################################################################# # # MPD configuration file # # This file defines the configuration for mpd: what the # bundles are, what the links are in those bundles, how # the interface should be configured, various PPP parameters, # etc. It contains commands just as you would type them # in at the console. A blank line ends an entry. Lines # starting with a "#" are comments and get completely # ignored. # # $Id: mpd.conf.sample,v 1.15.2.1 2004/03/07 14:33:27 mbretter Exp $ # ################################################################# # # Default configuration is "myisp" default: load pptp0 load pptp1 load pptp2 # # Mpd as a PPTP server compatible with Microsoft Dial-Up Networking clients. # # Suppose you have a private Office LAN numbered 192.168.1.0/24 and the # machine running mpd is at 192.168.1.1, and also has an externally visible # IP address of 1.2.3.4. # # We want to allow a client to connect to 1.2.3.4 from out on the Internet # via PPTP. We will assign that client the address 192.168.1.50 and proxy-ARP # for that address, so the virtual PPP link will be numbered 192.168.1.1 local # and 192.168.1.50 remote. From the client machine's perspective, it will # appear as if it is actually on the 192.168.1.0/24 network, even though in # reality it is somewhere far away out on the Internet. # # We 'set link mtu 1460' to avoid GRE packet fragmentation. # # Our DNS server is at 192.168.1.3 and our NT workstation is at 192.168.1.4. # If you don't have an NBNS server (eg, NT workstation), leave that line out. # # Note, you can have as many of these configurations as you like, eg: # # default: # load client1 # load client2 # ... # # client1: # new -i ng0 pptp1 pptp1 # set ipcp ranges 192.168.1.1/32 192.168.1.50/32 # load client_standard # ... # # client2: # new -i ng1 pptp2 pptp2 # set ipcp ranges 192.168.1.1/32 192.168.1.51/32 # load client_standard # ... # # client_standard: # set iface disable on-demand # set iface enable proxy-arp # set iface idle 1800 # set iface enable tcpmssfix # set bundle enable multilink # set link yes acfcomp protocomp # set link no pap chap # set link enable chap # set link mtu 1460 # set link keep-alive 10 60 # set ipcp yes vjcomp # set ipcp dns 192.168.1.3 # set ipcp nbns 192.168.1.4 # set bundle enable compression # set ccp yes mppc # set ccp yes mpp-e40 # set ccp yes mpp-e128 # set ccp yes mpp-stateless # # # See also the 'pptp' link entry in mpd.links.sample. # # Note: If you cut & paste from the above example, be sure to left-justify # the labels or else mpd won't parse them correctly. # pptp0: new -i ng0 pptp0 pptp0 set ipcp ranges 192.168.2.254/32 192.168.2.80/32 load pptp_standard pptp1: new -i ng1 pptp1 pptp1 set ipcp ranges 192.168.2.254/32 192.168.2.81/32 load pptp_standard pptp2: new -i ng2 pptp2 pptp2 set ipcp ranges 192.168.2.254/32 192.168.2.82/32 load pptp_standard pptp_standard: set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set bundle enable multilink # enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients # set bundle enable tcp-wrapper # use RADIUS servers # load radius set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set link mtu 1460 set ipcp yes vjcomp ### set ipcp dns 192.168.1.3 set ipcp nbns 192.168.2.254 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless set pptp self 97.12.232.66 set pptp enable incoming set pptp disable originate