初版: 2008-06-12
最終更新日:
2008-06-12
+----------+
|Windows PC| PPTP client
+----------+
|172.31.254.x (allocated with DHCP)
|
some ISP
|
Internet
|
|LAN2, PPPoE, 172.16.32.55 (fixed IP)
+---------+
|RT series| ↑NAT/masquerade, PPTP server
+---------+
|LAN1, 192.168.0.1/24
|
+----------+-----------+ Intranet 192.168.0.0/24
ip route default gateway pp 1 ip filter source-route on ip filter directed-broadcast on ip lan1 address 192.168.0.1/24 ip lan1 proxyarp on pp select 1 pp always-on on 60 pppoe use lan2 pppoe auto disconnect off pp auth accept pap chap pp auth myname プロバイダ接続ID パスワード ppp lcp mru on 1454 ppp ccp type none ip pp address 172.16.32.55 ip pp mtu 1454 ip pp secure filter in 1000 1010 中略 5000 5010 中略 9999 ip pp secure filter out 1000 1010 後略 ip pp nat descriptor 1 pp enable 1 pp select anonymous pp bind tunnel1 pp auth request mschap pp auth username PPTP接続用ID パスワード ppp ipcp ipaddress on ppp ipcp msext on ppp ccp type mppe-any ppp ccp no-encryption reject ip pp remote address pool 192.168.0.254 ip pp mtu 1280 ip pp secure filter in 1000 1010 後略 ip pp secure filter out 1000 1010 後略 pptp service type server pp enable anonymous tunnel select 1 tunnel encapsulation pptp tunnel enable 1 ip filter 1000 reject 127.0.0.0/8 * ip filter 1010 reject * 127.0.0.0/8 中略 ip filter 5000 pass 172.31.254.0/24 * tcp * 1723 ip filter 5010 pass 172.31.254.0/24 * gre 中略 ip filter 9999 reject * * nat descriptor type 1 masquerade nat descriptor address outer 1 172.16.32.55 nat descriptor masquerade static 1 1 192.168.0.1 tcp 1723 nat descriptor masquerade static 1 2 192.168.0.1 gre syslog notice on syslog debug off dhcp service server dhcp scope 1 192.168.0.2-192.168.0.126/24 pptp service on