Dial-in server problem - RH 9

Hello,

I am trying to configure a RedHat 9 box at work to dial-in from home. I
followed the guide by Josh Gentry
(http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
Windows client only sees the dial-in server and not the rest of the
network. Below are my config detail and logs.

Any help would be greatly appreciated.

Thanks a lot
Ashoka
-----

Dial-in box ip: xxx.xxx.xxx.34
client ip: xxx.xxx.xxx.227
-----

/var/log/messages:

Jul 9 20:02:49 ssm_mac3 /etc/hotplug/net.agent: NET unregister event not
supported
Jul 9 20:02:50 ssm_mac3 mgetty[3273]: init chat failed, exiting...:
Invalid argument
Jul 9 20:02:50 ssm_mac3 mgetty[3273]: failed in mg_init_data, dev=ttyS0,
pid=3273
Jul 10 11:57:16 ssm_mac3 sshd(pam_unix)[3717]: session opened for user
root by (uid=0)
Jul 10 12:31:09 ssm_mac3 mgetty[3278]: data dev=ttyS0, pid=3278,
caller='none', conn='38400', name='', cmd='/usr/sbin/pppd',
user='/AutoPPP/'
Jul 10 12:31:09 ssm_mac3 pppd[3278]: pppd 2.4.1 started by LOGIN, uid 0
Jul 10 12:31:09 ssm_mac3 pppd[3278]: Using interface ppp0
Jul 10 12:31:09 ssm_mac3 pppd[3278]: Connect: ppp0 <--> /dev/ttyS0
Jul 10 12:31:09 ssm_mac3 /etc/hotplug/net.agent: assuming ppp0 is already
up
Jul 10 12:31:12 ssm_mac3 modprobe: modprobe: Can't locate module
ppp-compress-21
Jul 10 12:31:12 ssm_mac3 modprobe: modprobe: Can't locate module
ppp-compress-21
Jul 10 12:31:12 ssm_mac3 pppd[3278]: not replacing existing default route
to eth0 [xxx.xxx.xxx.249]
Jul 10 12:31:12 ssm_mac3 pppd[3278]: found interface eth0 for proxy arp
Jul 10 12:31:12 ssm_mac3 pppd[3278]: local IP address xxx.xxx.xxx.34
Jul 10 12:31:12 ssm_mac3 pppd[3278]: remote IP address xxx.xxx.xxx.227
----
/etc/ppp/options.server

-detach
asyncmap 0
modem
crtscts
lock
require-pap
refuse-chap
login
proxyarp
noauth
defaultroute
debug
netmask 255.255.255.0
ms-dns xxx.xxx.xxx.45
ms-dns xxx.xxx.xxx.1

-------
/etc/ppp/options.ttyS0

xxx.xxx.xxx.34:xxx.xxx.xxx.227

------
/etc/mgetty+sendfax/login.config has the line:

/AutoPPP/ - - /usr/sbin/pppd file /etc/ppp/options.server

------
route -n output:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
xxx.xxx.xxx.227 0.0.0.0 255.255.255.255 UH 0 0 0
ppp0
xxx.xxx.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 xxx.xxx.xxx.249 0.0.0.0 UG 0 0 0
eth0
-----
ifonfig output:

eth0 Link encap:Ethernet HWaddr 00:B00:4C:CC:4B
inet addr:xxx.xxx.xxx.34 Bcast:xxx.xxx.xxx.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:245168 errors:0 dropped:0 overruns:0 frame:0
TX packets:6915 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:30965681 (29.5 Mb) TX bytes:966386 (943.7 Kb)
Interrupt:11 Base address:0xdc00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:720302 errors:0 dropped:0 overruns:0 frame:0
TX packets:720302 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49187161 (46.9 Mb) TX bytes:49187161 (46.9 Mb)

ppp0 Link encap:Point-to-Point Protocol
inet addr:xxx.xxx.xxx.34 P-t-P:xxx.xxx.xxx.227
Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:126 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:8830 (8.6 Kb) TX bytes:202 (202.0 b)

--------

Dear Clifford,

Thanks for the reply. In fact proxyarp was not turned on in the kernel and
I just did it after reading your mail. But still no luck.

> in the appropriate /etc resource configuration file (which file depends
> on the particular distribution) and assigning an IP address to the dialin
> host that belongs to the same subnet as does the IP address for eth0 on
> the mgetty host.
Both my IPs are on the same subnet. Now I have a more fundamental
question
My dial-in server has the ip: x.x.x.34 and client is given x.x.x.227.
x.x.x.34 is the ip for dial-in server eth0 interface. Do I need a
different ip for the ppp0 interface on the dial-in server (making the
number of IPs used three)? I am bit confused here after googling the
internet and seeing a routing diagram.

Thanks again,
Ashoka

Ashoka D. Polpitiya <(E-Mail Removed)> wrote:

> Thanks for the reply. In fact proxyarp was not turned on in the
> kernel and I just did it after reading your mail. But still no luck.

>> in the appropriate /etc resource configuration file (which file depends
>> on the particular distribution) and assigning an IP address to the dialin
>> host that belongs to the same subnet as does the IP address for eth0 on
>> the mgetty host.
> Both my IPs are on the same subnet. Now I have a more fundamental
> question

Okay.

> My dial-in server has the ip: x.x.x.34 and client is given x.x.x.227.
> x.x.x.34 is the ip for dial-in server eth0 interface. Do I need a
> different ip for the ppp0 interface on the dial-in server (making the
> number of IPs used three)? I am bit confused here after googling the
> internet and seeing a routing diagram.

No, the PPP IP address for the mgetty host should, in the interest
of simplicity, be the same as that host's eth0 IP address.

Is the dial-in host configured to use the same nameservers as those
in the mgetty host's /etc/resolv.conf? I don't know the details of
Windows PPP implementations or configurations but pppd can supply
nameserver IP addresses to the call-in host (in the manner of
Microsoft) by using the pppd option ms-dns <addr>.

What symptoms does ping show when the dial-in host pings a LAN host
by FQDN? By IP address? What are the symptoms when it pings an
Internet site by FQDN and by IP address? Post any messages from ping
displayed in the terminal window. If a ping simply hangs, does it
hang for several minutes before generating a message and quitting,
or for just a short time?

It also might be helpful if you could add the pppd debug option to the
file /etc/ppp/options and post exact copies of the PPP link negotiation
messages (these should be in a file in /var/log), including timestamps
(xxx'ing whatever you feel necessary).

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/
/* 97.3% of all statistics are made up. */

"Ashoka D. Polpitiya" <(E-Mail Removed)> writes:

>Hello,

>I am trying to configure a RedHat 9 box at work to dial-in from home. I
>followed the guide by Josh Gentry
>(http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
>Windows client only sees the dial-in server and not the rest of the
>network. Below are my config detail and logs.

[...]

Do you have a SAMBA server up and running at all? And if so, does it
listen to the correct IP and interface? Otherwise your Win* clients
will never be able to "see" the machines behind the router at all.

Michael
--
Michael Buchenrieder * (E-Mail Removed) * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.

>
> >Hello,
>
> >I am trying to configure a RedHat 9 box at work to dial-in from home. I
> >followed the guide by Josh Gentry
> >(http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
> >Windows client only sees the dial-in server and not the rest of the
> >network. Below are my config detail and logs.
>
> [...]
>
> Do you have a SAMBA server up and running at all? And if so, does it
> listen to the correct IP and interface? Otherwise your Win* clients
> will never be able to "see" the machines behind the router at all.
>
> Michael
>
Nope. Samba is not running.

Ashoka

Ashoka D. Polpitiya wrote:

> I am trying to configure a RedHat 9 box at work to dial-in from home. I
> followed the guide by Josh Gentry
> (http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
> Windows client only sees the dial-in server and not the rest of the
> network. Below are my config detail and logs.
>

Have you got proxy arp enabled?

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

Michael Buchenrieder wrote:

> "Ashoka D. Polpitiya" <(E-Mail Removed)> writes:
>
>>Hello,
>
>>I am trying to configure a RedHat 9 box at work to dial-in from home. I
>>followed the guide by Josh Gentry
>>(http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
>>Windows client only sees the dial-in server and not the rest of the
>>network. Below are my config detail and logs.
>
> [...]
>
> Do you have a SAMBA server up and running at all? And if so, does it
> listen to the correct IP and interface? Otherwise your Win* clients
> will never be able to "see" the machines behind the router at all.

The impression I got, was that he can't see the other computers at all, i.e.
ping etc. You don't need Samba running on the dial in computer, unless you
want to share files from it.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

Ashoka D. Polpitiya <(E-Mail Removed)> wrote:
>> Is the dial-in host configured to use the same nameservers as those
>> in the mgetty host's /etc/resolv.conf? I don't know the details of
>> Windows PPP implementations or configurations but pppd can supply
>> nameserver IP addresses to the call-in host (in the manner of
>> Microsoft) by using the pppd option ms-dns <addr>.

> Yes they are the same and I supply them in /etc/ppp/options using ms-dns.

Sorry, I overlooked that in your first post.

> Here's my /etc/ppp/options.server

> -detach
> asyncmap 0
> modem
> crtscts
> lock
> require-pap
> refuse-chap
> login
> proxyarp
> noauth
^^^^^^
This option overrides the require-pap option since otherwise pppd
should have requested PAP authentication of the call-in, which it
didn't. Anyone that knows the number to call can gain access to the
mgetty host. To authenticate the call-in this option must be removed
and a line put in pap-secrets that is a valid entry for the call-in.

The line can be of the form

* * "" *

since the login option directs pppd to authenticate by using the
call-in's account in the system password database, e.g., /etc/passwd,
after PAP authentication succeeds.

> debug
> netmask 255.255.255.0
> ms-dns 128.252.133.45
> ms-dns 128.252.120.1

>> What symptoms does ping show when the dial-in host pings a LAN host
>> by FQDN? By IP address? What are the symptoms when it pings an
>> Internet site by FQDN and by IP address? Post any messages from ping
>> displayed in the terminal window. If a ping simply hangs, does it
>> hang for several minutes before generating a message and quitting,
>> or for just a short time?

> I can only ping to the mgetty host by its IP. None of the FQDNs
> work. From windows side it just hangs after a timeout. It is few
> seconds and the message is "Reequest timed out"

If you can ping *only* the mgetty host and only by it's IP address
then the problem is not (or not entirely) nameserver configuration.

To be able to access hosts on the LAN you need the pppd proxy_arp
option, proxy_arp enabled for eth0, and IP forwarding compiled into
the kernel and enabled. In addition, the IP address assigned to the
call-in must not be assigned to any other host on the LAN.

Does /proc/sys/net/ipv4/ip_forward exist?

If it doesn't then ip_forward is not complied into the kernel. If it
exists then is it turned on? If it is turned on then a cat of this
"file" will show a "1":

~$ cat /proc/sys/net/ipv4/ip_forward
1

I made a suggestion about ip_forward in a previous post but can't
find any comment by you about it.

Perhaps beating a dead horse, but be sure that the eth0 and remote ppp0
IP addresses are on the same subnet. The days of classful networks are
gone; so for a class B network a.b.0.0, a.b.c.x and a.b.d.y can be on
different subnets. Even a.b.c.x and a.b.c.y can be on different subnets.

>> It also might be helpful if you could add the pppd debug option to the
>> file /etc/ppp/options and post exact copies of the PPP link negotiation
>> messages (these should be in a file in /var/log), including timestamps
>> (xxx'ing whatever you feel necessary).

> Here's my /var/log/ppplog:

The log showed nothing wrong, the PPP link was negotiated and the
IP addresses correctly assigned to both ends, and the nameserver
IP addresses were passed to the call-in. The fact that you can ping
the mgetty host by IP address shows that the underlying serial layer
is working and the PPP link is viable.

If all this does no good then bring up the PPP link by having someone
call in, run "tcpdump -i ppp0" on the mgetty host when the link comes
up, and then have the someone try "ping -c 2 128.252.133.45" from the
call-in host. The tcpdump output may tell you, or us, something.

> ----
> Thanks a lot for your time.

If we learn something from all this, then the time is well-spent.

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/
/* My confidence in this answer (X), on a scale of 0 to 10:
|----|----|----|----|----|----|----|----|----X----|
0----1----2----3----4----5----6----7----8----9----10 */

Do you have iptables running?

What is your default forwarding rules (particularly from ppp0 to eth0)?

If it is DROP as it would be in a dialup client acting as a local gateway
you may want to let some of these packets through...

Michael

"Ashoka D. Polpitiya" <(E-Mail Removed)> wrote in message
news:Pine.LNX.4.44.0307101234000.11849-(E-Mail Removed)...
> Hello,
>
> I am trying to configure a RedHat 9 box at work to dial-in from home. I
> followed the guide by Josh Gentry
> (http://www.swcp.com/~jgentry/pers.html). I can coonect to the box but the
> Windows client only sees the dial-in server and not the rest of the
> network. Below are my config detail and logs.
>
> Any help would be greatly appreciated.
>
> Thanks a lot
> Ashoka
> -----
>
> Dial-in box ip: xxx.xxx.xxx.34
> client ip: xxx.xxx.xxx.227
> -----
>
> /var/log/messages:
>
> Jul 9 20:02:49 ssm_mac3 /etc/hotplug/net.agent: NET unregister event not
> supported
> Jul 9 20:02:50 ssm_mac3 mgetty[3273]: init chat failed, exiting...:
> Invalid argument
> Jul 9 20:02:50 ssm_mac3 mgetty[3273]: failed in mg_init_data, dev=ttyS0,
> pid=3273
> Jul 10 11:57:16 ssm_mac3 sshd(pam_unix)[3717]: session opened for user
> root by (uid=0)
> Jul 10 12:31:09 ssm_mac3 mgetty[3278]: data dev=ttyS0, pid=3278,
> caller='none', conn='38400', name='', cmd='/usr/sbin/pppd',
> user='/AutoPPP/'
> Jul 10 12:31:09 ssm_mac3 pppd[3278]: pppd 2.4.1 started by LOGIN, uid 0
> Jul 10 12:31:09 ssm_mac3 pppd[3278]: Using interface ppp0
> Jul 10 12:31:09 ssm_mac3 pppd[3278]: Connect: ppp0 <--> /dev/ttyS0
> Jul 10 12:31:09 ssm_mac3 /etc/hotplug/net.agent: assuming ppp0 is already
> up
> Jul 10 12:31:12 ssm_mac3 modprobe: modprobe: Can't locate module
> ppp-compress-21
> Jul 10 12:31:12 ssm_mac3 modprobe: modprobe: Can't locate module
> ppp-compress-21
> Jul 10 12:31:12 ssm_mac3 pppd[3278]: not replacing existing default route
> to eth0 [xxx.xxx.xxx.249]
> Jul 10 12:31:12 ssm_mac3 pppd[3278]: found interface eth0 for proxy arp
> Jul 10 12:31:12 ssm_mac3 pppd[3278]: local IP address xxx.xxx.xxx.34
> Jul 10 12:31:12 ssm_mac3 pppd[3278]: remote IP address xxx.xxx.xxx.227
> ----
> /etc/ppp/options.server
>
> -detach
> asyncmap 0
> modem
> crtscts
> lock
> require-pap
> refuse-chap
> login
> proxyarp
> noauth
> defaultroute
> debug
> netmask 255.255.255.0
> ms-dns xxx.xxx.xxx.45
> ms-dns xxx.xxx.xxx.1
>
> -------
> /etc/ppp/options.ttyS0
>
> xxx.xxx.xxx.34:xxx.xxx.xxx.227
>
> ------
> /etc/mgetty+sendfax/login.config has the line:
>
> /AutoPPP/ - - /usr/sbin/pppd file /etc/ppp/options.server
>
> ------
> route -n output:
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> xxx.xxx.xxx.227 0.0.0.0 255.255.255.255 UH 0 0 0
> ppp0
> xxx.xxx.xxx.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 xxx.xxx.xxx.249 0.0.0.0 UG 0 0 0
> eth0
> -----
> ifonfig output:
>
> eth0 Link encap:Ethernet HWaddr 00:B00:4C:CC:4B
> inet addr:xxx.xxx.xxx.34 Bcast:xxx.xxx.xxx.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:245168 errors:0 dropped:0 overruns:0 frame:0
> TX packets:6915 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> RX bytes:30965681 (29.5 Mb) TX bytes:966386 (943.7 Kb)
> Interrupt:11 Base address:0xdc00
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:720302 errors:0 dropped:0 overruns:0 frame:0
> TX packets:720302 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:49187161 (46.9 Mb) TX bytes:49187161 (46.9 Mb)
>
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:xxx.xxx.xxx.34 P-t-P:xxx.xxx.xxx.227
> Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
> RX packets:126 errors:0 dropped:0 overruns:0 frame:0
> TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:3
> RX bytes:8830 (8.6 Kb) TX bytes:202 (202.0 b)
>
> --------
>
>