From matthewr at moreton.com.au Tue May 4 17:51:58 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 04 May 1999 22:51:58 +0000 Subject: [pptp-server] testing Message-ID: <372F7A0E.83B68C2B@moreton.com.au> this is a test.. please ignore From christopher at schulte.org Tue May 4 17:56:47 1999 From: christopher at schulte.org (Christopher Schulte) Date: Tue, 04 May 1999 17:56:47 -0500 Subject: [pptp-server] testing In-Reply-To: <372F7A0E.83B68C2B@moreton.com.au> Message-ID: <4.1.19990504175638.00abe250@pop.schulte.org> Got it. At 10:51 PM 5/4/99 +0000, you wrote: >this is a test.. please ignore -- Christopher Schulte WEB: http://www.schulte.org/ EMAIL: christopher at schulte.org FAX: (209) 391.9867 "Can this world really be as sad as it seems?" --Trent Reznor, Nine Inch Nails HALO 2 From matthewr at moreton.com.au Tue May 4 21:39:50 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Wed, 05 May 1999 02:39:50 +0000 Subject: [pptp-server] First Post Message-ID: <372FAF76.D3A78A36@moreton.com.au> v0.8.0 RPM now available on the web site. Top 4 items on the TODO 1. ** die on first run bug ** 2. Multiple Connection support 3. Signal race condition bug 4. encryption/authentication issues From matthewr at moreton.com.au Fri May 7 00:33:53 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Fri, 07 May 1999 05:33:53 +0000 Subject: [pptp-server] v0.8.1 *hackers only* release Message-ID: <37327B41.37B71462@moreton.com.au> PoPToP v0.8.1 has been released.. but strictly for hackers only.. there are a lot of code changes and minor bug fixes.. unfortunately autoconf/automake has been broken (but will be fixed for v0.8.2). This version has 3 individual binaries as well.. not the single pptpd. http://www.moretonbay.com/vpn/pptp/downloads/pptpd-0.8.1.tgz ChangeLog --------- v0.8.0 -> v0.8.1 (hackers release) 4th May 1999 (Matt.R) - PPTPD no longer relies on a signal (which had the potential to cause a race condition) to know when to launch PPPD/GRE. The CTRL session no longer relies on a signal to return from a fork. Signalling has now been replaced with IPC between PPTPD and CTRL sessions. - The GRE/PPPD sessions are now launched *after* an OUT_CALL_RPLY is sent not before it. - CTRL and PPTP managers are now seperate from PPTPD That is all! Cheers, Matt. From skvidal at new-era.com Fri May 7 09:12:31 1999 From: skvidal at new-era.com (Seth Vidal) Date: Fri, 7 May 1999 10:12:31 -0400 (EDT) Subject: [pptp-server] message archive. Message-ID: is there an archive of this mailing list anywhere? If not is there a good way to hand out multiple addresses instead of just one in the configuration file? I'm trying to get some win 98/nt clients to access the internal network via pptp and I need to setup multiple client ips. any ideas? -sv From christopher at schulte.org Fri May 7 09:26:39 1999 From: christopher at schulte.org (Christopher Schulte) Date: Fri, 07 May 1999 09:26:39 -0500 Subject: [pptp-server] message archive. In-Reply-To: Message-ID: <4.1.19990507092521.00a67640@pop.schulte.org> At 10:12 AM 5/7/99 -0400, you wrote: >is there an archive of this mailing list anywhere? At this exact moment there is not a web based archive. I am in the process of talking to Matthew to see if one should be set up. :-0 -- Christopher Schulte WEB: http://www.schulte.org/ EMAIL: christopher at schulte.org FAX: (209) 391.9867 Does anyone know if Taco Bell meat is real? From bryan at bcpub.com Fri May 7 12:41:49 1999 From: bryan at bcpub.com (Bryan Dumm) Date: Fri, 7 May 1999 13:41:49 -0400 Subject: [pptp-server] message archive. Message-ID: <01BE988F.5BF264B0.bryan@bcpub.com> Howdy, I just signed up to the list, and haven't played with the linux pptp software yet, but for your multiple ip question, have you used dhcp before? You can setup a scope of ips to give out to your clients. Each time a client signs on with pptp it takes an ip from the dhcp pool and assign it to the client. Would that help??? Bryan ---------------------------------------------------------- Bryan Dumm Be Kind, for everyone you meet http://bcpub.com is fighting a hard battle - Philo ---------------------------------------------------------- > -----Original Message----- > From: Seth Vidal [mailto:skvidal at new-era.com] > Sent: Friday, May 07, 1999 10:13 AM > To: pptp-server at majordomo.schulte.org > Subject: [pptp-server] message archive. > > > is there an archive of this mailing list anywhere? > > If not is there a good way to hand out multiple addresses > instead of just > one in the configuration file? > > I'm trying to get some win 98/nt clients to access the > internal network via > pptp and I need to setup multiple client ips. > any ideas? > > > -sv > > > From kbmetz at omeninc.com Fri May 7 13:31:06 1999 From: kbmetz at omeninc.com (Kevin Metz) Date: Fri, 07 May 1999 11:31:06 -0700 Subject: [pptp-server] First try..... References: <4.1.19990507041305.00b27ad0@pop.schulte.org> Message-ID: <3733316A.FDB44A55@omeninc.com> I've downloaded the PPTP stuff and seem to have it working. Using most of the defaults and debugging enabled, I get the following errors. PTPD ttydev = /dev/ttya3 PPTPD GRE conncection waiting for lights to change PPTPD CTRL: couldn't bind address PPTPD CTRL: connection falied... PPTPD Adios I can't find anything in the documentation that refers to the error of "couldn't bind to address". I've tried changing the remote and local IP address but that didn't seem to have an effect. Any suggestions? Kevin kbmetz at omeninc.com From tmk at netmagic.net Fri May 7 19:34:52 1999 From: tmk at netmagic.net (tmk) Date: Fri, 7 May 1999 17:34:52 -0700 Subject: [pptp-server] First try..... References: <4.1.19990507041305.00b27ad0@pop.schulte.org> <3733316A.FDB44A55@omeninc.com> Message-ID: <000f01be98ea$97c08b60$011c0fc0@lala.net> To address most of the questions you folks asked: The "cannot bind address" error most likely means that you still have some components of the server running after a failed connection. check for processes like "pptpd" "pppd" and anything that mentions GRE or GTRL CONNECTION. If no such processes are active, Wait a minute or so and try again. The error is due to a TIME_WAIT timeout condition, which is a feature of TCP/IP, and cannot be avoided. When i finish a call, i do this: killall pptpd ps x kill -9 and it usually works after that. try: pptpd; ps x to run it, if you see any mention of zombie processes, then you got the ctrl: couldn't bind error. Kill stuff and try again. :) At present, this software is still in development and needs to be killed and restarted after each connection. We're working on fixing that. Also, multiple connection support has not been added yet. As I mentioned before, this software is still in development. Our initial goal was to get it WORKING, which it now does. Now that we've gotten win9x support added, our two main objectives at present are enabling multiple calls, and recovering after client disconnection. If you REALLY need support for the above, we're open to patches ;) Kevin Thayer ----- Original Message ----- From: Kevin Metz To: Sent: Friday, May 07, 1999 11:31 AM Subject: [pptp-server] First try..... > > I've downloaded the PPTP stuff and seem to have it working. Using most > of the defaults and debugging enabled, I get the following errors. > > PTPD ttydev = /dev/ttya3 > PPTPD GRE conncection waiting for lights to change > PPTPD CTRL: couldn't bind address > PPTPD CTRL: connection falied... > PPTPD Adios > > I can't find anything in the documentation that refers to the error of > "couldn't bind to address". I've tried changing the remote and local > IP address but that didn't seem to have an effect. Any suggestions? > > Kevin > kbmetz at omeninc.com > > From mmcquade at aa.net Sun May 9 15:59:59 1999 From: mmcquade at aa.net (Mike McQuade) Date: Sun, 09 May 1999 13:59:59 -0700 Subject: [pptp-server] pptp from NT Message-ID: <4.2.0.37.19990509135400.00b8f8d0@mail.aa.net> Hello, I am trying to use the PPtP server on Linux RH 5.2, Kernel 2.2.7 I am trying to establish a connection from an NT 4, sp4 machine. NT contacts the PPtP server, and sends a couple hundered bytes to the Linux box, but it receives ZERO bytes back from the PPtP (Linux) server. I have followed the instructions on the web site, and used the options file for PPP and the pptp.conf file. Any ideas what I have missed here ? are there any special things that need to be compiled into the Kernel ? Thanks Mike Here is a snip from my pptp.log: [12:49:49 09/04/99] PPTPD CTRL: I got a valid PPTP packet with control type 12 [12:49:49 09/04/99] PPTPD ***** packet BYTE DUMP: 001000011a2b3c4d000c000000000000 [12:49:49 09/04/99] PPTPD ***** call ID BYTE DUMP: 0000 [12:49:49 09/04/99] PPTPD CTRL: I've made a suitable CALL DISCONNECT reply packet.. [12:49:49 09/04/99] PPTPD CTRL: about reply to the packet we just got [12:49:49 09/04/99] PPTPD CTRL: I wrote 148 bytes to the client. [12:49:49 09/04/99] PPTPD ***** write BYTE DUMP: 009400011a2b3c4d000d0000000004000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000 [12:49:49 09/04/99] PPTPD CTRL: sent packet to client [12:49:49 09/04/99] PPTPD MSG TYPE READ = 12, stat2 (send) = 148 [12:49:49 09/04/99] PPTPD CTRL: I got a valid PPTP packet with control type 3 [12:49:49 09/04/99] PPTPD ***** packet BYTE DUMP: 001000011a2b3c4d0003000003000000 [12:49:49 09/04/99] PPTPD CTRL: I got a pptp packet.. but I don't know what to do with it!? [12:49:49 09/04/99] PPTPD CTRL: about reply to the packet we just got [12:49:49 09/04/99] PPTPD CTRL: I wrote 148 bytes to the client. [12:49:49 09/04/99] PPTPD ***** write BYTE DUMP: 009400011a2b3c4d000d0000000004000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000 [12:49:49 09/04/99] PPTPD CTRL: sent packet to client [12:49:49 09/04/99] PPTPD MSG TYPE READ = 3, stat2 (send) = 148 From tmk at netmagic.net Sun May 9 16:11:58 1999 From: tmk at netmagic.net (tmk) Date: Sun, 9 May 1999 14:11:58 -0700 Subject: [pptp-server] pptp from NT References: <4.2.0.37.19990509135400.00b8f8d0@mail.aa.net> Message-ID: <001701be9a60$94552ae0$011c0fc0@lala.net> this is actually the tail end of the log.. do you have the rest of it somewhere? make sure that "require encrypted connection" is NOT selected in Nt, as linux ppp clients (ie pppd) don't support MS encryption.. also, what does your pppd options file have in it? (the default is /etc/ppp/options) it should have at least the "local" argument Kevin > > Here is a snip from my pptp.log: > > > [12:49:49 09/04/99] PPTPD CTRL: I got a valid PPTP packet with control type 12 > [12:49:49 09/04/99] PPTPD ***** packet BYTE DUMP: > 001000011a2b3c4d000c000000000000 > [12:49:49 09/04/99] PPTPD ***** call ID BYTE DUMP: 0000 > [12:49:49 09/04/99] PPTPD CTRL: I've made a suitable CALL DISCONNECT reply > packet.. > [12:49:49 09/04/99] PPTPD CTRL: about reply to the packet we just got > [12:49:49 09/04/99] PPTPD CTRL: I wrote 148 bytes to the client. > [12:49:49 09/04/99] PPTPD ***** write BYTE DUMP: From mmcquade at aa.net Sun May 9 17:59:33 1999 From: mmcquade at aa.net (Mike McQuade) Date: Sun, 09 May 1999 15:59:33 -0700 Subject: [pptp-server] pptp from NT In-Reply-To: <001701be9a60$94552ae0$011c0fc0@lala.net> References: <4.2.0.37.19990509135400.00b8f8d0@mail.aa.net> Message-ID: <4.2.0.37.19990509155117.00b986e0@mail.aa.net> 1. I had the Encrypted passwords selected. Changed this, still nothing coming back from the PPtP server. /etc/ppp/options: root at pro pptpd-0.8.0]# more /etc/ppp/options # SAMPLE ONLY # CHANGE TO SUIT YOUR SYSTEM local ipcp-accept-remote ipcp-accept-local debug silent lock name pro require-chap ms-dns 192.168.0.4 ms-wins 192.168.0.4 Im a little fuzzy on this part of the pptp.conf: ### Specifies the IP interface localip 192.168.0.1 remoteip xxx.xxx.xxx.xxx Should the remote IP be my real Internet IP address ? That is how I have it setup right now. Thanks Mike At 02:11 PM 5/9/99 -0700, you wrote: >make sure that "require encrypted connection" is NOT selected in Nt, as >linux ppp clients (ie pppd) don't support MS encryption.. > >also, what does your pppd options file have in it? (the default is >/etc/ppp/options) > >it should have at least the "local" argument > >Kevin From tmk at netmagic.net Sun May 9 18:14:31 1999 From: tmk at netmagic.net (tmk) Date: Sun, 9 May 1999 16:14:31 -0700 Subject: [pptp-server] pptp from NT References: <4.2.0.37.19990509135400.00b8f8d0@mail.aa.net> <4.2.0.37.19990509155117.00b986e0@mail.aa.net> Message-ID: <003001be9a71$b2dc0c20$011c0fc0@lala.net> > 1. I had the Encrypted passwords selected. i think encrypted passwords is ok.. perhaps the chap stuff is bad? check /etc/ppp/chap-secrets keep in mind that win9x/NT usernames take the form DOMAIN_NAME\\username > > Changed this, still nothing coming back from the PPtP server. > > /etc/ppp/options: > > root at pro pptpd-0.8.0]# more /etc/ppp/options > # SAMPLE ONLY > # CHANGE TO SUIT YOUR SYSTEM > local > ipcp-accept-remote > ipcp-accept-local > debug > silent > lock > name pro this will make it so every incoming call on pptp has the username "pro". is that what you want? I *think* you also need the "auth" command in your options file (warning, this will probably break any other outgoing calls you make with ppp) I suggest you make a different ppp-options file just for pptp. some logs to check if things don't work: "tail /var/log/messages" will give you the last few things that were logged to the system. this includes bad ppp logins etc. the pptpd log file contains some information, though from your earlier log, it looked like pptp was working ok, but it was dieing in pppd.. (probably a password problem) > [snip] > Im a little fuzzy on this part of the pptp.conf: > > localip 192.168.0.1 > remoteip xxx.xxx.xxx.xxx these are the ip's for the pptp connection only. the localip is the address you want the client to have on your network, the remote can basically be anything you want - unless you're routing between networks, it doesn't matter. why don't you go ahead and just email me directly when you have more questions. We'll post the final solution to the mailing list.. i'm at tmk at netmagic.net Kevin From matthewr at moreton.com.au Sun May 9 18:11:53 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Sun, 09 May 1999 23:11:53 +0000 Subject: [pptp-server] pptp from NT Message-ID: <37361639.7787AC2@moreton.com.au> Mike, Let's try with no authentication/encryption whatsoever. On the NT side make sure any encryption (incl clear tect is selected) 1. Is ppp compiled into your kernel? 2. Change your options file to this: local lock debug 3. Change your pptpd.conf gile to this: debug 1 localip 192.168.0.234 remoteip 192.168.0.235 speed 115200 localip/remote ip are simply the two endpoints of the tunnel.. set them to some other unused address. 4. Log any PPPD messages as if this fails i will want to have a look at PPPD's log messages. 5. launch pptpd and start NT connection 6. kill of all pptp and ppp processes on the server (for some unknown bug poptop dies on the first run.. this will be fixed soon) 7. launch pptpd again and start the NT connection if it still fails send to my email: matthewr at moreton.com.au the pppd debug messages, the PPTP debug messages and the error message windows NT failed with. Good luck! Cheers, Matt. From mmcquade at aa.net Sun May 9 22:59:10 1999 From: mmcquade at aa.net (Mike McQuade) Date: Sun, 09 May 1999 20:59:10 -0700 Subject: [pptp-server] pptp from NT In-Reply-To: <37361639.7787AC2@moreton.com.au> Message-ID: <4.2.0.37.19990509205323.00b981b0@mail.aa.net> Some progress, Maybe I should have mentioned this: My Linux machine is multi-homed, I was attempting to PPTP to the "Outside" NIC, ie: the one connected to the Internet. From a machine on the inside "private" network. I followed these suggestions below, and was able to establish a PPTP connection when I PPTP to the IP address of the INTERNAL network only. When I try to enter the IP address of the second NIC, I can send packets but get nothing back. I suspect that IPCHAINS needs a rule to allow traffic back into the internal network. Or does PPTP not work through a Linux / IPCHAINS firewall ? Mike At 11:11 PM 5/9/99 +0000, you wrote: >Mike, > >Let's try with no authentication/encryption whatsoever. On the NT side >make sure any encryption (incl clear tect is selected) > >1. Is ppp compiled into your kernel? > >2. Change your options file to this: > >local >lock >debug > >3. Change your pptpd.conf gile to this: > >debug 1 >localip 192.168.0.234 >remoteip 192.168.0.235 >speed 115200 > From sten.eriksson at udac.se Mon May 10 02:32:37 1999 From: sten.eriksson at udac.se (Sten Eriksson) Date: Mon, 10 May 1999 09:32:37 +0200 Subject: [pptp-server] pptp from NT References: <4.2.0.37.19990509205323.00b981b0@mail.aa.net> Message-ID: <37368B95.7B171652@udac.se> Mike McQuade wrote: > I suspect that IPCHAINS needs a rule to allow > traffic back into the internal network. > > Or does PPTP not work through a Linux / IPCHAINS > firewall ? See and its HOWTO This allso fixes the "PPTP Call ID" bug (as seen from the clients, it does not fix it for the Linux PPTP server). ----------------------------------------------------------------- Sten Eriksson ! E-mail: sten.eriksson at udac.se UDAC AB / Datorhotellet ! Tel, work: +46 18 471 78 20 Box 174 ! Tel, mob: +46 70 542 47 03 SE-751 04 Uppsala ! Tel, fax: +46 18 51 66 00 SWEDEN ! ----------------------------------------------------------------- From dmessiah at silcon.com Mon May 10 12:15:43 1999 From: dmessiah at silcon.com (Evan Brewer) Date: Mon, 10 May 1999 10:15:43 -0700 Subject: [pptp-server] Badfs Message-ID: <19990510101543.A26011@el8.org> I currently have a 2.0.36 i386 box, which is doing masquerading. I have a single Win98 box behind it. In the process of connecting, a few symptoms are happening. Maybe someone could help point out the errors in my means here. (the win98 box is the client connecting to the linux box which is serving) 1. in detailed logging, i get the message: Badfs 2. upon connecting, win98 locks up so hard that only hitting the reset button will resolve the lock. any suggestions would be helpful. thanks! From matthewr at moreton.com.au Mon May 10 20:22:39 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 11 May 1999 01:22:39 +0000 Subject: [pptp-server] PoPToP v0.8.2 released Message-ID: <3737865F.9918C498@moreton.com.au> Hiya all, I've uploaded v0.8.2 of PoPToP. http://www.moretonbay.com/vpn/releases/pptpd-0.8.2.tgz There have been a lot of changes since the last public release (v0.8.0): - Server will no longer die if client disconnects - pppd is closed down cleanly now - autoconf/automake is back.. but still needs some work - a number of minor CTRL establishment bugs fixed - callid assignment modified slightly in manager - PPTPD no longer relies on a signal (which had the potential to cause a race condition) to know when to launch PPPD/GRE. The CTRL session no longer relies on a signal to return from a fork. Signalling has now been replaced with IPC between PPTPD and CTRL sessions. - The GRE/PPPD sessions are now launched *after* an OUT_CALL_RPLY is sent not before it. - CTRL and PPTP managers are now seperate from PPTPD TODO priorities at the moment (see TODO for more): 1. on first run bug 2. multiple connections other hackers most welcome... development continues..... Cheers, Matt. From mmcquade at aa.net Mon May 10 20:40:54 1999 From: mmcquade at aa.net (Mike McQuade) Date: Mon, 10 May 1999 18:40:54 -0700 Subject: [pptp-server] PoPToP v0.8.2 released In-Reply-To: <3737865F.9918C498@moreton.com.au> Message-ID: <4.2.0.37.19990510183925.00bac700@mail.aa.net> I downloaded this, and hit a snag: ./configure -- worked ok. Then tried to make: [root at pro pptpd-0.8.2]# make cd . && autoheader /usr/bin/autoheader: Symbol `PACKAGE' is not covered by /usr/lib/autoconf/acconfig.h /usr/bin/autoheader: Symbol `VERSION' is not covered by /usr/lib/autoconf/acconfig.h make: *** [stamp-h.in] Error 1 [root at pro pptpd-0.8.2]# does anyone know what that means ? Thanks Mike At 01:22 AM 5/11/99 +0000, you wrote: >Hiya all, > >I've uploaded v0.8.2 of PoPToP. >http://www.moretonbay.com/vpn/releases/pptpd-0.8.2.tgz From matthewr at moreton.com.au Mon May 10 20:56:51 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 11 May 1999 01:56:51 +0000 Subject: [pptp-server] PoPToP v0.8.2 released References: <4.2.0.37.19990510183925.00bac700@mail.aa.net> Message-ID: <37378E63.1E6130A1@moreton.com.au> You probably have an older version of automake/autoconf than what I used to package everything.. (i'm assuming this is the problem) I have automake 1.4 and autoconf 2.13.. You could rename Makefile.old to Makefile and compile it like that (do a make.. and then a make install) as an alternative. If you do this though.. u will need to add the following line to defaults.h #define VERSION "0.8.2" Otherwise download the latest autoconf/automake.. i'll look into this some more now to see if i can fix this. Good luck! Cheers, Matt. > ./configure -- worked ok. > > Then tried to make: > > [root at pro pptpd-0.8.2]# make > cd . && autoheader > /usr/bin/autoheader: Symbol `PACKAGE' is not covered by > /usr/lib/autoconf/acconfig.h > /usr/bin/autoheader: Symbol `VERSION' is not covered by > /usr/lib/autoconf/acconfig.h > make: *** [stamp-h.in] Error 1 > [root at pro pptpd-0.8.2]# > > does anyone know what that means ? From jeremyl at hrmc.com.au Tue May 11 00:29:47 1999 From: jeremyl at hrmc.com.au (Jeremy Lee) Date: Tue, 11 May 1999 15:29:47 +1000 Subject: [pptp-server] v8.0.2 installed fine Message-ID: <3737C04A.99B943A6@hrmc.com.au> Hi. I'm running Debian 2.0 (Hamm) with a 2.0.34 kernel, and pppd 2.3.5-2, nothing special. everything compiles and seems to run. I'll do some actual testing with some windows clients a little later. There was only one weird thing in the make: $ make cd . && /home/orinoco/pptpd-0.8.2/missing autoheader WARNING: `autoheader' is missing on your system. You should only need it if you modified `acconfig.h' or `configure.in'. You might want to install the `Autoconf' and `GNU m4' packages. Grab them from any GNU archive site. After which it was fine. You might want to mention that the programs won't run while still in the source directory. That gave me a few minutes of confusion. :-) ps. How's the encryption stuff looking? I really, really want to use it to run a VPN. I'd much rather have the linux firewall doing the work than our NT server. But, a VPN's not much good without encryption, no? -- . . . . . . . . . . . . . . . . . . . . . Jeremy Lee | Orinoco "One Crowded Hour of Glorious Life jeremyl at hrmc.com.au Is worth an age without a name." http://i.am/orinoco From matthewr at moreton.com.au Tue May 11 03:25:07 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 11 May 1999 08:25:07 +0000 Subject: [pptp-server] v0.8.3 released Message-ID: <3737E963.AFDC2B4@moreton.com.au> Another update.. this is probably the most stable version yet. There is still a long way to go before multiple connection support is finished... http://www.moretonbay.com/vpn/releases/pptpd-0.8.3.tgz Changes: - a few minor multiple connection hacks.. still nowhere near ready to handle more than one client - pptpd -p logfile bug fix that's about it for now! Cheers, Matt. From Peter.Galbavy at knowledge.com Thu May 13 01:18:05 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Thu, 13 May 1999 07:18:05 +0100 Subject: [pptp-server] bsd ports ? Message-ID: <19990513071805.B8895@office.knowledge.com> I have begun a slow process of making pptpd work on my openbsd system(s). Anyone else doing work in this area ? Who wants the eventual patches ? Is there a CVS server ? :-) regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From matthewr at moreton.com.au Thu May 13 01:14:34 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Thu, 13 May 1999 06:14:34 +0000 Subject: [pptp-server] v0.8.4 released Message-ID: <373A6DCA.9B9DC5AA@moreton.com.au> This is a minor bug fix release.. mainly to sync any other hackers (yes, do get involved :). We are currently working heavily on multiple connection support. We are also exploring encryption issues. If anyone has some free time can they email me personally on how they go for connecting, disconnecting, reconnecting.. On my machines this works fine. I wouldn't mind hearing any other related success stories too. Anyways, development continues. For the hackers here is the ChangeLog from v0.8.3: v0.8.3 -> v0.8.4 13th May 1999 (Kevin.T) - call_id/peer_id issues addressed in OUT_CALL packets (Matt.R) - bug in debug log time fixed - local added by default to the pppd launcher - call_disconnect_notify bug fixed - -p command line arg broken Download latest from: http://www.moretonbay.com/vpn/releases/pptpd-0.8.4.tgz Cheers, Matt. From Peter.Galbavy at knowledge.com Fri May 14 01:50:31 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Fri, 14 May 1999 07:50:31 +0100 Subject: [pptp-server] openbsd works ! Message-ID: <19990514075031.A5059@office.knowledge.com> After a couple of days of hacking, I have a "working" openbsd port of poptop. Much of it is hardwired - diff to 0.8.4 to follow. Caveat: I don't know which bugs its exhibits are the ones that the Linux version does :) Also, 4 hours of debugging, where a couple of other buglettes got fixed, was due to me not realising a firewall was blocking the GRE packets back to my Win98 box. sigh. OK. Here is >my< list of things to do, so please holler when they don't fit. 1a. Reimplement inststr() as setproctitle() which is more common and likely to be found as a standard function. 1b. Reimplement a number of things using "standard" common functions, eg. setsid(), daemon() etc. These have made it to the Linux and Slowlaris worlds last time I looked :) 1c. Import a GNU getopt() function, wince the OpenBSD one (and likely other *BSD ones) do not support long options by default. 2. Add the two options "--with-ppp" and "--with-pppd" to the configure stuff, since FreeBSD and OpenBSD use Brian Somers user-land ppp daemon, which (only) supports stdin/stdout for a "-direct" connection. I intend to try to auto-detect which executables are there, but I am not sure if this is deterministic enough, hence the option. 3. Make multiple connections (serial and parellel) work. 4. OPTIONAL. CVS server. I will put up a CVS server and import the version of PPTPD that I can find (what is on the http:... site ?). I can also provide and ftp home. (www|ftp|cvs).poptop.wonderland.org ok ? CVS is wonderful for figuring out "what went wrong" between revisions. I will do a quick summary and references on how to use it, but I expect that once any of the users/hacker get used to it, it will prove a blessing :) Who wants this ? Are there any preferred code-styles ? The existing code has clearly come from a number of places, and hence the layout, indentation and use of prototyping is varied, to say the least. Any objections to a whole-sale re-format (using emacs standard GNU indent style) ? (Makes '[[' and ']]' in vi work :) (Now ask why I am mixing vi and emacs up in the same paragraph ?) Regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From Peter.Galbavy at knowledge.com Fri May 14 03:47:09 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Fri, 14 May 1999 09:47:09 +0100 Subject: [pptp-server] diff - CAREFUL! Message-ID: <19990514094709.A25508@office.knowledge.com> attached are a set of diffs to make 0.8.4 run on OpenBSD. I *HAVE NOT* included changes to the autogenerated files - so reconf is needed. Note I *have* left the change from SYNC to ASYNC in there, but a future version from me will make this command line selectable. I suggest ignoring this particular part of the diffs... -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ -------------- next part -------------- Index: configure.in =================================================================== RCS file: /cvs/software/pptpd/configure.in,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -u -r1.1.1.2 -r1.2 --- configure.in 1999/05/13 06:44:09 1.1.1.2 +++ configure.in 1999/05/13 17:36:50 1.2 @@ -16,12 +16,16 @@ AC_OBJEXT AC_SYS_INTERPRETER +AC_CHECK_FUNCS(setsid daemon) + AC_CHECK_HEADERS(stdio.h) AC_CHECK_HEADERS(getopt.h) AC_CHECK_HEADERS(stdlib.h) AC_CHECK_HEADERS(signal.h) AC_CHECK_HEADERS(string.h) AC_CHECK_HEADERS(unistd.h) +AC_CHECK_HEADERS(termios.h) +AC_CHECK_HEADERS(termio.h) AC_CHECK_HEADERS(arpa/inet.h) AC_CHECK_HEADERS(netdb.h) AC_CHECK_HEADERS(netinet/in.h) Index: ctrlpacket.c =================================================================== RCS file: /cvs/software/pptpd/ctrlpacket.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -u -r1.1.1.2 -r1.2 --- ctrlpacket.c 1999/05/13 06:44:08 1.1.1.2 +++ ctrlpacket.c 1999/05/13 17:36:50 1.2 @@ -9,11 +9,11 @@ #include "config.h" #endif -#include #include #include #include #include +#include #include "pptpdebug.h" #include "pptpdefs.h" @@ -265,7 +265,7 @@ start_ctrl_conn_rply.version = htons(PPTP_VERSION); start_ctrl_conn_rply.result_code = 0x01; start_ctrl_conn_rply.error_code = 0x00; - start_ctrl_conn_rply.framing_cap = htonl(SYNCHRONOUS_FRAMING); + start_ctrl_conn_rply.framing_cap = htonl(ASYNCHRONOUS_FRAMING); start_ctrl_conn_rply.bearer_cap = htonl(DIGITAL_ACCESS); start_ctrl_conn_rply.max_channels = htons(0x0001); start_ctrl_conn_rply.firmware_rev = htons(PPTP_FIRMWARE_VERSION); Index: pptpctrl.c =================================================================== RCS file: /cvs/software/pptpd/pptpctrl.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -u -r1.1.1.2 -r1.2 --- pptpctrl.c 1999/05/13 06:44:09 1.1.1.2 +++ pptpctrl.c 1999/05/13 17:36:50 1.2 @@ -14,14 +14,14 @@ #endif -#include -#include #include #include +#include #include #include #include #include +#include #include "inststr.h" #include "pptpctrl.h" Index: pptpd.c =================================================================== RCS file: /cvs/software/pptpd/pptpd.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- pptpd.c 1999/05/12 20:06:11 1.1.1.1 +++ pptpd.c 1999/05/13 17:36:50 1.2 @@ -20,9 +20,17 @@ #define CONSOLE "/dev/console" +#if HAVE_TERMIO_H #include #define IOCTLPARM TCGETA +#elif HAVE_TERMIOS_H +#include +#endif +#if HAVE_SETSID +#define SETPGRP() (setsid()) +#else #define SETPGRP() (setpgrp()) +#endif @@ -88,7 +96,7 @@ if(execvp(PPTP_MANAGER_BIN, &argv[0]) == -1) { - printf("Couldn't 'exec' PPTP_MANAGER_BINARY\n\n"); + printf("Couldn't 'exec' PPTP_MANAGER_BIN\n\n"); } @@ -130,37 +138,3 @@ return 0; } - - - -/* - * Determine whether this file is a tty - * - */ -isitatty(fp) -FILE *fp; -{ - return (!((ioctl(fileno(fp), IOCTLPARM, NULL) == -1) && - (errno == ENOTTY))); -} - - -#ifdef BSD -/* - * Disassociate the current process from it's control terminal. - * - */ -static disoctty() -{ - int fd; - - if ((fd = open("/dev/tty", O_RDWR)) >= 0) - { - ioctl(fd, TIOCNOTTY, NULL); - close(fd); - } -} -#endif - - - Index: pptpdcmds.c =================================================================== RCS file: /cvs/software/pptpd/pptpdcmds.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- pptpdcmds.c 1999/05/12 20:06:12 1.1.1.1 +++ pptpdcmds.c 1999/05/13 17:36:50 1.2 @@ -10,21 +10,23 @@ #endif -#include -#include -#include -#include -#include -#include -#include #include #include #include +#include #include #include #include #include #include +#include +#ifdef HAVE_GETOPT_H +#include +#endif +#include +#include +#include +#include #include "configfile.h" #include "defaults.h" @@ -36,9 +38,18 @@ #include #endif +#if HAVE_TERMIO_H #include #define IOCTLPARM TCGETA +#elif HAVE_TERMIOS_H +#include +#endif + +#if HAVE_SETSID +#define SETPGRP() (setsid()) +#else #define SETPGRP() (setpgrp()) +#endif #ifndef FALSE #define FALSE 0 @@ -145,7 +156,7 @@ int this_option_optind = optind ? optind : 1; int option_index = 0; -#ifdef EMBED +#if EMBED || BSD #define getopt_long(a,b,c,d,e) getopt(a,b,c) #else static struct option long_options[] = Index: pptpdefs.h =================================================================== RCS file: /cvs/software/pptpd/pptpdefs.h,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- pptpdefs.h 1999/05/12 20:06:11 1.1.1.1 +++ pptpdefs.h 1999/05/13 17:36:50 1.2 @@ -305,6 +305,8 @@ #if EMBED #define PPPD_BINARY "/bin/pppd" +#elif __OpenBSD__ + #define PPPD_BINARY "/usr/sbin/ppp" #else #define PPPD_BINARY "/usr/sbin/pppd" #endif Index: pptpgre.c =================================================================== RCS file: /cvs/software/pptpd/pptpgre.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- pptpgre.c 1999/05/12 20:06:11 1.1.1.1 +++ pptpgre.c 1999/05/13 17:36:50 1.2 @@ -9,23 +9,25 @@ * Handle the IP Protocol 47 portion of PPTP. * C. Scott Ananian * - * $Id: pptpgre.c,v 1.1.1.1 1999/05/12 20:06:11 peter Exp $ + * $Id: pptpgre.c,v 1.2 1999/05/13 17:36:50 peter Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" #endif +#include +#include +#include +#include +#include +#include #include #include #include #include #include #include -#include -#include -#include -#include #include "ppphdlc.h" #include "pptpdefs.h" #include "pptpdebug.h" Index: pptpmanager.c =================================================================== RCS file: /cvs/software/pptpd/pptpmanager.c,v retrieving revision 1.1.1.2 retrieving revision 1.4 diff -u -r1.1.1.2 -r1.4 --- pptpmanager.c 1999/05/13 06:44:10 1.1.1.2 +++ pptpmanager.c 1999/05/13 17:44:33 1.4 @@ -27,13 +27,6 @@ #endif -#include -#include -#include -#include -#include -#include -#include #include #include #include @@ -42,6 +35,16 @@ #include #include #include +#include +#include +#if HAVE_GETOPT_H +#include +#endif +#include +#include +#include +#include +#include #include "configfile.h" #include "defaults.h" @@ -77,6 +80,7 @@ //void childHandler(); + int pptp_manager(int argc, char **argv, char **envp) { char *addrtest; // added for hostname/address lookup -tmk @@ -92,7 +96,7 @@ pid_t pppd_pid; // for forking PPPD char ptydev[PTYMAX], ttydev[TTYMAX]; - int pty_fd; + int pty_fd, sockfd[2]; struct in_addr inetaddr; @@ -327,8 +331,13 @@ pptpd_byte_debug("CALL_ID for this session", outcallid, 2); /////////////////////////////////////////////////////////////////// +#if __OpenBSD__ + socketpair(AF_LOCAL, SOCK_STREAM, 0, sockfd); + pty_fd = sockfd[1]; +#else // STOLEN - Finds an open pty/tty pair.. this is for PPP pty_fd = getpseudotty(ttydev, ptydev); +#endif // debugging ////////////////////////////////////////////////////// sprintf(debug_msg, "ttydev = %s", ttydev); @@ -354,6 +363,11 @@ // simply launches PPPD pptpd_debug("launching PPPD...", VERBOSE); +#if __OpenBSD__ + dup2(sockfd[0], 0); + dup2(sockfd[0], 1); + close(sockfd[0]); +#endif if(launch_pppd(ttydev) == -1) { pptpd_debug("PPPD launch failed...", CRITICAL); @@ -366,11 +380,14 @@ default: // parent // do nothing + close(sockfd[0]); +#ifndef __OpenBSD__ //#ifndef EMBED pptpd_debug("Waiting for the child to terminate", VERBOSE); - wait(&status); // wait for the child to die + wait(&status); // wait for the child to die (actually daemonise) //#endif +#endif break; @@ -386,6 +403,9 @@ pptpd_debug("Launching GRE connection server..", VERBOSE); + sprintf(debug_msg, "pty_fd = %d", pty_fd); + pptpd_debug(debug_msg, VERBOSE); + // the GRE session will have to be handed the correct callid // which should be located in outcallid // Start the GRE encaps/decaps @@ -450,6 +470,8 @@ char fileStr[5]; char optFile[256]; char localStr[6]; + char directStr[16]; + char pptpStr[16]; int result; int an = 0; @@ -461,6 +483,15 @@ pppd_argv[an] = PPPD_BINARY; an++; +#if __OpenBSD__ + strcpy(directStr, "-direct"); + pppd_argv[an] = directStr; + an++; + + strcpy(pptpStr, "pptp"); + pppd_argv[an] = pptpStr; + an++; +#else pppd_argv[an] = ttydev; an++; @@ -555,6 +586,7 @@ strcpy(localStr, "local"); pppd_argv[an] = localStr; // don't use the modem control lines an++; +#endif // must end with NULL or the pppd daemon spits chips pppd_argv[an] = NULL; From allanc at sco.com Fri May 14 09:49:54 1999 From: allanc at sco.com (Allan Clark) Date: Fri, 14 May 1999 10:49:54 -0400 Subject: [pptp-server] openbsd works ! References: <19990514075031.A5059@office.knowledge.com> Message-ID: <373C3812.CD89E5BD@sco.com> By way of introduction, I'm just the RPM-packer (which is simpler than it sounds) Kudos on the BSD work; My formal tasknig is porting, and I've had good and bad ones. > 4. OPTIONAL. CVS server. I will put up a CVS server and import the > version of PPTPD that I can find (what is on the http:... site ?). > I can also provide and ftp home. (www|ftp|cvs).poptop.wonderland.org > ok ? CVS is wonderful for figuring out "what went wrong" between > revisions. I will do a quick summary and references on how to use > it, but I expect that once any of the users/hacker get used to it, > it will prove a blessing :) Who wants this ? Yes. I'd love it. If you *do* import to CVS, tag your releases; it makes packaging much easier. > Are there any preferred code-styles ? The existing code has clearly > come from a number of places, and hence the layout, indentation and > use of prototyping is varied, to say the least. Any objections to > a whole-sale re-format (using emacs standard GNU indent style) ? > (Makes '[[' and ']]' in vi work :) (Now ask why I am > mixing vi and emacs up in the same paragraph ?) I taught network computing for a while at a university. The best coding style for catching mismatches and errors is the "Borland" style, which is like GNU but does not doubly-indent: void example (char *name, int factors) { int red; char workBuffer[100]; printf ("this is example %d\n", red); if (0 == red) doSomething (workBuffer); else { snprintf (workBuffer, sizeof (workBuffer), "blah %d blah\n", red); somethingElse (workBuffer); } } I could debate ths issue; suffice to say I helped fewer students with this coding style to catch missed tokens (, ; } ) and broken booleans than K&R. This seemed to be true for C, C++, Java, and (the big one) pascal source. and BTW, the Gnu-indent-1.9.1 parameters for the above (for your ~/.indent.pro) would be: -bad -bap -sc -ncdb -bl -bli0 -cli4 -ss -pcs -cs -nbs -nbc -npsl -di1 -i4 -nlp -ci4 -ip4 -l75 Hey, there's my two cents (Being Canadian, that's 1.3 cents US) Allan From allanc at sco.com Fri May 14 11:10:58 1999 From: allanc at sco.com (Allan Clark) Date: Fri, 14 May 1999 12:10:58 -0400 Subject: [pptp-server] openbsd works (comments) References: <19990514075031.A5059@office.knowledge.com> Message-ID: <373C4B12.5E95377D@sco.com> > 2. Add the two options "--with-ppp" and "--with-pppd" to the configure > stuff, since FreeBSD and OpenBSD use Brian Somers user-land ppp > daemon, which (only) supports stdin/stdout for a "-direct" connection. > I intend to try to auto-detect which executables are there, but I > am not sure if this is deterministic enough, hence the option. --with-ppp[=/usr/sbin/ppp] ? --with-pppd [=/usr/sbin/pppd] ? I know of a few (OK, slackware) boxes with pppd moved about to odd locations. Perhaps not an immediate concern, but a "vision" thinf to keep in mind. Allan From Peter.Galbavy at knowledge.com Fri May 14 12:01:09 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Fri, 14 May 1999 18:01:09 +0100 Subject: [pptp-server] cvs server Message-ID: <19990514180109.A14905@office.knowledge.com> I have made a CVS server available to the PPTPD project as follows: For read-only access: cvs -d :pserver:anoncvs at cvs.pptpd.wonderland.org:/cvs/pptpd login use password "anoncvs", then: cvs -d :pserver:anoncvs at cvs.pptpd.wonderland.org:/cvs/pptpd checkout pptpd Specific tags available (all the files I could find) are: PPTPD_0_8_0 PPTPD_0_8_1 PPTPD_0_8_2 PPTPD_0_8_3 PPTPD_0_8_4 For write access, I would expect Matthew to let me know who is allowed to, and then I will expect (from those people) either a UNIX passwd line with encrypted password so I can add it, or I will generate you a password. I include myself in the "am I allowed to write ?" list Malcolm :) I am making the assumtion here that Malcolm wants to use a CVS server for the project, has the time to read the docs and can be bothered :) No rush for now, we can just keep importing new release to the tree. I am happy to take on the "release engineering" role for the CVS side. Whatever - I'm easy. For how to use CVS and the CVS FAQ please see: http://www.cyclic.com/ and follow the links I would love to give a quick tutorial, but there is no way it can be quick. Finally, the commit messages currently go to me, but they should really go to a mailing list. I will happily set one up under something like cvs-changes at pptpd.wonderland.org but I will await instructions. Oh yeah, I suggest that all the auto generated files and smeg.log etc. get deleted from the trunk ASAP and that the auto-generated files are only added back to release tagged branches. Regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From dmessiah at silcon.com Sat May 15 18:26:17 1999 From: dmessiah at silcon.com (Evan Brewer) Date: Sat, 15 May 1999 16:26:17 -0700 Subject: [pptp-server] require-chap woes Message-ID: <19990515162617.A21995@el8.org> well with 0.8.4 i am encountering a weird error, when connecting from a win98 box i am getting an error of option not recognized.. require-chap (in my options file) any ideas? From tmk at netmagic.net Sat May 15 18:31:49 1999 From: tmk at netmagic.net (tmk) Date: Sat, 15 May 1999 16:31:49 -0700 Subject: [pptp-server] require-chap woes References: <19990515162617.A21995@el8.org> Message-ID: <003a01be9f2b$1c721040$011c0fc0@lala.net> you probably have an older version of pppd. check the pppd manpage (man pppd). the option might be +chap or something similar it's a pppd issue Kevin ----- Original Message ----- From: Evan Brewer To: Sent: Saturday, May 15, 1999 4:26 PM Subject: [pptp-server] require-chap woes > > well with 0.8.4 i am encountering a weird error, when > connecting from a win98 box i am getting an error of > > option not recognized.. > > require-chap > > (in my options file) > > any ideas? > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > All replies go back to the list, no moderation. > List services provided by www.schulte.org! > From dmessiah at silcon.com Sun May 16 03:09:36 1999 From: dmessiah at silcon.com (Evan Brewer) Date: Sun, 16 May 1999 01:09:36 -0700 Subject: [pptp-server] require-chap woes In-Reply-To: <003a01be9f2b$1c721040$011c0fc0@lala.net>; from tmk on Sat, May 15, 1999 at 04:31:49PM -0700 References: <19990515162617.A21995@el8.org> <003a01be9f2b$1c721040$011c0fc0@lala.net> Message-ID: <19990516010936.B13922@el8.org> On Sat, May 15, 1999 at 04:31:49PM -0700, tmk wrote: > you probably have an older version of pppd. > > require-chap That was it. Thanks. From dmessiah at silcon.com Sun May 16 03:44:43 1999 From: dmessiah at silcon.com (Evan Brewer) Date: Sun, 16 May 1999 01:44:43 -0700 Subject: [pptp-server] one last bug Message-ID: <19990516014443.A14849@el8.org> no matter what settings i use, i continue to get the following error: .2 .1 win98 -> linux May 15 13:51:29 ragnarok pppd[30175]: Peer is not authorized to use remote address 11.0.1.2 anyone have a quick answer? From rblamb at home.com Sun May 16 22:31:57 1999 From: rblamb at home.com (Rick Lamb) Date: Sun, 16 May 1999 23:31:57 -0400 Subject: [pptp-server] Windows connection problems to PPTPD Message-ID: <373F8DAD.3C287A21@home.com> I installed v0.8.4 onto my Redhat 5.2 system. The install went fine. I am now trying to connect to the server from a Windows 98 machine. When I connect without authentication, everything works fine. However, when I try to use any authentication, it refuses to connect. The following is my setup: Windows 98 machine Machine name : CR705434-B NT Domain name : LAMB IP : 24.112.68.114 Encrypt password : have tried enabled and disabled Encrypt data : have tried enabled and disabled PPTP Logon Setup: User Name : RLAMB Password : VPR Server : 24.112.70.75 Linux machine Machine name : LINUX IP : 24.112.70.75 PPP options file local lock debug name LINUX auth require-chap PPTPD.conf file speed 115200 localip 128.0.0.6 remoteip 128.0.0.7 chap-secrets file RLAMB LINUX Then Linux machine is multihomed with a local IP of 128.0.0.1 and a cable modem IP of 24.112.70.75. When I try to connect from the Windows box, the connection flashes for a minute or so and then gives me a message indicating it can't establish a network connection with the server. In my messages log and pppd log, I get an entry which reads: peer authentication required but no suitable secret(s) found for authenticating any peer to us (linux) I suspect my secrets file is not set up right (or something), but I can't seem to stumble into the right answer. Can anyone help?? Thanks, Rick Lamb From matthewr at moreton.com.au Sun May 16 22:45:35 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Mon, 17 May 1999 03:45:35 +0000 Subject: [pptp-server] Windows connection problems to PPTPD References: <373F8DAD.3C287A21@home.com> Message-ID: <373F90DF.559FC37F@moreton.com.au> Easy fix... u simply forgot the '*' in the chap-secrets file > chap-secrets file > RLAMB LINUX should be: RLAMB LINUX * If you have any further problems you can email me directly. Good Luck! Cheers, Matt. From tmk at netmagic.net Mon May 17 22:42:10 1999 From: tmk at netmagic.net (tmk) Date: Mon, 17 May 1999 20:42:10 -0700 Subject: [pptp-server] Multiple Connections Fixed References: <373F8DAD.3C287A21@home.com> Message-ID: <00b801bea0e0$6a2cec40$0101a8c0@lala.net> Hey everyone, we will be releasing poptop v 0.8.5 tonight (remember, matt's in australia, so it could be early in the morning in other parts of the world before he gets it out) The official changelog will be out later, but here's a preview: New features include: Multiple connections work (yay) Disconnecting/Reconnecting will work (yay!). The server will stay up after disconnecting, making it at least semi-fit for real use =) (YEAH!) Things that got broken: Some of the debug logging doesn't work, this will be fixed soon. Sometimes a stray process gets left over, It doesn't affect anything, just ignore it =) Ip addresses are no longer configurable and are hardcoded in the following way: local ip addresses are 192.168.0.1 through 192.168.0.(max hits +1) and remote ip addresses are 192.168.1.1 through 192.168.1.(max hits +1) This WILL be fixed in future releases, but if you need to fix it *now*, the values are on (or near) line 130 in pptpmanager.c. Just change the strings to suit your purposes. Encryption is still on our list of things to do and is NOT SUPPORTED YET. Since we get asked this question a lot, here's how to set up CHAP (login/password ONLY) encryption: if you are using CHAP (the "require encrypted passwords" option in win9x) be sure to set up your chap-secrets file (/etc/ppp/chap-secrets) the format is as follows: username poptop server name password IP addresses (just put a *) so if my username was fred, my password wilma, and my linux box was named bedrock, my chap secrets would look like: fred wilma bedrock * DO NOT forget the * or it won't work. Then, in your ppp options file (either /etc/ppp/options or as defined in the /etc/pptpd.conf file) put the line: require-chap (note: older versions of pppd use +chap instead, read your man page for your version) Cheers Kevin Thayer From tmk at netmagic.net Mon May 17 22:44:02 1999 From: tmk at netmagic.net (tmk) Date: Mon, 17 May 1999 20:44:02 -0700 Subject: [pptp-server] Re: Multiple Connections Fixed Message-ID: <00be01bea0e0$acdc74c0$0101a8c0@lala.net> I don't know what i was thinking. It should be fred bedrock wilma * > so if my username was fred, my password wilma, and my linux box was named > bedrock, my chap secrets would look like: > > fred wilma bedrock * > > DO NOT forget the * or it won't work. terribly sorry Kevin =) From matthewr at moreton.com.au Tue May 18 02:37:20 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 18 May 1999 07:37:20 +0000 Subject: [pptp-server] v0.8.5 released Message-ID: <374118B0.FDA1D239@moreton.com.au> Hiya all, v0.8.5 has been released (for HACKERS only): http://www.moretonbay.com/vpn/pptp.html The main change is multiple client connection support.. The command line arguments were broken in the process.. and a lot of values are currently "hardcoded". This release is really intended to sync other developers. The next version will support IP configuration in the PPTP config file. v0.8.5 is NOT yet in the CVS.. we haven't fully moved to the CVS ... yet. v0.8.5 may have broken OpenBSD compatibility? (Peter?) We would like a couple of beta testers to run 0.8.5 and see if they can get multiple clients, reconnections etc. working. Here is the official ChangeLog: - command line args/config file options are broken (everything hardcoded) - many, many, many structural changes for a multiple connection hack - multiple connection support - reconnect support - OpenBSD port (may be broken for this release... Peter?) - logging now to syslog DAEMON|DEBUG Kevin was the genius behind the multiple connection hack! That's all for now! Cheers, Matt. From Peter.Galbavy at knowledge.com Tue May 18 03:27:49 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Tue, 18 May 1999 09:27:49 +0100 Subject: [pptp-server] v0.8.5 on CVS server Message-ID: <19990518092749.B10784@office.knowledge.com> Folks, v0.8.5 is now also a tagged version in the anoncvs server. cvs -d :pserver:anoncvs at cvs.pptpd.wonderland.org:/cvs/pptpd login ... "anoncvs" cvs -d :pserver:anoncvs at cvs.pptpd.wonderland.org:/cvs/pptpd checkout -r PPTPD_0_8_5 pptpd BTW OpenBSD version *is* broken :) Regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From Peter.Galbavy at knowledge.com Tue May 18 03:32:23 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Tue, 18 May 1999 09:32:23 +0100 Subject: [pptp-server] and the cvs-updates mailing list Message-ID: <19990518093223.C10784@office.knowledge.com> I forgot - sorry. There is a majordomo mailing list for cvs-updates: cvs-updates at pptpd.wonderland.org To subscribe, mail majordomo at pptpd.wonderland.org with a message: subscribe cvs-updates or subscribe cvs-updates someother at email.address To unsubscribe, send a corresponding message like: unsubscribe cvs-updates And you will be sent the usual confirmation request, and voila! I expect the traffic to be light until the developers get the hang of CVS. **** NOTE NOTE NOTE NOTE **** At the time of writing I am the only member of the list, so *everyone* must subscribe themselves - this is so that I wouldn't get the e-mail address wrong. Regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From Peter.Galbavy at knowledge.com Wed May 19 08:12:15 1999 From: Peter.Galbavy at knowledge.com (Peter Galbavy) Date: Wed, 19 May 1999 14:12:15 +0100 Subject: [pptp-server] now for some CVS info - part 1 Message-ID: <19990519141215.A29394@office.knowledge.com> (This is part one - rather than delay posting it, I will follow up with part two later). Here is a quick (read nasty, hacky) guide to how to use CVS... I have sent this to the list (a) because I don;t know who will eventually need it, and (b) anyone with better experience of CVS may want to comment... PLEASE! OK. I an assuming the following: CVS_RSH=/usr/local/bin/ssh CVS_ROOT=:pserver:XXX at cvs.pptpd.wonderland.org:/cvs/pptpd Here are some important words: Repository A respository is the collection of files that CVS uses to store files and so on. Tag A tag is a symolic name for a particular working set of files. Branches and revisions should be mentioned, but it gets over complicated. Trunk The main branch. Guess where these names came from ? Head The head revision is the newest version of *every* file in the repository, including files that are in imported versions that are "earlier" than whatever the last one was. This is important - more below. Sticky Tag A tag that "sticks" to files and directories. This allows parellel devlopment of branches, where once person or group is working on a specific tagged version of the sources and may be adding and deleting files and directories. Merging There is only ever one "head" revision, and in most cases it is expected that any work on branches (tags, sticky tags etc.) will eventually be merged into the trunk, the current version of which is called the head. OK - if you haven't come across them before, that lot will not make sense until you have to use them. So here we go. To "import" an external set of sources: cd pptpd-0.8.5 cvs import -m"import version x.y.z" -I \! pptpd PPTPD PPTPD_X_Y_Z To break this down: cd ... - go to the top level diectory of the tree to import cvs import - the cvs command -m"..." - the message to use. if you do not give a message, your editor will be invoked and you will be asked to give one. -I \! - do not ignore any files (the backslash is there since most your shells will try to treat ! specially) pptpd - the name of the repository (can be a path) PPTPD - the vendor tag. this remains fixed for all imports from the same source PPTPD_X_Y_Z - the release tag. this should somehow match the release name of the sources. note the use of underscore instead of '.' This will then import the whole lot. You will see one line per file imported. Do not worry abour "conflicts" at this stage. Enough for now, part 2 in a few days. Regards, -- Peter Galbavy Knowledge Matters Ltd http://www.knowledge.com/ From matthewr at moreton.com.au Fri May 21 02:32:02 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Fri, 21 May 1999 07:32:02 +0000 Subject: [pptp-server] v0.8.6 call for testers Message-ID: <37450BF2.B58F9F0E@moreton.com.au> Folks, v0.8.6 has been released. http://www.moretonbay.com/vpn/download_pptp.html We would like *everyone* to download, install and run this release to test if they can successfully create a VPN and/or connect (multiple if possible) windows/linux clients. If you could then report back to me on your successes/failures I would *really* appreciate it. We have worked hard to get PoPToP this far... but now we need some help in giving it a thrashing and see how it holds up. In the near future I plan to setup a PoPToP server on my machine here so everyone can access my local network.... this will be the ultimate PoPToP thrashing as I hope to have many, many clients connected. This is not ready yet.. so in the meantime if people can test it on their own networks that would be great. The main change from v0.8.5 -> v0.8.6 is support for specifying multiple IP addresses via the configuration file. Debugging is via syslog. Good Luck! Cheers, Matt. From skvidal at skyrunner.net Mon May 24 17:50:06 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Mon, 24 May 1999 18:50:06 -0400 (EDT) Subject: [pptp-server] /etc/ppp/options file Message-ID: ok. pppd (ver 2.3.5) kernel 2.0.36 pppd output the usage page and errors out saying unrecognized option '1.244' (which is the last of the ip addresses in my list. Any ideas here this is my options file. local auth debug require-chap name intranet thanks -sv From skvidal at skyrunner.net Tue May 25 16:21:44 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Tue, 25 May 1999 17:21:44 -0400 (EDT) Subject: [pptp-server] PPTP CTRL Connection Message-ID: I have several (3-4) PPTP CTRL Connection processes left over after users disconnect? is this normal? It hasn't caused any problems but its been annoying. -sv From skvidal at skyrunner.net Tue May 25 23:11:06 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Wed, 26 May 1999 00:11:06 -0400 (EDT) Subject: [pptp-server] one problem I've run into Message-ID: I made need to address this to the pptp client author but I get the following error from the pptp client Command: pptp hostname debug name skvidal warn[open_inetsock:pptp_callmgr.c:287]: connect: Connection refused fatal[callmgr_main:pptp_callmgr.c:122]: Could not open control connection to 111.222.333.444 fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256 the pptpd server wakes up and starts the auth process but I'm getting nowhere. i haven't changed anything on either sides config (other than adding a ms-dns and ms-wins statement to the options file (that I promptly removed when I couldn't connect) no other changes any ideas. -sv From thane at principle.co.uk Wed May 26 17:06:10 1999 From: thane at principle.co.uk (Thane Brooker) Date: Wed, 26 May 1999 23:06:10 +0100 Subject: [pptp-server] PPTP CTRL Connection References: Message-ID: <374C7052.2E931E0@principle.co.uk> I only found pptp server a few days ago - just what is needed. I find the same problem - if the client doesn't do a graceful disconnect (ie just turn off or unplug) then PPPD will terminate but the ctrl connection stays open. As a fast workaround, could you pass the PID number of ctrl connection to PPPD (by appending "iiparam PIDNUMBER" to the command line that calls pppd). Then when I run my ip-down script, I can kill the ctrl-connection as well. This also has the benefit that you could use the timeout in pppd to close the connection. Ideally ctrl connection would monitor the pppd demon, and terminate itself when pppd dies, but I guess that would require quite a bit more work. I would write something myself but C is not my strongpoint. Thane Brooker Seth Vidal wrote: > I have several (3-4) PPTP CTRL Connection processes left over after users > disconnect? is this normal? It hasn't caused any problems but its been > annoying. > > -sv > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From allanc at sco.com Wed May 26 17:16:38 1999 From: allanc at sco.com (Allan Clark) Date: Wed, 26 May 1999 18:16:38 -0400 Subject: [pptp-server] PPTP CTRL Connection References: <374C7052.2E931E0@principle.co.uk> Message-ID: <374C72C5.EE3E8A1F@sco.com> > I find the same problem - if the client doesn't do a graceful disconnect > (ie > just turn off or unplug) then PPPD will terminate but the ctrl > connection > stays open. As a fast workaround, could you pass the PID number of ctrl > connection to PPPD (by appending "iiparam PIDNUMBER" to the command line > that > calls pppd). Then when I run my ip-down script, I can kill the > ctrl-connection as well. > > This also has the benefit that you could use the timeout in pppd to > close the > connection. > > Ideally ctrl connection would monitor the pppd demon, and terminate > itself > when pppd dies, but I guess that would require quite a bit more work. SIGCHLD ? Allan From tmk at netmagic.net Wed May 26 19:15:02 1999 From: tmk at netmagic.net (tmk) Date: Wed, 26 May 1999 17:15:02 -0700 Subject: [pptp-server] PPTP CTRL Connection References: <374C7052.2E931E0@principle.co.uk> Message-ID: <002901bea7d6$08bb86e0$011c0fc0@lala.net> we're working on detecting a dead link. There are some other little issues as well, (sometimes you get 2 pptpctrls on one connection) We will to have a fully stable release by 0.9.0, at which time we'll start implementing "goodies" (gui/console control tool, full rfc compliance, etc) but for now, bear with us. I am actually going to start working on that problem today or tomorrow. > stays open. As a fast workaround, could you pass the PID number of ctrl > connection to PPPD (by appending "iiparam PIDNUMBER" to the command line > that calls pppd). Then when I run my ip-down script, I can kill the > ctrl-connection as well. I think we can do better than that.. we eventually want to have a control utility, so the kill control needs to go the other way (ie pptpmanager kills pptpctrl, pptpctrl kills pppd and gre) You can always set max_connections really high and ignore all the extra processes that are running :) thanks for the input, and keep it coming Kevin ----- Original Message ----- From: Thane Brooker To: Seth Vidal Cc: Sent: Wednesday, May 26, 1999 3:06 PM Subject: Re: [pptp-server] PPTP CTRL Connection > I only found pptp server a few days ago - just what is needed. > > I find the same problem - if the client doesn't do a graceful disconnect > (ie > just turn off or unplug) then PPPD will terminate but the ctrl > connection > stays open. As a fast workaround, could you pass the PID number of ctrl > connection to PPPD (by appending "iiparam PIDNUMBER" to the command line > that > calls pppd). Then when I run my ip-down script, I can kill the > ctrl-connection as well. > > This also has the benefit that you could use the timeout in pppd to > close the > connection. > > Ideally ctrl connection would monitor the pppd demon, and terminate > itself > when pppd dies, but I guess that would require quite a bit more work. > > I would write something myself but C is not my strongpoint. > > Thane Brooker > > > Seth Vidal wrote: > > > I have several (3-4) PPTP CTRL Connection processes left over after users > > disconnect? is this normal? It hasn't caused any problems but its been > > annoying. > > > > -sv > > > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From gunnar at trilux.com Fri May 28 20:13:21 1999 From: gunnar at trilux.com (Gunnar Hellekson) Date: Fri, 28 May 1999 21:13:21 -0400 Subject: [pptp-server] NT error 718: timeout? Message-ID: <19990528211321.A8040@trilux.com> I'm working off linux 2.0.36, pppd 2.3.5, pptpd 0.8.6 from the RPM, and NT 4.0 sp4 as a client. pppd and the NT RAS client seem to talk to each other perfectly well, but the pppd doesn't seem to be responding to the client's password. It happens regardless of the IPs I'm using, and the password auth. on NT is set to allow cleartext. Any pointers? Here's the pptpd.conf (suggested elsewhere on the list): debug 1 # this didn't increase verbosity... should it? localip 192.168.0.234 remoteip 192.168.0.235 speed 115200 The /etc/ppp/options: local lock debug and the chap-secret: user pptp-server password * Here's my syslog, with the added benefit of the packet filter's logs. The rejected UDP packets don't seem to matter, as allowing them through still yields the same error: May 28 20:51:46 firewall kernel: IP fw-in acc eth0 TCP :1046 :1723 L=44 S=0x1C I=21249 F=0x0040 T=117 May 28 20:51:46 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=22017 F=0x0000 T=117 May 28 20:51:47 pptpd-server pppd[8036]: pppd 2.3.5 started by root, uid 0 May 28 20:51:47 pptpd-server pppd[8036]: Using interface ppp0 May 28 20:51:47 pptpd-server pppd[8036]: Connect: ppp0 <--> /dev/ttya0 May 28 20:51:48 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23297 F=0x0000 T=117 May 28 20:51:49 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23809 F=0x0000 T=117 # right about here, NT complains "Error 718: Timed out waiting for a valid response from the remote PPP peer" May 28 20:52:17 pptpd-server pppd[8036]: LCP: timeout sending Config-Requests May 28 20:52:17 pptpd-server pppd[8036]: Connection terminated. May 28 20:52:17 pptpd-server pppd[8036]: Exit. May 28 20:53:58 pptpd-server kernel: PPP: ppp line discipline successfully unregistered -- Gunnar Hellekson t r i l u x i n t e r n e t g r o u p RIP is irrelevant. Spoofing is futile. Your routes will be aggregated. From skvidal at skyrunner.net Fri May 28 20:16:43 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Fri, 28 May 1999 21:16:43 -0400 (EDT) Subject: [pptp-server] NT error 718: timeout? In-Reply-To: <19990528211321.A8040@trilux.com> Message-ID: > I'm working off linux 2.0.36, pppd 2.3.5, pptpd 0.8.6 from the RPM, > and NT 4.0 sp4 as a client. > > pppd and the NT RAS client seem to talk to each other perfectly well, but the > pppd doesn't seem to be responding to the client's password. It happens > regardless of the IPs I'm using, and the password auth. on NT is set to allow > cleartext. Any pointers? When I turned encrypted passwords off under win98 I had a similar problem. with encrypted pw's on the problem went away. is this helpful? -sv From tmk at netmagic.net Fri May 28 20:16:53 1999 From: tmk at netmagic.net (tmk) Date: Fri, 28 May 1999 18:16:53 -0700 Subject: [pptp-server] NT error 718: timeout? References: <19990528211321.A8040@trilux.com> Message-ID: <004501bea970$f11b92e0$011c0fc0@lala.net> looks like your firewall is rejecting something. check your filtering rules also, debug has been removed, and you should put in a range of possible ip's. check the sample conf file that came with 0.8.6 Kevin ----- Original Message ----- From: Gunnar Hellekson To: Sent: Friday, May 28, 1999 6:13 PM Subject: [pptp-server] NT error 718: timeout? > I'm working off linux 2.0.36, pppd 2.3.5, pptpd 0.8.6 from the RPM, > and NT 4.0 sp4 as a client. > > pppd and the NT RAS client seem to talk to each other perfectly well, but the > pppd doesn't seem to be responding to the client's password. It happens > regardless of the IPs I'm using, and the password auth. on NT is set to allow > cleartext. Any pointers? > > Here's the pptpd.conf (suggested elsewhere on the list): > > debug 1 # this didn't increase verbosity... should it? > localip 192.168.0.234 > remoteip 192.168.0.235 > speed 115200 > > > The /etc/ppp/options: > > local > lock > debug > > and the chap-secret: > user pptp-server password * > > Here's my syslog, with the added benefit of the packet filter's logs. > The rejected UDP packets don't seem to matter, as allowing them through > still yields the same error: > > May 28 20:51:46 firewall kernel: IP fw-in acc eth0 TCP :1046 :1723 L=44 S=0x1C I=21249 F=0x0040 T=117 > May 28 20:51:46 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=22017 F=0x0000 T=117 > May 28 20:51:47 pptpd-server pppd[8036]: pppd 2.3.5 started by root, uid 0 > May 28 20:51:47 pptpd-server pppd[8036]: Using interface ppp0 > May 28 20:51:47 pptpd-server pppd[8036]: Connect: ppp0 <--> /dev/ttya0 > May 28 20:51:48 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23297 F=0x0000 T=117 > May 28 20:51:49 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23809 F=0x0000 T=117 > > # right about here, NT complains "Error 718: Timed out waiting for a valid response from the remote PPP peer" > > May 28 20:52:17 pptpd-server pppd[8036]: LCP: timeout sending Config-Requests > May 28 20:52:17 pptpd-server pppd[8036]: Connection terminated. > May 28 20:52:17 pptpd-server pppd[8036]: Exit. > May 28 20:53:58 pptpd-server kernel: PPP: ppp line discipline successfully unregistered > > > -- > Gunnar Hellekson t r i l u x i n t e r n e t g r o u p > RIP is irrelevant. Spoofing is futile. Your routes will be aggregated. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From wfaulk at totalsports.net Fri May 28 20:44:09 1999 From: wfaulk at totalsports.net (Bitt Faulk) Date: Fri, 28 May 1999 21:44:09 -0400 (EDT) Subject: [pptp-server] pppd not dying Message-ID: It seems that I always get 2 'PPTP CTRL Connection's per PPTP connection, which is not a big deal, but may be pertinent to the fact that the pppd processes that are spawned sometimes do not go away. When they don't, it seems as though pptpd goes ahead and reuses the IP addresses that it thinks are freed and the old pppd seems to interfere. I think that the pppds fail to go away when the other end does not disconnect cleanly, but I have not had a chance to test that yet. Otherwise, as long as I keep an eye on it, and kill off errant pppds, it seems to work fine. Anyone seen this problem and have a fix? -Bitt From tmk at netmagic.net Fri May 28 20:48:12 1999 From: tmk at netmagic.net (tmk) Date: Fri, 28 May 1999 18:48:12 -0700 Subject: [pptp-server] pppd not dying References: Message-ID: <005d01bea975$50971920$011c0fc0@lala.net> we know about it =) we're working on the problem. half the problem is a messy disconnect, and half of it is a programming problem :) It will be fixed in 0.8.7 or 0.8.8 Kevin ----- Original Message ----- From: Bitt Faulk To: Sent: Friday, May 28, 1999 6:44 PM Subject: [pptp-server] pppd not dying > It seems that I always get 2 'PPTP CTRL Connection's per PPTP connection, > which is not a big deal, but may be pertinent to the fact that the pppd > processes that are spawned sometimes do not go away. When they don't, it > seems as though pptpd goes ahead and reuses the IP addresses that it > thinks are freed and the old pppd seems to interfere. I think that the > pppds fail to go away when the other end does not disconnect cleanly, but > I have not had a chance to test that yet. Otherwise, as long as I keep an > eye on it, and kill off errant pppds, it seems to work fine. > > Anyone seen this problem and have a fix? > > -Bitt > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From gunnar at trilux.com Fri May 28 21:06:54 1999 From: gunnar at trilux.com (Gunnar Hellekson) Date: Fri, 28 May 1999 22:06:54 -0400 Subject: [pptp-server] NT error 718: timeout? In-Reply-To: ; from Seth Vidal on Fri, May 28, 1999 at 09:16:43PM -0400 References: <19990528211321.A8040@trilux.com> Message-ID: <19990528220654.A8243@trilux.com> Seth Vidal: > When I turned encrypted passwords off under win98 I had a similar problem. > with encrypted pw's on the problem went away. > > is this helpful? Sadly, no... I tried all 5 settings on the Security tab, to no avail. -- Gunnar Hellekson t r i l u x i n t e r n e t g r o u p I can change any thought that hurts into a reality that hurts even more. From gunnar at trilux.com Fri May 28 21:17:58 1999 From: gunnar at trilux.com (Gunnar Hellekson) Date: Fri, 28 May 1999 22:17:58 -0400 Subject: [pptp-server] NT error 718: timeout? In-Reply-To: <004501bea970$f11b92e0$011c0fc0@lala.net>; from tmk on Fri, May 28, 1999 at 06:16:53PM -0700 References: <19990528211321.A8040@trilux.com> <004501bea970$f11b92e0$011c0fc0@lala.net> Message-ID: <19990528221758.B8243@trilux.com> tmk: > looks like your firewall is rejecting something. check your filtering rules That doesn't seem to be it -- I tried again with those packets allowed, and it went through fine. Besides, I'm not sure how useful netbios packets are when you're establishing a pptp session. > check the sample conf file that came with 0.8.6 Done. Still no joy, but I did try a tcpdump, and found these: 21:52:24.022702 gre-proto-0x880B (gre encap) 21:52:27.032702 gre-proto-0x880B (gre encap) 21:52:30.042702 gre-proto-0x880B (gre encap) Any hints here? Does the pptp server need to be handling these gre goodies? -- Gunnar Hellekson t r i l u x i n t e r n e t g r o u p Allergic to lies. Addicted to love. From thane at principle.co.uk Sat May 29 08:22:08 1999 From: thane at principle.co.uk (Thane Brooker) Date: Sat, 29 May 1999 14:22:08 +0100 Subject: [pptp-server] NT error 718: timeout? References: <19990528211321.A8040@trilux.com> Message-ID: <374FEA00.A07DFE23@principle.co.uk> Check the following link: http://support.microsoft.com/support/kb/articles/q162/8/47.asp The other thing I noticed with 98 (haven't tried NT) is the very first connection to a newly started pptpd causes 98 DUN to hang, and I need to reboot 98. (Just killing the 'not responding' DUN and trying again doesnt work). I kill the pptp control and pppd connection processes on Linux (but leave the initial pptpd running) and try a connection again from 98 (after rebooting), and it works fine. After this initial first-connection problem there are no other connection issues (other that what has already been mentioned). It took me some time to figure this out, because the natural reaction on a failed connect was for me to kill and restart the entire pptpd after tweaking the configs, rather than just kill the child processes, reboot the client and try again. Maybe this is related to your problem. Gunnar Hellekson wrote: > I'm working off linux 2.0.36, pppd 2.3.5, pptpd 0.8.6 from the RPM, > and NT 4.0 sp4 as a client. > > pppd and the NT RAS client seem to talk to each other perfectly well, but the > pppd doesn't seem to be responding to the client's password. It happens > regardless of the IPs I'm using, and the password auth. on NT is set to allow > cleartext. Any pointers? > > Here's the pptpd.conf (suggested elsewhere on the list): > > debug 1 # this didn't increase verbosity... should it? > localip 192.168.0.234 > remoteip 192.168.0.235 > speed 115200 > > The /etc/ppp/options: > > local > lock > debug > > and the chap-secret: > user pptp-server password * > > Here's my syslog, with the added benefit of the packet filter's logs. > The rejected UDP packets don't seem to matter, as allowing them through > still yields the same error: > > May 28 20:51:46 firewall kernel: IP fw-in acc eth0 TCP :1046 :1723 L=44 S=0x1C I=21249 F=0x0040 T=117 > May 28 20:51:46 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=22017 F=0x0000 T=117 > May 28 20:51:47 pptpd-server pppd[8036]: pppd 2.3.5 started by root, uid 0 > May 28 20:51:47 pptpd-server pppd[8036]: Using interface ppp0 > May 28 20:51:47 pptpd-server pppd[8036]: Connect: ppp0 <--> /dev/ttya0 > May 28 20:51:48 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23297 F=0x0000 T=117 > May 28 20:51:49 firewall kernel: IP fw-in rej eth0 UDP :137 :137 L=78 S=0x00 I=23809 F=0x0000 T=117 > > # right about here, NT complains "Error 718: Timed out waiting for a valid response from the remote PPP peer" > > May 28 20:52:17 pptpd-server pppd[8036]: LCP: timeout sending Config-Requests > May 28 20:52:17 pptpd-server pppd[8036]: Connection terminated. > May 28 20:52:17 pptpd-server pppd[8036]: Exit. > May 28 20:53:58 pptpd-server kernel: PPP: ppp line discipline successfully unregistered > > -- > Gunnar Hellekson t r i l u x i n t e r n e t g r o u p > RIP is irrelevant. Spoofing is futile. Your routes will be aggregated. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From skvidal at skyrunner.net Mon May 31 00:45:34 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Mon, 31 May 1999 01:45:34 -0400 (EDT) Subject: [pptp-server] dumb questions Message-ID: a normal ppp server setup uses the same ip address as the local ip for many remote ip's why does pptpd need to have multiple local ip's for the remote ip's? if it has something to do with the requirements of the tunnelling then thats cool (but I'd like to know what the reason is) if it doesn't then its just wasting ip space, right? -sv From tmk at netmagic.net Mon May 31 02:48:58 1999 From: tmk at netmagic.net (tmk) Date: Mon, 31 May 1999 00:48:58 -0700 (PDT) Subject: [pptp-server] dumb questions In-Reply-To: Message-ID: > a normal ppp server setup uses the same ip address as the local ip for many > remote ip's why does pptpd need to have multiple local ip's for the remote > ip's? the multiple local ip list is half there for symmetry (ie no good reason at all) and half there to assist in firewalling and port sharing stuff. if you have 2 clients that want to use port 21, then they better have different ips or one gets shut out. you dont need different ips tho. feel free to put in all the same ip or just hack the code so it puts your local ip if you want to Kevin From skvidal at skyrunner.net Mon May 31 11:18:09 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Mon, 31 May 1999 12:18:09 -0400 (EDT) Subject: [pptp-server] dumb questions In-Reply-To: Message-ID: > the multiple local ip list is half there for symmetry (ie no good reason > at all) and half there to assist in firewalling and port sharing stuff. if > you have 2 clients that want to use port 21, then they better have > different ips or one gets shut out. if they want to use port 21? you can have more than ppp connection using the same local ip and have all the same available ports on it. I don't quite understand this statement. > you dont need different ips tho. feel free to put in all the same ip or > just hack the code so it puts your local ip if you want to I did. -sv From skvidal at skyrunner.net Mon May 31 14:37:18 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Mon, 31 May 1999 15:37:18 -0400 (EDT) Subject: [pptp-server] some more notes/questions Message-ID: how do I go about checking who is logged in via tunnel? I need some way of writing the pppd data to wtmp/utmp. (and not sessreg either) does anyone know of any way of doing this via ppp? thanks -sv From martin at simpli.net Mon May 31 15:52:16 1999 From: martin at simpli.net (martin at simpli.net) Date: Mon, 31 May 1999 16:52:16 -0400 Subject: [pptp-server] LCP: timeout sending Config-Requests Message-ID: <000801beaba7$783cef20$0202a8c0@simpli.net> Hi anyone can tell me why I get that : May 31 16:46:59 server pppd[22182]: LCP: timeout sending Config-Requests and I get a error 650 on my windows 98 Martin -------------- next part -------------- An HTML attachment was scrubbed... URL: From skvidal at skyrunner.net Mon May 31 16:11:02 1999 From: skvidal at skyrunner.net (Seth Vidal) Date: Mon, 31 May 1999 17:11:02 -0400 (EDT) Subject: [pptp-server] LCP: timeout sending Config-Requests In-Reply-To: <000801beaba7$783cef20$0202a8c0@simpli.net> Message-ID: > Hi anyone can tell me why I get that : May 31 16:46:59 server pppd[22182]: LCP: timeout sending Config-Requests > > and I get a error 650 on my windows 98 what is the description of error 650 on win98? are all of your ports used up with leftover PPTP CTRLs? kill the PPTP CTRL processes and see if it still happens. -sv From matthewr at moreton.com.au Mon May 31 20:02:40 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue, 01 Jun 1999 01:02:40 +0000 Subject: [pptp-server] PoPToP -> Win98 setup guide Message-ID: <37533130.866E574@moreton.com.au> Hiya all, A lot of people are having problems getting this going .. so here is a quick guide for those interested. Note: winNT is a different story.. i think v0.8.6 may have brok NT client support for some reason? anyone got v0.8.6 working on NT? A quick guide to setting up poptop and win98: Get v0.8.6 (if you don't already have it..) Get a recent PPPD (i use 2.3.8... i have used it with 2.3.5) check that pppd is in /usr/sbin/ do a './configure' make make install check that there is 'pptpmanager', 'pptpd' and 'pptpctrl' and 'pptpgre' in /usr/local/bin/ make sure you are *root* before launching 'pptpd' go to /etc/ open up syslog.conf add the line: daemon.debug /var/log/pptpd.log kill off the current syslogd and start a new one. (/usr/sbin/syslogd i think) Make sure you have PTY's and PPP in the kernel... remake your kernel if you haven't.. it won't work otherwise. make sure the following files exist and look similar to: --- /etc/ppp/options debug name servername auth require-chap proxyarp --- /etc/pptpd.conf speed 115200 localip 192.168.0.234-238 remoteip 192.168.1.234-238 --- /etc/ppp/chap-secrets billy servername bob * ------- ok now u r set. run 'pptpd' go to the win98 machine: make new VPN connection username billy, password bob ----------------- If it fails.. kill off any pptp, PPTP or pppd process and launch pptp again --------- if still fails send me the log from /var/log/pptpd.log which u created earlier via syslog.. but which now should contain all the pptpd debug information. Good Luck! Cheers, Matt. From tmk at netmagic.net Mon May 31 21:08:43 1999 From: tmk at netmagic.net (tmk) Date: Mon, 31 May 1999 19:08:43 -0700 Subject: [pptp-server] some more notes/questions References: Message-ID: <003301beabd3$add1a780$4c1d0fc0@lala.net> pppd syslogs everything to /var/log/messages (that's the default on my box anyways) and it will say something like : pppd[15450]: CHAP peer authentication succeeded for you could do a tail /var/log/messages -n2000 | grep CHAP if you wanted to see who has been logging in. other than that, there's not much i know of. all the authentication is provided by pppd (if you don't have an auth or a require-chap (or pap, etc.) option, it doesn't even ask for a username. Kevin ----- Original Message ----- From: Seth Vidal To: Sent: Monday, May 31, 1999 12:37 PM Subject: [pptp-server] some more notes/questions > how do I go about checking who is logged in via tunnel? > > I need some way of writing the pppd data to wtmp/utmp. > (and not sessreg either) > > does anyone know of any way of doing this via ppp? > > thanks > -sv > > > > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! >