Network Users' Group ``wheel'' / Dai ISHIJIMA's Page / RTシリーズルータ /
NetVolanteでPPTP VPN → PPTPでVPNPPTPを通すipfwの設定PoPToP PPTPサーバ
IPsecでVPNRTとBSDをIPsecで接続

初版: 2008-02-18
最終更新日: 2008-02-18

PPTPでVPN

〜 NetVolante RTA55iとRTW65bをPPTP VPNでつなぐ 〜

☆ネットワーク構成

下図のネットワークにおいて、 RTA55iとRTW65bをPPTP VPNで接続する設定例を紹介します。 
	         +-----------+
	         |DHCP server|
	         +-----------+
                       |172.16.32.1
                       |
       +-------+-------+-------+--------+ 172.16.32.0/24 (pseudo Internet)
               |               |
   172.16.32.65|               |172.16.32.55 (allocated with DHCP)
(LAN2[WAN])+-------+        +------+(LAN2[WAN])
           |RTW65b |        |RTA55i| ↑NAT/masquerade
(LAN2[LAN])+-------+        +------+(LAN1[LAN])
    192.168.1.1|               |192.168.0.1
               |               |
         +-----+-----+   +-----+-----+
        192.168.1.0/24   192.168.0.0/24
            Office-A        Office-B


☆RTW65bの設定

	# RTW65b Rev.5.03.25 (Thu Sep 12 16:43:44 2002)
	# Memory 8Mbytes, 3LAN
	console character ascii
	console lines infinity
	ip lan1 address 192.168.1.1/24
	ip lan1 routing protocol none
	ip lan1 rip listen none
	ip lan2 address dhcp
	ip lan2 routing protocol none
	ip lan2 rip listen none
	ip lan2 nat descriptor 1
	ip route 192.168.0.0/24 gateway pp 2
	nat descriptor type 1 masquerade
	nat descriptor address outer 1 primary
	nat descriptor masquerade static 1 1 192.168.1.1 tcp 1723
	nat descriptor masquerade static 1 2 192.168.1.1 gre *
	nat descriptor masquerade static 1 3 192.168.1.1 tcp telnet
	airlink mode off
	pp select 2
	pp bind tunnel 1
	ip pp mtu 1280
	pp auth accept mschap-v2
	pp auth myname userid passwd
	ppp ipcp ipaddress on
	ppp ccp type mppe-any
	pptp service type client
	pp enable 2
	tunnel select 1
	tunnel encapsulation pptp
	tunnel endpoint address 172.16.32.55
	tunnel enable 1
	dhcp service server
	dhcp server rfc2131 compliant except remain-silent
	dhcp scope 1 192.168.1.2-192.168.1.191/24


☆RTA55iの設定

	
	# RTA55i Rev.4.06.67 (Mon Sep  6 22:11:24 2004)
	# Memory 8Mbytes, 2LAN, 1BRI
	console character ascii
	console lines infinity
	ip lan1 address 192.168.0.1/24
	ip lan1 routing protocol none
	ip lan1 rip listen none
	ip lan2 address dhcp
	ip lan2 routing protocol none
	ip lan2 rip listen none
	ip lan2 nat descriptor 1
	ip route 192.168.1.0/24 gateway pp 2
	nat descriptor type 1 masquerade
	nat descriptor address outer 1 primary
	nat descriptor masquerade static 1 1 192.168.0.1 tcp 1723
	nat descriptor masquerade static 1 2 192.168.0.1 gre *
	nat descriptor masquerade static 1 3 192.168.0.1 tcp telnet
	pp select 2
	pp bind tunnel 1
	ip pp mtu 1280
	pp auth request mschap-v2
	pp auth username userid passwd
	ppp ipcp ipaddress on
	ppp ccp type mppe-any
	pp enable 2
	tunnel select 1
	tunnel encapsulation pptp
	tunnel endpoint address 172.16.32.65
	tunnel enable 1
	dhcp service server
	dhcp server rfc2131 compliant except remain-silent
	dhcp scope 1 192.168.0.2-192.168.0.191/24
	analog supplementary-service pseudo call-waiting
	analog extension dial prefix line
	analog extension dial prefix sip prefix=9#


☆関連リンク

  1. RTX1000とSL-Zaurus (C760) をIPsec/VPNで接続する例
  2. RTX1000とFreeBSD boxをIPsec/VPNで接続
  3. FreeBSD NAT boxの内側から外部のPPTP VPNサーバに接続する
  4. RTシリーズルータをPPTPサーバにして外部プロバイダから接続する
  5. RT/RTA/RTXシリーズルータ関連情報


ご質問などありましたらお気軽に