Domain logins via PPP?

Chris Tooley ctooley at
Wed Sep 22 12:35:11 GMT 1999

The only thing I can think of, which means nothing because I'm certainly 
not great at this stuff, is; do you have ip forwarding set up?  You may not 
need it with ipfw and nat under FreeBSD 3.2, I don't know for sure.

chris Tooley

-----Original Message-----
From:	Steve Shoecraft [SMTP:steve56 at]
Sent:	Tuesday, September 21, 1999 6:19 PM
To:	Multiple recipients of list SAMBA-NTDOM
Subject:	Domain logins via PPP?

	Has anyone been able to do domain logins via a PPP link?

	If so, how?

	I am running FreeBSD 3.2.  I have 2 network interface cards on the 
one to the internet, one to my local network.  I am running ipfw (firewall
support), as well as nat (network address translation).  I have a ppp link
which I am able to connect to.  Once connected via ppp, I can
ping/ftp/telnet to any machine on my internal network as well as the
internet, so it looks like I have the network component setup correctly.
Here's the info:

	x.x.x.x: - internet interface - internal interface -> - ppp interface

	When I establish a ppp login, the ppp server adds a proxy arp entry.  When
I do an arp, it reports:

		ppp1.<domain>.<net> ( at 0:40:5:a3:4d:f permanent published
(proxy only)

	When I do a netstat, I see the entry for the interface:

		Destination        Gateway            Flags ...
		...      UH      0:40:5:a3:4d:f     UHLS2

	When I do a ifconfig, I see this:
	tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
	        inet --> netmask 0xffffff00

	I have a samba server on  The samba server has only 1 
interface.  The internal machines do domain logins (successfully) to the
samba server, and the browse list is working fine.

	When I establish the ppp connection (the client is a Win98 box), however, 
do NOT get a domain login.  Also, the ppp client is able to see the 
machines in it's network neighborhood, but the internal machines are NOT
able to see the ppp client.

	The client is setup like this: Dialup Networking->(connection
name)->Properties->Server types shows that the the logon to network box is
checked.  For the protocols, only TCP/IP is checked.  The TCP/IP settings
are to get the IP address and name server addresses from the server.  A 
at ipconfig/All or winipcfg reports that the IP address is,
netmask is, DNS server is (which is correct --
DNS server is on my firewall), and the WINS server is

	I have tcpdumped the ppp interface on the server.  I see that when the
client connects, the 1st thing it does it spit out 3 back-to-back multicast
packets with a destination of (router solicitation). It then
registers with the WINS server, and that's it.  No domain login.

	Here's what a tcpdump output of the router solicitation messages looks 
(it is never responded to):

		(ts) > icmp: router solicitation

	Should this be responded to?  If so, how so?

	Also, how do I get the ppp client to appear on the internal machines'
network neighborhood?

	ANY help on this would be GREATLY appreciated!

- Steve
P.S.  Here's the [global] section of my smb.conf:
        workgroup = HOME
        netbios name = THOR
        server string = SCO UnixWare 7.1
        interfaces =
        security = DOMAIN
        encrypt passwords = Yes
        passwd program = /usr/bin/passwd %u
        passwd chat = New\spassword: %n\n \nRe-enter\snew\spassword: %n\n
        unix password sync = Yes
        log level = 1
        time server = Yes
        logon script = syslogon.bat
        logon drive = H:
        domain logons = Yes
        os level = 65
        lm announce = True
        preferred master = Yes
        domain master = Yes
        wins proxy = Yes
        wins support = Yes

More information about the samba-ntdom mailing list