IP adresses too of which I think they would exist.)
Maybe I have to set the corporate name server in PPTPconfig's settings?
When I close PPTPconfig's connection, the underlying, regular DSL connection stops from working. I.e., "ping www.google.com" results in "unknown host". I have to "poff" it, and to re-connect.
I think there are some basic deficiencies with my knowledge on networking, so could please someone point me to a direction?
Thanks indeed
robbbert
[Edit](Probably) obviously, this is a Microsoft VPN server, not a Cisco one.[/Edit]
It looks like you made a connection to a VPN server that gives you access to the 192.168.0.0/24 private IP subnet. Whatever network (for the most part the first 3 digits of the IP address) you connect to has to be different than the one you connect from, so make sure your home network and work network aren't both set as 192.168.0.x If they are you will probably have to change your home network. As for the lost connection to The Internet, this is probably due to one or both of your default gateway and DNS server(s) changing. If your default gateway changes then all your network traffic, including The Internet, will go through the VPN and out from that (the company) network.
1. "pptpconfig: DNS changes made to /etc/resolv.conf" says that your DNS settings did change. You can cat /etc/resolv.conf before and after connecting and see what changed. If there is an Active Directory domain at work or you need to connect to specific hosts on the work network by name, you probably need their DNS when the VPN is up. Presumably their DNS server(s) resolve outside addresses like linuxquestions.org the same as any other DNS server so that shouldn't hurt if you can actually see their DNS server.
2. Sounds like the default gateway doesn't get set back to the DSL connection. Barring that the VPN connection doesn't change the route (default gateway = default route) back itself, it probably has a disconnect script where you can add the default route back to whatever it was (ppp0?) On second though, you probably only need access to one or just a few subnets, so having individual routes instead
of a default route may be preferable. ex is that the VPN connection should use itself as the route to the 192.168.0.0/24 network instead of becoming the new default route.
If you cant get it working, or figure out what I was saying, post the results of cat /etc/resolv.conf and netstat -r before you make the VPN connection and while it's active.
make sure your home network and work network aren't both set as 192.168.0.x
I remember this caused problems in another case. However, my home PC is not connected to any private network, and I think 127.0.0.1 is the only valid IP address if there are no external name servers.
Quote:
"pptpconfig: DNS changes made to /etc/resolv.conf" says that your DNS settings did change
That's true. Before connecting to the VPN tunnel, its contents was:
When I change it back (while being connected to the VPN server) I can connect to URLs like www.google.com (but not when the nameserver is 192.168.0.20). Under Windows, with no special gateway or DNS specified, this worked.
Quote:
If there is an Active Directory domain at work or you need to connect to specific hosts on the work network by name, you probably need their DNS when the VPN is up
I believe that's 192.168.0.20.
Quote:
Presumably their DNS server(s) resolve outside addresses like linuxquestions.org the same as any other DNS server
That's true (when connecting from the Windows PC).
Quote:
it probably has a disconnect script where you can add the default route back
That's true. Its log says it was restoring the original resolv.conf but resolving external URIs doesn't work afterwards, until I re-connect to the DSL connection. However, the command "poff -a" doesn't output any message, which means there was an active connection indeed (still the DSL connection).
Quote:
If you cant get it working, or figure out what I was saying, post the results of cat /etc/resolv.conf and netstat -r before you make the VPN connection and while it's active.
- I'm appreciating your help very much and will do anything to get this working. I mean, it's not hard for me to work with PostgreSQL and Java instead of MS SQL Server and .NET but this networking stuff actually is a black hole to me, I don't know why.
ip route replace 83.236.211.58 dev ppp0 src 84.131.89.58
...Is the confusing part, it should instead be adding something to the route table to say, "hey! use the VPN to get to anything starting with 192.168.0" but it's not.
Since you can't see anything on the other side of the tunnel you can't see the nameserver and thus can't see The Internet. Presumably when the VPN is working so you CAN see the remote network, you will also see the 192.168.0.20 nameserver and also be able to surf the net while the VPN is active.
Quote:
Originally Posted by robbbert
...Under Windows, with no special gateway or DNS specified, this worked.
Windows and Linux should both be doing the same thing, working with no special settings. The downside is Linux is a little trickier to figure out, the upside is you can "look under the hood" easier in Linux. Brushing aside the W vs L debate, let's move on...
I'll take an edjumicated stab and suggest doing this when the VPN is up:
Code:
route add -net 192.168.0.0 netmask 255.255.255.0 gw 0.0.0.0 dev ppp1
My other guess is that since both your Internet and VPN connections are ppp connections (to Linux) they both use the same place to hold the "original" resolv.conf so when ppp0 comes up it stores a useless resolv.conf and makes a useable one, when ppp1 comes up it sees a stored resolv.conf (with presumably nothing in it) and tries to "restore" that file when it closes down. This would explain why you can't surf until after you restart the DSL (ppp0) connection. The permenant workaround for this, since the DSL is your primary Internet connection, is to:
-Make sure the DSL connection is active
-find the ppp stored resolve file, presumably it is /etc/ppp/resolv.conf
-overwrite the file above with the contents of /etc/resolv.conf
Overwriting the stored resolv.conf will make it so you can connect to The Internet after bringing down the VPN. Hopefully the route command gets the VPN working, if it does theres probably a startup script where you could add that command in. If not post how it went and we can take another shot at it.
When the VPN tunnel is open, now our corporate nameserver suffices, and surfing the internet does work without changing or adding the DSL nameservers.
However, when the VPN tunnel is closed, the original DSL nameservers need to be restored. I found a backup file the pptpconfig application apparently creates, and wrote a mini script (my first one!) according to your "cat" function to restore the original resolv.conf.
After all, I would like to thank you Darin for your support and engagement, I'm deeply grateful, and I'm trying to help others, too. - The VPN / Terminal Server connection even works better than the Windows variety did (speed and graphics quality). - I'm so glad with my full-blown Ubuntu Dapper, the best set of software I (as a former Microsoft guy) ever had installed on a computer.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
VPN connection to PC @ work
