PPPoE over Wireless
At home I have a wireless access point in my lounge room (D-Link
AP-1000) which connects through the wall to my computer room. It
used to connect to the switch with all my other computers, but
this is rather a large security risk - very poor authentication in
the form of WEP. Admittedly I don't live in a 'technically
progressive' neighbourhood but I still would prefer security...
Setting up the server
To setup the connection I use the PPPoE daemon that comes with
FreeBSD. This program uses netgraph to listen for incoming PPPoE
requests, setup a PPP session and then run the ppp(8) program to
service them. More information about the mechanics of PPPoE can
be found in RFC
2516. To run pppoed(8) at bootup you can add the following
to /etc/rc.conf
### PPPOE
pppoed_enable="YES"
pppoed_interface="de0"
pppoed_flags="-P /var/run/ppoed.pid -l pppoein"
Don't forget to change the interface it's on. You will also need
to create a ppp(8) label called 'pppoein'. Mine looks like this
pppoein:
set ifaddr 10.0.2.1 10.0.2.20
set dns 10.0.2.1
set nbns 10.0.2.1
disable utmp
disable passwdauth
enable lqr
set cd 5!
accept dns
enable mschapv2 mppe
disable deflate pred1
deny deflate pred1
set mppe 128 *
set timeout 0
set mru max 1400
set mtu max 1400
set speed sync
Note 1) the MSChapV2 lines and the 'set mppe' line. These ensure
encryption actually happen. Unfortunately ppp(8) only supports
MPPE encryption which has some drawbacks.
Note 2) since this uses CHAP you will need to setup an
/etc/ppp/ppp.secrets file with one line per username/password
pair.
Note 3) this snippet was obtained from here. I
had something very similar but it wouldn't work with Windows
98SE though.
Setting up the client (FreeBSD)
On the client you have to add an entry in the /etc/ppp/ppp.conf
file looking something like this
foo:
set device PPPoE:wi0
accept pap
disable chap
enable lqr
set cd 5
set dial
set login
set redial 0 0
set authname username
set authkey password
Obviously you will have to change the label, interface, username and
password to suit. Once that is done you can initiate the
connection by executing 'ppp -ddial foo'.
Setting up the client (MS Windows)
I used the RASPPPOE
software - it has the advantages of being free and simple to install and setup.
Once the pppoed server was running, pressing 'detect' found the
offer correctly. I then created a DUN entry and double clicked on
it. I entered my username and password and it connected very
quickly.
I have tested this on Windows XP and Windows 98SE. On the later I
installed the MS DUN 1.4
update available from Microsoft - however I am not certain that it
is necessary.
Daniel O'Connor
Last modified: Tue Apr 23 14:32:24 CST 2002