routing question(s) with regard to pptp connections

Hi,

I have a RH9 based box at my site that has multiple incoming and
outgoing pptp connections to other linux and windows boxes. The
connections are mainly of a LAN to LAN nature and work fine.

The routes to the remote lans are setup when the initial pptp
connection is made however teh return routes require to be created at
the remote server. On a windows server it is possible to create a user
with a dial in profile which has a pre-defined static route back to my
site. Therefore dial in as this user and all routes are taken care of
automatically.

On the remote linux boxes when I dial them, I need to issue a route
update so that the remote lan traffic can come back to my site. I have
a cron job that can handle this but it is not elegant and I would like
to improve this to be fully automatic.

My searching so far has yeilded no successful results. I thought of the
remote "/etc/ppp/ip-up.local" file but am not sure if this is a
possibility. I like the idea of tying it to a particular user with a
static route but I am not fussed as long as I get a more elegant
solution.

If there is a better forum for asking this question then please point
me there. I can provide more info if required and would appreciate any
input.

thanks

why don't you use a secure vpn like OpenVPN? this program creates
dynamic routes from server to client you can even push dhcp options to
the client like a gateway a wins server ,etc, and you can control
traffic with iptables...

think of it!

openvpn is a good solution but I dont tend to use it since i have some
windows servers in the mix and I dont want to install non standard
software on them if I can avoid it. I pla to have a look at open vpn on
the windows platform in the next few months but hey first things first.

I have the iptables rules sorted so thats not an issue, it was just the
routing.

Anyway my research today along the lines of the ip-up.local file led me
in the right direction. I now have found a method that does whatr I
want.

1. on the server create dial in user and assign a "static" ip (i.e. one
I know about)
2. put the following in the servers "/etc/ppp/ip-up.local" file
===start code
REMOTE_IP_ADDRESS=$5
PPP_INTERFACE=$1

add_route() {
/sbin/route add -net $3/$4 $2

/usr/bin/logger Added route to $3/$4 via Interface $2
}

case "$REMOTE_IP_ADDRESS" in

"1.1.1.1" ) add_route $REMOTE_IP_ADDRESS $PPP_INTERFACE 192.168.10.0
24;;

esac
===end code
where 1.1.1.1 is the "static" ip and 192.168.10.0 is the network and 24
is the mask

3. the client dials in and the route is created in the reverse
direction. Iptables rules can also be put in here as well.

Thanks for the help