[pptp-server] ppp0 active, ping times out on client.
Kurt E. Van Delden
kvandel at cs.duke.edu
Sat Jan 8 22:40:14 CST 2000
Hello,
I have a cable modem setup proxing for an internal network.
Server Linux, Mandrake 6.1, 2.2.14, ipchains for NAT.
(Authentication works....see log below)
The client(win98 SE w/128 update) appears to be generating
traffic:
[root at sundance ~]# tcpdump -i ppp0 tcpdump: listening on ppp0
09:38:46.177123 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:47.677378 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:51.248371 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197
09:38:53.517693 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197
09:38:53.677288 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:54.497345 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197
09:38:55.177520 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp
68
09:38:55.507633 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm:
udp 197
09:38:56.518206 10.0.0.111.netbios-dgm >10.255.255.255.netbios-dgm: udp 197
09:38:56.676698 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:57.508123 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:58.976741 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:59.728000 216.54.130.135.netbios-ns > 10.0.0.3.domain: 416+
A? COWBOY.vand--cut
However, no traffic returns.. The client side times out on ping.
(PS I know there are no ping requests in the above trace, but they
do appear when I initiate the ping on the client)
/var/log/messages
Jan 8 09:36:50 sundance pptpd[2699]: CTRL: Client 216.54.130.135 control
connec tion started
Jan 8 09:36:51 sundance pptpd[2699]: CTRL: Starting call (launching pppd,
openi ng GRE)
Jan 8 09:36:51 sundance pppd[2700]: pppd 2.3.10 started by root, uid 0
Jan 8 09:36:51 sundance pppd[2700]: Using interface ppp0
Jan 8 09:36:51 sundance pppd[2700]: Connect: ppp0 <--> /dev/pts/4
Jan 8 09:36:51 sundance pppd[2700]: MSCHAP-v2 peer authentication
succeeded for xxxx\xx
Jan 8 09:36:52 sundance pppd[2700]: found interface eth0 for proxy arp
Jan 8 09:36:52 sundance pppd[2700]: local IP address 10.0.0.100
Jan 8 09:36:52 sundance pppd[2700]: remote IP address 10.0.0.111
Jan 8 09:36:52 sundance pppd[2700]: MPPE 128 bit, stateless compression
enabled
Notes on installation:
ppp-2.3.10 w/ Daniel'spatch for MPPE
**** additional patch by Paul Janzen failed to apply.(This is likely
it...) (after looking at the patch)
More information and thoughts
Ifconfig: eth0(internal 10.) eth1(Internet Routable)
eth0 Link encap:Ethernet HWaddr 00:60:08:41:57:FF
inet addr:10.0.0.3 Bcast:10.255.255.255 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:617742 errors:0 dropped:0 overruns:0 frame:0
TX packets:713374 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:11 Base address:0xec00
eth1 Link encap:Ethernet HWaddr 00:40:33:99:EA:DE
inet addr:24.28.135.253 Bcast:255.255.255.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13585 errors:0 dropped:0 overruns:0 frame:4
TX packets:13621 errors:0 dropped:0 overruns:0 carrier:0
collisions:28 txqueuelen:100
Interrupt:12 Base address:0xe800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:726 errors:0 dropped:0 overruns:0 frame:0
TX packets:726 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.101 P-t-P:10.0.0.112 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:62 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.3 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
10.0.0.112 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
24.28.135.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 24.28.135.1 0.0.0.0 UG 0 0 0
eth1
pppd options
name sundance
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
proxyarp
ms-wins 10.0.0.2
ms-dns 10.0.0.3
netmask 255.255.255.255
Ping output from server to client
[root at sundance ~]# ping 10.0.0.111
PING 10.0.0.111 (10.0.0.111): 56 data bytes
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted
ping: wrote 10.0.0.111 64 chars, ret=-1
--- 10.0.0.111 ping statistics ---
6 packets transmitted,
0 packets received,
100% packet loss
Final thought.. I beleive everybodies first intuition
is going to be the ipchain rules. I've checked them.
I can provide them if required.(They are long)
I have even cleared the system chains, and set accept policies
on the empty chains to eliminate the possibility of problems
from ipchains.
thanks a bunch,
kurt
More information about the pptp-server
mailing list