netbsd-help: ssh-ip-tunnel only half-works

Subject: ssh-ip-tunnel only half-works
To: None <netbsd-help@netbsd.org>
From: Gan Uesli Starling <oinkfreebiker@att.net>
List: netbsd-help
Date: 02/20/2002 06:31:47
Having some odd trouble with ssh-ip-tunnel on two NetBSD
machines (gus_ah, thinkpad) on LAN network 192.168.1.X
One machine, gus_ah, also has WAN network 10.5.X.X
There are no further networks.

SSH at least works because I can do this on gus_ah...

gus_ah# ssh vpnuser@192.168.1.7
Last Login: ... from gus_ah.starling.
NetBSD 1.5.1 (GENERIC) ...blah...

Welcome to Netbsd!
..blah..
thinkpad {1} exit
thinkpad {2} logout
Connection to 192.168.1.7 closed

...and looking over to thinkpad, I see...

thinkpad: {4} Feb 20 06:03:18 thinkpad sshd[858]: Accepted none for
vpnuser from 192.168.1.200 port 1022 ssh2

...so it SSH is okay. And ssh-ip-tunnel sorta works because when I...

gus_ah# vpn thinkpad authtest
Auth is OK
gus_ah#

...and thinkpad says...

thinkpad: {5} Feb... thinkpad sshd[865]: Accepted none for vpnuser
from 192.168.1.200 port 65500 ssh2

...so auth is okay. But vpn proper bombs out like this...

gus_ah# vpn thinkpad start
Issuing /usr/sbin/pppd netmask 255.255.255.252 on /dev/ttyp0
gus_ah# Feb 21... gus_ah pppd[433]: pppd 2.4.0 started by root,uid 0
Feb 21... gus_ah pppd[433]: Connect: ppp0 <--> /dev/ttyp0
Connection to 192.168.1.7 closed.
Feb 21... gus_ah pppd[433]: Modem hangup
Feb 21... gus_ah pppd[433]: Connection terminated.

...and thinkpad says...

thinkpad: {6} Feb... thinkpad sshd[876]: Accepted none for vpnuser
from 192.168.1.200 port 65498 ssh2

...and I just don't get it! Here is my peer file for ssh-ip-tunnel.

# /usr/pkg/etc/vpn/peers/thinkpad
# PPP addresses to be created
#   Know that 10.1.X.X not used elsewhere.
LOCALADDR=10.1.1.1
REMOTEADDR=10.1.1.2
#
# Where we're connecting.
PEER=vpnuser@192.168.1.7
#
# ssh user
SSHUSER=vpnuser
#
# key to use for RSA authentication
# these are ALL my keys. Tried all in turn.
#RSAKEY=/home/vpnuser/.ssh/id_dsa
#RSAKEY=/home/vpnuser/.ssh/id_dsa.pub
RSAKEY=/home/vpnuser/.ssh/id_rsa
#RSAKEY=/home/vpnuser/.ssh/id_rsa.pub
#RSAKEY=/etc/ssh_host_dsa_key
#RSAKEY=/etc/ssh_host_dsa_key.pub
#RSAKEY=/etc/ssh_host_rsa_key
#RSAKEY=/etc/ssh_host_rsa_key.pub 
#RSAKEY=/home/vpnuser/.ssh/RSA_Galesburg
#RSAKEY=/home/vpnuser/.ssh/RSA_Galesburg.pub
#RSAKEY=/home/vpnuser/.ssh/DSA_Galesburg
#RSAKEY=/home/vpnuser/.ssh/DSA_Galesburg.pub
#RSAKEY=/home/vpnuser/.ssh/RSA_AuburnHills
#RSAKEY=/home/vpnuser/.ssh/RSA_AuburnHills.pub
#RSAKEY=/home/vpnuser/.ssh/DSA_AuburnHills
#RSAKEY=/home/vpnuser/.ssh/DSA_AuburnHills.pub
#
# ppp command to run on this end
LOCALPPP=/usr/sbin/pppd
#
# extra options for local PPP
LPPPOPTIONS="netmask 255.255.255.252"
#
# PPP command to run on that end
REMOTEPPP=/usr/sbin/pppd
#
# extra options for remote ppp
RPPPOPTIONS="netmask 255.255.255.252"
#
#EOF

Any clues?

Thanks,

Gan