#-------------- less /etc/pptpd.conf ------------------------------ option /etc/ppp/ppp.conf #debug
# if you have multiple addresses and only want to "listen" on one: listen $ext_ip_addr_to_connect
speed 115200 localip $loc_ip_addr_int_net
# ip_adrreses for the remote users # comment: use net which differ from your internal net (config your pf and routing) remoteip 10.1.4.200-210 pidfile /var/run/pptpd.pid
#------------------- /etc/ppp/ppp.conf --------------------------- loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login # Server (local) IP address, Range for Clients, and Netmask set ifaddr $loc_ip_addr_int_net 10.1.4.200-10.1.4.210 255.255.255.255 set server /tmp/loop "" 0177
loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct
pptp: load loop enable MSCHAPv2 disable deflate pred1 deny deflate pred1 disable pap set mppe * * disable ipv6cp #enable mppc accept dns set dns $int_dns_1 $int_dns_2 set nbns $int_dns_1 $int_wins_2 set device !/etc/ppp/secure
#-------------------- /etc/pf.conf ----------------------------- pass in quick on $ext_if proto gre from any to $ext_ip_addr_to_connect pass out quick on $ext_if proto gre from $ext_ip_addr_to_connect to any pass in quick on $ext_if inet proto tcp from any to $ext_ip_addr_to_connect port = 1723 flags S/SA keep state #-----------------------end --------------------------------------