Thanks for all your replies so far.
jafadmin, it's not my intention to frustrate you, and I apologize
that my lack of networking knowledge is annoying.
I want to route ALL traffic through ppp0, and none through
the wlan0 (which I guess makes it a "pass-through"). If the
VPN connection drops, I don't want any data to leak through
wlan0 in the clear because I use public wifi often enough
to be concerned about security.
I'm using my desired VPN right now, but in Windows through wifi.
I've set up several VPNs through MS over the years, but I've never
had to change any routing -- hence the trouble now. I've thoroughly gone
through my VPN's manual (nothing for Linux, naturally).
My VPN server has an IP domain 78.x.x.x that is used for GPPTP logon.
This is a different IP from the 192.168.2.1 seen in resolv.conf, route, etc.
I have not tried the 78.x.x.x within any route add -net command.
jafadmin, from your first post here, I'd assumed that running
"route" and "ip addr" would give me what I needed to
write my own "route add -net" command. It did not for me,
and even copying the data here was apparently insufficient
for anybody else here.
I tried your:
route add -net 192.168.2.0/24 ppp0
and it didn't reroute traffic through the VPN, at least
not through the browser.
___________
The most promising to date has been:
route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp0
. . . which allowed me to ping 192.168.2.1 from both blinkys,
and ppp0 showed traffic. There was no browser ppp0 traffic, however.
What I will next try is this, and report back:
route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.2.1/32
________
OK, to get back on track, here is my info after GPPTP was connected:
WHAT I GOT FROM ROUTE:
Destination Gateway Genmask Flags Iface
192.168.2.1 * 255.255.255.255 UH ppp0
192.168.0.0 * 255.255.255.0 U wlan0
169.254.0.0 * 255.255.0.0 U wlan0
default 192.168.0.1 0.0.0.0 UG wlan0
WHAT I GOT FROM LINUX IP ADDR:
inet 192.168.0.12/24 brd 192.168.0.255 scope global wlan0
inet 192.168.2.54 peer 192.168.2.1/32 scope global ppp0
WHAT I GOT FROM LINUX resolv.conf
nameserver 192.168.2.1
nameserver 208.67.222.222 (this secondary IP is mentioned in my VPN provider's manual, but not one I want to use)
I can also paste here results of MS and PL route traces, if nec.
Based on the above, here is what I so far understand:
VPN logon IP domain: 78.x.x.x
VPN peer address: 192.168.2.1/32 (Windows calls it 192.168.2.1)
gateway assigned by my ISP: 192.168.0.1
I understand that once connected to the VPN, it assigns a varying
inet address of 192.168.2.x, and that such isn't used in any routing
commands. It is the never-changing peer of 192.168.2.1/32 that
is relevant here.
192.168.1.0 isn't in any of my routing tables.
Now, instead of 192.168.1.0, isn't 169.254.0.0 my route to external networks
(ADSL is passing through wlan0)? Jafa calls this the
"placeholder for your corp subnet", if I understand correctly (though
I could easily have this wrong).
If correct, then wouldn't 169.254.0.0 be used in the new route, i.e.:
route add -net 169.254.0.0 netmask 255.255.255.0 gw 192.168.2.1/32
Now, to my final questions_____________________
1) which IP to enter after "route add -net"?
(Is it the VPN's domain of 78.x.x.x, 192.168.1.0, 192.168.2.1,
jafa's rec. of 192.168.2.0/24, 169.254.0.0, or some other 192.168.x.x?)
2) must I then include "netmask 255.255.255.0"?
(My VPN provider's manual specifies so for Macs, but Windows
has assigned it 255.255.255.255 and VPN works fine. PL also assigns
ppp0 the mask of 255.255.255.255, but that is somehow the problem?
You can understand why this seems confusing.)
3) must I then include any "gw x.x.x.x", or is "dev ppp0" sufficient?
(If gw is to be 192.168.2.1, would it necessarily be 192.168.2.1/32?)
4) must I then follow up with "ip route replace default dev ppp0" to
force all traffic to VPN, or was that accomplished through the above?
(I tried that after what seemed a promising route add -net, and
got an infinite upload thing and only through ppp0. Had to killall pppd.)
5) Will killall pppd after each unsuccessful "route add" attempt
restore the original routing table, or must I use "route del" each time?
6) Finally, before shutdown, must I undo any of the above for wlan0 to
automatically connect after the next boot? Do I need to add an
ip-down script, or does closing GPPTP revert traffic back to wlan0?
Lastly, you want to make sure that when you close the connection, you correct the routing table. Add the following lines to a script here: /etc/ppp/ip-down.d/routing, and chmod +x so that it can execute.
route del -net 192.168.0.0 netmask 255.255.255.0 dev ppp0
route del -host 22.0.0.22 gw 10.20.0.36
And again, make sure that script executes by referencing it as in the above by puting a line in /etc/ppp/ip-down .
/etc/ppp/ip-down.d/routing
http://ubuntuforums.org/showpost.php?p= ... tcount=121
_______
After absorbing that very helpful post, I'm seriously suspecting that I
need to add something like these two entries to the routing table:
route add -host (remoteserver: 78.x.x.x or 192.168.2.1?) gw (ADSL Router's address: 192.168.0.1?)
route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp0
This would add a new route flagged UGH for ppp0.
jafa, what are your thoughts on this? Do I need to add a new host
before a new route?
___________
Routing issues by Linux PPTP clients seem ubiquitous.
btw, I've scoured 20 pages from an Ubuntu forum:
http://ubuntuforums.org/showthread.php?t=91249&page=13
Post #121 has been very helpful; maybe there's something there
to add in our PL thread to clarify things? (It was there that I learned
of "ip route replace default dev ppp0".)
I'm learning a lot about networks from:
http://pptpclient.sourceforge.net/routi ... lan-to-lan
http://pptpclient.sourceforge.net/routi ... adsl.phtml
Sorry for the lengthy post, but I want want to be thorough.
Thanks for your patience; I'm trying mightily to understand all this.
I know that I'm very nearly there.
This thread will help get many Puppy-walkers up to GPPTP speed.
Jafa, my hearty thanks for your help here, and in reconfiguring GPPTP!
Regards,
Ken