From tmk at netmagic.net Wed Sep 1 01:48:42 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 1 01:48:42 1999 Subject: [pptp-server] (pptp-server) Windows Client's speed? References: <99Sep1.114753sst.17032@gateway.kub.com.my> Message-ID: <000d01bef446$870e4520$071c0fc0@lala.net> you mean the vpn adapter reports a 9600 bps connection? do you have the most recent version of MS RAS? (1.3) get it and see if that helps. it should. i'm pretty sure windows ignores the vpn speed anyways Kevin ----- Original Message ----- From: Mohamed Noor Harun To: pptp-server at lists.schulte.org Sent: Tuesday, August 31, 1999 8:46 PM Subject: [pptp-server] (pptp-server) Windows Client's speed? Hai all; I have managed to setup my pptp-server (on Redhat 6.0)up and running with encryption turned on. Thanks to all..Now I can connect to my LAN through pptp-server through LAN or ISP connection. There is a small problem that I notice when I'm connected through ISP where the speed of the connection to ISP is 23 K (my pcmcia is 28.8 K) whereas the speed of my VPN is only 9.6 K ? I know that we setup the pptpd speed to 115200 ! I could'nt find anywhere on the Win95 client to set the speed on the Microsoft VPN adapter? Each time I'm connected, the default speed is 9.6 K! Can anybody help me on this? Any suggestions? Thanks. Matnor KUB Teknologi -------------- next part -------------- An HTML attachment was scrubbed... URL: From mnoorh at it.kubnet.com.my Wed Sep 1 02:24:51 1999 From: mnoorh at it.kubnet.com.my (Mohamed Noor Harun) Date: Wed Sep 1 02:24:51 1999 Subject: [pptp-server] (pptp-server) Windows Client's speed? References: <99Sep1.114753sst.17032@gateway.kub.com.my> <000d01bef446$870e4520$071c0fc0@lala.net> Message-ID: <99Sep1.152306sst.17035@gateway.kub.com.my> Dear all; Yes, the vpn adapter reports a 9600 bps connection on each time I'm connected! Yes, I do have the 1.3 version! Is there anything else that I have to check on the client? Thankyou. Matnor ----- Original Message ----- From: tmk To: Mohamed Noor Harun ; pptp-server at lists.schulte.org Sent: Wednesday, September 01, 1999 2:52 PM Subject: Re: [pptp-server] (pptp-server) Windows Client's speed? you mean the vpn adapter reports a 9600 bps connection? do you have the most recent version of MS RAS? (1.3) get it and see if that helps. it should. i'm pretty sure windows ignores the vpn speed anyways Kevin ----- Original Message ----- From: Mohamed Noor Harun To: pptp-server at lists.schulte.org Sent: Tuesday, August 31, 1999 8:46 PM Subject: [pptp-server] (pptp-server) Windows Client's speed? Hai all; I have managed to setup my pptp-server (on Redhat 6.0)up and running with encryption turned on. Thanks to all..Now I can connect to my LAN through pptp-server through LAN or ISP connection. There is a small problem that I notice when I'm connected through ISP where the speed of the connection to ISP is 23 K (my pcmcia is 28.8 K) whereas the speed of my VPN is only 9.6 K ? I know that we setup the pptpd speed to 115200 ! I could'nt find anywhere on the Win95 client to set the speed on the Microsoft VPN adapter? Each time I'm connected, the default speed is 9.6 K! Can anybody help me on this? Any suggestions? Thanks. Matnor KUB Teknologi -------------- next part -------------- An HTML attachment was scrubbed... URL: From allanc at sco.COM Wed Sep 1 09:00:32 1999 From: allanc at sco.COM (Allan Clark) Date: Wed Sep 1 09:00:32 1999 Subject: [pptp-server] DHCP and PPTPD References: Message-ID: <37CD30EA.EC5E1320@sco.com> SCO UnixWare does this by causing DHCP and PPP to go through a "Address Assignment Service". The AAS basically seems to act as a single source of dynamic addresses. How would pptpd do this? Fake a DHCP request for the lease? Allan tmk wrote: > we MIGHT build dhcp support into future versions, but for now it's not > supported. The idea is floating around though. > > Kevin > > On Mon, 30 Aug 1999, Francis Gibbons wrote: > > > Can I use a DHCP server to assign addresses to clients rather than using localip/remoteip. From tmk at netmagic.net Wed Sep 1 09:46:26 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 1 09:46:26 1999 Subject: [pptp-server] (pptp-server) Windows Client's speed? References: <99Sep1.114753sst.17032@gateway.kub.com.my> <000d01bef446$870e4520$071c0fc0@lala.net> <99Sep1.152301sst.17036@gateway.kub.com.my> Message-ID: <002701bef489$449a1c80$071c0fc0@lala.net> Well, as of the latest version of pptp, we simply echo back the line speed that the client (win9x in this case) requests during the handshaking process. Does it actually run at 9600 baud? (1.2kb/sec) or is it faster? if it's faster than 1.2 k/sec then don't let it bother you, it's ignoring that speed anyways. Just FYI mine reports 10,000,000 bps on connections, which is wrong, since i know for a fact that the negotiated connection speed is 64,000 bps. Kevin ----- Original Message ----- From: Mohamed Noor Harun To: tmk ; pptp-server at lists.schulte.org Sent: Wednesday, September 01, 1999 12:21 AM Subject: Re: [pptp-server] (pptp-server) Windows Client's speed? Dear all; Yes, the vpn adapter reports a 9600 bps connection on each time I'm connected! Yes, I do have the 1.3 version! Is there anything else that I have to check on the client? Thankyou. Matnor ----- Original Message ----- From: tmk To: Mohamed Noor Harun ; pptp-server at lists.schulte.org Sent: Wednesday, September 01, 1999 2:52 PM Subject: Re: [pptp-server] (pptp-server) Windows Client's speed? you mean the vpn adapter reports a 9600 bps connection? do you have the most recent version of MS RAS? (1.3) get it and see if that helps. it should. i'm pretty sure windows ignores the vpn speed anyways Kevin ----- Original Message ----- From: Mohamed Noor Harun To: pptp-server at lists.schulte.org Sent: Tuesday, August 31, 1999 8:46 PM Subject: [pptp-server] (pptp-server) Windows Client's speed? Hai all; I have managed to setup my pptp-server (on Redhat 6.0)up and running with encryption turned on. Thanks to all..Now I can connect to my LAN through pptp-server through LAN or ISP connection. There is a small problem that I notice when I'm connected through ISP where the speed of the connection to ISP is 23 K (my pcmcia is 28.8 K) whereas the speed of my VPN is only 9.6 K ? I know that we setup the pptpd speed to 115200 ! I could'nt find anywhere on the Win95 client to set the speed on the Microsoft VPN adapter? Each time I'm connected, the default speed is 9.6 K! Can anybody help me on this? Any suggestions? Thanks. Matnor KUB Teknologi -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrickl at cst.ca Wed Sep 1 10:06:56 1999 From: patrickl at cst.ca (Patrick Lin) Date: Wed Sep 1 10:06:56 1999 Subject: [pptp-server] mppe patch for pppd-2.3.9 Message-ID: <37CD08B0.F85B4F8A@cst.ca> hi i try to install PopTop wirh Mppe but all go wrong :((( i have : kernel : 2.2.12 pppd : 1.3.9 SSleay-0.9.0b poptop : 0.9.14 of course all the directive i find in the "Detailled Instruction Set" are good and more simple but all my software version is newer. and i can't find the patch for ppp (mppe) any help thanks pat From Gunther.Stammwitz at okay.net Wed Sep 1 10:12:56 1999 From: Gunther.Stammwitz at okay.net (Gunther Stammwitz) Date: Wed Sep 1 10:12:56 1999 Subject: [pptp-server] IPX/SPX Message-ID: <001601bef48c$bb403a60$d5e3fea9@windows> Hello, why isn't IPX/SPX supported ? Are there any plans ? Do you know any other software that supports IPX-Tunneling ??? cu then, gunther -------------- next part -------------- An HTML attachment was scrubbed... URL: From rowl at earthcorp.com Wed Sep 1 12:11:37 1999 From: rowl at earthcorp.com (Michael St. Laurent) Date: Wed Sep 1 12:11:37 1999 Subject: [pptp-server] Can server _require_ encryption? Message-ID: <3.0.6.32.19990901101119.00808100@guardian.hartwellcorp.com> Yes... I knew about the +chap option and already have it configured. What I'm trying to do now is require _data_encryption_ not encrypted password validation. At 04:54 PM 08/31/1999 -0300, you wrote: >In [options] file there is any syntax that could be set. > >Look file ~/ppp-2.3.8/ppp/auth.c > >~/ppp-2.3.8/ppp/auth.c >... >... >... > >/* > * Authentication-related options. > */ >option_t auth_options[] = { > { "require-pap", o_bool, &lcp_wantoptions[0].neg_upap, > "Require PAP authentication from peer", 1, &auth_required }, > { "+pap", o_bool, &lcp_wantoptions[0].neg_upap, > "Require PAP authentication from peer", 1, &auth_required }, > { "refuse-pap", o_bool, &refuse_pap, > "Don't agree to auth to peer with PAP", 1 }, > { "-pap", o_bool, &refuse_pap, > "Don't allow PAP authentication with peer", 1 }, > { "require-chap", o_bool, &lcp_wantoptions[0].neg_chap, > "Require CHAP authentication from peer", 1, &auth_required }, > { "+chap", o_bool, &lcp_wantoptions[0].neg_chap, > "Require CHAP authentication from peer", 1, &auth_required }, > { "refuse-chap", o_bool, &refuse_chap, > "Don't agree to auth to peer with CHAP", 1 }, > { "-chap", o_bool, &refuse_chap, > "Don't allow CHAP authentication with peer", 1 }, > { "name", o_string, our_name, > "Set local name for authentication", > OPT_PRIV|OPT_STATIC, NULL, MAXNAMELEN }, > { "user", o_string, user, > "Set name for auth with peer", OPT_STATIC, NULL, MAXNAMELEN }, > { "usehostname", o_bool, &usehostname, > "Must use hostname for authentication", 1 }, >... >... >... >... >... >... > > > > >Emir Toktar > >emir.toktar at bra.xerox.com >toktar at per.com.br >toktar at ppgia.pucpr.br > > > > >-----Original Message----- >From: Michael St. Laurent [mailto:rowl at earthcorp.com] >Sent: Tuesday, August 31, 1999 2:04 PM >To: pptp-server at lists.schulte.org >Subject: [pptp-server] Can server _require_ encryption? > > >I have pptp working with encryption (!!!_party_!!!) What I need to do now >is configure the server to inisist on data encryption. I know this can be >set on the clients but I don't trust our users to not screw it up. Is >there some way to set the server to reject any connection attempt that will >not agree to data encryption? > >-------------------- >Michael St. Laurent >Hartwell Corporation > > >_______________________________________________ >pptp-server maillist - pptp-server at lists.schulte.org >http://lists.schulte.org/mailman/listinfo/pptp-server >List services provided by www.schulte.org! > -------------------- Michael St. Laurent Hartwell Corporation From jcaspen at ittc.ukans.edu Wed Sep 1 12:54:37 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Wed Sep 1 12:54:37 1999 Subject: [pptp-server] IPX/SPX References: <001601bef48c$bb403a60$d5e3fea9@windows> Message-ID: <37CD682E.E4B79B60@ittc.ukans.edu> There is one software that may help you: http://www.norritt.org/Projects/tipxd/ I didn't use it, I've just seen the advertisement. Gunther Stammwitz wrote: > Hello, why isn't IPX/SPX supported ? > Are there any plans ?Do you know any other software that supports > IPX-Tunneling ??? cu then,gunther From tmk at netmagic.net Wed Sep 1 13:01:37 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 1 13:01:37 1999 Subject: [pptp-server] mppe patch for pppd-2.3.9 In-Reply-To: <37CD08B0.F85B4F8A@cst.ca> Message-ID: the pppd mppe patch is for pppd 2.3.8, try that and see how it goes there is a detailed step by step how to install mppe at http://www.moretonbay.com/vpn/releases/HOWTO-PoPToP.txt, i think it's section 3.0 Kevin On Wed, 1 Sep 1999, Patrick Lin wrote: > hi > > i try to install PopTop wirh Mppe > but all go wrong :((( > > i have : > > kernel : 2.2.12 > pppd : 1.3.9 > SSleay-0.9.0b > > poptop : 0.9.14 > > of course all the directive i find in the "Detailled Instruction Set" > are good and > more simple > but all my software version is newer. > and i can't find the patch for ppp (mppe) > > any help > thanks > > pat > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From jcaspen at ittc.ukans.edu Wed Sep 1 13:27:17 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Wed Sep 1 13:27:17 1999 Subject: [pptp-server] mppe patch for pppd-2.3.9 References: <37CD08B0.F85B4F8A@cst.ca> Message-ID: <37CD688A.8277B967@ittc.ukans.edu> > > kernel : 2.2.12 > pppd : 1.3.9 > SSleay-0.9.0b > You should use the files from SSLEay 0.6.6 to avoid problems with the encryption sources. From Gunther.Stammwitz at okay.net Wed Sep 1 13:55:57 1999 From: Gunther.Stammwitz at okay.net (Gunther Stammwitz) Date: Wed Sep 1 13:55:57 1999 Subject: [pptp-server] IPX/SPX References: <001601bef48c$bb403a60$d5e3fea9@windows> <37CD682E.E4B79B60@ittc.ukans.edu> Message-ID: <003c01bef4ab$d198f580$ca00a8c0@windows> Hi again... The problem is, that my clients are WINDOWS, this software is for linux only. Any other suggestions ? gunther ----- Original Message ----- From: Carlos Javier Castro Pena To: Gunther Stammwitz Cc: Sent: Wednesday, September 01, 1999 7:53 PM Subject: Re: [pptp-server] IPX/SPX > There is one software that may help you: > http://www.norritt.org/Projects/tipxd/ > I didn't use it, I've just seen the advertisement. > > Gunther Stammwitz wrote: > > > Hello, why isn't IPX/SPX supported ? > > Are there any plans ?Do you know any other software that supports > > IPX-Tunneling ??? cu then,gunther > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > > From EMIR.TOKTAR at bra.xerox.com Wed Sep 1 18:04:21 1999 From: EMIR.TOKTAR at bra.xerox.com (Toktar, Emir) Date: Wed Sep 1 18:04:21 1999 Subject: [pptp-server] Can server _require_ encryption? Message-ID: <51E5E026247AD2118CDD0008C74CC2DD341949@bra0070ms1.bra.xerox.com> Michael, if did not make encrypted password validation, it refuses the conecction and the client gets one error status. [options] -pap +chap +chapms +chapms-v2 mppe-40 mppe-128 .... Let me get one thing, are you trying not to allow the shutting down conecction telling the user to set up DUN with MS CHAP before refusing the conecction? (that is, must set option require data encryption ) Emir Toktar emir.toktar at bra.xerox.com toktar at per.com.br toktar at ppgia.pucpr.br -----Original Message----- From: Michael St. Laurent [mailto:rowl at earthcorp.com] Sent: Wednesday, September 01, 1999 2:11 PM To: pptp-server at lists.schulte.org Subject: RE: [pptp-server] Can server _require_ encryption? Yes... I knew about the +chap option and already have it configured. What I'm trying to do now is require _data_encryption_ not encrypted password validation. At 04:54 PM 08/31/1999 -0300, you wrote: >In [options] file there is any syntax that could be set. > >Look file ~/ppp-2.3.8/ppp/auth.c > >~/ppp-2.3.8/ppp/auth.c >... >... >... > >/* > * Authentication-related options. > */ >option_t auth_options[] = { > { "require-pap", o_bool, &lcp_wantoptions[0].neg_upap, > "Require PAP authentication from peer", 1, &auth_required }, > { "+pap", o_bool, &lcp_wantoptions[0].neg_upap, > "Require PAP authentication from peer", 1, &auth_required }, > { "refuse-pap", o_bool, &refuse_pap, > "Don't agree to auth to peer with PAP", 1 }, > { "-pap", o_bool, &refuse_pap, > "Don't allow PAP authentication with peer", 1 }, > { "require-chap", o_bool, &lcp_wantoptions[0].neg_chap, > "Require CHAP authentication from peer", 1, &auth_required }, > { "+chap", o_bool, &lcp_wantoptions[0].neg_chap, > "Require CHAP authentication from peer", 1, &auth_required }, > { "refuse-chap", o_bool, &refuse_chap, > "Don't agree to auth to peer with CHAP", 1 }, > { "-chap", o_bool, &refuse_chap, > "Don't allow CHAP authentication with peer", 1 }, > { "name", o_string, our_name, > "Set local name for authentication", > OPT_PRIV|OPT_STATIC, NULL, MAXNAMELEN }, > { "user", o_string, user, > "Set name for auth with peer", OPT_STATIC, NULL, MAXNAMELEN }, > { "usehostname", o_bool, &usehostname, > "Must use hostname for authentication", 1 }, >... >... >... >... >... >... > > > > >Emir Toktar > >emir.toktar at bra.xerox.com >toktar at per.com.br >toktar at ppgia.pucpr.br > > > > >-----Original Message----- >From: Michael St. Laurent [mailto:rowl at earthcorp.com] >Sent: Tuesday, August 31, 1999 2:04 PM >To: pptp-server at lists.schulte.org >Subject: [pptp-server] Can server _require_ encryption? > > >I have pptp working with encryption (!!!_party_!!!) What I need to do now >is configure the server to inisist on data encryption. I know this can be >set on the clients but I don't trust our users to not screw it up. Is >there some way to set the server to reject any connection attempt that will >not agree to data encryption? > >-------------------- >Michael St. Laurent >Hartwell Corporation > > >_______________________________________________ >pptp-server maillist - pptp-server at lists.schulte.org >http://lists.schulte.org/mailman/listinfo/pptp-server >List services provided by www.schulte.org! > -------------------- Michael St. Laurent Hartwell Corporation _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulte.org! From tmk at netmagic.net Wed Sep 1 19:00:19 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 1 19:00:19 1999 Subject: [pptp-server] Re: Numerous IPX Questions (PoPToP mailing list) References: <003e01bef4b8$fab6db00$0200a8c0@AndrewComputer> Message-ID: <002201bef4d6$ab980d00$071c0fc0@lala.net> i can't help you with everything, but as far as the tty goes, it's ttyS1 for /dev/pty/1.. i don;t have my 2.2.x kernel with me, so i can't say for sure right now.. anyone care to verify or correct me? You could also do a [ps xww] to see what tty pppd is getting called with, i don't think it's /dev/pty/? pppd has options to do ipx network numbers and such. [man pppd] =) basically, once you get options files going, you have ipx going Kevin here's some cut/paste's ipx Enable the IPXCP and IPX protocols. This option is presently only supported under Linux, and only if your kernel has been configured to include IPX sup- port. ipx-network n Set the IPX network number in the IPXCP configure request frame to n, a hexadecimal number (without a leading 0x). There is no valid default. If this option is not specified, the network number is obtained from the peer. If the peer does not have the network number, the IPX protocol will not be started. ipx-node n:m Set the IPX node numbers. The two node numbers are Set the IPX node numbers. The two node numbers are The first number n is the local node number. The second number m is the peer's node number. Each node number is a hexadecimal number, at most 10 digits long. The node numbers on the ipx-network digits long. The node numbers on the ipx-network option is not specified then the node numbers are obtained from the peer. ----- Original Message ----- From: Andrew Miklas To: tmk at netmagic.net Sent: Wednesday, September 01, 1999 1:31 PM Subject: Re: Numerous IPX Questions (PoPToP mailing list) Hi there, Sorry about the long delay, just wanted to ask you a bit of stuff about the info in your post. >can ipx be routed? not really. Unless i missed the release of the ipx >routing tools, ipx is still client-only in the later versions of linux >(2.2.x kernels) there was an ipxroute util for 2.0.x i believe. I think it can be routed. I am trying to use a package called ipxripd, but am having a bit of trouble using it. However, once this routing daemon is running properly, it should be able to route between all IPX networks attached to the computer, including the main IPX network on eth1 and the IPX network on the pppx series. >poptop uses code that returns a free tty, usually ttyS?? on linux >machines. Perhaps a better way to do custom configs based on who's calling >would be to use the /etc/ppp/ip-up script (gets called whenever a ppp >connection starts) and use one of the many bits of info it gives you >(local ip, remote ip, ppp device, etc) to set routing info or other >conifigurations. See the ppp-howto for more on this. PoPToP doesn't seem to be returning a free tty. When I add a command like "echo $2 > /thefile.txt" to my ip-up script, the result is /dev/pts/1. As well, the PoPToP log has a line something like ppp0 <-> /dev/pts/1. I don't think I can make a file like options./dev/pts/1, and options.1 also doesn't work. Using the IP-UP script to handle the routing is a great idea, except that the trouble I am having is seting IPX network and node numbers. I don't think these can be set by a script after PPPd has already initilized the interface using the settings it has found in options. How, therefore, can I allow more than one user establish a VPN, and be able to use IPX over it, while still keeping it the servers responsibility to set network addresses, and local/remote node numbers? Thanks for any help, Andrew Miklas -------------- next part -------------- An HTML attachment was scrubbed... URL: From tmk at netmagic.net Wed Sep 1 19:03:40 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 1 19:03:40 1999 Subject: [pptp-server] IPX/SPX References: <001601bef48c$bb403a60$d5e3fea9@windows> <37CD682E.E4B79B60@ittc.ukans.edu> <003c01bef4ab$d198f580$ca00a8c0@windows> Message-ID: <002801bef4d7$04c64040$071c0fc0@lala.net> IPX is suported by linux, and pppd. I'm not sure what you mean when you say it isn't. It will take quite a bit of configuration to get ipx routed happily and client configs set up, but it's doable.. I might give it a try and write a howto. How many of you want an IPX-PPP-PPTP howto? just msg me directly, dont reply to list if you are voting for ipx howto Kevin ----- Original Message ----- From: Gunther Stammwitz To: Carlos Javier Castro Pena Cc: Sent: Wednesday, September 01, 1999 11:57 AM Subject: Re: [pptp-server] IPX/SPX > Hi again... > > The problem is, that my clients are WINDOWS, this software is for linux > only. > Any other suggestions ? > > gunther > ----- Original Message ----- > From: Carlos Javier Castro Pena > To: Gunther Stammwitz > Cc: > Sent: Wednesday, September 01, 1999 7:53 PM > Subject: Re: [pptp-server] IPX/SPX > > > > There is one software that may help you: > > http://www.norritt.org/Projects/tipxd/ > > I didn't use it, I've just seen the advertisement. > > > > Gunther Stammwitz wrote: > > > > > Hello, why isn't IPX/SPX supported ? > > > Are there any plans ?Do you know any other software that supports > > > IPX-Tunneling ??? cu then,gunther > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From germano at solrio.com.br Thu Sep 2 09:53:48 1999 From: germano at solrio.com.br (Germano Barreira) Date: Thu Sep 2 09:53:48 1999 Subject: [pptp-server] CTRL: EOF or bad error reading ctrl packet length. Message-ID: <001701bef552$ce55b780$c8a8a8c0@germano.SOLRIO> Hi All, I'm using pptpd-0.9.13, pppd-2.3.8 with patch ppp-2.3.8-mppe...diff,SSLeay-0.6.6b with rc4 files, linux 2.2.11 and win98 (with dun40).I had the problems below: "In my linux server I started a dial-up on ppp0 and got a IP number from my ISP. In win98 I started a dial-up and a VPN dial-up using chap-secrets. I connected to my linux server, but I can't do anything more as you can see in the log below. Aug 19 15:46:51 glinux ifup-ppp: pppd started for ppp0 on /dev/ttyS3 at 9600 Aug 19 15:46:51 glinux pppd[618]: pppd 2.3.8 started by root, uid 0 Aug 19 15:47:30 glinux pppd[618]: Serial connection established. Aug 19 15:47:30 glinux pppd[618]: Using interface ppp0 Aug 19 15:47:30 glinux pppd[618]: Connect: ppp0 <--> /dev/ttyS3 Aug 19 15:47:35 glinux pppd[618]: local IP address 200.255.224.81 Aug 19 15:47:35 glinux pppd[618]: remote IP address 200.240.24.77 Aug 19 15:48:08 glinux pptpd[657]: MGR: Manager process started Aug 19 16:01:18 glinux pptpd[690]: CTRL: Client 200.196.82.108 control connection started Aug 19 16:01:29 glinux pptpd[690]: CTRL: Starting call (launching pppd, opening GRE) Aug 19 16:01:29 glinux pppd[691]: pppd 2.3.8 started by root, uid 0 Aug 19 16:01:29 glinux pppd[691]: Using interface ppp1 Aug 19 16:01:29 glinux pppd[691]: Connect: ppp1 <--> /dev/pts/1 Aug 19 16:01:37 glinux pppd[691]: local IP address 192.168.168.210 Aug 19 16:01:37 glinux pppd[691]: remote IP address 192.168.1.1 Aug 19 16:03:28 glinux pptpd[690]: CTRL: EOF or bad error reading ctrl packet length. Aug 19 16:03:28 glinux pptpd[690]: CTRL: couldn't read packet header (exit) Aug 19 16:03:28 glinux pptpd[690]: CTRL: CTRL read failed Aug 19 16:03:28 glinux pptpd[690]: CTRL: Client 200.196.82.108 control connection finished Aug 19 16:03:28 glinux pppd[691]: Modem hangup Aug 19 16:03:28 glinux pppd[691]: Connection terminated. Aug 19 16:03:28 glinux pppd[691]: Connect time 2.0 minutes. Aug 19 16:03:28 glinux pppd[691]: Sent 288 bytes, received 3895 bytes. Aug 19 16:03:29 glinux pppd[691]: Exit. _______ what is wrong? Can anybody help me on this? Any suggestions? Thank's Germano -------------- next part -------------- An HTML attachment was scrubbed... URL: From cswan at connectria.com Thu Sep 2 10:57:21 1999 From: cswan at connectria.com (Chris Swan) Date: Thu Sep 2 10:57:21 1999 Subject: [pptp-server] All good except for data transfer? Message-ID: <000701bef55b$d11fbde0$6502a8c0@wustl.edu> I'm using ppp-2.3.8 (plus the mppe patch and SSL), the newest PoPToP, and linux kernel 2.2.12. Clients connect OK, and everything _seems_ peachy keen. However, clients only seem to be able to ping/contact the host--no data seems to be able to get between any of the clients...they can't even ping each other. When each client connects a different PPP device is created--urm, doesn't that mean that bridging would need to be enabled to get data between the two different devices? Are there other kernel options I'm missing? Does forwarding need to be enabled? GRE forwarding? All of the clients are getting assigned IP addresses in the same subnet (192.168.2.*), and the host IPs are also in the same Class C. This be friggin' frustrating! There is no firewalling set up on the server at all--so I didn't think I needed to play with ipfwadm, or ipchains. Do I? Do I need to play with NAT if I'm not using any firewalling? The howto mentions how to set up an ip-up file to answer the proxyarp requests, and after doing so there are no more proxyarp errors in the log file (but the arp tables sure look funny--I wish the howto would show what the arp tables _should_ look like after doing it.) The only errors in my logs anymore look like this: Sep 2 10:36:40 rosebud pppd[3847]: CCP: timeout sending Config-Requests From neale at lowendale.com.au Thu Sep 2 20:55:08 1999 From: neale at lowendale.com.au (Neale Banks) Date: Thu Sep 2 20:55:08 1999 Subject: [pptp-server] pre-alpha: diffs for Debian ppp-2.3.9 Message-ID: I've just tweaked the ppp-2.3.8-mppe-* so that it will apply to the Debianised ppp-2.3.9. 1) I haven't had a chance to test this yet, no idea if it works. Requires fuzz of 3 to patch and -p1 (i.e. patch -F3 -p1 < ...). 2) somebody please tell me if I'm trying something daft/impossible or have overlooked something in trying to apply this patch to ppp-2.3.9 3) If you wish to try it AT YOUR OWN RISK, it's at . Obviously you would need to grab the Debian source package too (although it might apply to the original too - havn't checked). Note: I had to comment out the dh_suidmanager in debian/rules to build the binaries - haven't sorted that out yet. Regards, Neale. From tmk at netmagic.net Thu Sep 2 21:31:52 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 2 21:31:52 1999 Subject: [pptp-server] All good except for data transfer? References: <000701bef55b$d11fbde0$6502a8c0@wustl.edu> Message-ID: <002201bef5b4$e81289c0$071c0fc0@lala.net> Try enabling proxyarp as a ppp option (local_addrs need to be on same subnet as eth0) and enabling ipforwadring in the /proc filesystem and also proxyarp needs to be enabled in the proc system.. That *should* allow your clients to see each other. You might need bridging, but that is unlikely. the CCP error means the client/server cant agree on compression protocols. no big deal Kevin ----- Original Message ----- From: Chris Swan To: Sent: Thursday, September 02, 1999 8:57 AM Subject: [pptp-server] All good except for data transfer? > I'm using ppp-2.3.8 (plus the mppe patch and SSL), the newest PoPToP, > and linux kernel 2.2.12. Clients connect OK, and everything _seems_ > peachy keen. However, clients only seem to be able to ping/contact > the host--no data seems to be able to get between any of the > clients...they can't even ping each other. > > When each client connects a different PPP device is created--urm, > doesn't that mean that bridging would need to be enabled to get data > between the two different devices? Are there other kernel options I'm > missing? Does forwarding need to be enabled? GRE forwarding? > > All of the clients are getting assigned IP addresses in the same > subnet (192.168.2.*), and the host IPs are also in the same Class C. > This be friggin' frustrating! > > There is no firewalling set up on the server at all--so I didn't think > I needed to play with ipfwadm, or ipchains. Do I? Do I need to play > with NAT if I'm not using any firewalling? > > The howto mentions how to set up an ip-up file to answer the proxyarp > requests, and after doing so there are no more proxyarp errors in the > log file (but the arp tables sure look funny--I wish the howto would > show what the arp tables _should_ look like after doing it.) The only > errors in my logs anymore look like this: > > Sep 2 10:36:40 rosebud pppd[3847]: CCP: timeout sending > Config-Requests > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From amiklas at bigfoot.com Thu Sep 2 22:46:33 1999 From: amiklas at bigfoot.com (Andrew Miklas) Date: Thu Sep 2 22:46:33 1999 Subject: [pptp-server] options.ttySx? Message-ID: <003201bef5bd$f11ebc60$0200a8c0@AndrewComputer> Hi all, I have been trying to convince pppd to use seperate option files for ipx configuration, so that I may configure seperate IPX settings for each user. However, it appears that PoPToP doesn't use real ttySx ports (at least on my system) to communicate with pppd. Instead, it uses psudeo ports, which for me are /dev/pts/x. How do I name my option files when ppp doesn't use real ports on my system? I have tried things like ptyp0, and ttyp0, but nothing seems to work. So, how can I get pppd to use different option files depending on what device it is connecting to (ie. /dev/pts/1, or /dev/pts/2, etc) Thanks, Andrew Miklas -------------- next part -------------- An HTML attachment was scrubbed... URL: From Russell.Dill at asu.edu Fri Sep 3 00:51:28 1999 From: Russell.Dill at asu.edu (Russell Dill) Date: Fri Sep 3 00:51:28 1999 Subject: [pptp-server] seperate configurations connecting.... References: <003201bef5bd$f11ebc60$0200a8c0@AndrewComputer> Message-ID: <37CF61DC.451CD11A@asu.edu> What if you need different types and classes of clients connecting -- ie -- client A is a win98 machine and needs proxyarp access to network X -- client B is a linux box with a network of its own, when this box connects, routes to its network need to be added and vice-versa (ie client b is 10.10.5.x and server is 10.2.0.x) -- client C is a win98 client and should only have access to the linux server. from what I see, you would need to set up the pptp.conf with different sections for different users, you would probably need to do a bit of hacking to pppd so that is can be made to use different directories (ie, /etc/ppp.clienta, /etc/ppp.clientb, /etc/ppp.clientc) so that different ip-up/down, ppp.conf, chap-secrets, etc files can be used for different users..this becomes even more important if the system dials up to the internet using ppp, or allows clients dial up and use ppp. I took a quick look at pppd,and it doesn't look that difficult...the paths header file could be modified to contain a global variable that is set to the path name. I have no clue what would have to be done to pptp. --Russ From luyer at ucs.uwa.edu.au Fri Sep 3 01:05:08 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Fri Sep 3 01:05:08 1999 Subject: [pptp-server] seperate configurations connecting.... In-Reply-To: Your message of "Thu, 02 Sep 1999 22:51:25 MST." <37CF61DC.451CD11A@asu.edu> Message-ID: <199909030604.OAA19829@typhaon.ucs.uwa.edu.au> Russell Dill wrote: > What if you need different types and classes of clients connecting -- > > ie -- client A is a win98 machine and needs proxyarp access to network X > > -- client B is a linux box with a network of its own, when this box > connects, routes to its network need to be added and vice-versa (ie > client b is 10.10.5.x and server is 10.2.0.x) > > -- client C is a win98 client and should only have access to the > linux server. Then you should probably use pppd-ip-alloc and do some hacking to pppd - or maybe something like the radius-aware pppd would already be able to do most of this. > I took a quick look at pppd,and it doesn't look that difficult...the > paths header file could be modified to contain a global variable that is > set to the path name. I have no clue what would have to be done to pptp. I believe the best approach here is to do nothing to pptp - base everything on the username and make pppd behave differently for different usernames, either using an existing modification such as radius-aware or erpcd-aware pppd or using a custom change of your own. David. From tmk at netmagic.net Fri Sep 3 02:27:16 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 3 02:27:16 1999 Subject: [pptp-server] seperate configurations connecting.... In-Reply-To: <37CF61DC.451CD11A@asu.edu> Message-ID: easiest way to do what you want is to give the remote clients static ip addrs, set poptop to pppd ip allocation, and have a case switch in the /etc/ppp/ip-up script that does the required settings when teh clients connect. proxyarp could be turned on for everyone, but allocate ip addresses for clients that arent supposed to have that privelege outside the subnet that the linux eth cards are on, so proxy arp will fail. that should take care of all your problems Kevin On Thu, 2 Sep 1999, Russell Dill wrote: > What if you need different types and classes of clients connecting -- > > ie -- client A is a win98 machine and needs proxyarp access to network X > > -- client B is a linux box with a network of its own, when this box > connects, routes to its network need to be added and vice-versa (ie > client b is 10.10.5.x and server is 10.2.0.x) > > -- client C is a win98 client and should only have access to the > linux server. > > from what I see, you would need to set up the pptp.conf with different > sections for different users, you would probably need to do a bit of > hacking to pppd so that is can be made to use different directories (ie, > /etc/ppp.clienta, /etc/ppp.clientb, /etc/ppp.clientc) so that different > ip-up/down, ppp.conf, chap-secrets, etc files can be used for different > users..this becomes even more important if the system dials up to the > internet using ppp, or allows clients dial up and use ppp. > > I took a quick look at pppd,and it doesn't look that difficult...the > paths header file could be modified to contain a global variable that is > set to the path name. I have no clue what would have to be done to pptp. > > > > --Russ > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From Bjoern at CHYBA.at Fri Sep 3 06:26:21 1999 From: Bjoern at CHYBA.at (CB) Date: Fri Sep 3 06:26:21 1999 Subject: [pptp-server] (no subject) Message-ID: <199909031126.NAA08223@stud4.tuwien.ac.at> i want to connect to my poptop server but get the following line in messages file: pptpd[11390]: CTRL: Error with select(), quitting connection from inside the LAN works fine (same network) is this error due to a firewall misconfiguration from my ISP (cable modem)? bjoern From amiklas at bigfoot.com Fri Sep 3 09:27:00 1999 From: amiklas at bigfoot.com (Andrew Miklas) Date: Fri Sep 3 09:27:00 1999 Subject: [pptp-server] options.ttySx? Message-ID: <002e01bef617$02a68220$0200a8c0@AndrewComputer> Hi all, Whoa! That all sounds way to complicated for what I am trying to do. When I mentioned assigning IPX addresses based on users, I was only looking for an alternative to assigning them by connection (or port if this was a standard ppp config.) In other words, (in a 'standard' pppd config.) pppd will first check the "options" file, then it will proceed to check the "options.ttySx" series of files depending on what serial port the modem that is making the connection on. In my case (though it seems not everyone's), pptpd connects with pppd over a pseudo port. Therefore, when pppd goes looking for an "options.ttySx" file to get any connection specific data, it can't simply because the port being used is not in the ttySx range. At this point I thought it might be easier to simply assign IPX (and IP to maybe) based on username, so that Bob would always have IPX address 0xABCDEF01 and node 3:0, while say John would have 0xABCDEF02 4:0, but now I see that this isn't the case. (Yikes!! Patching the code myself :) don't know C). Basically, I just need some way to get IPX going with more than one user. Has anyone been able to do this using pseudo ports? I don't think that network stuff can be configured in the ip-up/ip-down or ipx-up/ipx-down scripts, otherwise the I could just check parameter $2 and do a bunch of case statements Kevin suggested. Doesn't the actual IPX initilization need to be handled by pppd during the handshake with the client? I've tried doing this ipx_interface add ppp0 EtherII 0xABCDEF01 (excuse my syntax) after the client has connected, but windows doesn't realize that an extra protocol has just been added to the line, which makes sense, doesn't it? Would it be possible to get pptpd to communciate with pppd using higher _real_ ttySx ports, like ttyS7, ttyS8, ttyS9, that way this won't confuse some services that run on my modem attached to ttyS3. Thanks so much for your time, Andrew Miklas -------------- next part -------------- An HTML attachment was scrubbed... URL: From tmk at netmagic.net Fri Sep 3 15:01:40 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 3 15:01:40 1999 Subject: [pptp-server] IPX howto In-Reply-To: <199909031126.NAA08223@stud4.tuwien.ac.at> Message-ID: i'm working on it, but my old 486 linux box is giving me trouble so i'm setting up another this weekend and things should be better then. If you all don't mind, i'll be doing the howto on the 2.2.x series kernels only. Should be pretty similar for 2.0.x but you never know (last i checked ipxripd was written fo the 1.x series of kernels, and i gues IPX hasn't changed too much since then :) Kevin From tmk at netmagic.net Fri Sep 3 21:39:05 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 3 21:39:05 1999 Subject: [pptp-server] IPX + PPTP HOWTO v 0.1 References: <001601bef48c$bb403a60$d5e3fea9@windows> <37CD682E.E4B79B60@ittc.ukans.edu> <003c01bef4ab$d198f580$ca00a8c0@windows> <002801bef4d7$04c64040$071c0fc0@lala.net> <000001bef5f9$c0e2bf60$087afea9@windows> Message-ID: <001e01bef67f$1e8402c0$071c0fc0@lala.net> Due to popular demand, here's my first shot at a PPTP IPX howto. Why use IPX when TCP is so much easier to setup and better understood by almost all? I can think of 2 reasons off the top of my head: Games and Security. Lots of games use IPX/SPX for networking, and some of the newer ones (Tiberian Sun [ahem]) only support TCP/IP via their own game servers, but support peer-to-peer IPX. So it would be great to VPN in to your friend's network and fire up a game of whatever without having to use some online server somewhere. Security comes into play because even IF someone can hack through your firewall, they are using TCP/IP and if you only have IPX on the other end, they CANNOT get any packets through anyways. So how do i do it? here's my setup, PLEASE try it on your end and advise me of differences with your version of the kernel and pppd etc etc.. Redhat 6.0 out of the box (kernel 2.2.5-15) latest pptpd as of today (9-3-99) which is 0.9.14 pppd 2.3.8 ipxtools from the redhat 6.0 CD (ipxutils2.2.0.12-5.i386.rpm) ipxripd from somewhere on the internet(ipxripd-0.7-1.i386.rpm) note: this assumes you are using eth0 for your network and already have TCP up and running on it. So what do I need to do? 1) Load kernel ipx modules.. [insmod /lib/modules/misc/ipx.o] you can skip this if you compiled it in. 2)Tell the IPX subsystem what settings to use [/sbin/ipx_configure --auto_primary on] [/sbin/ipx_configure --auto_interface on] it's nice to have automatic settings to fall back on in case you screw up [/sbin/ipx_internal_net add 1 2] this sets internal net number to 1, and internal node number to 2. I try not to reuse number as it makes debugging easier 3) bring the ipx interface up [/usr/bin/ipx_interface add eth0 802.2 3] 4) Check to make sure it worked [/usr/bin/ipx_interface check eth0 802.2] you should see something like: IPX Address for (eth0, 802.2) is 00000003:00000002. 5) start the routing daemon [/usr/sbin/ipxd] Now all that remains is to setup pppd for ipx. This is pretty easy compared to the last part. Edit the pppd options file that you use for pptp (or make a new one, or edit the default one. Whatever one you use, edit it) and add the lines: ---add these lines-- ipx ipx-network 4 ---done adding lines-- and save the file. Fire up pptpd and make sure your clients have IPX checked in their dial up settings. That's it! Easy eh? Warning: IPX may be VERY slow over dialup pptp connections. It might be a good idea to do the old start->run \\computername trick to let ARP know the mac address of the other machine before you run your game. anyone wanna try some sort of IPX network game to test all this out? My 'it works' test is to connect to a windows share on a computer running only ipx from a computer running ipx for dialup only (without the vpn connection it can't see the other computer at all, but with it they talk just fine) Kevin From tmk at netmagic.net Fri Sep 3 22:49:40 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 3 22:49:40 1999 Subject: [pptp-server] IPX + PPTP HOWTO v 0.1 References: <001601bef48c$bb403a60$d5e3fea9@windows> <37CD682E.E4B79B60@ittc.ukans.edu> <003c01bef4ab$d198f580$ca00a8c0@windows> <002801bef4d7$04c64040$071c0fc0@lala.net> <000001bef5f9$c0e2bf60$087afea9@windows> <001e01bef67f$1e8402c0$071c0fc0@lala.net> Message-ID: <002c01bef689$0ab2e040$071c0fc0@lala.net> just a quick fyi, I tried tiberian sun out over the local network (via pptp and ipx of course) and got a game started no problem. I'll be trying it over the modem next week sometime (maybe monday?) no special configuration other than what is here was needed, the only requirement i could find for tiberian sun was that the ports needed to be the same. Kevin ----- Original Message ----- From: tmk To: Gunther Stammwitz ; ; ; ; Sent: Friday, September 03, 1999 7:42 PM Subject: [pptp-server] IPX + PPTP HOWTO v 0.1 > Due to popular demand, here's my first shot at a PPTP IPX howto. > > Why use IPX when TCP is so much easier to setup and better understood by > almost all? I can think of 2 reasons off the top of my head: Games and > Security. > > Lots of games use IPX/SPX for networking, and some of the newer ones > (Tiberian Sun [ahem]) only support TCP/IP via their own game servers, but > support peer-to-peer IPX. So it would be great to VPN in to your friend's > network and fire up a game of whatever without having to use some online > server somewhere. Security comes into play because even IF someone can hack > through your firewall, they are using TCP/IP and if you only have IPX on the > other end, they CANNOT get any packets through anyways. > > So how do i do it? > > here's my setup, PLEASE try it on your end and advise me of differences with > your version of the kernel and pppd etc etc.. > > Redhat 6.0 out of the box (kernel 2.2.5-15) > latest pptpd as of today (9-3-99) which is 0.9.14 > pppd 2.3.8 > ipxtools from the redhat 6.0 CD (ipxutils2.2.0.12-5.i386.rpm) > ipxripd from somewhere on the internet(ipxripd-0.7-1.i386.rpm) > > note: this assumes you are using eth0 for your network and already have TCP > up and running on it. > > So what do I need to do? > 1) Load kernel ipx modules.. > [insmod /lib/modules/misc/ipx.o] you can skip this if you compiled it in. > 2)Tell the IPX subsystem what settings to use > [/sbin/ipx_configure --auto_primary on] > [/sbin/ipx_configure --auto_interface on] > it's nice to have automatic settings to fall back on in case you screw up > [/sbin/ipx_internal_net add 1 2] > this sets internal net number to 1, and internal node number to 2. I try not > to reuse number as it makes debugging easier > 3) bring the ipx interface up > [/usr/bin/ipx_interface add eth0 802.2 3] > 4) Check to make sure it worked > [/usr/bin/ipx_interface check eth0 802.2] > you should see something like: > IPX Address for (eth0, 802.2) is 00000003:00000002. > 5) start the routing daemon > [/usr/sbin/ipxd] > > Now all that remains is to setup pppd for ipx. This is pretty easy compared > to the last part. > > Edit the pppd options file that you use for pptp (or make a new one, or edit > the default one. Whatever one you use, edit it) and add the lines: > ---add these lines-- > ipx > ipx-network 4 > ---done adding lines-- > and save the file. > > Fire up pptpd and make sure your clients have IPX checked in their dial up > settings. That's it! Easy eh? > > Warning: IPX may be VERY slow over dialup pptp connections. It might be a > good idea to do the old start->run \\computername trick to let ARP know the > mac address of the other machine before you run your game. > > anyone wanna try some sort of IPX network game to test all this out? My 'it > works' test is to connect to a windows share on a computer running only ipx > from a computer running ipx for dialup only (without the vpn connection it > can't see the other computer at all, but with it they talk just fine) > > Kevin > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From woodruff at ao.net Sat Sep 4 16:08:31 1999 From: woodruff at ao.net (Eric M. Woodruff) Date: Sat Sep 4 16:08:31 1999 Subject: [pptp-server] poptop Message-ID: <000a01bef719$9bd28220$0200a8c0@KENNY> Hey all, Poptop was working fine to a point, now when I try to connect from a win2k machine I get: pptpd[758]: CTRL: Client 192.168.0.2 control connection started Starting call (launching pppd, opening GRE) read(fd=5,buffer=804d3e0,len=8196) from PTY failed: status = -1 error = Input/output error PTY read or GRE write failed (pty,gre)=(5,6) Client 192.168.0.2 control connection finished What is wrong to make that happen? Anyone? Eric Woodruff woodruff at ao.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From neale at lowendale.com.au Sun Sep 5 20:11:38 1999 From: neale at lowendale.com.au (Neale Banks) Date: Sun Sep 5 20:11:38 1999 Subject: [pptp-server] Req: pppd patch to strip MS \\ Message-ID: In the HOWTO/FAQ section 6, there is mention of a modification to pppd.c "to strip out the domain on MSCHAP logins". Is this patch publically/freely available? Thanks, Neale. From neale at lowendale.com.au Sun Sep 5 20:15:21 1999 From: neale at lowendale.com.au (Neale Banks) Date: Sun Sep 5 20:15:21 1999 Subject: [pptp-server] Win98 and 128-bit? Message-ID: The HOWTO/FAQ mentions Win98 needing DUN4.0 to do 40-bit encrytion. This seems to work just fine, with the MS-encryption patch applied to pppd-2.3.9 :-) Anyone tried (sucessfully or otherwise ;-) to get 128-bit encryption happening? Thanks, Neale. From srhodes at cpinternet.com Sun Sep 5 21:11:23 1999 From: srhodes at cpinternet.com (Steve Rhodes) Date: Sun Sep 5 21:11:23 1999 Subject: [pptp-server] Req: pppd patch to strip MS \\ Message-ID: <01BEF7E2.E3024940.srhodes@cpinternet.com> This is a very quick hack I did, which can obviously be improved upon. It actually is applied against chap.c in the pppd code. I am including the patch in the body of this message which should be run against the source code at patch level 0 from within the same directory. If you name the patch chap.diff and put it into ppp-2.3.8/pppd, you can say patch -p0 < chap.diff. I also am attaching the entire modified chap.c source to this message, if that's easier to use. Warning, I am sending this message using Microsoft Outlook, which I have no clue how to work! --- chap.c Tue Jul 27 13:01:50 1999 +++ /var/tmp/ppp-2.3.8/pppd/chap.c Tue Jul 27 11:46:21 1999 @@ -522,6 +522,17 @@ char secret[MAXSECRETLEN]; u_char hash[MD5_SIGNATURE_SIZE]; + /* Stuff I hacked */ + int valid_secret; + char ms_butcher_name[256]; + int butcher_len; + int b_counter; + char butcher_temp[2]; + int b_cmp; + int b_filler; + int fill_it; + /* eoh */ + if (cstate->serverstate == CHAPSS_CLOSED || cstate->serverstate == CHAPSS_PENDING) { CHAPDEBUG(("ChapReceiveResponse: in state %d", cstate->serverstate)); @@ -571,8 +582,43 @@ * do the hash ourselves, and compare the result. */ code = CHAP_FAILURE; + + valid_secret = get_secret(cstate->unit, (explicit_remote? remote_name:rhostname), + cstate->chal_name, secret, &secret_len, 1); + + +#ifdef CHAPMS + if (!valid_secret) { + butcher_len = strlen(rhostname); + fill_it = 0; + b_filler = 0; + for (b_counter=0; b_counterunit, (explicit_remote? + remote_name:ms_butcher_name), cstate->chal_name, + secret, &secret_len, 1); + } +#endif + + /* if (!get_secret(cstate->unit, (explicit_remote? remote_name: rhostname), cstate->chal_name, secret, &secret_len, 1)) { + warn("No CHAP secret found for authenticating %q", rhostname); + */ + + if (!valid_secret) { warn("No CHAP secret found for authenticating %q", rhostname); } else { -----Original Message----- From: Neale Banks [SMTP:neale at lowendale.com.au] Sent: Sunday, September 05, 1999 8:20 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Req: pppd patch to strip MS \\ In the HOWTO/FAQ section 6, there is mention of a modification to pppd.c "to strip out the domain on MSCHAP logins". Is this patch publically/freely available? Thanks, Neale. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulte.org! begin 600 CHAP.C M+RH*("H at 8VAA<"YC("T at 0VAA;&QE;F=E($AA;F1S:&%K92!!=71H96YT:6-A M=&EO;B!07)I9VAT("AC*2 Q.3DS(%1H92!! M=7-T0H@*B!M87D@;F]T(&)E('5S960@=&\@96YD;W)S92!O2X@(%1H92!N86UE(&]F('1H M92!A=71H;W(@;6%Y(&YO="!B92!U' @)"(["B-E;F1I9 at H*+RH*("H at 5$]$ M3SH*("HO"@HC:6YC;'5D92 \7,O=&EM92YH M/@H*(VEN8VQU9&4@(G!P<&0N:"(*(VEN8VQU9&4@(F-H87 N:"(*(VEN8VQU M9&4@(FUD-2YH(@HC:6YC;'5D92 B9G-M+F at B"B-I;F-L=61E(")L8W N:"(* M(VEF9&5F($-(05!-4PHC:6YC;'5D92 B8VAA<%]MR B8VAA<"UM87 at M8VAA;&QE;F=E(BP@ M;U]I;G0L("9C:&%P6S!=+FUA>%]TR B8VAA<"UI;G1ER!.54Q,('T*?3L*"B\J"B J(%!R;W1O8V]L(&5N=')Y M('!O:6YT'1EF5O9B at J8W-T871E*2D["B @("!CPH@(" @8VAA<%]S=&%T92 J8W-T871E(#T@)F-H87!;=6YI M=%T["@H@(" @8W-T871E+3YR97-P7VYA;64@/2!O=7)?;F%M93L*(" @(&-S M=&%T92T^7!E(#T at 9&EG97-T.PH*(" @(&EF("ACPH)+RH@;&]W97(@;&%Y97(@:7-N)W0@=7 @+2!W86ET('5N M=&EL(&QA=&5R("HO"@EC65R(&ES('5P+ at H@*@H@*B!3=&%R M="!U<"!I9B!W92!H879E('!E;F1I;F<@PH)0VAA<$=E;D-H M86QL96YG92ACPH@(" @8VAA M<%]S=&%T92 J8W-T871E(#T@)F-H87!;=6YI=%T["B @("!U7V-H87(@*FEN M<#L*(" @('5?8VAAPH)0TA!4$1%0E5'*"@B0VAA<$EN<'5T.B!R8W9D('-H M;W)T(&AE861E2!D;V5S(#HM*2X*(" @(" J+PH@(" @PH)0TA!4$1%0E5'*"@B0VAA<%)E8V5I=F5#:&%L M;&5N9V4Z(')C=F0@F5O9B H=5]C:&%R*2 K(')C:&%L;&5N9V5?;&5N.PDO*B!N;W<@;F%M M92!F:65L9"!L96YG=&@@*B\*(" @(&EF("AL96X@/" P*2!["@E#2$%01$5" M54F5O9BAR:&]S=&YA;64I*0H);&5N(#T@7!E($-(05 M1$E'15-4+4U$-2(I*3L*"4U$ M-4EN:70H)FUD0V]N=&5X="D["@E-1#55<&1A=&4H)FUD0V]N=&5X="P@)F-S M=&%T92T^'0["B @("!C:&%R('-E8W)E=%M-05A314-2151,14Y=.PH@(" @ M=5]C:&%R(&AAPH)0VAA<%-E;F13=&%T=7,H8W-T871E+"!#2$%07U-50T-%4U,I M.PH)PH)0TA!4$1%0E5'*"@B0VAA<%)E8V5I=F5297-P;VYS93H@F5O9BAR:&]S=&YA;64I("T@,3L*(" @($)# M3U!9*&EN<"P@'!L:6-I=%]R96UO=&4_(')E;6]T M95]N86UE.G)H;W-T;F%M92DL"B )"2 @("!C'!L:6-I=%]R96UO M=&4_(')E;6]T95]N86UE.B!R:&]S=&YA;64I+ H)"2 @("!C7!E("HO"@ES=VET8V@@*&-S=&%T M92T^8VAA;%]T>7!E*2![( H*"6-A'0L('-E8W)E="P@'0L(&-S=&%T92T^8VAA M;&QE;F=E+"!C2!A7!E("5D(BP at 8W-T871E+3YC:&%L7W1Y M<&4I*3L*"7T*(" @('T*"B @("!"6D523RAS96-R970L('-I>F5O9BAS96-R M970I*3L*(" @($-H87!396YD4W1A='5S*&-S=&%T92P at 8V]D92D["@H@(" @ M:68@*"AC;V1E(#T]($-(05!?4U5#0T534RD@?'P@*&-O9&4@/3T at 0TA!4%]3 M54-#15-37U(I*2!["@EO;&1?7!E*2![ M( H)("!C87-E($-(05!?1$E'15-47TU$-3H*"2 @("!N;W1I8V4H(D-(05 @ M<&5EPH*(" @(&EF("AC2!A;B!A;G-W97(@=&\@82!D=7!L:6-A=&4@ MPH) M+RH at 9&]N)W0@:VYO=R!W:&%T('1H:7,@:7,@*B\*"4-(05!$14)51R at H(D-H M87!296-E:79E1F%I;'5R93H@:6X@PH@(" @=5]C:&%R("IO=71P.PH@(" @:6YT(&-H86Q?;&5N+"!N M86UE7VQE;CL*(" @(&EN="!O=71L96X["@H@(" @8VAA;%]L96X@/2!CPH@(" @=5]C:&%R("IO=71P.PH@(" @:6YT(&]U M=&QE;BP@;7-G;&5N.PH@(" @8VAAF5O9BAM6]U+B @1V\@)W=A>2XB*3L*(" @(&US9VQE;B ] M('-TPH@(" @:6YT(&-H86Q?;&5N.PH@(" @=5]C:&%R("IP='(@/2!C7!E M(#T]($-(05!?34E#4D]33T947U8R*0H)8VAA;%]L96X@/2 Q-CL*(" @(&5L M#L*"B @("!I9B H<&QE;B \($-(05!?2$5!1$523$5.*0H)"(L('@I.PH)?0H)<')I;G1E From mals at home.com Mon Sep 6 17:30:19 1999 From: mals at home.com (Malay Shah) Date: Mon Sep 6 17:30:19 1999 Subject: [pptp-server] PoPToP & PTYs Message-ID: <001201bef8b7$7c8d6f20$0240a8c0@mtmc1.on.wave.home.com> Hi. I want to setup multiple simultaneous IPX connections but I don't know what to name the ppp options file because my kernel is using pseudo terminals. I can't name it "options.pts/1" so what should the name be? Thanks in advance Malay Shah -------------- next part -------------- An HTML attachment was scrubbed... URL: From tom.jones at oceanfree.net Tue Sep 7 05:12:55 1999 From: tom.jones at oceanfree.net (T Jones) Date: Tue Sep 7 05:12:55 1999 Subject: [pptp-server] PPTP on a firewall Message-ID: <19990907101242.27955.cpmta@c006.sfo.cp.net> An embedded and charset-unspecified text was scrubbed... Name: not available URL: From rlankshear at comset.co.uk Tue Sep 7 07:52:04 1999 From: rlankshear at comset.co.uk (Robert Lankshear) Date: Tue Sep 7 07:52:04 1999 Subject: [pptp-server] Req: pppd patch to strip MS \\ Message-ID: <002567E5.0047A5D6.00@StClare1.comset.co.uk> Hi there, I modified the chap.c component of the PPTP daemon to do the MS Domain Strip when it became clear that Chap-Secrets were case-sensitive and my users liked to fiddle about with their Domain name case. patch -p0 < chap.patch To be run from the same directory as the file to be patched. It's nice and simple and relies on the fact that MS hosts do not return a Remote Host name so that all that needs to be manipulated is the rhostname variable. A trivial piece of C String manipulation and voila - a domain-less username is produced. Enjoy it :) Robert. --- chap.c.orig Wed Sep 1 09:42:52 1999 +++ chap.c Tue Sep 7 12:55:06 1999 @@ -366,7 +366,7 @@ return; } len -= CHAP_HEADERLEN; - + /* * Action depends on code (as in fact it usually does :-). */ @@ -522,6 +522,10 @@ char secret[MAXSECRETLEN]; u_char hash[MD5_SIGNATURE_SIZE]; +#ifdef CHAPMS + char *msstring; +#endif + if (cstate->serverstate == CHAPSS_CLOSED || cstate->serverstate == CHAPSS_PENDING) { CHAPDEBUG(("ChapReceiveResponse: in state %d", cstate->serverstate)); @@ -565,6 +569,14 @@ len = sizeof(rhostname) - 1; BCOPY(inp, rhostname, len); rhostname[len] = '\000'; + +#ifdef CHAPMS + /* Patch to strip DOMAIN from a Windows Logon */ + if ((msstring = strrchr(rhostname, '\\')) != (char *)NULL) { + ++msstring; + strncpy(rhostname, msstring, sizeof(rhostname)); + } +#endif /* * Get secret for authenticating them with us, From cswan at connectria.com Tue Sep 7 14:18:31 1999 From: cswan at connectria.com (Chris Swan) Date: Tue Sep 7 14:18:31 1999 Subject: [pptp-server] PPTP[6095] error Message-ID: <000701bef965$83838400$6602a8c0@wustl.edu> Finally got the pptpd to work correctly, but...it's slow! After I finally got my routing issues straightened out (or so I think), once I start doing transfers of large amounts of data, my linux box starts going nuts....the syslog is repeatedly dumping massive amounts of error messages to the logs in the form of: Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: EOF or bad error reading ctrl packet length. Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: couldn't read packet header (exit) Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: Unexpected control message 0 in disco nnect sequence I searched the archives and couldn't find any discussion of this error message. Network transfers are painfully slow, and will usually abort before the entire operation completes. Note that speed for clients on a local, 100mbit LAN averages about 300KB/s--but remote users on on cable modem connection can barely get any data through--the pipe seems to be idle most of the time. Using pptpd 0.9.14 and ppp 2.3.8. Clients are Win98, Win98SE, or WinNT4 clients. From rmatlock at calltech.com Tue Sep 7 14:32:03 1999 From: rmatlock at calltech.com (Rick Matlock) Date: Tue Sep 7 14:32:03 1999 Subject: [pptp-server] PPTP[6095] error Message-ID: I am also seeing these same error messages, and symptoms. Syslog ends up taking 70-80% of the CPU writing these things out, and I get about 150 megs a day of this (with a single host). I am using pptpd 0.9.11 and ppp-2.3.8. Rick > -----Original Message----- > From: Chris Swan [mailto:cswan at connectria.com] > Sent: Tuesday, September 07, 1999 3:17 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] PPTP[6095] error > > > Finally got the pptpd to work correctly, but...it's slow! After I > finally got my routing issues straightened out (or so I think), once I > start doing transfers of large amounts of data, my linux box starts > going nuts....the syslog is repeatedly dumping massive amounts of > error messages to the logs in the form of: > > Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: EOF or bad error reading > ctrl packet > length. > Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: couldn't read packet header > (exit) > Sep 7 14:02:00 rosebud pptpd[6095]: CTRL: Unexpected control message > 0 in disco > nnect sequence > > I searched the archives and couldn't find any discussion of this > error message. Network transfers are painfully slow, and will usually > abort before the entire operation completes. Note that speed for > clients on a local, 100mbit LAN averages about 300KB/s--but remote > users on on cable modem connection can barely get any data > through--the pipe seems to be idle most of the time. > > Using pptpd 0.9.14 and ppp 2.3.8. Clients are Win98, Win98SE, or > WinNT4 clients. > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From butler at dii.net Tue Sep 7 15:29:12 1999 From: butler at dii.net (Philip L. Butler) Date: Tue Sep 7 15:29:12 1999 Subject: [pptp-server] GRE problems ?? Message-ID: Hi, I have been trying on and off to get pptpd to work. I am using a Windows 98 with stock Micro$oft VPN adapter stuff and pptpd on Slackware (kernel 2.0.33). It seems to be authenticating as it gives an appropriate message when I key in the wrong password, but when I key in the correct username/password, the Win98 system says "Connection was terminated. Do you want to reconnect ?" The logs from my system are below. I have to admit a stupid one -- what is GRE ?? I have seen reference to it on this list but have to admit I have never heard of the term. Does anyone have a clue as to what my problem may be and how to get around it ?? Many Thanks, Phil Butler butler at dii.net From syslog file.... ******************** Sep 7 16:11:11 gs pptpd[742]: GRE: read(fd=5,buffer=804d448,len=8196) from PTY failed: status = -1 error = I/O error Sep 7 16:11:11 gs pptpd[742]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6 ) From pptpd.log (I have it's log going to a separate file) ********************************************************* Sep 7 16:11:09 gs pptpd[742]: CTRL: Client 192.168.0.50 control connection started Sep 7 16:11:09 gs pptpd[742]: CTRL: Starting call (launching pppd, opening GRE) Sep 7 16:11:09 gs pptpd[742]: CTRL: Allocating pty/tty pair Sep 7 16:11:09 gs pptpd[742]: CTRL: Allocated pty/tty pair (/dev/ptyp0,/dev/ttyp0) Sep 7 16:11:10 gs pppd[743]: pppd 2.3.8 started by root, uid 0 Sep 7 16:11:10 gs pppd[743]: Using interface ppp0 Sep 7 16:11:10 gs pppd[743]: Connect: ppp0 <--> /dev/ttyp0 Sep 7 16:11:10 gs pppd[743]: sent [LCP ConfReq id=0x1 ] Sep 7 16:11:10 gs pppd[743]: rcvd [LCP ConfReq id=0x1 < 0d 03 06>] Sep 7 16:11:10 gs pppd[743]: sent [LCP ConfRej id=0x1 < 0d 03 06>] Sep 7 16:11:10 gs pppd[743]: rcvd [LCP ConfNak id=0x1 ] Sep 7 16:11:10 gs pppd[743]: sent [LCP ConfReq id=0x2 ] Sep 7 16:11:10 gs pppd[743]: rcvd [LCP ConfReq id=0x2 ] Sep 7 16:11:10 gs pppd[743]: sent [LCP ConfAck id=0x2 ] Sep 7 16:11:10 gs pppd[743]: rcvd [LCP ConfAck id=0x2 ] Sep 7 16:11:10 gs pppd[743]: sent [CHAP Challenge id=0x1 <0dc856d518137f21>, name = "servername"] Sep 7 16:11:10 gs pppd[743]: rcvd [CHAP Response id=0x1 , name = "billy"] Sep 7 16:11:10 gs pppd[743]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access Sep 7 16:11:10 gs pppd[743]: sent [CHAP Success id=0x1 "Welcome to gs."] Sep 7 16:11:11 gs pptpd[742]: GRE: read(fd=5,buffer=804d448,len=8196) from PTY failed: status = -1 error = I/O error Sep 7 16:11:11 gs pptpd[742]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) Sep 7 16:11:11 gs pptpd[742]: CTRL: Client 192.168.0.50 control connection finished Sep 7 16:11:10 gs pppd[743]: sent [IPCP ConfReq id=0x1 ] Sep 7 16:11:10 gs pppd[743]: MSCHAP peer authentication succeeded for billy Sep 7 16:11:10 gs pppd[743]: rcvd [IPCP ConfReq id=0x1 ] Sep 7 16:11:10 gs pppd[743]: sent [IPCP ConfRej id=0x1 ] Sep 7 16:11:10 gs pppd[743]: rcvd [CCP ConfReq id=0x1 ] Sep 7 16:11:10 gs pppd[743]: sent [CCP ConfReq id=0x1] Sep 7 16:11:10 gs pppd[743]: sent [CCP ConfRej id=0x1 ] Sep 7 16:11:10 gs pppd[743]: rcvd [IPCP ConfRej id=0x1 ] Sep 7 16:11:10 gs pppd[743]: sent [IPCP ConfReq id=0x2 ] Sep 7 16:11:10 gs pppd[743]: rcvd [IPCP ConfReq id=0x2 ] Sep 7 16:11:10 gs pppd[743]: sent [IPCP ConfNak id=0x2 ] Sep 7 16:11:10 gs pppd[743]: rcvd [CCP ConfAck id=0x1] Sep 7 16:11:10 gs pppd[743]: rcvd [CCP ConfReq id=0x2] Sep 7 16:11:10 gs pppd[743]: sent [CCP ConfAck id=0x2] Sep 7 16:11:10 gs pppd[743]: rcvd [IPCP ConfAck id=0x2 ] Sep 7 16:11:10 gs pppd[743]: rcvd [IPCP ConfReq id=0x3 ] Sep 7 16:11:10 gs pppd[743]: sent [IPCP ConfAck id=0x3 ] Sep 7 16:11:10 gs pppd[743]: found interface eth0 for proxy arp Sep 7 16:11:10 gs pppd[743]: local IP address 10.1.1.2 Sep 7 16:11:10 gs pppd[743]: remote IP address 10.1.1.100 Sep 7 16:11:10 gs pppd[743]: Script /etc/ppp/ip-up started (pid 744) Sep 7 16:11:10 gs pppd[743]: rcvd [CCP TermReq id=0x3] Sep 7 16:11:10 gs pppd[743]: CCP terminated by peer Sep 7 16:11:10 gs pppd[743]: sent [CCP TermAck id=0x3] Sep 7 16:11:10 gs pppd[743]: Compression disabled by peer. Sep 7 16:11:11 gs pppd[743]: Script /etc/ppp/ip-up finished (pid 744), status = 0x0 Sep 7 16:11:11 gs pppd[743]: Terminating on signal 2. Sep 7 16:11:11 gs pppd[743]: Script /etc/ppp/ip-down started (pid 754) Sep 7 16:11:11 gs pppd[743]: sent [LCP TermReq id=0x3 "User request"] Sep 7 16:11:11 gs pppd[743]: rcvd [LCP TermAck id=0x3] Sep 7 16:11:11 gs pppd[743]: Connection terminated. Sep 7 16:11:11 gs pppd[743]: Connect time 0.1 minutes. Sep 7 16:11:11 gs pppd[743]: Sent 376 bytes, received 511 bytes. Sep 7 16:11:11 gs pppd[743]: Waiting for 1 child processes... Sep 7 16:11:11 gs pppd[743]: script /etc/ppp/ip-down, pid 754 Sep 7 16:11:11 gs pppd[743]: Script /etc/ppp/ip-down finished (pid 754), status = 0x0 Sep 7 16:11:11 gs pppd[743]: Exit. From mals at home.com Wed Sep 8 20:48:14 1999 From: mals at home.com (Malay Shah) Date: Wed Sep 8 20:48:14 1999 Subject: [pptp-server] options.ttyxx Message-ID: <001301befa65$653278c0$0240a8c0@mtmc1.on.wave.home.com> Hi, I was just wondering what ttys poptop uses, so I can name my options.tty file. Malay Shah -------------- next part -------------- An HTML attachment was scrubbed... URL: From mals at home.com Wed Sep 8 21:49:05 1999 From: mals at home.com (Malay Shah) Date: Wed Sep 8 21:49:05 1999 Subject: [pptp-server] options.ttyxx References: <001301befa65$653278c0$0240a8c0@mtmc1.on.wave.home.com> <99090912381500.20784@gibberling.moreton.com.au> Message-ID: <000501befa6d$e3993340$0240a8c0@mtmc1.on.wave.home.com> I have a default options file set for poptop in the pptpd.conf but I want to setup simaltaneous connections using the IPX protocol and I need a different ipx-network address for each connection. I know for a dial-up server, I can use options.ttyS1 (serial port 2) to set the ppp options for that connection. but what can i use to accomplish the same task for poptop? Malay Shah ----- Original Message ----- From: Matthew Ramsay To: Malay Shah Sent: Wednesday, September 08, 1999 10:37 PM Subject: Re: [pptp-server] options.ttyxx > > It uses the first free pty from memory.. i name my options file options.poptop > > -matt > > > On Thu, 09 Sep 1999, you wrote: > >>Hi, I was just wondering what ttys poptop uses, so I can name my options.tty file. > > > >Malay Shah > > > > > > ---------------------------------------- > Content-Type: text/html; name="unnamed" > Content-Transfer-Encoding: quoted-printable > Content-Description: > ---------------------------------------- > > -- > Matthew Ramsay > From mals at home.com Wed Sep 8 22:08:01 1999 From: mals at home.com (Malay Shah) Date: Wed Sep 8 22:08:01 1999 Subject: [pptp-server] options.ttyxx References: <001301befa65$653278c0$0240a8c0@mtmc1.on.wave.home.com> <99090912381500.20784@gibberling.moreton.com.au> <000501befa6d$e3993340$0240a8c0@mtmc1.on.wave.home.com> <000401befa6e$ebf7e170$0200a8c0@KENNY> Message-ID: <005c01befa70$88089ea0$0240a8c0@mtmc1.on.wave.home.com> ok. i have it set in there but how can i use another options file also, along with the one set in the pptpd.conf. the problem that i'm having is that i can't have more than one person using ipx because the value for the ipx-network option specified in options.pptpd is the same for all connections and ipx requires different network numbers for each connection so that ipxd can handle the routing. does anyone know which tty's poptop uses? Malay Shah ----- Original Message ----- From: Eric M. Woodruff To: Malay Shah Sent: Wednesday, September 08, 1999 10:56 PM Subject: Re: [pptp-server] options.ttyxx > You set it in the conf. > > // from pptpd.conf > option /etc/ppp/options.pptp > > Eric > woodruff at ao.net > > ----- Original Message ----- > From: Malay Shah > To: > Cc: > Sent: Wednesday, September 08, 1999 10:49 pm > Subject: Re: [pptp-server] options.ttyxx > > > > I have a default options file set for poptop in the pptpd.conf but I want > to > > setup simaltaneous connections using the IPX protocol and I need a > different > > ipx-network address for each connection. I know for a dial-up server, I > can > > use options.ttyS1 (serial port 2) to set the ppp options for that > > connection. but what can i use to accomplish the same task for poptop? > > > > Malay Shah > > > > ----- Original Message ----- > > From: Matthew Ramsay > > To: Malay Shah > > Sent: Wednesday, September 08, 1999 10:37 PM > > Subject: Re: [pptp-server] options.ttyxx > > > > > > > > > > It uses the first free pty from memory.. i name my options file > > options.poptop > > > > > > -matt > > > > > > > > > On Thu, 09 Sep 1999, you wrote: > > > >>Hi, I was just wondering what ttys poptop uses, so I can name my > > options.tty file. > > > > > > > >Malay Shah > > > > > > > > > > > > > > ---------------------------------------- > > > Content-Type: text/html; name="unnamed" > > > Content-Transfer-Encoding: quoted-printable > > > Content-Description: > > > ---------------------------------------- > > > > > > -- > > > Matthew Ramsay > > > > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > > From luyer at ucs.uwa.edu.au Wed Sep 8 22:41:41 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Wed Sep 8 22:41:41 1999 Subject: [pptp-server] ipx network numbers Message-ID: <199909090341.LAA29514@typhaon.ucs.uwa.edu.au> I'll submit a patch shortly to allocate IPX network numbers in PPTPd. David. From neale at lowendale.com.au Thu Sep 9 02:28:57 1999 From: neale at lowendale.com.au (Neale Banks) Date: Thu Sep 9 02:28:57 1999 Subject: [pptp-server] localip,remoteip and netmasks Message-ID: Hi, In my pptpd.conf, I have localip and remoteip ranges specified from the local network which is a /25. FWIW, the pptp server also has an ethernet interface in this /25. These addresses fall in the range of traditional C-class addresses. However, when a user connects via pptp (from a Win98 box), they are assigned an ip with a /24 netmask. "man pptpd.conf" makes no mention of netmasks :-( The obvious suggestion is that something is taking a classful view of netmasks (but what?). Any idea of the solution to this? Thanks, Neale. From luyer at ucs.uwa.edu.au Thu Sep 9 02:51:49 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Thu Sep 9 02:51:49 1999 Subject: [pptp-server] just committed - ipx network number allocation by pptpd (optional) Message-ID: <199909090751.PAA32343@typhaon.ucs.uwa.edu.au> the latest version in cvs now does ipx network allocation by pptpd. i'm sure there will be a release soon. david. From luyer at ucs.uwa.edu.au Thu Sep 9 02:52:43 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Thu Sep 9 02:52:43 1999 Subject: [pptp-server] re - netmask qstn Message-ID: <199909090752.PAA32355@typhaon.ucs.uwa.edu.au> the netmask is set in the pppd config file not the pptpd config file. if this isn't in the faq it should be added. David. From neale at lowendale.com.au Thu Sep 9 03:32:45 1999 From: neale at lowendale.com.au (Neale Banks) Date: Thu Sep 9 03:32:45 1999 Subject: [pptp-server] Re: re - netmask qstn In-Reply-To: <199909090752.PAA32355@typhaon.ucs.uwa.edu.au> Message-ID: On Thu, 9 Sep 1999, David Luyer wrote: > the netmask is set in the pppd config file not the pptpd config > file. if this isn't in the faq it should be added. OK, I see that in /etc/ppp/options. But seeing as we are specifying the ip addresses in pptpd.conf, then surely (IMHO) that is the place for specifying the netmask that goes along with them? Regards, Neale. From neale at lowendale.com.au Thu Sep 9 09:19:02 1999 From: neale at lowendale.com.au (Neale Banks) Date: Thu Sep 9 09:19:02 1999 Subject: [pptp-server] Req: pppd patch to strip MS \\ In-Reply-To: <01BEF7E2.E3024940.srhodes@cpinternet.com> Message-ID: On Sun, 5 Sep 1999, Steve Rhodes wrote: > This is a very quick hack I did, which can obviously be improved upon. It > actually is applied against chap.c in the pppd code. I am including the > patch in the body of this message which should be run against the source > code at patch level 0 from within the same directory. If you name the > patch chap.diff and put it into ppp-2.3.8/pppd, you can say > > patch -p0 < chap.diff. Belated thanks Steve - this patch appears to do the trick nicely. For completeness, could you please confirm the copyright/licensing for this piece of code. Thanks, Neale. From srhodes at cpinternet.com Thu Sep 9 12:26:38 1999 From: srhodes at cpinternet.com (Steve Rhodes) Date: Thu Sep 9 12:26:38 1999 Subject: [pptp-server] Req: pppd patch to strip MS \\ Message-ID: <01BEFABE.3A931300.srhodes@cpinternet.com> I'm happy that this worked OK for you. I would assume that the pppd stuff is GPL'd open source. As far as the patch goes, whatever you want to do with it is fine, I don't put any kind of copyright or license on it. -----Original Message----- From: Neale Banks [SMTP:neale at lowendale.com.au] Sent: Thursday, September 09, 1999 9:28 AM To: Steve Rhodes Cc: pptp-server at lists.schulte.org Subject: RE: [pptp-server] Req: pppd patch to strip MS \\ On Sun, 5 Sep 1999, Steve Rhodes wrote: > This is a very quick hack I did, which can obviously be improved upon. It > actually is applied against chap.c in the pppd code. I am including the > patch in the body of this message which should be run against the source > code at patch level 0 from within the same directory. If you name the > patch chap.diff and put it into ppp-2.3.8/pppd, you can say > > patch -p0 < chap.diff. Belated thanks Steve - this patch appears to do the trick nicely. For completeness, could you please confirm the copyright/licensing for this piece of code. Thanks, Neale. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulte.org! From jcaspen at ittc.ukans.edu Thu Sep 9 14:15:39 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Thu Sep 9 14:15:39 1999 Subject: [pptp-server] problem to unpack 0.9.14 Message-ID: <37D8074C.719FEA52@ittc.ukans.edu> % tar xvzf pptpd-0_9_14.tgz gzip: stdin: invalid compressed data--format violated tar: Child returned status 1 tar: Error exit delayed from previous errors I downloaded the file many times, is it a problem of the package? From mals at home.com Thu Sep 9 16:27:50 1999 From: mals at home.com (Malay Shah) Date: Thu Sep 9 16:27:50 1999 Subject: [pptp-server] just committed - ipx network number allocation by pptpd (optional) References: <199909090751.PAA32343@typhaon.ucs.uwa.edu.au> Message-ID: <002701befb0a$2e100880$0240a8c0@mtmc1.on.wave.home.com> Hi, I tried it out and it works great. thanks a lot Malay Shah ----- Original Message ----- From: David Luyer To: Sent: Thursday, September 09, 1999 3:51 AM Subject: [pptp-server] just committed - ipx network number allocation by pptpd (optional) > > the latest version in cvs now does ipx network allocation by pptpd. > i'm sure there will be a release soon. > > david. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From tmk at netmagic.net Thu Sep 9 18:08:09 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 9 18:08:09 1999 Subject: [pptp-server] problem to unpack 0.9.14 In-Reply-To: <37D8074C.719FEA52@ittc.ukans.edu> Message-ID: make sure your download program didnt gunzip it first (try untarring first) also make sure it was downloaded in binary mode. I'm using that ver at home and it works fine. Kevin On Thu, 9 Sep 1999, Carlos Javier Castro Pena wrote: > % tar xvzf pptpd-0_9_14.tgz > > gzip: stdin: invalid compressed data--format violated > tar: Child returned status 1 > tar: Error exit delayed from previous errors > > > I downloaded the file many times, is it a problem of the package? > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From matthewr at moreton.com.au Thu Sep 9 18:19:44 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Thu Sep 9 18:19:44 1999 Subject: [pptp-server] v0.9.16 released Message-ID: <99091009134001.31656@gibberling.moreton.com.au> PoPToP v0.9.16 has been released! Grab your copy here: http://www.moretonbay.com/vpn/download_pptp.html ChangeLog - IPX network number management - note that this changes the syntax for calling pptpctrl if you use it directly, and means you must re-start pptpd when you upgrade due to the chanced syntax - New README.slirp - HOWTO-IPX+PPTP PoPToP Dev Team From jfinnecy at merical.com Fri Sep 10 12:06:11 1999 From: jfinnecy at merical.com (Jonathan Finnecy) Date: Fri Sep 10 12:06:11 1999 Subject: [pptp-server] Re: problem with 0_9_14.tgz In-Reply-To: <199909101700.MAA26861@snaildust.schulte.org> Message-ID: <4.1.19990910100431.00958700@192.168.4.1> I have had this same problem repeatedly with more than one version of pptpd. Turns out it works fine when downloaded on another guy's machine and then moved to the server. The only difference? I use Netscape 4.51 and he uses an old version of Internet Explorer. Might it be possible that netscape is screwing up the download somehow? -Jon On Thu, 9 Sep 1999, Carlos Javier Castro Pena wrote: > % tar xvzf pptpd-0_9_14.tgz > > gzip: stdin: invalid compressed data--format violated > tar: Child returned status 1 > tar: Error exit delayed from previous errors > > > I downloaded the file many times, is it a problem of the package? > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From allanc at sco.com Fri Sep 10 13:23:29 1999 From: allanc at sco.com (Allan Clark) Date: Fri Sep 10 13:23:29 1999 Subject: [pptp-server] Re: problem with 0_9_14.tgz References: <4.1.19990910100431.00958700@192.168.4.1> Message-ID: <37D94C83.FF60DE3E@sco.com> I think I mentioned that the download from that server is identified with the MIME type of text/plain, which Netscape treats as text, silently replacing EOLn markers from/to MSDos format and Unix format. > bash-2.01$ telnet www.moretonbay.com 80 > Trying 209.162.4.87... > Connected to www.moretonbay.com. > Escape character is '^]'. > HEAD /vpn/releases/pptpd-0.9.16.tgz HTTP/1.0 > > HTTP/1.1 200 OK > Date: Fri, 10 Sep 1999 18:11:05 GMT > Server: Apache/1.3.1 (Unix) > Last-Modified: Thu, 09 Sep 1999 23:08:11 GMT > ETag: "81ed-1b400-37d83ddb" > Accept-Ranges: bytes > Content-Length: 111616 > Connection: close > Content-Type: text/plain > > Connection closed by foreign host. > What this ("Content-Type: text/plain") requires to fix is that the file ext "tgz" be registered as "application/x-gzipped-tar" or something non-standard which will cause Netscape to download it without touching it (yes, you have 0.9.14, I tried 0.9.16). If I recall, on Apache you can do this with a modification to the conf/httpd.conf file with: AddType application/x-gzipped-tar TGZ ( http://www.apache.org/docs/mod/mod_mime.html#addtype refers ) This can also be resolved with an FTP download URL -- completely avoids the issue. FYC Allan Jonathan Finnecy wrote: > I have had this same problem repeatedly with more than one version of pptpd. > Turns out it works fine when downloaded on another guy's machine and then moved > to the server. The only difference? I use Netscape 4.51 and he uses an old > version of Internet Explorer. Might it be possible that netscape is screwing > up the download somehow? > > -Jon > > On Thu, 9 Sep 1999, Carlos Javier Castro Pena wrote: > > % tar xvzf pptpd-0_9_14.tgz > > > > gzip: stdin: invalid compressed data--format violated > > tar: Child returned status 1 > > tar: Error exit delayed from previous errors > > > > > > I downloaded the file many times, is it a problem of the package? > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From matts at ilx.com Fri Sep 10 14:36:03 1999 From: matts at ilx.com (Matt Stockdale) Date: Fri Sep 10 14:36:03 1999 Subject: [pptp-server] Arp Problems? (no data transfer to other hosts on servers subnet) Message-ID: <37D95EB1.F4A07814@ilx.com> I downloaded and installed the latest version of poptop on one of my internet gateway machines. I am trying to connect to it from home.. I have an interesting situation where I am attempting to use the MS VPN client to actually get _out_ of a protected network. I have a RH linux 5.2 box at home that connects to work via ISDN. I have a Win98 box connected to my home linux box via ethernet. I have the VPN masq patches in place on the linux box. I places the PPTP server on a dual homed machine that has access to both our internal network (reserved addresses 172.27.0.0) and our internet feed. The VPN client connects fine, and the PPTP server (masq) can ping it, accept telnets from it, etc, just fine. the problem is, once I connect the VPN client on my windows box I can't connect to anything else but masq. I have tried having the PPTP server assign both it's own internet address and a spare internet address, and a 2nd spare internet address is assigned to the VPN client. logging into our internet router, I cannot ping the VPN IP, but it does show up w/ the same MAC address as the PPTP host when I do a "show arp".. ip_forwarding and proxy_arp is enabled for _all_ interfaces on the PPTP host. I can't seem to find any errors, other that it just plain not working. +----------+ +----------+ +-----------+ +-------------+ | Win98 | |RH 5.2 | |ISDN Server| |PPTP Server | | VPN clnt |-------------|masq+vpn |---------------| |-------------| |-inet +----------+ +----------+ +-----------+ +-------------+ connects to ISDN working this is actually can ping VPN pptp server the whole internernal client fine network Any ideas? Thanks, Matt From tmk at netmagic.net Fri Sep 10 15:24:44 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 10 15:24:44 1999 Subject: [pptp-server] Arp Problems? (no data transfer to other hosts on servers subnet) In-Reply-To: <37D95EB1.F4A07814@ilx.com> Message-ID: This is sort of confusing to me, but here's the impression i get: you have a windows box on teh same ethernet wire as a linux box, and the linux box has an isdn line that connects to your work network, which in turn connects to the internet somehow. first off, i don't think you need masqing at all. You might need to add routes to the routing table (linux box)to get your computer to see everything. Be sure to tell your windows machine the default gateway that goes out to the internet. Just FYI, windows has the nasty habit of sending everything through the vpn link regardless of the routing table you have set up at home, so if you connect to the pptp server with tcp, tcp will only work on that link. Kevin On Fri, 10 Sep 1999, Matt Stockdale wrote: > I downloaded and installed the latest version of poptop on one of my > internet gateway machines. I am trying to connect to it from home.. I > have an interesting situation where I am attempting to use the MS VPN > client to actually get _out_ of a protected network. I have a RH linux > 5.2 box at home that > connects to work via ISDN. I have a Win98 box connected to my home linux > box via ethernet. I have the VPN masq patches in place on the linux box. > I places the PPTP server on a dual homed machine that has access to both > our internal network (reserved addresses 172.27.0.0) and our internet > feed. The VPN client connects fine, and the PPTP server (masq) can ping > it, accept telnets from it, etc, just fine. > the problem is, once I connect the VPN client on my windows box I can't > connect to anything else but masq. > > I have tried having the PPTP server assign both it's own internet > address and a spare internet address, and a 2nd spare internet address > is assigned to the VPN client. logging into our internet router, I > cannot ping the VPN IP, but it does show up w/ the same MAC address as > the PPTP host when I do a "show arp".. > > ip_forwarding and proxy_arp is enabled for _all_ interfaces on the PPTP > host. > > I can't seem to find any errors, other that it just plain not working. > > > +----------+ +----------+ > +-----------+ +-------------+ > | Win98 | |RH 5.2 | |ISDN > Server| |PPTP Server | > | VPN clnt |-------------|masq+vpn |---------------| > |-------------| |-inet > +----------+ +----------+ > +-----------+ +-------------+ > > connects to ISDN working this is actually can ping VPN > pptp server the whole internernal client > fine network > > Any ideas? > > Thanks, > Matt > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From matts at ilx.com Fri Sep 10 15:44:19 1999 From: matts at ilx.com (Matt Stockdale) Date: Fri Sep 10 15:44:19 1999 Subject: [pptp-server] Arp Problems? (no data transfer to other hosts on servers subnet) References: Message-ID: <37D96DC7.4D177CDB@ilx.com> My apologies, I will try to clear this up. My linux box connects to a Cisco ISDN router at work. That router only supplies me 1 IP address. so, to make use of the other machines on my home network (the 98 Box, A Laptop, and 2 SparcStations) I run IP Masquerading. The IP address supplied (for the ISDN link) is a one of the reserved private network addresses, 172.27.x.x. The other machines on my network use 192.168.1.x addresses, which do not get routed over the ISDN. The Cisco ISDN router is in the Core of my work network. We use all reserved addresses, with the exception of the gateway machines, which run a HTTP caching proxy (Squid), Sendmail, and a Socks5 proxy server. These gateway machines each have 2 ethernet cards, one that connects to our core network, and another that connects to our Class C on the internet. Our internal routers have no path to the internet, but can talk to each of the gateway machines. I installed the PPTP server on one of these gateway machines. tmk wrote: > > This is sort of confusing to me, but here's the impression i get: > > you have a windows box on teh same ethernet wire as a linux box, and the > linux box has an isdn line that connects to your work network, which in > turn connects to the internet somehow. > > first off, i don't think you need masqing at all. You might need to add > routes to the routing table (linux box)to get your computer to see > everything. Be sure to tell your windows machine the default gateway that > goes out to the internet. > > Just FYI, windows has the nasty habit of sending everything through the > vpn link regardless of the routing table you have set up at home, so if > you connect to the pptp server with tcp, tcp will only work on that link. > > Kevin > > On Fri, 10 Sep 1999, Matt Stockdale wrote: > > > I downloaded and installed the latest version of poptop on one of my > > internet gateway machines. I am trying to connect to it from home.. I > > have an interesting situation where I am attempting to use the MS VPN > > client to actually get _out_ of a protected network. I have a RH linux > > 5.2 box at home that > > connects to work via ISDN. I have a Win98 box connected to my home linux > > box via ethernet. I have the VPN masq patches in place on the linux box. > > I places the PPTP server on a dual homed machine that has access to both > > our internal network (reserved addresses 172.27.0.0) and our internet > > feed. The VPN client connects fine, and the PPTP server (masq) can ping > > it, accept telnets from it, etc, just fine. > > the problem is, once I connect the VPN client on my windows box I can't > > connect to anything else but masq. > > > > I have tried having the PPTP server assign both it's own internet > > address and a spare internet address, and a 2nd spare internet address > > is assigned to the VPN client. logging into our internet router, I > > cannot ping the VPN IP, but it does show up w/ the same MAC address as > > the PPTP host when I do a "show arp".. > > > > ip_forwarding and proxy_arp is enabled for _all_ interfaces on the PPTP > > host. > > > > I can't seem to find any errors, other that it just plain not working. > > > > > > +----------+ +----------+ > > +-----------+ +-------------+ > > | Win98 | |RH 5.2 | |ISDN > > Server| |PPTP Server | > > | VPN clnt |-------------|masq+vpn |---------------| > > |-------------| |-inet > > +----------+ +----------+ > > +-----------+ +-------------+ > > > > connects to ISDN working this is actually can ping VPN > > pptp server the whole internernal client > > fine network > > > > Any ideas? > > > > Thanks, > > Matt > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > From tmk at netmagic.net Fri Sep 10 16:04:44 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 10 16:04:44 1999 Subject: [pptp-server] Arp Problems? (no data transfer to other hosts on servers subnet) In-Reply-To: <37D96DC7.4D177CDB@ilx.com> Message-ID: OK, then the only masqing you need to do is from the ip-pool assigned to pptp on the linux box to the ip range 172.27.x.x you don't need vpn masq. Kevin On Fri, 10 Sep 1999, Matt Stockdale wrote: > My apologies, I will try to clear this up. > > My linux box connects to a Cisco ISDN router at work. That router only > supplies me 1 IP address. so, to make use of the other machines on my > home network (the 98 Box, A Laptop, and 2 SparcStations) I run IP > Masquerading. The IP address supplied (for the ISDN link) is a one of > the reserved private network addresses, 172.27.x.x. The other machines > on my network use 192.168.1.x addresses, which do not get routed over > the ISDN. > > The Cisco ISDN router is in the Core of my work network. We use all > reserved addresses, with the > exception of the gateway machines, which run a HTTP caching proxy > (Squid), Sendmail, and a Socks5 > proxy server. These gateway machines each have 2 ethernet cards, one > that connects to our core network, and another that connects to our > Class C on the internet. Our internal routers have no path to the > internet, but can talk to each of the gateway machines. I installed the > PPTP server on one of these gateway machines. > > tmk wrote: > > > > This is sort of confusing to me, but here's the impression i get: > > > > you have a windows box on teh same ethernet wire as a linux box, and the > > linux box has an isdn line that connects to your work network, which in > > turn connects to the internet somehow. > > > > first off, i don't think you need masqing at all. You might need to add > > routes to the routing table (linux box)to get your computer to see > > everything. Be sure to tell your windows machine the default gateway that > > goes out to the internet. > > > > Just FYI, windows has the nasty habit of sending everything through the > > vpn link regardless of the routing table you have set up at home, so if > > you connect to the pptp server with tcp, tcp will only work on that link. > > > > Kevin > > > > On Fri, 10 Sep 1999, Matt Stockdale wrote: > > > > > I downloaded and installed the latest version of poptop on one of my > > > internet gateway machines. I am trying to connect to it from home.. I > > > have an interesting situation where I am attempting to use the MS VPN > > > client to actually get _out_ of a protected network. I have a RH linux > > > 5.2 box at home that > > > connects to work via ISDN. I have a Win98 box connected to my home linux > > > box via ethernet. I have the VPN masq patches in place on the linux box. > > > I places the PPTP server on a dual homed machine that has access to both > > > our internal network (reserved addresses 172.27.0.0) and our internet > > > feed. The VPN client connects fine, and the PPTP server (masq) can ping > > > it, accept telnets from it, etc, just fine. > > > the problem is, once I connect the VPN client on my windows box I can't > > > connect to anything else but masq. > > > > > > I have tried having the PPTP server assign both it's own internet > > > address and a spare internet address, and a 2nd spare internet address > > > is assigned to the VPN client. logging into our internet router, I > > > cannot ping the VPN IP, but it does show up w/ the same MAC address as > > > the PPTP host when I do a "show arp".. > > > > > > ip_forwarding and proxy_arp is enabled for _all_ interfaces on the PPTP > > > host. > > > > > > I can't seem to find any errors, other that it just plain not working. > > > > > > > > > +----------+ +----------+ > > > +-----------+ +-------------+ > > > | Win98 | |RH 5.2 | |ISDN > > > Server| |PPTP Server | > > > | VPN clnt |-------------|masq+vpn |---------------| > > > |-------------| |-inet > > > +----------+ +----------+ > > > +-----------+ +-------------+ > > > > > > connects to ISDN working this is actually can ping VPN > > > pptp server the whole internernal client > > > fine network > > > > > > Any ideas? > > > > > > Thanks, > > > Matt > > > > > > _______________________________________________ > > > pptp-server maillist - pptp-server at lists.schulte.org > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > List services provided by www.schulte.org! > > > > From chris at electricmail.com Fri Sep 10 20:08:21 1999 From: chris at electricmail.com (Chris Hyde) Date: Fri Sep 10 20:08:21 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem Message-ID: <19990910180753.A12273@electricmail.com> Hi there, Has anything been resolved with the pptpd / Windows 98 performance issue? I've just read through the archives and there seems to be no answer. My problem: RedHat 6.0 2.2.10 kernel pptpd 0.9.16 Server on a 3Mb/s fibre Win98 client on a cable modem connection. Usual ping is ~25ms. Connect via VPN and start a ping on the server back to my client: PING x.x.x.x (x.x.x.x): 56 data bytes 64 bytes from x.x.x.x: icmp_seq=0 ttl=128 time=33.3 ms 64 bytes from x.x.x.x: icmp_seq=2 ttl=128 time=32.5 ms 64 bytes from x.x.x.x: icmp_seq=3 ttl=128 time=32.9 ms 64 bytes from x.x.x.x: icmp_seq=4 ttl=128 time=31.7 ms 64 bytes from x.x.x.x: icmp_seq=5 ttl=128 time=35.8 ms 64 bytes from x.x.x.x: icmp_seq=6 ttl=128 time=35.6 ms All great so far, then I actually use the connection from the client side (hit an internal website). Before the website is loaded I see: 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms ... and then the connection will finally break down entirely and no data will be transferred. There is not a connection problem between me and the server at all. At the time of testing I was getting <20ms and no packet loss. I tried tweaking the PCKT_RECV_WINDOW_SIZE and this improved performance but I would eventually get the same out-of-sync like behaviour where the pings would go through the roof and stay there. Higher WINDOW_SIZE's would just put this off for a few more pages ... Anyone have any answers for this one? -- ********************************************************************** Chris Hyde The Electric Mail Company Voice : (604) 482-1111 Info : www.electricmail.com Fax : (604) 482-1110 Email : chris at electricmail.com Lister: We want no muffins, no toast, no tea cakes, no buns, baps, baggets or bagels. No croissants, no crumpets, no pancakes, no potato cakes, and no hot cross buns. And definitely no smegging flapjacks! Toaster: Ah! So you're a waffle man! *********************************************************************** From tmk at netmagic.net Fri Sep 10 21:49:48 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 10 21:49:48 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem References: <19990910180753.A12273@electricmail.com> Message-ID: <002701befc00$a48f3200$071c0fc0@lala.net> So does this packet loss occur at the time of hitting the internal website, before, after or independantly.. Will it happen if just ping is used? There might be some sort of leak in the gre forwarding stuff.. but i need some more info before i can check it out. Sounds like it's dropping lots of packets. Kevin ----- Original Message ----- From: Chris Hyde To: Sent: Friday, September 10, 1999 6:07 PM Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem > Hi there, > > Has anything been resolved with the pptpd / Windows 98 performance > issue? I've just read through the archives and there seems to be > no answer. > > My problem: > > RedHat 6.0 2.2.10 kernel pptpd 0.9.16 Server on a 3Mb/s fibre > Win98 client on a cable modem connection. > > Usual ping is ~25ms. > > Connect via VPN and start a ping on the server back to my client: > > PING x.x.x.x (x.x.x.x): 56 data bytes > 64 bytes from x.x.x.x: icmp_seq=0 ttl=128 time=33.3 ms > 64 bytes from x.x.x.x: icmp_seq=2 ttl=128 time=32.5 ms > 64 bytes from x.x.x.x: icmp_seq=3 ttl=128 time=32.9 ms > 64 bytes from x.x.x.x: icmp_seq=4 ttl=128 time=31.7 ms > 64 bytes from x.x.x.x: icmp_seq=5 ttl=128 time=35.8 ms > 64 bytes from x.x.x.x: icmp_seq=6 ttl=128 time=35.6 ms > > All great so far, then I actually use the connection from the client > side (hit an internal website). Before the website is loaded I see: > > 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms > 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms > 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms > 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms > 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms > 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms > 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms > 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms > 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms > 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms > 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms > 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms > > ... and then the connection will finally break down entirely and no > data will be transferred. There is not a connection problem between me > and the server at all. At the time of testing I was getting <20ms and > no packet loss. > > I tried tweaking the PCKT_RECV_WINDOW_SIZE and this improved performance > but I would eventually get the same out-of-sync like behaviour where > the pings would go through the roof and stay there. > > Higher WINDOW_SIZE's would just put this off for a few more pages ... > > Anyone have any answers for this one? > > > -- > ********************************************************************** > Chris Hyde > The Electric Mail Company > > Voice : (604) 482-1111 Info : www.electricmail.com > Fax : (604) 482-1110 Email : chris at electricmail.com > > Lister: We want no muffins, no toast, no tea cakes, no buns, baps, > baggets or bagels. No croissants, no crumpets, no pancakes, > no potato cakes, and no hot cross buns. And definitely no > smegging flapjacks! > Toaster: Ah! So you're a waffle man! > > *********************************************************************** > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From chris at electricmail.com Fri Sep 10 22:26:34 1999 From: chris at electricmail.com (Chris Hyde) Date: Fri Sep 10 22:26:34 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem In-Reply-To: <002701befc00$a48f3200$071c0fc0@lala.net>; from tmk on Fri, Sep 10, 1999 at 07:52:08PM -0700 References: <19990910180753.A12273@electricmail.com> <002701befc00$a48f3200$071c0fc0@lala.net> Message-ID: <19990910202622.A12993@electricmail.com> If I leave the ping going it will sit quite happily at ~30ms. As soon as I tranfer a lot of data - it doesn't have to be a website, do an ftp or anything that starts sending large amounts of data down the link, then the ping time will rise and huge packet loss will occur. Any more info, or debugging I can do let me know. Chris On Fri, Sep 10, 1999 at 07:52:08PM -0700, tmk wrote: > So does this packet loss occur at the time of hitting the internal website, > before, after or independantly.. Will it happen if just ping is used? There > might be some sort of leak in the gre forwarding stuff.. but i need some > more info before i can check it out. Sounds like it's dropping lots of > packets. > > Kevin > ----- Original Message ----- > From: Chris Hyde > To: > Sent: Friday, September 10, 1999 6:07 PM > Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem > > > > Hi there, > > > > Has anything been resolved with the pptpd / Windows 98 performance > > issue? I've just read through the archives and there seems to be > > no answer. > > > > My problem: > > > > RedHat 6.0 2.2.10 kernel pptpd 0.9.16 Server on a 3Mb/s fibre > > Win98 client on a cable modem connection. > > > > Usual ping is ~25ms. > > > > Connect via VPN and start a ping on the server back to my client: > > > > PING x.x.x.x (x.x.x.x): 56 data bytes > > 64 bytes from x.x.x.x: icmp_seq=0 ttl=128 time=33.3 ms > > 64 bytes from x.x.x.x: icmp_seq=2 ttl=128 time=32.5 ms > > 64 bytes from x.x.x.x: icmp_seq=3 ttl=128 time=32.9 ms > > 64 bytes from x.x.x.x: icmp_seq=4 ttl=128 time=31.7 ms > > 64 bytes from x.x.x.x: icmp_seq=5 ttl=128 time=35.8 ms > > 64 bytes from x.x.x.x: icmp_seq=6 ttl=128 time=35.6 ms > > > > All great so far, then I actually use the connection from the client > > side (hit an internal website). Before the website is loaded I see: > > > > 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms > > 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms > > 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms > > 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms > > 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms > > 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms > > 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms > > 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms > > 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms > > 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms > > 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms > > 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms > > > > ... and then the connection will finally break down entirely and no > > data will be transferred. There is not a connection problem between me > > and the server at all. At the time of testing I was getting <20ms and > > no packet loss. > > > > I tried tweaking the PCKT_RECV_WINDOW_SIZE and this improved performance > > but I would eventually get the same out-of-sync like behaviour where > > the pings would go through the roof and stay there. > > > > Higher WINDOW_SIZE's would just put this off for a few more pages ... > > > > Anyone have any answers for this one? > > > > > > -- > > ********************************************************************** > > Chris Hyde > > The Electric Mail Company > > > > Voice : (604) 482-1111 Info : www.electricmail.com > > Fax : (604) 482-1110 Email : chris at electricmail.com > > > > Lister: We want no muffins, no toast, no tea cakes, no buns, baps, > > baggets or bagels. No croissants, no crumpets, no pancakes, > > no potato cakes, and no hot cross buns. And definitely no > > smegging flapjacks! > > Toaster: Ah! So you're a waffle man! > > > > *********************************************************************** > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > -- ********************************************************************** Chris Hyde The Electric Mail Company Voice : (604) 482-1111 Info : www.electricmail.com Fax : (604) 482-1110 Email : chris at electricmail.com "VEGETARIAN" - That's an old Indian word meaning "I don't hunt so good." -- Red Green *********************************************************************** From mals at home.com Sat Sep 11 18:00:24 1999 From: mals at home.com (Malay Shah) Date: Sat Sep 11 18:00:24 1999 Subject: [pptp-server] pptpd & ipx Message-ID: <000801befca9$73b273a0$0240a8c0@mtmc1.on.wave.home.com> Hi, I know this is not a pptpd problem, but it involves it. for some reason, I can't seem to get ipxd to route packets between different ipx networks from my pptp connection to my localnet. I figured this out by trying to play a game and it never seemed to work. then i tried entering \\computername when ipxd wasn't running and that also worked, so that lead me to the conclusion that ipxd was not routing packets from my pptp connection to my localnet. has anyone had any success with ipx over pptp? Malay Shah -------------- next part -------------- An HTML attachment was scrubbed... URL: From tmk at netmagic.net Sat Sep 11 23:15:24 1999 From: tmk at netmagic.net (tmk) Date: Sat Sep 11 23:15:24 1999 Subject: [pptp-server] pptpd & ipx References: <000801befca9$73b273a0$0240a8c0@mtmc1.on.wave.home.com> Message-ID: <001501befcd5$efc2b0a0$071c0fc0@lala.net> i believe you mean FORWARDING packets.. Routing requires that you know the destination. For example, tiberian sun has a network section where you type the ipx network in so it knows where the other computer is. If you don't do that, nothing gets sent to their interface. I have been halfheartedly looking into a way to allow multiple interfaces to share the same network number and forward packets between them, or have some kind of masquerading service. Unfortunately, i don't have that much time and there are other, more interesting things i could be doing :) Kevin ----- Original Message ----- From: Malay Shah To: pptp-server at lists.schulte.org Sent: Saturday, September 11, 1999 4:00 PM Subject: [pptp-server] pptpd & ipx Hi, I know this is not a pptpd problem, but it involves it. for some reason, I can't seem to get ipxd to route packets between different ipx networks from my pptp connection to my localnet. I figured this out by trying to play a game and it never seemed to work. then i tried entering \\computername when ipxd wasn't running and that also worked, so that lead me to the conclusion that ipxd was not routing packets from my pptp connection to my localnet. has anyone had any success with ipx over pptp? Malay Shah -------------- next part -------------- An HTML attachment was scrubbed... URL: From neale at lowendale.com.au Sun Sep 12 22:26:26 1999 From: neale at lowendale.com.au (Neale Banks) Date: Sun Sep 12 22:26:26 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem In-Reply-To: <19990910202622.A12993@electricmail.com> Message-ID: On Fri, 10 Sep 1999, Chris Hyde wrote: > If I leave the ping going it will sit quite happily at ~30ms. As soon > as I tranfer a lot of data - it doesn't have to be a website, do an > ftp or anything that starts sending large amounts of data down the link, > then the ping time will rise and huge packet loss will occur. > > Any more info, or debugging I can do let me know. [...] Do we know for certain that this is in pptp and not the overlying ppp? For example, is the problem observed running the same ppp config to the same server over a modem link? Alternatively, is there some way of testing the GRE component independently of the ppp? IIRC there was a GRE-traceroute kicking around somewhere - could that be hacked to some advantage here? Neale. From luyer at ucs.uwa.edu.au Mon Sep 13 04:59:38 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Mon Sep 13 04:59:38 1999 Subject: [pptp-server] Re: re - netmask qstn In-Reply-To: Your message of "Thu, 09 Sep 1999 18:41:11 +1000." Message-ID: <199909130959.RAA18145@typhaon.ucs.uwa.edu.au> > On Thu, 9 Sep 1999, David Luyer wrote: > > > the netmask is set in the pppd config file not the pptpd config > > file. if this isn't in the faq it should be added. > > OK, I see that in /etc/ppp/options. But seeing as we are specifying the > ip addresses in pptpd.conf, then surely (IMHO) that is the place for > specifying the netmask that goes along with them? pptpd.conf specifies only the things which can't be specified in /etc/ppp/options - for example, things which vary per-client. netmask and any other options which are the same for all clients are specified in /etc/ppp/options (or /etc/ppp/options.pptp if you have a separate one). David. From phil at vibrationresearch.com Mon Sep 13 09:30:45 1999 From: phil at vibrationresearch.com (Philip Van Baren) Date: Mon Sep 13 09:30:45 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem In-Reply-To: <19990910180753.A12273@electricmail.com> Message-ID: <000901befdf5$2e382980$4500a8c0@bud.ameritech.net> Chris, When you tweaked the PCKT_RECV_WINDOW_SIZE, what values did you try? With my setup, using a value of 1 gives poor performance, 2 through 8 give OK performance, and above 8 (or matching the other side's value, like is done in 0.9.16) results in lots of dropped packets. i.e. try making the following change in ctrlpacket.c to see if this works better: /* lets match their window size for now... was htons(PCKT_RECV_WINDOW_SIZE) */ out_call_rply.pckt_recv_size = htons(4); /* out_call_rqst->pckt_recv_size; */ Philip Van Baren > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Chris Hyde > Sent: Friday, September 10, 1999 9:08 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem > > > Hi there, > > Has anything been resolved with the pptpd / Windows 98 performance > issue? I've just read through the archives and there seems to be > no answer. > > My problem: > > RedHat 6.0 2.2.10 kernel pptpd 0.9.16 Server on a 3Mb/s fibre > Win98 client on a cable modem connection. > > Usual ping is ~25ms. > > Connect via VPN and start a ping on the server back to my client: > > PING x.x.x.x (x.x.x.x): 56 data bytes > 64 bytes from x.x.x.x: icmp_seq=0 ttl=128 time=33.3 ms > 64 bytes from x.x.x.x: icmp_seq=2 ttl=128 time=32.5 ms > 64 bytes from x.x.x.x: icmp_seq=3 ttl=128 time=32.9 ms > 64 bytes from x.x.x.x: icmp_seq=4 ttl=128 time=31.7 ms > 64 bytes from x.x.x.x: icmp_seq=5 ttl=128 time=35.8 ms > 64 bytes from x.x.x.x: icmp_seq=6 ttl=128 time=35.6 ms > > All great so far, then I actually use the connection from the client > side (hit an internal website). Before the website is loaded I see: > > 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms > 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms > 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms > 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms > 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms > 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms > 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms > 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms > 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms > 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms > 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms > 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms > > ... and then the connection will finally break down entirely and no > data will be transferred. There is not a connection problem between me > and the server at all. At the time of testing I was getting <20ms and > no packet loss. > > I tried tweaking the PCKT_RECV_WINDOW_SIZE and this improved performance > but I would eventually get the same out-of-sync like behaviour where > the pings would go through the roof and stay there. > > Higher WINDOW_SIZE's would just put this off for a few more pages ... > > Anyone have any answers for this one? > > > -- > ********************************************************************** > Chris Hyde > The Electric Mail Company > > Voice : (604) 482-1111 Info : www.electricmail.com > Fax : (604) 482-1110 Email : chris at electricmail.com > > Lister: We want no muffins, no toast, no tea cakes, no buns, baps, > baggets or bagels. No croissants, no crumpets, no pancakes, > no potato cakes, and no hot cross buns. And definitely no > smegging flapjacks! > Toaster: Ah! So you're a waffle man! > > *********************************************************************** > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From chris at electricmail.com Mon Sep 13 11:29:24 1999 From: chris at electricmail.com (Chris Hyde) Date: Mon Sep 13 11:29:24 1999 Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem In-Reply-To: <000901befdf5$2e382980$4500a8c0@bud.ameritech.net>; from Philip Van Baren on Mon, Sep 13, 1999 at 10:35:09AM -0400 References: <19990910180753.A12273@electricmail.com> <000901befdf5$2e382980$4500a8c0@bud.ameritech.net> Message-ID: <19990913092858.B23709@electricmail.com> Tried everything ... just kept incrementing it by 1 to see if the behaviour changed. It exhibited the same behaviour with 1,2,4,8 ... though larger values would increase performance for a while until it would flake out. Chris On Mon, Sep 13, 1999 at 10:35:09AM -0400, Philip Van Baren wrote: > Chris, > > When you tweaked the PCKT_RECV_WINDOW_SIZE, what values did you try? With > my setup, using a value of 1 gives poor performance, 2 through 8 give OK > performance, and above 8 (or matching the other side's value, like is done > in 0.9.16) results in lots of dropped packets. > > i.e. try making the following change in ctrlpacket.c to see if this works > better: > > /* lets match their window size for now... was htons(PCKT_RECV_WINDOW_SIZE) > */ > out_call_rply.pckt_recv_size = htons(4); /* out_call_rqst->pckt_recv_size; > */ > > Philip Van Baren > > > -----Original Message----- > > From: pptp-server-admin at lists.schulte.org > > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Chris Hyde > > Sent: Friday, September 10, 1999 9:08 PM > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] pptpd 0.9.16 / Win98 performance problem > > > > > > Hi there, > > > > Has anything been resolved with the pptpd / Windows 98 performance > > issue? I've just read through the archives and there seems to be > > no answer. > > > > My problem: > > > > RedHat 6.0 2.2.10 kernel pptpd 0.9.16 Server on a 3Mb/s fibre > > Win98 client on a cable modem connection. > > > > Usual ping is ~25ms. > > > > Connect via VPN and start a ping on the server back to my client: > > > > PING x.x.x.x (x.x.x.x): 56 data bytes > > 64 bytes from x.x.x.x: icmp_seq=0 ttl=128 time=33.3 ms > > 64 bytes from x.x.x.x: icmp_seq=2 ttl=128 time=32.5 ms > > 64 bytes from x.x.x.x: icmp_seq=3 ttl=128 time=32.9 ms > > 64 bytes from x.x.x.x: icmp_seq=4 ttl=128 time=31.7 ms > > 64 bytes from x.x.x.x: icmp_seq=5 ttl=128 time=35.8 ms > > 64 bytes from x.x.x.x: icmp_seq=6 ttl=128 time=35.6 ms > > > > All great so far, then I actually use the connection from the client > > side (hit an internal website). Before the website is loaded I see: > > > > 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms > > 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms > > 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms > > 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms > > 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms > > 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms > > 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms > > 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms > > 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms > > 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms > > 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms > > 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms > > > > ... and then the connection will finally break down entirely and no > > data will be transferred. There is not a connection problem between me > > and the server at all. At the time of testing I was getting <20ms and > > no packet loss. > > > > I tried tweaking the PCKT_RECV_WINDOW_SIZE and this improved performance > > but I would eventually get the same out-of-sync like behaviour where > > the pings would go through the roof and stay there. > > > > Higher WINDOW_SIZE's would just put this off for a few more pages ... > > > > Anyone have any answers for this one? > > > > > > -- > > ********************************************************************** > > Chris Hyde > > The Electric Mail Company > > > > Voice : (604) 482-1111 Info : www.electricmail.com > > Fax : (604) 482-1110 Email : chris at electricmail.com > > > > Lister: We want no muffins, no toast, no tea cakes, no buns, baps, > > baggets or bagels. No croissants, no crumpets, no pancakes, > > no potato cakes, and no hot cross buns. And definitely no > > smegging flapjacks! > > Toaster: Ah! So you're a waffle man! > > > > *********************************************************************** > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > -- ********************************************************************** Chris Hyde The Electric Mail Company Voice : (604) 482-1111 Info : www.electricmail.com Fax : (604) 482-1110 Email : chris at electricmail.com One tequila, two tequila, three tequila, floor. *********************************************************************** From iham at internode.net Mon Sep 13 16:48:42 1999 From: iham at internode.net (Ibrahim Hamouda) Date: Mon Sep 13 16:48:42 1999 Subject: [pptp-server] win98 secret Message-ID: <99091315483002.00379@ihamlaptop> Hi all This is my first message to the group. I just installed everything as per the instructions, ppp-2.3.8, mppe patch, SSLeay-0.6.6b, and pptpd-0.9.14 I don't think I could do it without the help of you guys, So big thanks. I can connect without any problems from winnt workstation or server, with the whole 9 yard (microsft encryption, data encryption), and I can also join the NT Domain behind the VPN Machine ( which is the firewall machine as well) BUT I can't get the damn WIN98 to authenticate at all. it complains that the pptpd server needs to authenticate the remote host, but it doesn't find a secret for it. I'm running Slakware 4.0, kernel 2.2.6 beside the mentioned above. any help will be appreciated. -- Ibrahim Hamouda Canada Online Business Directories ibrahim at online-canada.com From tmk at netmagic.net Mon Sep 13 19:16:23 1999 From: tmk at netmagic.net (tmk) Date: Mon Sep 13 19:16:23 1999 Subject: [pptp-server] win98 secret References: <99091315483002.00379@ihamlaptop> Message-ID: <000701befe46$df1df1c0$071c0fc0@lala.net> what does the pppd debug say during the process? you can find it in the /var/log/messages file (do tail /var/log/messages) or wherever your system logs are. Most likely win98 sends the domain info and the others do not, although it could be the other way around. pppd will usually tell you what is wrong. Kevin ----- Original Message ----- From: Ibrahim Hamouda To: Sent: Monday, September 13, 1999 2:35 PM Subject: [pptp-server] win98 secret > Hi all > This is my first message to the group. > > I just installed everything as per the instructions, > ppp-2.3.8, mppe patch, SSLeay-0.6.6b, and pptpd-0.9.14 > I don't think I could do it without the help of you guys, So big thanks. > > I can connect without any problems from winnt workstation or server, with the > whole 9 yard (microsft encryption, data encryption), and I can also join the > NT Domain behind the VPN Machine ( which is the firewall machine as well) > BUT > I can't get the damn WIN98 to authenticate at all. > it complains that the pptpd server needs to authenticate the remote host, but > it doesn't find a secret for it. > > I'm running Slakware 4.0, kernel 2.2.6 beside the mentioned above. > any help will be appreciated. > -- > Ibrahim Hamouda > Canada Online Business Directories > ibrahim at online-canada.com > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From matthewr at moreton.com.au Tue Sep 14 02:50:58 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue Sep 14 02:50:58 1999 Subject: [pptp-server] 0.9.17 Message-ID: <99091417445800.01730@gibberling.moreton.com.au> PoPToP v0.9.17 has been released. http://www.moretonbay.com/vpn/download_pptp.html http://www.moretonbay.com/vpn/releases/ChangeLog.txt From jerry at tesnosystems.com Tue Sep 14 12:05:41 1999 From: jerry at tesnosystems.com (Jerry Leahy) Date: Tue Sep 14 12:05:41 1999 Subject: [pptp-server] Win9x needs IP route added? Message-ID: <37DE64EF.A3366418@hotmail.com> Hi folks, Just set up PoPToP on a RH 6.0 box with a Win95 & Win98 client and it works great with some caveats. a) Linux server is firewall with 2 NIC's - external 200.200.200.200 and internal 172.16.1.1 b) Win95 is on cable modem 24.x.x.x /etc/pptp.conf looks like speed 115200 localip 172.16.10.1-254 remoteip 192.168.6.1-254 /* made this up - can it be anything?? */ PPTP connections work fine and the Win9x machines get an IP on the 192.168.6.x network. 'route print' on the Win9x machines gives: Active Routes: Network Address Netmask Gateway Address Interface Metric 0.0.0.0 0.0.0.0 24.130.64.1 24.130.64.x 1 24.130.64.0 255.255.252.0 24.130.64.34 24.130.64.x 1 24.130.64.x 255.255.255.255 127.0.0.1 127.0.0.1 1 24.255.255.255 255.255.255.255 24.130.64.34 24.130.64.x 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.6.0 255.255.255.0 192.168.6.1 192.168.6.1 1 192.168.6.1 255.255.255.255 127.0.0.1 127.0.0.1 1 200.200.200.200 255.255.255.255 24.130.64.1 24.130.64.x 1 224.0.0.0 224.0.0.0 192.168.6.1 192.168.6.1 1 224.0.0.0 224.0.0.0 24.130.64.34 24.130.64.34 1 255.255.255.255 255.255.255.255 192.168.6.1 192.168.6.1 1 As you can see, I have no route to the 172.16.x.x where all my servers are. If I manually add a route to this network with my PPTP IP as the interface, I can ping thru to the internal network and everything works hunky-dory. Should I have to do this? Alternatively, I set the 'Use default gateway on the remote network' and I don't have to add the route but normal Internet browsing/services are broken because everything goes over the PPTP link. Interestingly, I don't have to add any routes on the Linux side. It's ppp0 interface automatically has a route back to the Win9x machines. I haven't seen anyone else talk about this on the mailing list so I assume I'm missing something basic. Thanks in advance. Yours, Jerry. From cybear at pacbell.net Tue Sep 14 12:21:22 1999 From: cybear at pacbell.net (Matt Templeton) Date: Tue Sep 14 12:21:22 1999 Subject: [pptp-server] select() error Message-ID: <37DFAED2.EBFE457A@pacbell.net> I have been battling this for some time. I have tried a different versions of pptpd and pppd. The server is redhat6.0 with 2.2.10 kernel. when I try to connect I get an error log entry: Connect: ppp0 <--> /dev/pts/3 sent [LCP ConfReg id=0x1 ] CTRL: Error with select(), quitting CTRL: Client control connection finished. The windows98 (second addition) client reports that MS vpn did not respond correctly anyone have a clue as to what I am doing wrong??? From matthewr at moreton.com.au Tue Sep 14 18:17:57 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Tue Sep 14 18:17:57 1999 Subject: [pptp-server] PoPToP v0.9.17 RPM's Message-ID: <99091509115604.02300@gibberling.moreton.com.au> Chris Wong sent me 0.9.17 RPM's for anyone interested: http://www.moretonbay.com/vpn/releases/pptpd-0.9.17-1.i386.rpm http://www.moretonbay.com/vpn/releases/pptpd-0.9.17-1.src.rpm From jcaspen at ittc.ukans.edu Tue Sep 14 21:02:26 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Tue Sep 14 21:02:26 1999 Subject: [pptp-server] Peers can't connect but don't see each other Message-ID: <37DEFE19.771CF292@ittc.ukans.edu> I didn't have problems with previous clients. Now I am using a new Win98 client and I can establish the connection to the PoPToP server, but I can't ping the other side. I am adding the arp entry in the server because it assigns an IP address that is outside the local subnet. What can be wrong or what should I double check? The log file doesn't give any error, but if it is of help I can mail it later. From tmk at netmagic.net Tue Sep 14 21:33:54 1999 From: tmk at netmagic.net (tmk) Date: Tue Sep 14 21:33:54 1999 Subject: [pptp-server] Peers can't connect but don't see each other References: <37DEFE19.771CF292@ittc.ukans.edu> Message-ID: <001c01beff23$3f5313e0$071c0fc0@lala.net> check to make sure that the windows boxes have the ip of the linux box as a gateway in their tcp settings, and that you have the appropriate routes set up on the linux server. Also make sure IP forwarding is on. you won't need ARP at all Kevin ----- Original Message ----- From: Carlos Javier Castro Pena To: ppptp server Sent: Tuesday, September 14, 1999 7:02 PM Subject: [pptp-server] Peers can't connect but don't see each other > I didn't have problems with previous clients. Now I am using a new Win98 > client and I can establish the connection to the PoPToP server, but I > can't ping the other side. I am adding the arp entry in the server > because it assigns an IP address that is outside the local subnet. What > can be wrong or what should I double check? The log file doesn't give > any error, but if it is of help I can mail it later. > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From georgek at netwrx1.com Fri Sep 17 07:10:01 1999 From: georgek at netwrx1.com (George R. Kasica) Date: Fri Sep 17 07:10:01 1999 Subject: [pptp-server] Re: Problem with PopTop In-Reply-To: <99091715544200.14507@gibberling.moreton.com.au> References: <99091715544200.14507@gibberling.moreton.com.au> Message-ID: On Fri, 17 Sep 1999 15:54:00 +1000, you wrote: >hmm.. that's a tough one. >can u provide me with more details > >On Fri, 17 Sep 1999, you wrote: >>On Fri, 17 Sep 1999 08:55:28 +1000, you wrote: >> >>>which directory did u copy the rc4 files to? >>ppp-2.3.8/linux as shown in the howto.txt >> >>George Matthew: I'm not sure what I can add....I followed these steps to the letter: 1. Grab yourself a clean copy of the PPP deamon v2.3.8 (ppp-2.3.8.tar.gz). I usually go here for my PPP files: ftp://cs.anu.edu.au/pub/software/ppp/ Note: You must get the tarball (tar.gz) and *not* the RPM. 2. Grab youself the MSCHAP/MPPE diff file from: http://www.moretonbay.com/vpn/releases/ppp-2.3.8-mppe-others-norc4_TH7.diff.gz 3. Grab yourself the SSLeay-0.6.6b file from: ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz 4. You should now have 3 files: ppp-2.3.8.tar.gz ppp-2.3.8-mppe-others-norc4_TH7.diff.gz SSLeay-0.6.6b.tar.gz Copy these files to your preferred location (I prefer /usr/local/src/) 5. Assuming your files are in /usr/local/src/ and your current working directory is also /usr/local/src/ do the following: [tar zxvf ppp-2.3.8.tar.gz] [gunzip ppp-2.3.8-mppe-others-norc4_TH7.diff.gz] [tar zxvf SSLeay-0.6.6b.tar.gz] [cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/] [cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/] [patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff] [cd ppp-2.3.8] 6. The files should now all be in place and we are ready to compile PPP. Follow these steps to compile it: [./configure] [cd linux] [./kinstall.sh] [cd ..] [make] [cp pppd/pppd /usr/sbin/] [cd /usr/src/linux] [make modules SUBDIRS=drivers/net] At this point here it fails with these errors: gcc -D__KERNEL__ -I/usr/src/linux-2.2.5/include -Wall -Wstrict-prototypes -O2 -f omit-frame-pointer -pipe -fno-strength-reduce -m386 -DCPU=386 -DMODULE -DMODVERS IONS -include /usr/src/linux-2.2.5/include/linux/modversions.h -c -o ppp_mppe. o ppp_mppe.c ppp_mppe.c:66: rc4.h: No such file or directory ppp_mppe.c:67: rc4_enc.c: No such file or directory ppp_mppe.c:76: parse error before `RC4_KEY' ppp_mppe.c:76: warning: no semicolon at end of struct or union ppp_mppe.c:77: warning: type defaults to `int' in declaration of `RC4_recv_key' ppp_mppe.c:77: warning: data definition has no type or storage class ppp_mppe.c:90: parse error before `}' ppp_mppe.c: In function `mppe_synchronize_key': ppp_mppe.c:104: warning: implicit declaration of function `RC4_set_key' ppp_mppe.c:104: dereferencing pointer to incomplete type ppp_mppe.c:104: dereferencing pointer to incomplete type ppp_mppe.c:104: dereferencing pointer to incomplete type ppp_mppe.c:105: dereferencing pointer to incomplete type ppp_mppe.c:105: dereferencing pointer to incomplete type ppp_mppe.c:105: dereferencing pointer to incomplete type ppp_mppe.c:107: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_initialize_key': ppp_mppe.c:115: dereferencing pointer to incomplete type ppp_mppe.c:115: dereferencing pointer to incomplete type ppp_mppe.c:116: dereferencing pointer to incomplete type ppp_mppe.c:116: dereferencing pointer to incomplete type ppp_mppe.c:117: dereferencing pointer to incomplete type ppp_mppe.c:117: dereferencing pointer to incomplete type ppp_mppe.c:118: dereferencing pointer to incomplete type ppp_mppe.c:118: dereferencing pointer to incomplete type ppp_mppe.c:120: dereferencing pointer to incomplete type ppp_mppe.c:122: dereferencing pointer to incomplete type ppp_mppe.c:122: dereferencing pointer to incomplete type ppp_mppe.c:123: dereferencing pointer to incomplete type ppp_mppe.c:123: dereferencing pointer to incomplete type ppp_mppe.c:124: dereferencing pointer to incomplete type ppp_mppe.c:124: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_change_key': ppp_mppe.c:138: dereferencing pointer to incomplete type ppp_mppe.c:138: dereferencing pointer to incomplete type ppp_mppe.c:139: dereferencing pointer to incomplete type ppp_mppe.c:140: dereferencing pointer to incomplete type ppp_mppe.c:140: dereferencing pointer to incomplete type ppp_mppe.c:141: dereferencing pointer to incomplete type ppp_mppe.c:144: dereferencing pointer to incomplete type ppp_mppe.c:144: dereferencing pointer to incomplete type ppp_mppe.c:145: dereferencing pointer to incomplete type ppp_mppe.c:145: dereferencing pointer to incomplete type ppp_mppe.c:148: warning: implicit declaration of function `RC4' ppp_mppe.c:148: dereferencing pointer to incomplete type ppp_mppe.c:148: dereferencing pointer to incomplete type ppp_mppe.c:149: dereferencing pointer to incomplete type ppp_mppe.c:150: dereferencing pointer to incomplete type ppp_mppe.c:150: dereferencing pointer to incomplete type ppp_mppe.c:151: dereferencing pointer to incomplete type ppp_mppe.c:153: dereferencing pointer to incomplete type ppp_mppe.c:156: dereferencing pointer to incomplete type ppp_mppe.c:156: dereferencing pointer to incomplete type ppp_mppe.c:157: dereferencing pointer to incomplete type ppp_mppe.c:157: dereferencing pointer to incomplete type ppp_mppe.c:158: dereferencing pointer to incomplete type ppp_mppe.c:158: dereferencing pointer to incomplete type ppp_mppe.c:162: dereferencing pointer to incomplete type ppp_mppe.c:162: dereferencing pointer to incomplete type ppp_mppe.c:162: dereferencing pointer to incomplete type ppp_mppe.c:163: dereferencing pointer to incomplete type ppp_mppe.c:163: dereferencing pointer to incomplete type ppp_mppe.c:163: dereferencing pointer to incomplete type ppp_mppe.c:165: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_comp_alloc': ppp_mppe.c:274: dereferencing pointer to incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:280: sizeof applied to an incomplete type ppp_mppe.c:283: dereferencing pointer to incomplete type ppp_mppe.c:283: dereferencing pointer to incomplete type ppp_mppe.c:285: dereferencing pointer to incomplete type ppp_mppe.c:286: dereferencing pointer to incomplete type ppp_mppe.c:286: dereferencing pointer to incomplete type ppp_mppe.c:286: dereferencing pointer to incomplete type ppp_mppe.c:286: dereferencing pointer to incomplete type ppp_mppe.c:286: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c:287: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_comp_init': ppp_mppe.c:307: dereferencing pointer to incomplete type ppp_mppe.c:308: dereferencing pointer to incomplete type ppp_mppe.c:309: dereferencing pointer to incomplete type ppp_mppe.c:313: dereferencing pointer to incomplete type ppp_mppe.c:313: dereferencing pointer to incomplete type ppp_mppe.c:315: dereferencing pointer to incomplete type ppp_mppe.c:316: dereferencing pointer to incomplete type ppp_mppe.c:316: dereferencing pointer to incomplete type ppp_mppe.c:316: dereferencing pointer to incomplete type ppp_mppe.c:316: dereferencing pointer to incomplete type ppp_mppe.c:316: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c:317: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_decomp_init': ppp_mppe.c:337: dereferencing pointer to incomplete type ppp_mppe.c:338: dereferencing pointer to incomplete type ppp_mppe.c:339: dereferencing pointer to incomplete type ppp_mppe.c:340: dereferencing pointer to incomplete type ppp_mppe.c:344: dereferencing pointer to incomplete type ppp_mppe.c:344: dereferencing pointer to incomplete type ppp_mppe.c:346: dereferencing pointer to incomplete type ppp_mppe.c:347: dereferencing pointer to incomplete type ppp_mppe.c:347: dereferencing pointer to incomplete type ppp_mppe.c:347: dereferencing pointer to incomplete type ppp_mppe.c:347: dereferencing pointer to incomplete type ppp_mppe.c:347: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c:348: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_comp_reset': ppp_mppe.c:364: dereferencing pointer to incomplete type ppp_mppe.c:365: dereferencing pointer to incomplete type ppp_mppe.c:366: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_update_count': ppp_mppe.c:375: dereferencing pointer to incomplete type ppp_mppe.c:377: dereferencing pointer to incomplete type ppp_mppe.c:379: dereferencing pointer to incomplete type ppp_mppe.c:380: dereferencing pointer to incomplete type ppp_mppe.c:382: dereferencing pointer to incomplete type ppp_mppe.c:386: dereferencing pointer to incomplete type ppp_mppe.c:389: dereferencing pointer to incomplete type ppp_mppe.c:390: dereferencing pointer to incomplete type ppp_mppe.c:392: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_compress': ppp_mppe.c:431: dereferencing pointer to incomplete type ppp_mppe.c:431: dereferencing pointer to incomplete type ppp_mppe.c:432: dereferencing pointer to incomplete type ppp_mppe.c:435: dereferencing pointer to incomplete type ppp_mppe.c:439: dereferencing pointer to incomplete type ppp_mppe.c:442: dereferencing pointer to incomplete type ppp_mppe.c:443: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_comp_stats': ppp_mppe.c:459: dereferencing pointer to incomplete type ppp_mppe.c:459: dereferencing pointer to incomplete type ppp_mppe.c:460: dereferencing pointer to incomplete type ppp_mppe.c:460: dereferencing pointer to incomplete type ppp_mppe.c:463: dereferencing pointer to incomplete type ppp_mppe.c:463: dereferencing pointer to incomplete type ppp_mppe.c:463: dereferencing pointer to incomplete type ppp_mppe.c:465: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_decompress': ppp_mppe.c:479: dereferencing pointer to incomplete type ppp_mppe.c:481: dereferencing pointer to incomplete type ppp_mppe.c:490: dereferencing pointer to incomplete type ppp_mppe.c:491: dereferencing pointer to incomplete type ppp_mppe.c:492: dereferencing pointer to incomplete type ppp_mppe.c:495: dereferencing pointer to incomplete type ppp_mppe.c:499: dereferencing pointer to incomplete type ppp_mppe.c:500: dereferencing pointer to incomplete type ppp_mppe.c:502: dereferencing pointer to incomplete type ppp_mppe.c:502: dereferencing pointer to incomplete type ppp_mppe.c:505: dereferencing pointer to incomplete type ppp_mppe.c:527: dereferencing pointer to incomplete type ppp_mppe.c:532: dereferencing pointer to incomplete type ppp_mppe.c:534: dereferencing pointer to incomplete type ppp_mppe.c:535: dereferencing pointer to incomplete type ppp_mppe.c: In function `mppe_incomp': ppp_mppe.c:548: dereferencing pointer to incomplete type ppp_mppe.c:549: dereferencing pointer to incomplete type make[1]: *** [ppp_mppe.o] Error 1 make[1]: Leaving directory `/usr/src/linux-2.2.5/drivers/net' make: *** [_mod_drivers/net] Error 2 George George, MR. Tibbs & The Beast Kasica Waukesha, WI USA georgek at netwrx1.com http://www.netwrx1.com ICQ #12862186 Zz zZ |\ z _,,,---,,_ /,`.-'`' _ ;-;;,_ |,4- ) )-,_..;\ ( `'_' '---''(_/--' `-'\_) From allanc at sco.com Fri Sep 17 08:39:38 1999 From: allanc at sco.com (Allan Clark) Date: Fri Sep 17 08:39:38 1999 Subject: [pptp-server] Re: Problem with PopTop References: <99091715544200.14507@gibberling.moreton.com.au> Message-ID: <37E243F5.27E794AB@sco.com> This would be sooo much easier as an RPM. If we build this as an RPM, we need a few things to get around US Customs. Specifically, we need someone to actually do the build, from within a country that can legally export it from a web site across international borders. Someone (Myself, Chris Wong, someone else) can write a script; the person who actually runs the script has to be able to export it Is there anyone on this list who can export strong crypto, legally? Allan "George R. Kasica" wrote: > On Fri, 17 Sep 1999 15:54:00 +1000, you wrote: > >hmm.. that's a tough one. > >can u provide me with more details > > > >On Fri, 17 Sep 1999, you wrote: > >>On Fri, 17 Sep 1999 08:55:28 +1000, you wrote: > >> > >>>which directory did u copy the rc4 files to? > >>ppp-2.3.8/linux as shown in the howto.txt > >> > >>George > > Matthew: > > I'm not sure what I can add....I followed these steps to the letter: > > 1. Grab yourself a clean copy of the PPP deamon v2.3.8 > (ppp-2.3.8.tar.gz). > I usually go here for my PPP files: > ftp://cs.anu.edu.au/pub/software/ppp/ > Note: You must get the tarball (tar.gz) and *not* the RPM. > 2. Grab youself the MSCHAP/MPPE diff file from: > > http://www.moretonbay.com/vpn/releases/ppp-2.3.8-mppe-others-norc4_TH7.diff.gz > 3. Grab yourself the SSLeay-0.6.6b file from: > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz > 4. You should now have 3 files: > ppp-2.3.8.tar.gz > ppp-2.3.8-mppe-others-norc4_TH7.diff.gz > SSLeay-0.6.6b.tar.gz > Copy these files to your preferred location (I prefer > /usr/local/src/) > 5. Assuming your files are in /usr/local/src/ and your current working > directory is also /usr/local/src/ do the following: > [tar zxvf ppp-2.3.8.tar.gz] > [gunzip ppp-2.3.8-mppe-others-norc4_TH7.diff.gz] > [tar zxvf SSLeay-0.6.6b.tar.gz] > [cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/] > [cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c > ppp-2.3.8/linux/] > [patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff] > [cd ppp-2.3.8] > 6. The files should now all be in place and we are ready to compile > PPP. > Follow these steps to compile it: > [./configure] > [cd linux] > [./kinstall.sh] > [cd ..] > [make] > [cp pppd/pppd /usr/sbin/] > [cd /usr/src/linux] > [make modules SUBDIRS=drivers/net] > At this point here it fails with these errors: > > gcc -D__KERNEL__ -I/usr/src/linux-2.2.5/include -Wall > -Wstrict-prototypes -O2 -f > omit-frame-pointer -pipe -fno-strength-reduce -m386 -DCPU=386 -DMODULE > -DMODVERS > IONS -include /usr/src/linux-2.2.5/include/linux/modversions.h -c -o > ppp_mppe. > o ppp_mppe.c > ppp_mppe.c:66: rc4.h: No such file or directory > ppp_mppe.c:67: rc4_enc.c: No such file or directory > ppp_mppe.c:76: parse error before `RC4_KEY' > ppp_mppe.c:76: warning: no semicolon at end of struct or union > ppp_mppe.c:77: warning: type defaults to `int' in declaration of > `RC4_recv_key' > ppp_mppe.c:77: warning: data definition has no type or storage class > ppp_mppe.c:90: parse error before `}' > ppp_mppe.c: In function `mppe_synchronize_key': > ppp_mppe.c:104: warning: implicit declaration of function > `RC4_set_key' > ppp_mppe.c:104: dereferencing pointer to incomplete type > ppp_mppe.c:104: dereferencing pointer to incomplete type > ppp_mppe.c:104: dereferencing pointer to incomplete type > ppp_mppe.c:105: dereferencing pointer to incomplete type > ppp_mppe.c:105: dereferencing pointer to incomplete type > ppp_mppe.c:105: dereferencing pointer to incomplete type > ppp_mppe.c:107: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_initialize_key': > ppp_mppe.c:115: dereferencing pointer to incomplete type > ppp_mppe.c:115: dereferencing pointer to incomplete type > ppp_mppe.c:116: dereferencing pointer to incomplete type > ppp_mppe.c:116: dereferencing pointer to incomplete type > ppp_mppe.c:117: dereferencing pointer to incomplete type > ppp_mppe.c:117: dereferencing pointer to incomplete type > ppp_mppe.c:118: dereferencing pointer to incomplete type > ppp_mppe.c:118: dereferencing pointer to incomplete type > ppp_mppe.c:120: dereferencing pointer to incomplete type > ppp_mppe.c:122: dereferencing pointer to incomplete type > ppp_mppe.c:122: dereferencing pointer to incomplete type > ppp_mppe.c:123: dereferencing pointer to incomplete type > ppp_mppe.c:123: dereferencing pointer to incomplete type > ppp_mppe.c:124: dereferencing pointer to incomplete type > ppp_mppe.c:124: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_change_key': > ppp_mppe.c:138: dereferencing pointer to incomplete type > ppp_mppe.c:138: dereferencing pointer to incomplete type > ppp_mppe.c:139: dereferencing pointer to incomplete type > ppp_mppe.c:140: dereferencing pointer to incomplete type > ppp_mppe.c:140: dereferencing pointer to incomplete type > ppp_mppe.c:141: dereferencing pointer to incomplete type > ppp_mppe.c:144: dereferencing pointer to incomplete type > ppp_mppe.c:144: dereferencing pointer to incomplete type > ppp_mppe.c:145: dereferencing pointer to incomplete type > ppp_mppe.c:145: dereferencing pointer to incomplete type > ppp_mppe.c:148: warning: implicit declaration of function `RC4' > ppp_mppe.c:148: dereferencing pointer to incomplete type > ppp_mppe.c:148: dereferencing pointer to incomplete type > ppp_mppe.c:149: dereferencing pointer to incomplete type > ppp_mppe.c:150: dereferencing pointer to incomplete type > ppp_mppe.c:150: dereferencing pointer to incomplete type > ppp_mppe.c:151: dereferencing pointer to incomplete type > ppp_mppe.c:153: dereferencing pointer to incomplete type > ppp_mppe.c:156: dereferencing pointer to incomplete type > ppp_mppe.c:156: dereferencing pointer to incomplete type > ppp_mppe.c:157: dereferencing pointer to incomplete type > ppp_mppe.c:157: dereferencing pointer to incomplete type > ppp_mppe.c:158: dereferencing pointer to incomplete type > ppp_mppe.c:158: dereferencing pointer to incomplete type > ppp_mppe.c:162: dereferencing pointer to incomplete type > ppp_mppe.c:162: dereferencing pointer to incomplete type > ppp_mppe.c:162: dereferencing pointer to incomplete type > ppp_mppe.c:163: dereferencing pointer to incomplete type > ppp_mppe.c:163: dereferencing pointer to incomplete type > ppp_mppe.c:163: dereferencing pointer to incomplete type > ppp_mppe.c:165: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_comp_alloc': > ppp_mppe.c:274: dereferencing pointer to incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:280: sizeof applied to an incomplete type > ppp_mppe.c:283: dereferencing pointer to incomplete type > ppp_mppe.c:283: dereferencing pointer to incomplete type > ppp_mppe.c:285: dereferencing pointer to incomplete type > ppp_mppe.c:286: dereferencing pointer to incomplete type > ppp_mppe.c:286: dereferencing pointer to incomplete type > ppp_mppe.c:286: dereferencing pointer to incomplete type > ppp_mppe.c:286: dereferencing pointer to incomplete type > ppp_mppe.c:286: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c:287: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_comp_init': > ppp_mppe.c:307: dereferencing pointer to incomplete type > ppp_mppe.c:308: dereferencing pointer to incomplete type > ppp_mppe.c:309: dereferencing pointer to incomplete type > ppp_mppe.c:313: dereferencing pointer to incomplete type > ppp_mppe.c:313: dereferencing pointer to incomplete type > ppp_mppe.c:315: dereferencing pointer to incomplete type > ppp_mppe.c:316: dereferencing pointer to incomplete type > ppp_mppe.c:316: dereferencing pointer to incomplete type > ppp_mppe.c:316: dereferencing pointer to incomplete type > ppp_mppe.c:316: dereferencing pointer to incomplete type > ppp_mppe.c:316: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c:317: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_decomp_init': > ppp_mppe.c:337: dereferencing pointer to incomplete type > ppp_mppe.c:338: dereferencing pointer to incomplete type > ppp_mppe.c:339: dereferencing pointer to incomplete type > ppp_mppe.c:340: dereferencing pointer to incomplete type > ppp_mppe.c:344: dereferencing pointer to incomplete type > ppp_mppe.c:344: dereferencing pointer to incomplete type > ppp_mppe.c:346: dereferencing pointer to incomplete type > ppp_mppe.c:347: dereferencing pointer to incomplete type > ppp_mppe.c:347: dereferencing pointer to incomplete type > ppp_mppe.c:347: dereferencing pointer to incomplete type > ppp_mppe.c:347: dereferencing pointer to incomplete type > ppp_mppe.c:347: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c:348: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_comp_reset': > ppp_mppe.c:364: dereferencing pointer to incomplete type > ppp_mppe.c:365: dereferencing pointer to incomplete type > ppp_mppe.c:366: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_update_count': > ppp_mppe.c:375: dereferencing pointer to incomplete type > ppp_mppe.c:377: dereferencing pointer to incomplete type > ppp_mppe.c:379: dereferencing pointer to incomplete type > ppp_mppe.c:380: dereferencing pointer to incomplete type > ppp_mppe.c:382: dereferencing pointer to incomplete type > ppp_mppe.c:386: dereferencing pointer to incomplete type > ppp_mppe.c:389: dereferencing pointer to incomplete type > ppp_mppe.c:390: dereferencing pointer to incomplete type > ppp_mppe.c:392: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_compress': > ppp_mppe.c:431: dereferencing pointer to incomplete type > ppp_mppe.c:431: dereferencing pointer to incomplete type > ppp_mppe.c:432: dereferencing pointer to incomplete type > ppp_mppe.c:435: dereferencing pointer to incomplete type > ppp_mppe.c:439: dereferencing pointer to incomplete type > ppp_mppe.c:442: dereferencing pointer to incomplete type > ppp_mppe.c:443: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_comp_stats': > ppp_mppe.c:459: dereferencing pointer to incomplete type > ppp_mppe.c:459: dereferencing pointer to incomplete type > ppp_mppe.c:460: dereferencing pointer to incomplete type > ppp_mppe.c:460: dereferencing pointer to incomplete type > ppp_mppe.c:463: dereferencing pointer to incomplete type > ppp_mppe.c:463: dereferencing pointer to incomplete type > ppp_mppe.c:463: dereferencing pointer to incomplete type > ppp_mppe.c:465: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_decompress': > ppp_mppe.c:479: dereferencing pointer to incomplete type > ppp_mppe.c:481: dereferencing pointer to incomplete type > ppp_mppe.c:490: dereferencing pointer to incomplete type > ppp_mppe.c:491: dereferencing pointer to incomplete type > ppp_mppe.c:492: dereferencing pointer to incomplete type > ppp_mppe.c:495: dereferencing pointer to incomplete type > ppp_mppe.c:499: dereferencing pointer to incomplete type > ppp_mppe.c:500: dereferencing pointer to incomplete type > ppp_mppe.c:502: dereferencing pointer to incomplete type > ppp_mppe.c:502: dereferencing pointer to incomplete type > ppp_mppe.c:505: dereferencing pointer to incomplete type > ppp_mppe.c:527: dereferencing pointer to incomplete type > ppp_mppe.c:532: dereferencing pointer to incomplete type > ppp_mppe.c:534: dereferencing pointer to incomplete type > ppp_mppe.c:535: dereferencing pointer to incomplete type > ppp_mppe.c: In function `mppe_incomp': > ppp_mppe.c:548: dereferencing pointer to incomplete type > ppp_mppe.c:549: dereferencing pointer to incomplete type > make[1]: *** [ppp_mppe.o] Error 1 > make[1]: Leaving directory `/usr/src/linux-2.2.5/drivers/net' > make: *** [_mod_drivers/net] Error 2 > > George > > George, MR. Tibbs & The Beast Kasica > Waukesha, WI USA > georgek at netwrx1.com > http://www.netwrx1.com > ICQ #12862186 > > Zz > zZ > |\ z _,,,---,,_ > /,`.-'`' _ ;-;;,_ > |,4- ) )-,_..;\ ( `'_' > '---''(_/--' `-'\_) > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From cbote at el-mundo.es Fri Sep 17 09:03:10 1999 From: cbote at el-mundo.es (CarloX) Date: Fri Sep 17 09:03:10 1999 Subject: [pptp-server] Re: Problem with PopTop Message-ID: George, i have the same problem .. > ppp_mppe.c:66: rc4.h: No such file or directory > ppp_mppe.c:67: rc4_enc.c: No such file or directory The solution is: [arf]$ cd ppp-2.3.8 [arf]$ cp linux/rc4.* /usr/src/linux/drivers/net/ and make modules SUBDIRS=drivers/net again ;) CarloX From wongc at math.ed.hawaii.edu Fri Sep 17 11:47:48 1999 From: wongc at math.ed.hawaii.edu (Chris Wong) Date: Fri Sep 17 11:47:48 1999 Subject: [pptp-server] Re: Problem with PopTop In-Reply-To: <37E243F5.27E794AB@sco.com> Message-ID: On Fri, 17 Sep 1999, Allan Clark wrote: > This would be sooo much easier as an RPM. > > If we build this as an RPM, we need a few things to get around US > Customs. Specifically, we need someone to actually do the build, from > within a country that can legally export it from a web site across > international borders. Someone (Myself, Chris Wong, someone else) can > write a script; the person who actually runs the script has to be able > to export it I have half of a ppp server working with Crypto. The other problem is that it actually modifies the kernel sources so I'm not quite to sure how to package that as an RPM. But the thing is, i can't export it either... (*grumble about US Crypto laws) -- chris ----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS d(+) s:+ a-- C++ UL+++$ P++ L+++$ E W(+) N+ o K- w--- O- M+ !V PS+ PE+ Y+ PGP t+(++) 5+++ X(+) R- tv b++> DI++++ D G e* h! r++> y? -----END GEEK CODE BLOCK----- From epierre at e-nef.com Sat Sep 18 04:58:56 1999 From: epierre at e-nef.com (Emmanuel PIERRE) Date: Sat Sep 18 04:58:56 1999 Subject: [pptp-server] newcommer and question ! Message-ID: <37E371DE.2224DB1D@e-nef.com> Hi, I'm trying to establish a VPN over Internet from people connecting through ISP to an Intranet. For the moment, I've tried only the linuc pptp client, but failed to... Has anyone done so ? (I dont understant why ppp is needed for this) TIA, Emmanuel -- -= Emmanuel PIERRE ICQ: 19153556 epierre at e-nef.com =- http://www.e-nef.com/users/epierre http://www.apr-job.com 17-24 GMT: epierre at e-nef.com +00 33 6 57 60 42 17 (tatoo txt) 1-17 GMT: emmanuel.pierre at tcc.Thomson-CSF.com +00 33 1 46 13 34 68 Please visit: http://www.apr-job.com From iham at internode.net Sun Sep 19 02:11:16 1999 From: iham at internode.net (Ibrahim Hamouda) Date: Sun Sep 19 02:11:16 1999 Subject: [pptp-server] win98 again Message-ID: <99091901110400.02161@ihamlaptop> Had anyone figured out the win98 issue I can connect from winnt server and workstation, win2000 server and workstation but no luck with win98 My Log is a s follows Sep 19 00:53:46 ihamlaptop pppd[2137]: Using interface ppp0 Sep 19 00:53:46 ihamlaptop pppd[2137]: Connect: ppp0 <--> /dev/ttyp4 Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfReq id=0x1 ] Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfReq id=0x1 ] Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfAck id=0x1 ] Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfAck id=0x1 ] Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [CHAP Challenge id=0x1 , name = "main"] Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [CHAP Response id=0x1 <1541201dab247ebf5ab19a55fb69a9f70000000000000000580b32ea12bd9ea3aee84ccedb03c480da883d6d38c1024e04>, name = "AVTECH\\ibrahim"] Sep 19 00:53:47 ihamlaptop pppd[2137]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access Sep 19 00:53:47 ihamlaptop pppd[2137]: No CHAP secret found for authenticating AVTECH\\ibrahim Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [CHAP Failure id=0x1 "I don't like you. Go 'way."] Sep 19 00:53:47 ihamlaptop pppd[2137]: MSCHAP-v2 peer authentication failed for remote host AVTECH\\ibrahim Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [LCP TermReq id=0x2 "Authentication failed"] Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [LCP TermAck id=0x2] Sep 19 00:53:47 ihamlaptop pptpd[2136]: GRE: read(fd=5,buffer=804d428,len=8196) from PTY failed: status = -1 error = I/O error Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: Client 198.161.229.186 control connection finished Sep 19 00:53:47 ihamlaptop pppd[2137]: Connection terminated. Sep 19 00:53:47 ihamlaptop pppd[2137]: tcflush failed: Invalid argument Sep 19 00:53:47 ihamlaptop pppd[2137]: Exit. My chap-secrets file is as follows ibrahim * password * avtech\\ibrahim * password * -- Ibrahim Hamouda Canada Online Business Directories ibrahim at online-canada.com From epierre at e-nef.com Sun Sep 19 12:58:43 1999 From: epierre at e-nef.com (Emmanuel PIERRE) Date: Sun Sep 19 12:58:43 1999 Subject: [pptp-server] newcommer and question ! References: <37E371DE.2224DB1D@e-nef.com> <000a01bf01ff$557ce540$071c0fc0@lala.net> Message-ID: <37E533BB.67DF86EC@e-nef.com> tmk wrote: > What are the errors you get? you really need to be MUCH more specific about > your problem.. simply saying 'it's not working' isnt very useful. well... what do I need to make it up through IP connection so ? the FAQ isn't clear about it > PPP is needed because it is used to do the actual network transport in > between the client and server. Basically (and this is just a concept) pptp > creates a virtual modem using the internet and calls teh server from the > client. Just like a modem, it needs ppp to talk to the other side. and an explication like your would be better in the FAQ ;-) well, ther is an example for pptp client to connect a NT server, but how can I do that with a Linux PPTP server ? TIA, Emmanuel From peter at cdcats.audiodev.se Sun Sep 19 13:28:45 1999 From: peter at cdcats.audiodev.se (Peter Hansson) Date: Sun Sep 19 13:28:45 1999 Subject: [pptp-server] win98 again In-Reply-To: <99091901110400.02161@ihamlaptop> Message-ID: <000101bf02cc$9fe78f40$010110ac@phhome.cdcats.com> Have you tried using all uppercase for AVTECH in the CHAP secrets file. I know I had a lot of trouble with username and password not matching in case. Peter Hansson peter.hansson at audiodev.com Audio Development AB Sweden > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Ibrahim Hamouda > Sent: Sunday, September 19, 1999 09:07 > To: pptp-server at lists.schulte.org > Subject: [pptp-server] win98 again > > > Had anyone figured out the win98 issue > I can connect from winnt server and workstation, win2000 server > and workstation > but no luck with win98 > My Log is a s follows > Sep 19 00:53:46 ihamlaptop pppd[2137]: Using interface ppp0 > Sep 19 00:53:46 ihamlaptop pppd[2137]: Connect: ppp0 <--> /dev/ttyp4 > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfReq id=0x1 > ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfReq id=0x1 > ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfAck id=0x1 > ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfAck id=0x1 > ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [CHAP Challenge > id=0x1 , name = "main"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [CHAP Response id=0x1 > <1541201dab247ebf5ab19a55fb69a9f70000000000000000580b32ea12bd9ea3a ee84ccedb03c480da883d6d38c1024e04>, name = "AVTECH\\ibrahim"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: Warning - secret file > /etc/ppp/chap-secrets has world and/or group access > Sep 19 00:53:47 ihamlaptop pppd[2137]: No CHAP secret found for > authenticating AVTECH\\ibrahim > Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [CHAP Failure id=0x1 > "I don't like you. Go 'way."] > Sep 19 00:53:47 ihamlaptop pppd[2137]: MSCHAP-v2 peer > authentication failed for remote host AVTECH\\ibrahim > Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [LCP TermReq id=0x2 > "Authentication failed"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [LCP TermAck id=0x2] > Sep 19 00:53:47 ihamlaptop pptpd[2136]: GRE: > read(fd=5,buffer=804d428,len=8196) from PTY failed: status = -1 > error = I/O error > Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: PTY read or GRE > write failed (pty,gre)=(5,6) > Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: Client > 198.161.229.186 control connection finished > Sep 19 00:53:47 ihamlaptop pppd[2137]: Connection terminated. > Sep 19 00:53:47 ihamlaptop pppd[2137]: tcflush failed: Invalid argument > Sep 19 00:53:47 ihamlaptop pppd[2137]: Exit. > > My chap-secrets file is as follows > > ibrahim * password * > avtech\\ibrahim * password * > > > > -- > Ibrahim Hamouda > Canada Online Business Directories > ibrahim at online-canada.com > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From tmk at netmagic.net Sun Sep 19 15:11:21 1999 From: tmk at netmagic.net (tmk) Date: Sun Sep 19 15:11:21 1999 Subject: [pptp-server] win98 again References: <99091901110400.02161@ihamlaptop> Message-ID: <002801bf02db$a44f0a40$071c0fc0@lala.net> it is sending the domain name along with the user name. There was a patch to strip that going around a while back, but you could also just add another secret to your chap-secrets file with the domain in there Kevin ----- Original Message ----- From: Ibrahim Hamouda To: Sent: Sunday, September 19, 1999 12:06 AM Subject: [pptp-server] win98 again > Had anyone figured out the win98 issue > I can connect from winnt server and workstation, win2000 server and workstation > but no luck with win98 > My Log is a s follows > Sep 19 00:53:46 ihamlaptop pppd[2137]: Using interface ppp0 > Sep 19 00:53:46 ihamlaptop pppd[2137]: Connect: ppp0 <--> /dev/ttyp4 > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfReq id=0x1 ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfReq id=0x1 ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [LCP ConfAck id=0x1 ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: rcvd [LCP ConfAck id=0x1 ] > Sep 19 00:53:46 ihamlaptop pppd[2137]: sent [CHAP Challenge id=0x1 , name = "main"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [CHAP Response id=0x1 <1541201dab247ebf5ab19a55fb69a9f70000000000000000580b32ea12bd9ea3aee84ccedb0 3c480da883d6d38c1024e04>, name = "AVTECH\\ibrahim"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access > Sep 19 00:53:47 ihamlaptop pppd[2137]: No CHAP secret found for authenticating AVTECH\\ibrahim > Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [CHAP Failure id=0x1 "I don't like you. Go 'way."] > Sep 19 00:53:47 ihamlaptop pppd[2137]: MSCHAP-v2 peer authentication failed for remote host AVTECH\\ibrahim > Sep 19 00:53:47 ihamlaptop pppd[2137]: sent [LCP TermReq id=0x2 "Authentication failed"] > Sep 19 00:53:47 ihamlaptop pppd[2137]: rcvd [LCP TermAck id=0x2] > Sep 19 00:53:47 ihamlaptop pptpd[2136]: GRE: read(fd=5,buffer=804d428,len=8196) from PTY failed: status = -1 error = I/O error > Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) > Sep 19 00:53:47 ihamlaptop pptpd[2136]: CTRL: Client 198.161.229.186 control connection finished > Sep 19 00:53:47 ihamlaptop pppd[2137]: Connection terminated. > Sep 19 00:53:47 ihamlaptop pppd[2137]: tcflush failed: Invalid argument > Sep 19 00:53:47 ihamlaptop pppd[2137]: Exit. > > My chap-secrets file is as follows > > ibrahim * password * > avtech\\ibrahim * password * > > > > -- > Ibrahim Hamouda > Canada Online Business Directories > ibrahim at online-canada.com > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From jasonf at Baldwingroup.COM Sun Sep 19 15:49:11 1999 From: jasonf at Baldwingroup.COM (Jason M. Felice) Date: Sun Sep 19 15:49:11 1999 Subject: [pptp-server] Re: Problem with PopTop In-Reply-To: ; from George R. Kasica on Fri, Sep 17, 1999 at 07:09:45AM -0500 References: <99091715544200.14507@gibberling.moreton.com.au> Message-ID: <19990919164835.G18571@waco.baldwingroup.com> On Fri, Sep 17, 1999 at 07:09:45AM -0500, George R. Kasica wrote: > On Fri, 17 Sep 1999 15:54:00 +1000, you wrote: > >hmm.. that's a tough one. > >can u provide me with more details > > > >On Fri, 17 Sep 1999, you wrote: > >>On Fri, 17 Sep 1999 08:55:28 +1000, you wrote: > >> > >>>which directory did u copy the rc4 files to? > >>ppp-2.3.8/linux as shown in the howto.txt > >> > >>George > > Matthew: > > I'm not sure what I can add....I followed these steps to the letter: > [steps snipped] > At this point here it fails with these errors: > > gcc -D__KERNEL__ -I/usr/src/linux-2.2.5/include -Wall > -Wstrict-prototypes -O2 -f > omit-frame-pointer -pipe -fno-strength-reduce -m386 -DCPU=386 -DMODULE > -DMODVERS > IONS -include /usr/src/linux-2.2.5/include/linux/modversions.h -c -o > ppp_mppe. > o ppp_mppe.c > ppp_mppe.c:66: rc4.h: No such file or directory > ppp_mppe.c:67: rc4_enc.c: No such file or directory [rest of errors snipped] I had this same problem when building this on Friday. Apparently, the kinstall script doesn't install the rc4.h and rc4_enc.h files, but it will _update_ them if they already exist. The fix for me was to copy them into the kernel build directory also before running kinstall.sh [jasonf at eraserhead ppp-2.3.8]# cp linux/rc4.h /usr/src/linux/drivers/net/ [jasonf at eraserhead ppp-2.3.8]# cp linux/rc4_enc.c /usr/src/linux/drivers/net/ Pertaining to the other comments, I've got RPMS of kernel 2.2.9+ppp-2.3.8+mppe together, but I am also bound by US export regulations (whine moan complain :). I would be happy to email the RPM spec files to someone if they wanted to collect the crypto sources to build the RPMS. -Jay 'Eraerhead' Felice From hett at hss-bremen.de Sun Sep 19 16:23:31 1999 From: hett at hss-bremen.de (Volker Hett zuhause) Date: Sun Sep 19 16:23:31 1999 Subject: [pptp-server] Hosting RPMS outside USA Message-ID: <37E552BC.28286EC0@hss-bremen.de> Hy Jay, I just had a private E-mail exchange with Allan Clark on friday, I volunteer to host RPMS on a Server in germany. Currently I?m setting up a RH 5.2 System (usualy I use SuSE Linux) and Allan puts the Scripts for the RPMS together. Hopefully it will be accessible sometime around the 26th September. Volker Hett -- ------------------------------------------------------------------------------- Menschenkraft vertr?gt nicht sehr viel Wirklichkeit T.S. Eliot From neale at lowendale.com.au Mon Sep 20 01:11:13 1999 From: neale at lowendale.com.au (Neale Banks) Date: Mon Sep 20 01:11:13 1999 Subject: [pptp-server] Win98 "connection speed" Message-ID: Greetings all, I have PoPToP running with PPP-2.3.9 and things are mostly well :-) However, a very significant user is getting variable "connected at ..." rates reported - typically 9600 or 57600 - when connecting with Win98 (authenticating with mschap-v2 and negotiating mppe :-) and variable performance of the PPTP link (still working on establishine a correlation here). 1) can anyone explain the significance of or provide pointers discussing the significance of this figure? 2) is there anything in PoPToP/ppp I can/should tweak to optimise this end of things? Thanks, Neale. From neale at lowendale.com.au Mon Sep 20 01:14:44 1999 From: neale at lowendale.com.au (Neale Banks) Date: Mon Sep 20 01:14:44 1999 Subject: [pptp-server] Debian packages? Message-ID: I've currently got patches against the latest Debian PPP and am contemplating Debianising PoPToP. Before I do any work re-inventing wheels, has anyone else done any Debianising of either PoPToP or MS-patched PPP? Thanks, Neale. From tmk at netmagic.net Mon Sep 20 01:48:14 1999 From: tmk at netmagic.net (tmk) Date: Mon Sep 20 01:48:14 1999 Subject: [pptp-server] Win98 "connection speed" References: Message-ID: <001701bf0334$98b45100$071c0fc0@lala.net> I *BELIEVE* that windows reports the speed of the device it 'pipes' pptp through as the connection speed. for example, my win98 box at home reports 10,000,000 bps (10 megabit) as the connection speed, since it is using an ethernet card as the interface that pptp uses. I'm betting that if this signifigant person is dialing up using a modem, and windows will report both dial up connections at the same speed. There have been reports of severe performance (or at least latency?) loss at times using pptp, and the (partial) fix there was to comment out the code that set the packet buffer size (how many packets the other side should send before it waits for an ack) to the same as the client, and instead hardcode a value in. That's not a guarenteed performance increase, it's more of a connection stability thing more than anything. Kevin ----- Original Message ----- From: Neale Banks To: Sent: Sunday, September 19, 1999 11:21 PM Subject: [pptp-server] Win98 "connection speed" > Greetings all, > > I have PoPToP running with PPP-2.3.9 and things are mostly well :-) > > However, a very significant user is getting variable "connected at ..." > rates reported - typically 9600 or 57600 - when connecting with Win98 > (authenticating with mschap-v2 and negotiating mppe :-) and variable > performance of the PPTP link (still working on establishine a correlation > here). > > 1) can anyone explain the significance of or provide pointers discussing > the significance of this figure? > > 2) is there anything in PoPToP/ppp I can/should tweak to optimise this end > of things? > > Thanks, > Neale. > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From tlaane at lucent.com Mon Sep 20 02:43:04 1999 From: tlaane at lucent.com (Thomas Laane) Date: Mon Sep 20 02:43:04 1999 Subject: [pptp-server] two different subnets Message-ID: <37E5E574.C12A2053@lucent.com> All, This is my situation. 10.0.1.x|--------------( internet )------------|10.0.0.x/255.255.0.0 255.255.0.0 10.0.1.x has PPTPD running on it and the 10.0.0.x network has a windows NT GW. Now I want to connect these to networks to each other. Till now I haven't succeeded yet. Is pptpd the approptiate tool to use to connect these to networks to each other or should I use a other on. Do we have to use the same network to be able to use this tool if not why is it not working for me then This is what my pptpd.conf looks like. speed 115200 option /etc/ppp/options-pptpd localip 10.0.0.2-4 remoteip 10.0.1.11-19 I have played around with the local and the remote IP number changing them to my network and to the others but it doesn't same to help. -- Thomas Laane, The best way to accelerate a computer running Windows is at 9.8 m/sec^2 From cswan at connectria.com Mon Sep 20 08:35:11 1999 From: cswan at connectria.com (Chris Swan) Date: Mon Sep 20 08:35:11 1999 Subject: [pptp-server] Win98 "connection speed" References: Message-ID: <001801bf036c$a0144ee0$6908a8c0@wustl.edu> ----- Original Message ----- From: Neale Banks To: Sent: Monday, September 20, 1999 1:21 AM Subject: [pptp-server] Win98 "connection speed" > Greetings all, > > I have PoPToP running with PPP-2.3.9 and things are mostly well :-) > > However, a very significant user is getting variable "connected at ..." > rates reported - typically 9600 or 57600 - when connecting with Win98 > (authenticating with mschap-v2 and negotiating mppe :-) and variable > performance of the PPTP link (still working on establishine a correlation > here). > > 1) can anyone explain the significance of or provide pointers discussing > the significance of this figure? I've read around in dejanews a bit, and this seems to be a Microsoft-ism. A lot of NT users are consistently reporting 9600 ans their connected speed, regardless of connection mechanism (cable, modem, ether, whatever.) Can you confirm that it _does_ perform at said rates? My understanding was that the windows connect speed was irrelevant, and that the clients performed at their fastest speed. If the user turns of Encrypt Data do the connect speeds consistently increase? > > 2) is there anything in PoPToP/ppp I can/should tweak to optimise this end > of things? Same question from me :) As TMK suggested, though, fiddling with the packet buffer size did nothing for me (actually made things worse.) From cswan at connectria.com Mon Sep 20 12:30:28 1999 From: cswan at connectria.com (Chris Swan) Date: Mon Sep 20 12:30:28 1999 Subject: [pptp-server] IPX support Message-ID: <003901bf038d$707ee660$6908a8c0@wustl.edu> Not really directly related to this group, but has anyone had any problems getting IPX support working in the 2.2 series of kernels? I can't get it to work for the life of me--if I compile it as a module, I get several 'unresolved symbol' errors, but if I compile it into the kernel, I don't get any errors on bootup, but PPP always complains that 'IPX support is not present in this kernel.' I'm really going batty here. Is there any chance that it's actually PPPd 2.3.8 which is not recognizing IPX in the kernel properly? Anyone know, off the top of their head, of a quick way to tell if IPX is functional? /proc/net/ipx* do not show anything as running... Do the MPPE and SSL patches work on the new PPPd 2.3.10? From friend at forfree.at Mon Sep 20 13:44:39 1999 From: friend at forfree.at (Karl) Date: Mon Sep 20 13:44:39 1999 Subject: [pptp-server] PPTP Client for FreeBSD Message-ID: <007501bf0398$2656ac70$4700a8c0@wsjk01.kmjeuro.com> hi all, i am new to this list. i successfully installed PPTPD on a few of my freebsd boxes. now i have tried to find a way to make some lan to lan connection. i tried to download the pptp-linux client 1.02. but my knowledge is more in network aso. so i am not able to compile the client under FreeBSD. has someone ported this and is willing to share it? many thanks for any tips, Karl Austria From cybear at pacbell.net Mon Sep 20 14:00:19 1999 From: cybear at pacbell.net (Matt Templeton) Date: Mon Sep 20 14:00:19 1999 Subject: [pptp-server] Dial-up conflict. Message-ID: <37E7C445.6CABB7EC@pacbell.net> I have been at this for some time and posted before. I have new info. I have a small lan at home that has pptpd running on a test Linux box (192.168.1.1). I have a windows98 second addition PC connected to the network (192.168.1.10). If I do not have a dial up connection the connection to the linux test box works fine. If I do a dial-up connection to the internet, I can not get a connection to the test box and get a win98 error message "The microsoft dial up adapter is in use or not responding properly. Disconnect other connections. If problem persists, shutdown and restart." I get the same error message when I try to connect to a pptpd server on the internet using dialup networking. Has anyone seen this problem and have a fix??? From bmbr at orbital.icelab.net Mon Sep 20 14:44:30 1999 From: bmbr at orbital.icelab.net (bmbr) Date: Mon Sep 20 14:44:30 1999 Subject: [pptp-server] createHostSocket: Address already in use Message-ID: ok, i feel like a real idiot for having to ask this, so spare the flames, i already feel bad enough ;) i'm runnin redhat linux kernel 2.2.5, with PPP support.. whenever i attempt to start the server, it gives me that message.. i've checked my inetd.conf, and it isnt using that port anywhere, nor does it show up in netstat -a. i'm thinking that i may be a configuration problem, however, i haven't found enough documentation on the conf's to really tell for sure.. here is how they currently look: /etc/pptpd.conf localip 10.10.10.1-10 #these are the addresses im using for my int. lan remoteip 198.243.125.1-254 #these are the addies that connections will be coming in on (im assuming?) /etc/ppp/options lock debug name servername auth require-chap proxyarp /etc/ppp/chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses ---- this is an area that led to a little bit of confusion on my part.. in the HOWTO, it said: billy severname bob * now, i left this out, because i figured it had nothing to do with my configuration, and was simply there as an example, but i'm kind of in the dark. I'm *quite* new to PPTP in general, and somewhat (6 months or so) new to linux in general, so any help that could be offered would be GREATLY appreciated! Thanks! ------ bmbr bmbr at icelab.net May the flames from the bridges I burn light my way... From jcaspen at ittc.ukans.edu Mon Sep 20 14:50:52 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Mon Sep 20 14:50:52 1999 Subject: [pptp-server] createHostSocket: Address already in use References: Message-ID: <37E68FEB.5A50AC8@ittc.ukans.edu> I had this error when 2 or more PPTP servers where running at the same time. Perhaps you can try rebooting. From bmbr at orbital.icelab.net Mon Sep 20 14:56:05 1999 From: bmbr at orbital.icelab.net (bmbr) Date: Mon Sep 20 14:56:05 1999 Subject: [pptp-server] createHostSocket: Address already in use In-Reply-To: <37E68FEB.5A50AC8@ittc.ukans.edu> Message-ID: I thought so as well.. however, after doing both a ps aux, AND rebooting the system, i get the same error.. it's quite frustrating ;) bmbr On Mon, 20 Sep 1999, Carlos Javier Castro Pena wrote: > I had this error when 2 or more PPTP servers where running at the same time. > Perhaps you can try rebooting. > > > > ------ bmbr bmbr at icelab.net May the flames from the bridges I burn light my way... From vince at nycrc.net Mon Sep 20 15:21:25 1999 From: vince at nycrc.net (Vince Gonzalez) Date: Mon Sep 20 15:21:25 1999 Subject: [pptp-server] Dial-up conflict. In-Reply-To: <37E7C445.6CABB7EC@pacbell.net>; from Matt Templeton on Tue, Sep 21, 1999 at 10:45:41AM -0700 References: <37E7C445.6CABB7EC@pacbell.net> Message-ID: <19990920162120.A28197@moe.nycrc.net> On Tue, Sep 21, 1999 at 10:45:41AM -0700, Matt Templeton wrote: > I have been at this for some time and posted before. I have new info. > > I have a small lan at home that has pptpd running on a test Linux box > (192.168.1.1). I have a windows98 second addition PC connected to the > network (192.168.1.10). If I do not have a dial up connection the > connection to the linux test box works fine. If I do a dial-up > connection to the internet, I can not get a connection to the test box > and get a win98 error message "The microsoft dial up adapter is in use > or not responding properly. Disconnect other connections. If problem > persists, shutdown and restart." I get the same error message when I try > to connect to a pptpd server on the internet using dialup networking. > > Has anyone seen this problem and have a fix??? I believe this is a known issue; try uninstalling VPN support and then reinstalling using the Windows Setup tab in Control Panel -> Add/Remove Software. --vince From patrickl at cst.ca Tue Sep 21 13:08:14 1999 From: patrickl at cst.ca (Patrick LIN) Date: Tue Sep 21 13:08:14 1999 Subject: [pptp-server] some little questions Message-ID: <37E7C8D3.3C4B9746@cst.ca> hi, i setup PPTPd server with : - ppp-2.3.8 - linux-2.2.12 - SSLeay-0.9.0b - ppp-2.3.8-mppe-others-norc4_TH7.diff - ppp-2.3.8-patch1 - pptpd 0.9.17 - ipchains 1.3.9 i use on my options file : lock debug auth name proxy refuse-pap +chapms-v2 mppe-40 proxyarp everything work well but i am a very suspicious man and want to know what and why on everything :)) this is a little sessions : pptpd log: Sep 21 13:09:16 proxy pptpd[2852]: CTRL: Client 209.167.208.9 control connection started Sep 21 13:09:16 proxy pptpd[2852]: CTRL: Starting call (launching pppd, opening GRE) Sep 21 13:09:19 proxy pptpd[2852]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! pppd log: Sep 21 13:09:16 proxy pppd[2853]: pppd 2.3.8 started by root, uid 0 Sep 21 13:09:16 proxy pppd[2853]: Using interface ppp0 Sep 21 13:09:16 proxy pppd[2853]: Connect: ppp0 <--> /dev/pts/2 Sep 21 13:09:19 proxy pppd[2853]: CHAP peer authentication succeeded for test Sep 21 13:09:20 proxy pppd[2853]: Cannot determine ethernet address for proxy ARP Sep 21 13:09:20 proxy pppd[2853]: local IP address 192.168.6.62 Sep 21 13:09:20 proxy pppd[2853]: remote IP address 192.168.6.2 Sep 21 13:09:50 proxy pppd[2853]: CCP: timeout sending Config-Requests Sep 21 13:11:34 proxy pppd[2853]: Modem hangup Sep 21 13:11:34 proxy pppd[2853]: Connection terminated. Sep 21 13:11:34 proxy pppd[2853]: Connect time 2.3 minutes. Sep 21 13:11:34 proxy pppd[2853]: Sent 3361 bytes, received 2626 bytes. Sep 21 13:11:34 proxy pppd[2853]: Exit. i have some errors in this log 1 - "Sep 21 13:09:19 proxy pptpd[2852]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!" what is it ? 2 - "Sep 21 13:09:20 proxy pppd[2853]: Cannot determine ethernet address for proxy ARP" why? 3- "Sep 21 13:09:50 proxy pppd[2853]: CCP: timeout sending Config-Requests" 4 - i want to know if there are a way to control the simutaneous connection for the same username ? thanks a lot patrick From tmk at netmagic.net Tue Sep 21 14:24:49 1999 From: tmk at netmagic.net (tmk) Date: Tue Sep 21 14:24:49 1999 Subject: [pptp-server] some little questions In-Reply-To: <37E7C8D3.3C4B9746@cst.ca> Message-ID: > i have some errors in this log > > 1 - "Sep 21 13:09:19 proxy pptpd[2852]: CTRL: Ignored a SET LINK INFO > packet with real ACCMs!" > > what is it ? we ignore character escape codes since all info is sent digitally, and no escapes are needed. we jsut ignore them. > > 2 - "Sep 21 13:09:20 proxy pppd[2853]: Cannot determine ethernet address > for proxy ARP" > > why? > if your local and remote ip addresses are on different subnets than your ethernet card, and ou try and use proxy arp, this error occurs. there's no point in using arp for your ppp? interfaces if they are on a different subnet. > 3- "Sep 21 13:09:50 proxy pppd[2853]: CCP: timeout sending > Config-Requests" > ccp is the compression handshaking part of ppp.. it means that compression couldnt be established, or that it sent a request and got no answer. no big deal > > 4 - i want to know if there are a way to control the simutaneous > connection > for the same username ? > not sure what you mean here.. be more specific Kevin From patrickl at cst.ca Tue Sep 21 15:00:26 1999 From: patrickl at cst.ca (Patrick LIN) Date: Tue Sep 21 15:00:26 1999 Subject: [pptp-server] some little questions References: Message-ID: <37E7E366.856392A7@cst.ca> tmk wrote: > > > i have some errors in this log > > > > 1 - "Sep 21 13:09:19 proxy pptpd[2852]: CTRL: Ignored a SET LINK INFO > > packet with real ACCMs!" > > > > what is it ? > > we ignore character escape codes since all info is sent digitally, and no > escapes are needed. we jsut ignore them. OK > > > > 2 - "Sep 21 13:09:20 proxy pppd[2853]: Cannot determine ethernet address > > for proxy ARP" > > > > why? > > > > if your local and remote ip addresses are on different subnets than your > ethernet card, and ou try and use proxy arp, this error occurs. there's no > point in using arp for your ppp? interfaces if they are on a different > subnet. Ok > > 3- "Sep 21 13:09:50 proxy pppd[2853]: CCP: timeout sending > > Config-Requests" > > > > ccp is the compression handshaking part of ppp.. it means that compression > couldnt be established, or that it sent a request and got no answer. no > big deal Hmm > > > > 4 - i want to know if there are a way to control the simutaneous > > connection > > for the same username ? > > > > not sure what you mean here.. be more specific > > Kevin if one user is connected and and other call occur and try to use the same username how can i denied this this new connection ok now mppe-40 work fine how can i use mppe-128 ? is mppe-128 need services pack 5 on NT? win 95/98 support 128 bits ? thanks patrick From meyers at vautomation.com Tue Sep 21 15:33:25 1999 From: meyers at vautomation.com (Christopher M. Meyers) Date: Tue Sep 21 15:33:25 1999 Subject: [pptp-server] pptp problems on solaris Message-ID: <37E7EB58.12656823@vautomation.com> Solaris problems with pptp. I'm having difficultly consistently connecting to PPTP over our company LAN. I'm managed 2 sucessful connections (out of 15 or so) to PPTPD from the my windows 95 laptop. When PPTP doesn't connect, windows 95 hangs and there are no messages in the syslog. The sucessful attempts to pptd did yield plenty of debug info in /var/adm/messages and a sucessful pppd login. I've tried to kill and restart pptpd many times. Could this be a conflict with inetd? Stats: Solaris 2.6/ pptpd built using gcc 2.6 Windows machine: MSWin95 & DUN 1.3 pppd 2.3.10 Any help would be apprecieated. Thanks! -- Christopher M. Meyers | Vautomation, Inc. meyers at vautomation.com | 402 Amherst Street Office: +1 (603) 882-2282 x21 | Suite 100 Fax : +1 (603) 882-1587 | Nashua, NH 03063 -------------- next part -------------- A non-text attachment was scrubbed... Name: meyers.vcf Type: text/x-vcard Size: 366 bytes Desc: Card for Christopher M. Meyers URL: From tmk at netmagic.net Tue Sep 21 18:04:54 1999 From: tmk at netmagic.net (tmk) Date: Tue Sep 21 18:04:54 1999 Subject: [pptp-server] some little questions In-Reply-To: <37E7E366.856392A7@cst.ca> Message-ID: > if one user is connected > and and other call occur and try to use the same username > how can i denied this this new connection i think you need to do external authentication (radius or whatever) for this to work. ppp auth support is kind of weak. > ok now mppe-40 work fine > how can i use mppe-128 ? > is mppe-128 need services pack 5 on NT? > win 95/98 support 128 bits ? there is no 128bit NT5 service pack as far as i know.. You need to prove to MS that you are a US or canada resident for them to give you the 128bit stuff. it has to do with us export controls. Kevin From jfinnecy at merical.com Tue Sep 21 18:37:27 1999 From: jfinnecy at merical.com (Jonathan Finnecy) Date: Tue Sep 21 18:37:27 1999 Subject: [pptp-server] PPTP and Samba Woes Message-ID: <4.1.19990921161804.0095b980@192.168.4.1> I hope this isn't a repeat question, I tried to scan the archives for an answer to this one, but wasn't getting much luck. I am setting up a fairly simple scenario. I have a Linux box running Samba on an internal network (192.168.4.X). This box has a connection to a firewall, which is running the PoPToP server. I have a laptop with Win95, and DUN1.3. The laptop should connect to the PPTP server/firewall and access the internal LAN. The TCP/IP connection/VPN stuff works great (I can ping servers that can't otherwise ping the outside world from the laptop, and I can ping the laptop's "internal" IP address from the internal servers). I can even simultaneously browse the internet (although I haven't experimented to find out if the laptop is getting masqueraded back out the firewall or if it is using its own internet connection to do so). The one thing I can't seem to do is pass a logon to my SAMBA server. When I try to use my drive mappings I get the error "Permanent connection not available." From DOS I tried "net use \\server\resource" and I get the error "Error 3787: You must log on before performing this operation." "Net logon" gives me the fun message "Error 3547: You cannot do this from within an MS-DOS window." I feel like I'm missing something obvious here. I had a similar problem a few years ago when I first set up PPP connections to access my servers directly. Win95 would send a different username than the one you entered in the PPP connection dialog-box. You had to make sure you had the username the Samba server expected entered in during the "Windows Logon" or "Microsoft Networking Logon" phase. I do have the correct username in place, according to the registry key "HKEY_LOCAL_MACHINE\Network\Logon\username". This username matches those in the "HKEY_CURRENT_USER\RemoteAccess\Profile\VPN\User", as well as all "HKEY_CURRENT_USER\Network\" "persistent" and "recent" keys. The only place a different username appears is under "HKEY_CURRENT_USER\RemoteAccess\Profile\Earthlink\User", which has the username I need to use to log onto my ISP. Anyone? -Jon From toktar at per.com.br Tue Sep 21 19:25:28 1999 From: toktar at per.com.br (Emir Toktar) Date: Tue Sep 21 19:25:28 1999 Subject: Fw: [pptp-server] Can server _require_ encryption? Message-ID: <003a01bf0491$0eb78360$010010ac@crypto.net> Hi, How can I to do refuse any connection that will not agree to data encryption? (authenticate ok, but at client no setup choice in DUN options) Thanks Emir > ----- Original Message ----- > From: Michael St. Laurent > To: > Sent: Thursday, August 26, 1999 6:33 PM > Subject: [pptp-server] Can server _require_ encryption? > > > > I have pptp working with encryption (!!!_party_!!!) What I need to do now > > is configure the server to inisist on data encryption. I know this can be > > set on the clients but I don't trust our users to not screw it up. Is > > there some way to set the server to reject any connection attempt that > will > > not agree to data encryption? > > > > -------------------- > > Michael St. Laurent > > Hartwell Corporation > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > > From conrad at messagesecure.com Wed Sep 22 07:15:55 1999 From: conrad at messagesecure.com (Cary T. Conrad) Date: Wed Sep 22 07:15:55 1999 Subject: [pptp-server] PPTP and Samba Woes In-Reply-To: <4.1.19990921161804.0095b980@192.168.4.1> Message-ID: <4.1.19990922080306.0465dc90@192.9.200.5> Without getting too deep into this this sound like a clasic naming problem. Samba (LAN MANAGER/SMB) uses a broadcast scheme to relay and notify the LAN of naming changes. This is arcane but OK for a lan. You are engineering a WAN, hence broadcasrts will not be propagated. FIXES: 1) re-transmit broadcasts: not recommended 2) Use Wins: Have your PC point to the samba server as a WINS server, do not forget to change the smb.conf file to support WINS Also, read the FAQ/Docs within the samba distribution for more, or get the samba book by Blair for more informaiton. At 05:35 AM 9/22/99 , you wrote: ># ># This file has been scanned for infections by Messagesecure MX1 ># >I hope this isn't a repeat question, I tried to scan the archives for an >answer to this one, but wasn't getting much luck. > >I am setting up a fairly simple scenario. I have a Linux box running Samba >on an internal network (192.168.4.X). This box has a connection to a >firewall, which is running the PoPToP server. I have a laptop with Win95, >and DUN1.3. The laptop should connect to the PPTP server/firewall and >access the internal LAN. > >The TCP/IP connection/VPN stuff works great (I can ping servers that can't >otherwise ping the outside world from the laptop, and I can ping the >laptop's "internal" IP address from the internal servers). I can even >simultaneously browse the internet (although I haven't experimented to find >out if the laptop is getting masqueraded back out the firewall or if it is >using its own internet connection to do so). > >The one thing I can't seem to do is pass a logon to my SAMBA server. When >I try to use my drive mappings I get the error "Permanent connection not >available." From DOS I tried "net use \\server\resource" and I get the >error "Error 3787: You must log on before performing this operation." "Net >logon" gives me the fun message "Error 3547: You cannot do this from within >an MS-DOS window." > >I feel like I'm missing something obvious here. I had a similar problem a >few years ago when I first set up PPP connections to access my servers >directly. Win95 would send a different username than the one you entered >in the PPP connection dialog-box. You had to make sure you had the >username the Samba server expected entered in during the "Windows Logon" or >"Microsoft Networking Logon" phase. I do have the correct username in >place, according to the registry key >"HKEY_LOCAL_MACHINE\Network\Logon\username". This username matches those >in the "HKEY_CURRENT_USER\RemoteAccess\Profile\VPN\User", as well as all >"HKEY_CURRENT_USER\Network\" "persistent" and "recent" keys. The only >place a different username appears is under >"HKEY_CURRENT_USER\RemoteAccess\Profile\Earthlink\User", which has the >username I need to use to log onto my ISP. > >Anyone? > >-Jon > >_______________________________________________ >pptp-server maillist - pptp-server at lists.schulte.org >http://lists.schulte.org/mailman/listinfo/pptp-server >List services provided by www.schulte.org! From georgek at netwrx1.com Wed Sep 22 09:44:52 1999 From: georgek at netwrx1.com (George R. Kasica) Date: Wed Sep 22 09:44:52 1999 Subject: [pptp-server] PopRop Problem Message-ID: Hello: Well, I've got pptpd working well here, with a small problem.....I still seem to send all data down the "normal" channel be it dialup or ethernet connect rather than everything over the VPN....this causes the problem that I still appear to come to the ISPs news server from "outside" they network....how to I accomplish the following (the Client is WIN98 Server with pptpd on it Linux 2.2.5) IP Addresses are REAL: Client Server 205.254.202.120 ----- VPN ------------ 205.254.202.114 10.36.9.242 --------- INTERNET---------> I'm getting the VPN Adapter assigned the IP address above yet the traffic when trace routed seems to go through the 'Net rather than routing through the Server hence the problem with appearing from "outside" the net. Any suggestions, and please keep it simple and as clear as possible. Thanks, George ===[George R. Kasica]=== +1 414 513 8503 President +1 800 520 4873 FAX Netwrx Consulting Inc. Waukesha, WI USA http://www.netwrx1.com georgek at netwrx1.com ICQ #12862186 From tmk at netmagic.net Wed Sep 22 10:46:22 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 22 10:46:22 1999 Subject: [pptp-server] PopRop Problem In-Reply-To: Message-ID: Try unchecking "use default gateway on remote network" in the dialup properties under tcp/ip. Kevin On Wed, 22 Sep 1999, George R. Kasica wrote: > Hello: > > Well, I've got pptpd working well here, with a small problem.....I > still seem to send all data down the "normal" channel be it dialup or > ethernet connect rather than everything over the VPN....this causes > the problem that I still appear to come to the ISPs news server from > "outside" they network....how to I accomplish the following (the > Client is WIN98 Server with pptpd on it Linux 2.2.5) IP Addresses are > REAL: > > Client Server > 205.254.202.120 ----- VPN ------------ 205.254.202.114 > 10.36.9.242 --------- INTERNET---------> > > I'm getting the VPN Adapter assigned the IP address above yet the > traffic when trace routed seems to go through the 'Net rather than > routing through the Server hence the problem with appearing from > "outside" the net. > > Any suggestions, and please keep it simple and as clear as possible. > > Thanks, > George > > ===[George R. Kasica]=== +1 414 513 8503 > President +1 800 520 4873 FAX > Netwrx Consulting Inc. Waukesha, WI USA > http://www.netwrx1.com > georgek at netwrx1.com > ICQ #12862186 > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From patrickl at cst.ca Wed Sep 22 11:48:03 1999 From: patrickl at cst.ca (Patrick LIN) Date: Wed Sep 22 11:48:03 1999 Subject: [pptp-server] some little questions References: Message-ID: <37E90839.F10745D7@cst.ca> tmk wrote: > > > if one user is connected > > and and other call occur and try to use the same username > > how can i denied this this new connection > > i think you need to do external authentication (radius or whatever) for > this to work. ppp auth support is kind of weak. > > > ok now mppe-40 work fine > > how can i use mppe-128 ? > > is mppe-128 need services pack 5 on NT? > > win 95/98 support 128 bits ? > > there is no 128bit NT5 service pack as far as i know.. You need to prove > to MS that you are a US or canada resident for them to give you the 128bit > stuff. it has to do with us export controls. > > Kevin ok everything is good i have an other question : how many (maximum) PPPD can run as default in a linux Box (kernel 2.2.12 pppd 1.3.8) thanks again patrick From tmk at netmagic.net Wed Sep 22 12:20:05 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 22 12:20:05 1999 Subject: [pptp-server] some little questions In-Reply-To: <37E90839.F10745D7@cst.ca> Message-ID: depends on memory and cpu speed. i think it's around 128 as far as OS bottlenecks. Early in the mailing list we did all the calculations. check the archives Kevin On Wed, 22 Sep 1999, Patrick LIN wrote: > tmk wrote: > > > > > if one user is connected > > > and and other call occur and try to use the same username > > > how can i denied this this new connection > > > > i think you need to do external authentication (radius or whatever) for > > this to work. ppp auth support is kind of weak. > > > > > ok now mppe-40 work fine > > > how can i use mppe-128 ? > > > is mppe-128 need services pack 5 on NT? > > > win 95/98 support 128 bits ? > > > > there is no 128bit NT5 service pack as far as i know.. You need to prove > > to MS that you are a US or canada resident for them to give you the 128bit > > stuff. it has to do with us export controls. > > > > Kevin > > ok everything is good > > i have an other question : > > how many (maximum) PPPD can run as default in a linux Box (kernel 2.2.12 > pppd 1.3.8) > > thanks again > > patrick > From matthewr at moreton.com.au Wed Sep 22 19:25:13 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Wed Sep 22 19:25:13 1999 Subject: [pptp-server] PoPToP v1.0.0 Message-ID: <99092310190102.27377@gibberling.moreton.com.au> PoPToP v1.0.0 has finally been released! http://www.moretonbay.com/vpn/download_pptp.html From dj at shadowmage.com Wed Sep 22 22:23:44 1999 From: dj at shadowmage.com (D.J. Heap) Date: Wed Sep 22 22:23:44 1999 Subject: [pptp-server] pptpd 1.0.0 / Win98 performance problem Message-ID: <000501bf0573$10575500$0201010a@shadowmage.com> > All great so far, then I actually use the connection from the client > side (hit an internal website). Before the website is loaded I see: > > 64 bytes from x.x.x.x: icmp_seq=10 ttl=128 time=42.2 ms > 64 bytes from x.x.x.x: icmp_seq=11 ttl=128 time=60.6 ms > 64 bytes from x.x.x.x: icmp_seq=13 ttl=128 time=2690.4 ms > 64 bytes from x.x.x.x: icmp_seq=14 ttl=128 time=4331.3 ms > 64 bytes from x.x.x.x: icmp_seq=18 ttl=128 time=495.5 ms > 64 bytes from x.x.x.x: icmp_seq=19 ttl=128 time=6763.5 ms > 64 bytes from x.x.x.x: icmp_seq=20 ttl=128 time=6072.7 ms > 64 bytes from x.x.x.x: icmp_seq=21 ttl=128 time=7075.6 ms > 64 bytes from x.x.x.x: icmp_seq=22 ttl=128 time=6081.9 ms > 64 bytes from x.x.x.x: icmp_seq=23 ttl=128 time=6036.2 ms > 64 bytes from x.x.x.x: icmp_seq=24 ttl=128 time=5977.3 ms > 64 bytes from x.x.x.x: icmp_seq=25 ttl=128 time=10531.3 ms > > ... and then the connection will finally break down entirely and no > data will be transferred. There is not a connection problem between me > and the server at all. At the time of testing I was getting <20ms and > no packet loss. I am experiencing very similar difficulties with Win98. I have not had the opportunity to try Win2k or NT yet, but I will do that when I have some time to install them on a test machine. I have upgraded to 1.0.0 and still have the same troubles, btw. I cannot even keep a steady ping going. It seems somewhat sporadic, ping will work fine for a few seconds in both directions (from client to server, server to client) then it will stop working for a few seconds...then a few seconds later it will ping ok again for a while. Attempting any sort of large data transfer at all is utterly unsuccessful. I have noticed when I turn on debugging, I see many many 'GRE: Discarding out of order packet' messages and the occasional 'GRE: Discarding duplicate packet' messages...the out of order packet messages far far outnumber the duplicate packet messages, however. Any help or information would be appreciated, and, of course I am very willing to help in any debugging I can. I have not tried altering the PCKT_RECV_WINDOW_SIZE or any other code, yet, but I will if that might help? Thanks, DJ From epadin at wagweb.com Thu Sep 23 13:31:30 1999 From: epadin at wagweb.com (Ed Padin) Date: Thu Sep 23 13:31:30 1999 Subject: [pptp-server] Firewalling Poptop Message-ID: Hello, My firm is looking at employing the poptop server. It now seems to have enough encryption with the availability of MSCHAP2 in the pppd. The one question that came up is how to firewall the poptop server. Our current firewall is a Linux 2.0.36 box using ipfwadm and masquerading. I'm pretty well versed in allowing incoming TCP ports to inside web and mail servers. Would setting up the poptop VPN work in the same way. I reemeber reading that it uses the GRE protocol which, I guess, is different than UDP, TCP or ICMP. If that's the case then how would I implement a poptop that is inside the Linux masq firewall? Is it all possible with any firewall? Thanks in advance for any input. Regards From jcaspen at ittc.ukans.edu Thu Sep 23 16:50:51 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Thu Sep 23 16:50:51 1999 Subject: [Fwd: Re: [pptp-server] Peers can't connect but don't see each other] References: <37E64F1E.72B815CB@iname.com> Message-ID: <37EAA0AC.7162E08E@ittc.ukans.edu> Everything seems to work find from the server side. I can connect with pptp-linux client. The problem seems to be caused by MS Windows 98 client. The connection is established correctly, but the route to the remote host is not added to the route table. A route to the local host is added: Linux adds route to client IP (10.0.0.1) Windows adds route to 10.0.0.0 and 10.0.0.1. It doesn't add a route to the Linux IP (11.0.0.1) and when I try to delete the 10.0.0.x routes it says that the route could not be found. > check to make sure that the windows boxes have the ip of the linux box > as a > gateway in their tcp settings, and that you have the appropriate routes > set > up on the linux server. Also make sure IP forwarding is on. you won't > need > ARP at all From rdale at digital-mission.com Thu Sep 23 19:57:20 1999 From: rdale at digital-mission.com (Robert Dale) Date: Thu Sep 23 19:57:20 1999 Subject: [pptp-server] Portslave+PPPd+MPPE patch Message-ID: Greetings. First, let me explain what I'm doing here and see if it makes any sense. Basically, this is a MSCHAPv2/MPPE patch for use in portslave. I have not yet tested it, but in theory you should be able to use RADIUS for authentication. (If there's another way, please let me know). The main reason for doing this is because I have a potential client that wants to use linux as a firewall and pptp server, but use his NT PDC for authentication for ease of administration. Please, let me know if I'm taking the wrong approach here. Also, someone on the list earlier asked if there was a patches portslave for this. Well, now there is ;) Hopefully it works. THIS IS UNTESTED! I'll hopefully be able to test it over the weekend, but I wanted to get it out for feedback. HOWTO: You want to do the same initial setup of pppd-2.3.8, SSL, mppe. This is because the pppd that comes with portslave is a stripped down version and I have not bothered to see what's different other than kinstall is absent. (Stolen from the existing HOWTO by Matthew Ramsay ) 1. Grab yourself a clean copy of the PPP deamon v2.3.8 (ppp-2.3.8.tar.gz). I usually go here for my PPP files: ftp://cs.anu.edu.au/pub/software/ppp/ Note: You must get the tarball (tar.gz) and *not* the RPM. 2. Grab youself the MSCHAP/MPPE diff file from: http://www.moretonbay.com/vpn/releases/ppp-2.3.8-mppe-others-norc4_TH7.diff.gz B 3. Grab yourself the SSLeay-0.6.6b file from: ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6b.tar.gz 4. You should now have 3 files: ppp-2.3.8.tar.gz ppp-2.3.8-mppe-others-norc4_TH7.diff.gz SSLeay-0.6.6b.tar.gz Copy these files to your preferred location (I prefer /usr/local/src/) 5. Assuming your files are in /usr/local/src/ and your current working directory is also /usr/local/src/ do the following: tar zxvf ppp-2.3.8.tar.gz gunzip ppp-2.3.8-mppe-others-norc4_TH7.diff.gz tar zxvf SSLeay-0.6.6b.tar.gz cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/ cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/ patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff cd ppp-2.3.8 6. The files should now all be in place and we are ready to compile PPP. Follow these steps to compile it: ./configure cd linux ./kinstall.sh cd /usr/src/linux make modules SUBDIRS=drivers/net make modules_install rmmod ppp insmod ppp insmod ppp_mppe (Here's where it gets different) This patch was made against the latest porslave (portslave-1.2.0pre12). There's probably nothing stopping you from applying this patch to something relatively current as well, but don't expect the same results! 7. unroll portslave and apply the patch tar zxf portslave-1.2.0pre12.tar.gz patch -p0 < portslave-1.2.0pre12+PPPD+MPPE.patch cd portslave-1.2.0pre12] make 8. It should now be built. Let nature takes it's course... make install (I haven't been this far yet ;) 9. Configure PPTP should be the same 10. Configure portslave should be the same Let me know how it goes. ;) The patch is included as an attachment and at the end of this email. -- Robert Dale Digital Mission http://www.digital-mission.com -------------- next part -------------- A non-text attachment was scrubbed... Name: portslave-1.2.0pre12+PPPD+MPPE.patch.gz Type: application/x-gunzip Size: 50689 bytes Desc: URL: From Steve.Cowles at gte.net Thu Sep 23 22:32:05 1999 From: Steve.Cowles at gte.net (Cowles, Steve) Date: Thu Sep 23 22:32:05 1999 Subject: [pptp-server] Still unable to get pptp to work Message-ID: <000d01bf063c$c4c32130$49478ed1@dsl.gtei.net> Hello all, I have been trying to get pptpd to work for a while now. I have followed all of the instructions posted to this list along with the PopTop WEB site, but still an unable to get a single ping to work once connected (I have no problem connecting). I have a feeling that my problem is because I am connecting to my Linux box (externally) which is also configured as a firewall using ipchains for my home LAN. I have added the necessary commands to allow port 47 and so on through the the box (see my rc.firewall below) but am still unable to get a single ping to work in both directions. Also, I am trying to connect using my laptop which is running NT4.0 Workstation (SP5, 128bit) I loaded the standard VPN stuff from the original NT CD. I'm not aware of any patches for VPN stuff. Anyway, if anyone can see an obvious problem with any of my configuration files, please point them out. At this point, I'm willing to try anything to make this work. I work out of town Monday thru Friday and would like to connect to my home LAN through local ISP's while on the road using a VPN. Also, I have successfully setup my Linux box to recieve calls using mgetty. ppp 2.3.8 works perfectly when I connect using straight ppp when spawned by mgetty (without pptp). Obviously, I am assigning a local IP address when using mgetty and ppp. A little background: Local LAN network address is 192.168.9.0/24 Linux box internal IP address is 192.168.9.1 Linux box external IP address is x.x.x.125 (for the purpose of this post using ADSL connection) When I create my dialup connection on my laptop, I specify the external IP address of my Linux box. I have tried enabling/disabling all types of parameters for this connection profile along with what is recommended in posts to this list. I have tried to include every file that I can think of so that someone might be able to point me in the right direction, along with netstat, ifconfig outputs, tcpdump. thanks (sorry for the long post, but I wanted to include relevent info) Steve Cowles *********************** *********************** [scowles at voyager scowles]$ lsmod Module Size Used by ppp_mppe 13328 1 (autoclean) ppp 19948 2 (autoclean) [ppp_mppe] slhc 4268 0 (autoclean) [ppp] ip_masq_portfw 2256 2 (autoclean) ip_masq_ftp 2352 0 ip_masq_irc 1360 0 (unused) ip_masq_raudio 2736 0 (unused) 3c59x 19272 2 (autoclean) [scowles at voyager scowles]$ *********************** *********************** [scowles at voyager scowles]$ netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.9.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 192.168.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 x.x.x.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 x.x.x.1 0.0.0.0 UG 0 0 0 eth1 *********************** *********************** [scowles at voyager scowles]$ netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.9.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 192.168.9.101 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.9.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 x.x.x.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 x.x.x.1 0.0.0.0 UG 0 0 0 eth1 *********************** *********************** C:\>route print =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 02 d0 6a 5f 80 ...... NdisWan Adapter 0x3 ...00 00 00 00 00 00 ...... NdisWan Adapter 0x4 ...00 01 d0 32 5f 80 ...... NdisWan Adapter =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 209.142.71.73 209.142.71.73 1 x.x.x.125 255.255.255.255 209.142.71.73 209.142.71.73 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.9.0 255.255.255.0 192.168.9.101 192.168.9.101 1 192.168.9.101 255.255.255.255 127.0.0.1 127.0.0.1 1 209.142.71.0 255.255.255.0 209.142.71.73 209.142.71.73 1 209.142.71.73 255.255.255.255 127.0.0.1 127.0.0.1 1 209.142.71.255 255.255.255.255 209.142.71.73 209.142.71.73 1 224.0.0.0 224.0.0.0 192.168.9.101 192.168.9.101 1 224.0.0.0 224.0.0.0 209.142.71.73 209.142.71.73 1 255.255.255.255 255.255.255.255 192.168.9.101 192.168.9.101 1 =========================================================================== C:\> *********************** *********************** ppp0 Link encap:Point-to-Point Protocol inet addr:192.168.9.1 P-t-P:192.168.9.101 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:77 errors:0 dropped:0 overruns:0 frame:0 TX packets:22 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 *********************** *********************** Sep 23 21:43:00 voyager pptpd[8169]: CTRL: Client 209.142.71.73 control connecti on started Sep 23 21:43:00 voyager pptpd[8169]: CTRL: Starting call (launching pppd, openin g GRE) Sep 23 21:43:00 voyager kernel: CSLIP: code copyright 1989 Regents of the Univer sity of California Sep 23 21:43:00 voyager kernel: PPP: version 2.3.8 (demand dialling) Sep 23 21:43:00 voyager kernel: PPP line discipline registered. Sep 23 21:43:00 voyager kernel: registered device ppp0 Sep 23 21:43:00 voyager pppd[8170]: pppd 2.3.8 started by root, uid 0 Sep 23 21:43:00 voyager pppd[8170]: Using interface ppp0 Sep 23 21:43:00 voyager pppd[8170]: Connect: ppp0 <--> /dev/pts/5 Sep 23 21:43:04 voyager pptpd[8169]: CTRL: Ignored a SET LINK INFO packet with r eal ACCMs! Sep 23 21:43:04 voyager kernel: PPP MPPE compression module registered Sep 23 21:43:04 voyager kernel: PPP Deflate Compression module registered Sep 23 21:43:04 voyager pppd[8170]: MSCHAP-v2 peer authentication succeeded for scowles Sep 23 21:43:06 voyager pppd[8170]: found interface eth0 for proxy arp Sep 23 21:43:06 voyager pppd[8170]: local IP address 192.168.9.1 Sep 23 21:43:06 voyager pppd[8170]: remote IP address 192.168.9.101 Sep 23 21:43:35 voyager pppd[8170]: CCP: timeout sending Config-Requests *********************** *********************** Sep 23 21:43:00 voyager pptpd[8169]: CTRL: Starting call (launching pppd, openin g GRE) Sep 23 21:43:00 voyager pppd[8170]: pppd 2.3.8 started by root, uid 0 Sep 23 21:43:00 voyager pppd[8170]: Using interface ppp0 Sep 23 21:43:00 voyager pppd[8170]: Connect: ppp0 <--> /dev/pts/5 Sep 23 21:43:00 voyager pppd[8170]: sent [LCP ConfReq id=0x1 ] Sep 23 21:43:01 voyager pppd[8170]: rcvd [LCP ConfReq id=0x0 ] Sep 23 21:43:01 voyager pppd[8170]: sent [LCP ConfAck id=0x0 ] Sep 23 21:43:03 voyager pppd[8170]: sent [LCP ConfReq id=0x1 ] Sep 23 21:43:04 voyager pppd[8170]: rcvd [LCP ConfAck id=0x1 ] Sep 23 21:43:04 voyager pppd[8170]: sent [CHAP Challenge id=0x1 <3653e6cfdf43b5f ca3223f44125571>, name = "voyager"] Sep 23 21:43:04 voyager pptpd[8169]: CTRL: Ignored a SET LINK INFO packet with r eal ACCMs! Sep 23 21:43:04 voyager pppd[8170]: rcvd [CHAP Response id=0x1 <5b594e94bd13a417 bb9150fe166365000000000000000088acd83d38c76447951e4bfedecc90820dcad3b984b1cd 00>, name = "scowles"] Sep 23 21:43:04 voyager pppd[8170]: sent [CHAP Success id=0x1 "S=A86577948BF6C5B 46AA92A884E298CCC1F6B6"] Sep 23 21:43:04 voyager pppd[8170]: sent [IPCP ConfReq id=0x1 ] Sep 23 21:43:04 voyager pppd[8170]: sent [CCP ConfReq id=0x1 ] Sep 23 21:43:04 voyager pppd[8170]: MSCHAP-v2 peer authentication succeeded for scowles Sep 23 21:43:05 voyager pppd[8170]: rcvd [CCP ConfReq id=0x1 ] Sep 23 21:43:05 voyager pppd[8170]: sent [CCP ConfRej id=0x1 ] Sep 23 21:43:05 voyager pppd[8170]: rcvd [IPCP ConfReq id=0x2 ] Sep 23 21:43:05 voyager pppd[8170]: sent [IPCP ConfNak id=0x2 ] Sep 23 21:43:05 voyager pppd[8170]: rcvd [IPCP ConfRej id=0x1 ] Sep 23 21:43:05 voyager pppd[8170]: sent [IPCP ConfReq id=0x2 ] Sep 23 21:43:05 voyager pppd[8170]: rcvd [CCP ConfRej id=0x1 ] Sep 23 21:43:05 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:05 voyager pppd[8170]: rcvd [CCP TermReq id=0x3 00 00 02 dc] Sep 23 21:43:05 voyager pppd[8170]: sent [CCP TermAck id=0x3] Sep 23 21:43:05 voyager pppd[8170]: rcvd [IPCP ConfReq id=0x4 ] Sep 23 21:43:05 voyager pppd[8170]: sent [IPCP ConfAck id=0x4 ] Sep 23 21:43:06 voyager pppd[8170]: rcvd [IPCP ConfAck id=0x2 ] Sep 23 21:43:06 voyager pppd[8170]: found interface eth0 for proxy arp Sep 23 21:43:06 voyager pppd[8170]: local IP address 192.168.9.1 Sep 23 21:43:06 voyager pppd[8170]: remote IP address 192.168.9.101 Sep 23 21:43:06 voyager pppd[8170]: Script /etc/ppp/ip-up started (pid 8180) Sep 23 21:43:06 voyager pppd[8170]: Script /etc/ppp/ip-up finished (pid 8180), s tatus = 0x0 Sep 23 21:43:08 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:08 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:11 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:17 voyager last message repeated 2 times Sep 23 21:43:18 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:20 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:20 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:23 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:24 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:26 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:27 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:29 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:29 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:32 voyager pppd[8170]: sent [CCP ConfReq id=0x2 ] Sep 23 21:43:32 voyager pppd[8170]: rcvd [CCP TermAck id=0x2] Sep 23 21:43:35 voyager pppd[8170]: CCP: timeout sending Config-Requests *********************** *********************** [scowles at voyager scowles]$ ping 192.168.9.101 PING 192.168.9.101 (192.168.9.101): 56 data bytes r --- 192.168.9.101 ping statistics --- 8 packets transmitted, 0 packets received, 100% packet loss [scowles at voyager scowles]$ *********************** *********************** 22:19:41.173435 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:41.618335 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:42.172197 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:42.533459 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:43.172307 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:43.545091 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:44.172390 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:44.572571 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:45.172492 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:45.518369 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:46.172578 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:46.615564 192.168.9.101 > 192.168.9.1: icmp: echo reply 22:19:47.172676 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:47.527838 192.168.9.101 > 192.168.9.1: icmp: echo reply *********************** *********************** 22:23:48.428864 192.168.9.101 > 192.168.9.1: icmp: echo request 22:23:49.714634 192.168.9.101 > 192.168.9.1: icmp: echo request 22:23:51.201163 192.168.9.101 > 192.168.9.1: icmp: echo request 22:23:52.713724 192.168.9.101 > 192.168.9.1: icmp: echo request *********************** *********************** C:\>ping 192.168.9.1 Pinging 192.168.9.1 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. C:\>ping 192.168.9.2 Pinging 192.168.9.2 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. C:\> *********************** *********************** speed 115200 localip 192.168.9.1 remoteip 192.168.9.100-110 *********************** *********************** lock debug auth name voyager +chap +chapms +chapms-v2 mppe-40 mppe-stateless netmask 255.255.255.0 ms-wins 192.168.9.2 ms-dns 192.168.9.1 proxyarp *********************** *********************** #!/bin/sh #======================================================================= # Define Shell Functions for this script #======================================================================= get_if_ipaddress () { INTERFACE=$1 if [ -x /sbin/ifconfig ] ; then /sbin/ifconfig ${INTERFACE} | grep "inet addr:" | awk ' \ { split ( $2, sbuf, ":" ) printf ("%s", sbuf[2]) } ' - fi } #======================================================================= # Define all Variables for this script #======================================================================= # Internal LAN INT_IF="eth0" INT_NET="192.168.9.0/24" INT_IP="192.168.9.1" # External LAN EXT_IF="eth1" EXT_NET="x.x.x.x/20" EXT_IP=`get_if_ipaddress ${EXT_IF}` DEF_ROUTE="x.x.x.1" ANYWHERE="0.0.0.0/0" EXCH_IP="192.168.9.2" IPCHAINS="/sbin/ipchains" IPMASQADM="/usr/sbin/ipmasqadm" DEPMOD="/sbin/depmod" MODPROBE="/sbin/modprobe" # =============================================================== # Finally... setup the IP chains # =============================================================== if [ -x ${IPCHAINS} ] ; then # ======================================================= # Flush chains. Not needed at bootup, but nice for debug # ======================================================= ${IPCHAINS} -F input ${IPCHAINS} -F output ${IPCHAINS} -F forward # ======================================================= # Set Default chain policies # ======================================================= # NOTE: I have tried ACCEPT for input/ouput with no luck ${IPCHAINS} -P input DENY ${IPCHAINS} -P output ACCEPT ${IPCHAINS} -P forward DENY # ======================================================= # Output Chains # ======================================================= # NOTE: Have tried commenting these lines out with no luck ${IPCHAINS} -A output -p TCP -d ${ANYWHERE} www -t 0x01 0x10 ${IPCHAINS} -A output -p TCP -d ${ANYWHERE} telnet -t 0x01 0x10 ${IPCHAINS} -A output -p TCP -d ${ANYWHERE} ftp -t 0x01 0x02 # ======================================================= # Input Chains # ======================================================= # ---------------- # eth0 (Internal) # ---------------- # Allow all incoming packets to internal interface ${IPCHAINS} -A input -i ${INT_IF} -j ACCEPT # ---------------- # eth1 (External) # ---------------- # NOTE: pptp stuff, added these lines per post to pptp list ${IPCHAINS} -A input -p tcp -d ${EXT_IP} 1723 -j ACCEPT ${IPCHAINS} -A input -p 47 -d ${EXT_IP} -j ACCEPT # Finally, Allow incoming data from Internet to be accepted ${IPCHAINS} -A input -i ${EXT_IF} -j ACCEPT # ---------------- # lo (Loopback) # ---------------- # Also accept all local loopback packets ${IPCHAINS} -A input -i lo -j ACCEPT # ======================================================= # Masquerade Settings # ======================================================= ${IPCHAINS} -M -S 7200 10 60 # ======================================================= # Forward Chains (and Masquerade) # ======================================================= # NOTE: pptp stuff, added these lines per post in pptp list ${IPCHAINS} -A forward -p tcp -d ${EXT_IP} 1723 -j ACCEPT ${IPCHAINS} -A forward -p tcp -s ${EXT_IP} 1723 -j ACCEPT ${IPCHAINS} -A forward -p 47 -d ${EXT_IP} -j ACCEPT ${IPCHAINS} -A forward -p 47 -s ${EXT_IP} -j ACCEPT # NOTE: Tried this with no change, added per post to list ${IPCHAINS} -A forward -i ppp0 -j ACCEPT ${IPCHAINS} -A forward -j MASQ -s ${INT_NET} -d ${ANYWHERE} fi # ========================================================= # Port Forwarding Settings (external to internal IP/ports) # ========================================================= NOTE: This part does not apply, but have commented it out with no luck if [ -x ${IPMASQADM} ] ; then ${IPMASQADM} portfw -f ${IPMASQADM} portfw -a -P tcp -L ${EXT_IP} 80 -R ${EXCH_IP} 80 ${IPMASQADM} portfw -a -P tcp -L ${EXT_IP} 110 -R ${EXCH_IP} 110 fi From tmk at netmagic.net Thu Sep 23 23:35:57 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 23 23:35:57 1999 Subject: [pptp-server] Still unable to get pptp to work References: <000d01bf063c$c4c32130$49478ed1@dsl.gtei.net> Message-ID: <001001bf0646$c50b6940$071c0fc0@lala.net> wow. thanks for the detailed logs. I'll truncate them for the sake of saving bandwidth Packets are obviously getting into your network (tcpdump shows that much), and the intended host is replying, BUT it doesnt get there. Stuff i noticed: Your forward stuff is a little out of whack. unless you run a pptp client on your linux box, you dont need the ${IPCHAINS} -A forward -p tcp -s ${EXT_IP} 1723 -j ACCEPT line.. pptp doesnt use 1723 to reply from. I think ${IPCHAINS} -A forward -p 47 -s ${EXT_IP} -j ACCEPT Is also useless. your output firewall isnt blocking this, so you're fine. your linux box is the source of all pptp traffic. Only thing i can think of is that proxyarp isnt enabled or isnt working properly try echo "1" > /proc/sys/net/ipv4/conf/all/proxy_arp or echo "1" > /proc/sys/net/ipv4/conf/ppp0/proxy_arp if you are paranoid.. (this only works if ppp0 exists!) you probably already have ip fowrading enabled.. but check that just in case echo "1" > /proc/sys/net/ipv4/ip_forward in case you didn't know.. you might also try ${IPCHAINS} -A forward -j MASQ -s ${INT_NET} -d ! ${INT_NET} instead of ${IPCHAINS} -A forward -j MASQ -s ${INT_NET} -d ${ANYWHERE} Kevin ----- Original Message ----- From: Cowles, Steve To: Sent: Thursday, September 23, 1999 8:27 PM Subject: [pptp-server] Still unable to get pptp to work > Hello all, > > I have been trying to get pptpd to work for a while now. I have followed all > of the instructions posted to this list along with the PopTop WEB site, but > still an unable to get a single ping to work once connected (I have no > problem connecting). I have a feeling that my problem is because I am > connecting to my Linux box (externally) which is also configured as a > firewall using ipchains for my home LAN. I have added the necessary commands [SNIP] From conrad at messagesecure.com Fri Sep 24 07:24:39 1999 From: conrad at messagesecure.com (Cary T. Conrad) Date: Fri Sep 24 07:24:39 1999 Subject: [pptp-server] Solaris and Poptop In-Reply-To: Message-ID: <4.1.19990924080734.04394f00@192.9.200.5> To All, Ok, I am going to put the time into this integration. My question is has anyone 'ported' PopTop to Solaris? If so, can you kindly relay to me what I need to what out for? All input will be compiled by your truely for a HowTo. CC From Steve.Cowles at gte.net Fri Sep 24 08:01:22 1999 From: Steve.Cowles at gte.net (Cowles, Steve) Date: Fri Sep 24 08:01:22 1999 Subject: [pptp-server] Still unable to get pptp to work References: <000d01bf063c$c4c32130$49478ed1@dsl.gtei.net> <001001bf0646$c50b6940$071c0fc0@lala.net> Message-ID: <001b01bf068c$4f3673e0$71478ed1@dsl.gtei.net> Kevin, Thanks for your reply. I tried your suggestions, but unfortunately had no luck. The confusing part is the proxyarp setting was set to 0. But when I look at the log files, I consistently see the message "found interface eth0 for proxy arp" Anyway, I tried setting proxyarp to 1. As for my rc.firewall... what I posted is a highly modified (stripped down) version of my main rc.firewall script. I have been using a separate script to help debug why I can't get pptp to work. My main rc.firewall deals with the "script kiddies" of the world, i.e. syn_floods, spoofing, pings, etc... I guess what I am most puzzled about is the tcpdump captures. When I ping my NT box (from Linux), I see the echo request and reply... but get 100% packet loss. It's like pptp is not de-encapsulating the packet (if I understand how pptp is working) 22:19:41.173435 192.168.9.1 > 192.168.9.101: icmp: echo request 22:19:41.618335 192.168.9.101 > 192.168.9.1: icmp: echo reply but when I ping from my NT box (to Linux box) I do not see the reply. 22:23:48.428864 192.168.9.101 > 192.168.9.1: icmp: echo request 22:23:49.714634 192.168.9.101 > 192.168.9.1: icmp: echo request The problem I am having seems similar to a problem I had with one of my customers earlier this year. Basically, I setup a 3com Total Control Hub and configured all analog modems for vpn authentication to a MS RAS server which was also setup for VPN's. In short, all dialin users authenticated to their MS Domain account NOT the 3com box. This system worked flawlessly for over a year, until I upgraded the RAS server to SP5 (which also loaded new vpn drivers). Once I put the SP5 RAS server back on-line, all Windows 98 clients had the identical problem as I am having with pptp (PopTop). They could connect, authenticate, but not a single packet would pass across the VPN. Windows 95 clients and NT Workstations did not have this problem. After working with 3com support, it was discovered that the WIN98 clients had to upgrade their dialup software (DUN). This actually worked. Fricken WIN98 POS!!!. My point being, I would like to test my system with WIN95. But all of my systems are Win NT4.0 based. In fact, where I now work (on contract), they have mandated NO Windows 98. Just NT Workstation. Oh well Again thanks for your help Steve Cowles ----- Original Message ----- From: tmk To: Cowles, Steve ; Sent: Thursday, September 23, 1999 11:39 PM Subject: Re: [pptp-server] Still unable to get pptp to work > wow. thanks for the detailed logs. I'll truncate them for the sake of saving > bandwidth > > Packets are obviously getting into your network (tcpdump shows that much), > and the intended host is replying, BUT it doesnt get there. > > Stuff i noticed: > > Your forward stuff is a little out of whack. unless you run a pptp client on > your linux box, you dont need the > ${IPCHAINS} -A forward -p tcp -s ${EXT_IP} 1723 -j ACCEPT > line.. pptp doesnt use 1723 to reply from. > I think > ${IPCHAINS} -A forward -p 47 -s ${EXT_IP} -j ACCEPT > Is also useless. your output firewall isnt blocking this, so you're fine. > your linux box is the source of all pptp traffic. > > Only thing i can think of is that proxyarp isnt enabled or isnt working > properly > try > echo "1" > /proc/sys/net/ipv4/conf/all/proxy_arp > or > echo "1" > /proc/sys/net/ipv4/conf/ppp0/proxy_arp > if you are paranoid.. (this only works if ppp0 exists!) > > you probably already have ip fowrading enabled.. but check that just in case > echo "1" > /proc/sys/net/ipv4/ip_forward > in case you didn't know.. > > you might also try > ${IPCHAINS} -A forward -j MASQ -s ${INT_NET} -d ! ${INT_NET} > instead of > ${IPCHAINS} -A forward -j MASQ -s ${INT_NET} -d ${ANYWHERE} > > Kevin From ajlill at ajlc.waterloo.on.ca Fri Sep 24 18:19:16 1999 From: ajlill at ajlc.waterloo.on.ca (ajlill at ajlc.waterloo.on.ca) Date: Fri Sep 24 18:19:16 1999 Subject: [pptp-server] Win98 problems Message-ID: <199909242319.XAA01621@matrix.ajlc.waterloo.on.ca> I've got pptp 0.9.14 working fine with most everything but a Win98 laptop. When it connects, it appears to reset the connection when it gets the first LCP packet from ppp (2.3.8 with the MPPE patches). The server is running RedHat 6.0. Any hints? TIA -- Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA President, A. J. Lill Consultants fax/data (519) 650 3571 539 Grand Valley Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 --------------- http://www.ajlc.waterloo.on.ca/ ---------------- "Welcome to All Things UNIX, where if it's not UNIX, it's CRAP!" From tmk at netmagic.net Fri Sep 24 18:27:36 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 24 18:27:36 1999 Subject: [pptp-server] Win98 problems In-Reply-To: <199909242319.XAA01621@matrix.ajlc.waterloo.on.ca> Message-ID: make sure you have the lastest DUN update installed.. i think1.3 is current Kevin On Fri, 24 Sep 1999 ajlill at ajlc.waterloo.on.ca wrote: > I've got pptp 0.9.14 working fine with most everything but a Win98 > laptop. When it connects, it appears to reset the connection when it > gets the first LCP packet from ppp (2.3.8 with the MPPE patches). The > server is running RedHat 6.0. Any hints? > > TIA > -- > Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA > President, A. J. Lill Consultants fax/data (519) 650 3571 > 539 Grand Valley Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 > --------------- http://www.ajlc.waterloo.on.ca/ ---------------- > "Welcome to All Things UNIX, where if it's not UNIX, it's CRAP!" > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From ajlill at ajlc.waterloo.on.ca Fri Sep 24 19:07:57 1999 From: ajlill at ajlc.waterloo.on.ca (ajlill at ajlc.waterloo.on.ca) Date: Fri Sep 24 19:07:57 1999 Subject: [pptp-server] Win98 problems In-Reply-To: Your message of "Fri, 24 Sep 1999 16:32:36 PDT." Message-ID: <199909250007.AAA03382@matrix.ajlc.waterloo.on.ca> >>>>> "Kevin" == tmk writes: Kevin> make sure you have the lastest DUN update installed.. i Kevin> think1.3 is current Been there, done that. Does it matter if it's first or second edition 'doz? Kevin> On Fri, 24 Sep 1999 ajlill at ajlc.waterloo.on.ca wrote: >> I've got pptp 0.9.14 working fine with most everything but a >> Win98 laptop. When it connects, it appears to reset the >> connection when it gets the first LCP packet from ppp (2.3.8 >> with the MPPE patches). The server is running RedHat 6.0. Any >> hints? >> >> TIA -- Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA President, >> A. J. Lill Consultants fax/data (519) 650 3571 539 Grand Valley >> Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 --------------- >> http://www.ajlc.waterloo.on.ca/ ---------------- "Welcome to >> All Things UNIX, where if it's not UNIX, it's CRAP!" >> >> _______________________________________________ pptp-server >> maillist - pptp-server at lists.schulte.org >> http://lists.schulte.org/mailman/listinfo/pptp-server List >> services provided by www.schulte.org! >> From tmk at netmagic.net Fri Sep 24 20:38:27 1999 From: tmk at netmagic.net (tmk) Date: Fri Sep 24 20:38:27 1999 Subject: [pptp-server] Win98 problems References: <199909250007.AAA03382@matrix.ajlc.waterloo.on.ca> Message-ID: <000f01bf06f7$2658b620$071c0fc0@lala.net> I'd need to see log dumps for both machines to do much more.. windows actually makes pretty good logs. Check the record a log file for this connection box in windows, and it will make a file called ppplog.txt in the windows dir ppp puts it in /var/log/messages or wherever your debug log is (you have to manually add one for rh6 if you want debug messages to show) Kevin ----- Original Message ----- From: To: tmk Cc: ; Sent: Friday, September 24, 1999 5:07 PM Subject: Re: [pptp-server] Win98 problems > >>>>> "Kevin" == tmk writes: > > > Kevin> make sure you have the lastest DUN update installed.. i > Kevin> think1.3 is current > > Been there, done that. Does it matter if it's first or second edition > 'doz? > > > Kevin> On Fri, 24 Sep 1999 ajlill at ajlc.waterloo.on.ca wrote: > > >> I've got pptp 0.9.14 working fine with most everything but a > >> Win98 laptop. When it connects, it appears to reset the > >> connection when it gets the first LCP packet from ppp (2.3.8 > >> with the MPPE patches). The server is running RedHat 6.0. Any > >> hints? > >> > >> TIA -- Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA President, > >> A. J. Lill Consultants fax/data (519) 650 3571 539 Grand Valley > >> Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 --------------- > >> http://www.ajlc.waterloo.on.ca/ ---------------- "Welcome to > >> All Things UNIX, where if it's not UNIX, it's CRAP!" > >> > >> _______________________________________________ pptp-server > >> maillist - pptp-server at lists.schulte.org > >> http://lists.schulte.org/mailman/listinfo/pptp-server List > >> services provided by www.schulte.org! > >> > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From jjchoi at balhae.sec.samsung.co.kr Sun Sep 26 20:31:22 1999 From: jjchoi at balhae.sec.samsung.co.kr (jjchoi at balhae.sec.samsung.co.kr) Date: Sun Sep 26 20:31:22 1999 Subject: [pptp-server] pptpd installation questions on Solaris 2.6 Message-ID: <003928C86BDDD211BC8000A0C98A61295BE8E2@SWC> Dear all, I want to install pptpd on Solaris 2.6. 1. HOWTO document includes only linux case. So I did below command with substitution svr4 for linux. [cp SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/] [cp SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/] Am I right? 2. I want to know this result is right. # patch -p0 < ppp-2.3.8-mppe-others-norc4_TH7.diff Looks like a unified context diff. File to patch: then.. what do I type here? -------------------------------------------------------- Jaejin Choi jjchoi at balhae.sec.samsung.co.kr From Scott.Burns at Netcontech.Com Sun Sep 26 22:13:04 1999 From: Scott.Burns at Netcontech.Com (Scott R. Burns) Date: Sun Sep 26 22:13:04 1999 Subject: [pptp-server] NetBSD or Linux and LAN Inet connection Message-ID: <01BF0874.CE412E70.Scott.Burns@Netcontech.Com> I am looking at setting up a PPTP server in a clients office to allow Windows workstations in remote offices to connect. The server in the head office will be connected to the internet via a ADSL line with a dedicated router at the site with a second NIC card in the PC (ie. No modems on the "pptpd" server, just a second NIC connected to the ISP supplied router. It would appear that PPTP is somehow integrated with the 'pppd' software ? Does this mean that the software will only work if the pptpd is running on a host offering it's serial ports up via pppd ? Is this true ? Can I offer up PPTP connections from the host if I am not running pppd on it ? Has anyone run on NetBSD V1.3.1 or higher on Ix86 ? Thanks Scott... From tmk at netmagic.net Mon Sep 27 04:23:40 1999 From: tmk at netmagic.net (tmk) Date: Mon Sep 27 04:23:40 1999 Subject: [pptp-server] NetBSD or Linux and LAN Inet connection References: <01BF0874.CE412E70.Scott.Burns@Netcontech.Com> Message-ID: <005401bf08ae$fcf96e00$071c0fc0@lala.net> pptpd uses pppd as a way to interface with the kernel's networking subsystem (create a network interface, etc) and only calls it when it needs it. (basically whenever a pptp "call" comes in) You dont need to share serial ports, just have the pppd binary on your system. I dont know about netBSD.. i'm a linux nut =) Kevin ----- Original Message ----- From: Scott R. Burns To: Sent: Sunday, September 26, 1999 8:13 PM Subject: [pptp-server] NetBSD or Linux and LAN Inet connection > I am looking at setting up a PPTP server in a clients office to allow > Windows workstations in remote offices to connect. The server in the head > office will be connected to the internet via a ADSL line with a dedicated > router at the site with a second NIC card in the PC (ie. No modems on the > "pptpd" server, just a second NIC connected to the ISP supplied router. > > It would appear that PPTP is somehow integrated with the 'pppd' software ? > Does this mean that the software will only work if the pptpd is running on > a host offering it's serial ports up via pppd ? > > Is this true ? > > Can I offer up PPTP connections from the host if I am not running pppd on > it ? > > Has anyone run on NetBSD V1.3.1 or higher on Ix86 ? > > Thanks > > Scott... > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From luyer at ucs.uwa.edu.au Mon Sep 27 05:11:59 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Mon Sep 27 05:11:59 1999 Subject: [pptp-server] Solaris and Poptop In-Reply-To: Your message of "Fri, 24 Sep 1999 08:09:37 +0600." <4.1.19990924080734.04394f00@192.9.200.5> Message-ID: <199909270618.OAA28552@typhaon.ucs.uwa.edu.au> > To All, > > Ok, > > I am going to put the time into this integration. My question is has anyone > 'ported' PopTop to Solaris? > > If so, can you kindly relay to me what I need to what out for? All input > will be compiled by your truely for a HowTo. I believe it works in SLIRP mode, just compile and use. It should work with the stock pppd too I expect. David. From patrickl at cst.ca Mon Sep 27 06:07:54 1999 From: patrickl at cst.ca (Patrick LIN) Date: Mon Sep 27 06:07:54 1999 Subject: [pptp-server] Unsupported protocol Message-ID: <37EF4FF9.F2CF9D8E@cst.ca> hi, my Pptpd apparently works Well i have Success with Win9x and NT but i have one problem with one Client : - NT 4 - SP5 when i connect everything is good (auth) but i can't access the internal network and from the internal network i can't access this client any help this a piece of the log concerning this connection Thanks a lot patrick -------------------------------------------------------------------------- Sep 24 15:55:46 proxy pppd[6698]: Using interface ppp0 Sep 24 15:55:46 proxy pppd[6698]: Connect: ppp0 <--> /dev/pts/2 Sep 24 15:55:46 proxy pppd[6698]: sent [LCP ConfReq id=0x1 ] Sep 24 15:55:46 proxy pppd[6698]: rcvd [LCP ConfReq id=0x0 < accomp> < 0d 03 06>] Sep 24 15:55:46 proxy pppd[6698]: sent [LCP ConfRej id=0x0 < 0d 03 06>] Sep 24 15:55:46 proxy pppd[6698]: rcvd [LCP ConfReq id=0x1 < accomp>] Sep 24 15:55:46 proxy pppd[6698]: sent [LCP ConfAck id=0x1 < accomp>] Sep 24 15:55:49 proxy pppd[6698]: sent [LCP ConfReq id=0x1 ] Sep 24 15:55:49 proxy pptpd[6697]: CTRL: Ignored a SET LINK INFO packet with real A CCMs! Sep 24 15:55:49 proxy pppd[6698]: rcvd [LCP ConfAck id=0x1 ] Sep 24 15:55:49 proxy pppd[6698]: sent [CHAP Challenge id=0x1 , name = "proxy"] Sep 24 15:55:49 proxy pppd[6698]: rcvd [LCP code=0xc id=0x2 00 00 54 27 4d 53 52 41 53 56 34 2e 30 30] Sep 24 15:55:49 proxy pppd[6698]: sent [LCP CodeRej id=0x2 0c 02 00 12 00 00 54 274d 53 52 41 53 56 34 2e 30 30] Sep 24 15:55:49 proxy pppd[6698]: rcvd [LCP code=0xc id=0x3 00 00 54 27 4d 53 52 41 53 2d 31 2d 50 43 2d 31 36 39] Sep 24 15:55:49 proxy pppd[6698]: sent [LCP CodeRej id=0x3 0c 03 00 16 00 00 54 274d 53 52 41 53 2d 31 2d 50 43 2d 31 36 39] Sep 24 15:55:49 proxy pppd[6698]: rcvd [CHAP Response id=0x1 , nam e = "test"] Sep 24 15:55:50 proxy pppd[6698]: sent [CHAP Success id=0x1 "S=BF38E7056CFA0635C885 A442EC258714FE40B102"] Sep 24 15:55:50 proxy pppd[6698]: sent [IPCP ConfReq id=0x1 ] Sep 24 15:55:50 proxy pppd[6698]: sent [CCP ConfReq id=0x1 ] Sep 24 15:55:50 proxy pppd[6698]: MSCHAP-v2 peer authentication succeeded for test Sep 24 15:55:50 proxy pppd[6698]: rcvd [CCP ConfReq id=0x4 ] Sep 24 15:55:50 proxy pppd[6698]: sent [CCP ConfNak id=0x4 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [IPCP ConfReq id=0x5 ] Sep 24 15:55:50 proxy pppd[6698]: sent [IPCP ConfNak id=0x5 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [IPCP ConfRej id=0x1 ] Sep 24 15:55:50 proxy pppd[6698]: sent [IPCP ConfReq id=0x2 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [CCP ConfRej id=0x1 ] Sep 24 15:55:50 proxy pppd[6698]: sent [CCP ConfReq id=0x2 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [CCP ConfReq id=0x6 ] Sep 24 15:55:50 proxy pppd[6698]: sent [CCP ConfAck id=0x6 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [IPCP ConfReq id=0x7 ] Sep 24 15:55:50 proxy pppd[6698]: sent [IPCP ConfAck id=0x7 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [IPCP ConfAck id=0x2 ] Sep 24 15:55:50 proxy pppd[6698]: Cannot determine ethernet address for proxy ARP Sep 24 15:55:50 proxy pppd[6698]: local IP address 192.168.6.62 Sep 24 15:55:50 proxy pppd[6698]: remote IP address 192.168.6.2 Sep 24 15:55:50 proxy pppd[6698]: Script /etc/ppp/ip-up started (pid 6699) Sep 24 15:55:50 proxy pppd[6698]: rcvd [CCP ConfNak id=0x2 ] Sep 24 15:55:50 proxy pppd[6698]: sent [CCP ConfReq id=0x3 ] Sep 24 15:55:50 proxy pppd[6698]: rcvd [CCP ConfAck id=0x3 ] Sep 24 15:55:50 proxy pppd[6698]: MPPE 128 bit, non-stateless compression enabled Sep 24 15:55:50 proxy pppd[6698]: Script /etc/ppp/ip-up finished (pid 6699), status = 0x0 Sep 24 15:55:50 proxy pppd[6698]: rcvd [proto=0x3c85] 0c 41 01 b7 97 b0 38 b4 3a 74 27 45 ea 6a ff 32 dc 08 ab 92 10 6d 5a bd 82 f8 cc 29 bd 7e 2a 15 ... Sep 24 15:55:50 proxy pppd[6698]: Unsupported protocol (0x3c85) received Sep 24 15:55:50 proxy pppd[6698]: sent [LCP ProtRej id=0x4 3c 85 0c 41 01 b7 97 b038 b4 3a 74 27 45 ea 6a ff 32 dc 08 ab 92 10 6d 5a bd 82 f8 cc 29 bd 7e 2a 15 0c 6c 71 62 7c d0 44 cd 88 cc 20 2e 23 f8 d2 14 14 ed d6 81 c1 21 92 18 e6 b3 f1 b7] Sep 24 15:55:50 proxy pppd[6698]: rcvd [proto=0x1990] d9 9e 55 f9 ec 73 b4 db ad d9 32 f9 23 c9 8e de 9d 56 4a e4 cb 3f e9 08 a9 9a 0f d3 87 d2 f7 51 ... Sep 24 15:55:50 proxy pppd[6698]: Unsupported protocol (0x1990) received Sep 24 15:55:50 proxy pppd[6698]: sent [LCP ProtRej id=0x5 19 90 d9 9e 55 f9 ec 73b4 db ad d9 32 f9 23 c9 8e de 9d 56 4a e4 cb 3f e9 08 a9 9a 0f d3 87 d2 f7 51 9b dd f7 be 44 13 54 2b 0d d9 af 69 a7 1b 51 ca 1b 96 8e 80 d8 ac 07 88 02 5e 01 b6 ac 51 89 a8 e3 a3 f2 c2 1f 55 d1 18 df 3d b3 Sep 24 15:55:51 proxy pppd[6698]: rcvd [proto=0x20f] ba 80 8f 8e d2 4f 36 a8 f8 90d8 17 3e 63 1b 96 97 cb 10 52 ee 74 20 ac 59 d8 1e 76 b8 5a 86 27 ... Sep 24 15:55:51 proxy pppd[6698]: Unsupported protocol (0x20f) received Sep 24 15:55:51 proxy pppd[6698]: sent [LCP ProtRej id=0x6 02 0f ba 80 8f 8e d2 4f36 a8 f8 90 d8 17 3e 63 1b 96 97 cb 10 52 ee 74 20 ac 59 d8 1e 76 b8 5a 86 27 99 f5 d5 22 03 2f 71 9a d9 7e 69 85 dc fd 99 87 c8 3e aa 4f 28 c1 5e 88 a7 8c bd c7] Sep 24 15:55:52 proxy pppd[6698]: rcvd [proto=0x872c] e8 fb 73 5d 22 4c 70 d3 ae 63 73 9a 3d 5f 55 93 03 67 f3 6f 88 49 fa 3c 76 4e 7d bf 65 b0 8b d5 ... Sep 24 15:55:52 proxy pppd[6698]: Unsupported protocol (0x872c) received Sep 24 15:55:52 proxy pppd[6698]: sent [LCP ProtRej id=0x7 87 2c e8 fb 73 5d 22 4c70 d3 ae 63 73 9a 3d 5f 55 93 03 67 f3 6f 88 49 fa 3c 76 4e 7d bf 65 b0 8b d5 93 6a 23 09 49 ae 12 5c 91 db ee b5 2f a1 5e fe 8b 24 81 ac 9b 2c 9b 5f c9 b6 28 03] Sep 24 15:55:52 proxy pppd[6698]: rcvd [proto=0xb16b] 71 d9 29 2e e6 78 bf 5f e4 30 21 92 41 47 fe f6 d8 b8 5a 33 06 61 a1 cc ed 5c e1 b4 81 f6 cf 60 ... From missions at ocic.org Mon Sep 27 06:11:25 1999 From: missions at ocic.org (Nhan NGO DINH (OCIC Missionary Service)) Date: Mon Sep 27 06:11:25 1999 Subject: [pptp-server] ChapMS / ChapMS-v2 Message-ID: <4.1.19990927130120.00a72870@mail.rome.ocicnet.net> Hi, I was trying to do an PPTP connection between the PoPToP server (1.0.0) and the PPTP-Linux client (1.0.2) using on both sides the pppd 2.3.8 package with the required patch. The fact is that with the "simple" Chap handshaking it works well, but with ChapMS and/or ChapMS-v2 it doesn't work: no PPP device are installed, but PoPToP log says that's all ok. May be I'm wrong with chap-secrets file... But I don't know why. There is something I need to know to setup a PPTP connection using ChapMS/ChapMS-v2 authentication? Is ChapMS/ChapMS-v2 required to set up a PPTP connection with MPPE encryption? Another question: I'm about to set up a VPN that has a server permanently connected to the internet with a fixed IP address; however the clients establish the connection with a dynamic IP. In order to refresh the routing table properly I need to put something in the ip-up script, that is lanched after the connection is established. On the client side, the task is simple: just add a routing entry that make packets - which destination is the server - be routed through the remote interface established by PPTP connection. On the server side instead, I need to know who is the client that is connected via the PPTP interface to add routing rules. How can I do? Thanks. --- Nhan NGO DINH (OCIC Missionary Service Technical Support) e-mail: missions at ocic.org web site: http://www.ocic.org/missions/index1.html From rlankshear at comset.co.uk Mon Sep 27 06:28:36 1999 From: rlankshear at comset.co.uk (Robert Lankshear) Date: Mon Sep 27 06:28:36 1999 Subject: [pptp-server] Still unable to get pptp to work Message-ID: <002567F9.00437DD6.00@StClare1.comset.co.uk> Greetings.. I think you may have encountered the same problem as I had. Everything looks right but things never work. The key is in your forward rules which is set to DENY. # Activate Masquerading ${NET}/ipchains -A forward -i ${EXTIF} -s ${LOCALNET} -j MASQ ${NET}/ipchains -A forward -i ! ${EXTIF} -s ${LOCALNET} -j ACCEPT This is probably a bit wide open BUT only for the internal interfaces - which are the ones on our networks :) The problem is that the packets have to travel across the FORWARD part of ipchains, which we only accept from the external interface otherwise we deny them. So what this extra line does is say that For ALL non-external interfaces Accept and Forward. Hope this helps. TTFN Robert. From luyer at ucs.uwa.edu.au Mon Sep 27 06:52:58 1999 From: luyer at ucs.uwa.edu.au (David Luyer) Date: Mon Sep 27 06:52:58 1999 Subject: [pptp-server] pptpd installation questions on Solaris 2.6 In-Reply-To: Your message of "Mon, 27 Sep 1999 10:19:17 +0900." <003928C86BDDD211BC8000A0C98A61295BE8E2@SWC> Message-ID: <199909270617.OAA28535@typhaon.ucs.uwa.edu.au> > Dear all, > > I want to install pptpd on Solaris 2.6. pptpd should work fine on Solaris, but not the kernel changes for MPPE and similar since Solaris is a closed source system which means you can't write kernel source patches for it. Unless you have the Solaris kernel source that is. I don't actually use Solaris except where required for old applications which don't support more modern Unix systems so I can't give you details. David. From jasonf at Baldwingroup.COM Mon Sep 27 07:55:59 1999 From: jasonf at Baldwingroup.COM (Jason M. Felice) Date: Mon Sep 27 07:55:59 1999 Subject: [pptp-server] Unsupported protocol In-Reply-To: <37EF4FF9.F2CF9D8E@cst.ca>; from Patrick LIN on Mon, Sep 27, 1999 at 11:07:37AM +0000 References: <37EF4FF9.F2CF9D8E@cst.ca> Message-ID: <19990927085551.T26699@waco.baldwingroup.com> I'm getting this same problem with a client of ours... A million 'unsupported protocol' messages with different protocol numbers from a Win98 box. The owner of the Win98 box is a stickler for applying Windoze updates, so the box is probably one of the most up-to-date you will find -- I suspect M$ changed something ;) I'm willing to spend time on this, even researching and/or verifying and/or fixing what might be wrong, if someone could give me a hint. Note that IP header compression is turned off (without tracing the sources, this is the only thing that I could think of which might be wrong). -Jay 'Eraserhead' Felice On Mon, Sep 27, 1999 at 11:07:37AM +0000, Patrick LIN wrote: > hi, > > my Pptpd apparently works Well > i have Success with Win9x and NT > but i have one problem with one Client : > - NT 4 > - SP5 > > when i connect everything is good (auth) > but i can't access the internal network and from the internal network i > can't access this client > any help > this a piece of the log concerning this connection > > Thanks a lot > > patrick > -------------------------------------------------------------------------- > > [logs snipped] From jasonf at Baldwingroup.COM Mon Sep 27 08:18:02 1999 From: jasonf at Baldwingroup.COM (Jason M. Felice) Date: Mon Sep 27 08:18:02 1999 Subject: [pptp-server] Unsupported protocol In-Reply-To: <199909271305.VAA02118@typhaon.ucs.uwa.edu.au>; from David Luyer on Mon, Sep 27, 1999 at 09:05:21PM +0800 References: <19990927085551.T26699@waco.baldwingroup.com> <199909271305.VAA02118@typhaon.ucs.uwa.edu.au> Message-ID: <19990927091750.U26699@waco.baldwingroup.com> On Mon, Sep 27, 1999 at 09:05:21PM +0800, David Luyer wrote: > Are you getting the 'ignored set link info with real ACCMs' error? Nope. 'grep gnored' turns up nothing. -Jay 'Eraserhead' Felice (NOTE: Some of the following logs have been snipped, nothing pertaining to these two ppp sessions, tho -- I just don't want to spam the list.) [root at hg-cle-c log]# egrep "(ppp|pptp)" messages* messages.2:Sep 17 11:02:16 hg-cle-c pptpd[745]: CTRL: Client 192.168.1.22 control connection started messages.2:Sep 17 11:02:16 hg-cle-c pptpd[745]: CTRL: Starting call (launching pppd, opening GRE) messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: pppd 2.3.8 started by root, uid 0 messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: Using interface ppp0 messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: Connect: ppp0 <--> /dev/ttyp1 messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: MSCHAP peer authentication succeeded for testuser messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: local IP address 192.168.1.240 messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: remote IP address 192.168.1.230 messages.2:Sep 17 11:02:16 hg-cle-c pppd[746]: MPPE 40 bit, stateless compression enabled messages.2:Sep 17 11:02:17 hg-cle-c pppd[746]: Unsupported protocol (0x4eb3) received messages.2:Sep 17 11:02:17 hg-cle-c pppd[746]: Unsupported protocol (0x9af6) received messages.2:Sep 17 11:02:20 hg-cle-c pppd[746]: Unsupported protocol (0x6e6a) received messages.2:Sep 17 11:02:20 hg-cle-c pppd[746]: Unsupported protocol (0xc27a) received messages.2:Sep 17 11:02:23 hg-cle-c pppd[746]: Unsupported protocol (0x8ba3) received messages.2:Sep 17 11:02:26 hg-cle-c pppd[746]: Unsupported protocol (0x1d5a) received messages.2:Sep 17 11:02:38 hg-cle-c pppd[746]: Unsupported protocol (0x459e) received messages.2:Sep 17 11:03:02 hg-cle-c pppd[746]: Unsupported protocol (0xd43b) received messages.2:Sep 17 11:03:05 hg-cle-c pppd[746]: Unsupported protocol (0xda7f) received messages.2:Sep 17 11:03:11 hg-cle-c pppd[746]: Unsupported protocol (0xb148) received messages.2:Sep 17 11:03:23 hg-cle-c pppd[746]: Unsupported protocol (0xd55f) received messages.2:Sep 17 11:03:57 hg-cle-c pppd[746]: Unsupported protocol (0xa7d4) received messages.2:Sep 17 11:03:58 hg-cle-c pppd[746]: Unsupported protocol (0x96bb) received messages.2:Sep 17 11:04:00 hg-cle-c pppd[746]: Unsupported protocol (0x3b17) received messages.2:Sep 17 11:04:01 hg-cle-c pppd[746]: Unsupported protocol (0x5dc) received messages.2:Sep 17 11:04:06 hg-cle-c pppd[746]: Unsupported protocol (0x2977) received messages.2:Sep 17 11:04:07 hg-cle-c pppd[746]: Unsupported protocol (0x4783) received messages.2:Sep 17 11:04:18 hg-cle-c pppd[746]: Unsupported protocol (0x5e89) received messages.2:Sep 17 11:04:19 hg-cle-c pppd[746]: Unsupported protocol (0xd7fb) received messages.2:Sep 17 11:04:45 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x4eb3 messages.2:Sep 17 11:04:47 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x9af6 messages.2:Sep 17 11:04:48 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x6e6a messages.2:Sep 17 11:04:50 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xc27a messages.2:Sep 17 11:04:51 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x8b messages.2:Sep 17 11:04:53 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x1d messages.2:Sep 17 11:05:24 hg-cle-c pppd[746]: Unsupported protocol (0xba1f) received messages.2:Sep 17 11:05:24 hg-cle-c pppd[746]: Unsupported protocol (0x57aa) received messages.2:Sep 17 11:05:25 hg-cle-c pppd[746]: Unsupported protocol (0x4391) received messages.2:Sep 17 11:05:25 hg-cle-c pppd[746]: Unsupported protocol (0x6ec2) received messages.2:Sep 17 11:05:26 hg-cle-c pppd[746]: Unsupported protocol (0x4e6a) received messages.2:Sep 17 11:05:26 hg-cle-c pppd[746]: Unsupported protocol (0xeb7a) received messages.2:Sep 17 11:05:26 hg-cle-c pppd[746]: Unsupported protocol (0x8754) received messages.2:Sep 17 11:05:29 hg-cle-c pppd[746]: Unsupported protocol (0x41b2) received messages.2:Sep 17 11:05:29 hg-cle-c pppd[746]: Unsupported protocol (0x2942) received messages.2:Sep 17 11:05:32 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x45 messages.2:Sep 17 11:05:34 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xd43b messages.2:Sep 17 11:05:35 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xda7f messages.2:Sep 17 11:05:35 hg-cle-c pppd[746]: Unsupported protocol (0xdd7e) received messages.2:Sep 17 11:05:35 hg-cle-c pppd[746]: Unsupported protocol (0xf7e6) received messages.2:Sep 17 11:05:37 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xb1 messages.2:Sep 17 11:05:38 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xd5 messages.2:Sep 17 11:05:40 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xa7 messages.2:Sep 17 11:05:45 hg-cle-c pppd[746]: Unsupported protocol (0x470) received messages.2:Sep 17 11:05:45 hg-cle-c pppd[746]: Unsupported protocol (0x6e40) received messages.2:Sep 17 11:05:46 hg-cle-c pppd[746]: Unsupported protocol (0x7489) received messages.2:Sep 17 11:05:47 hg-cle-c pppd[746]: Unsupported protocol (0xdfdd) received messages.2:Sep 17 11:05:47 hg-cle-c pppd[746]: Unsupported protocol (0xf5cc) received messages.2:Sep 17 11:05:47 hg-cle-c pppd[746]: Unsupported protocol (0x32cd) received messages.2:Sep 17 11:05:51 hg-cle-c pppd[746]: Unsupported protocol (0xa234) received messages.2:Sep 17 11:05:57 hg-cle-c pppd[746]: Unsupported protocol (0xe6ff) received messages.2:Sep 17 11:06:18 hg-cle-c pppd[746]: Unsupported protocol (0x4b0) received messages.2:Sep 17 11:06:21 hg-cle-c pppd[746]: Unsupported protocol (0xd3db) received messages.2:Sep 17 11:06:27 hg-cle-c pppd[746]: Unsupported protocol (0x4f89) received messages.2:Sep 17 11:06:32 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x96bb messages.2:Sep 17 11:06:34 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x3b messages.2:Sep 17 11:06:35 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x5 messages.2:Sep 17 11:06:37 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x29 messages.2:Sep 17 11:06:38 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x47 messages.2:Sep 17 11:06:39 hg-cle-c pppd[746]: Unsupported protocol (0x124c) received messages.2:Sep 17 11:06:40 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x5e89 messages.2:Sep 17 11:07:32 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xd7 messages.2:Sep 17 11:07:34 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xba1f messages.2:Sep 17 11:07:35 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x57 messages.2:Sep 17 11:07:37 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x43 messages.2:Sep 17 11:07:38 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x6ec2 messages.2:Sep 17 11:07:40 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x4e6a messages.2:Sep 17 11:08:06 hg-cle-c pppd[746]: Unsupported protocol (0x7520) received messages.2:Sep 17 11:08:06 hg-cle-c pppd[746]: Unsupported protocol (0x49bd) received messages.2:Sep 17 11:08:07 hg-cle-c pppd[746]: Unsupported protocol (0x5aa) received messages.2:Sep 17 11:08:08 hg-cle-c pppd[746]: Unsupported protocol (0x1bc4) received messages.2:Sep 17 11:08:11 hg-cle-c pppd[746]: Unsupported protocol (0x38c4) received messages.2:Sep 17 11:08:11 hg-cle-c pppd[746]: Unsupported protocol (0x1ee8) received messages.2:Sep 17 11:08:17 hg-cle-c pppd[746]: Unsupported protocol (0x94c2) received messages.2:Sep 17 11:08:17 hg-cle-c pppd[746]: Unsupported protocol (0x7d58) received messages.2:Sep 17 11:08:29 hg-cle-c pppd[746]: Unsupported protocol (0xca31) received messages.2:Sep 17 11:08:29 hg-cle-c pppd[746]: Unsupported protocol (0x48ef) received messages.2:Sep 17 11:08:56 hg-cle-c pppd[746]: Unsupported protocol (0xdc42) received messages.2:Sep 17 11:08:59 hg-cle-c pppd[746]: Unsupported protocol (0x132b) received messages.2:Sep 17 11:08:59 hg-cle-c pppd[746]: Unsupported protocol (0xdeb4) received messages.2:Sep 17 11:09:00 hg-cle-c pppd[746]: Unsupported protocol (0x3313) received messages.2:Sep 17 11:09:01 hg-cle-c pppd[746]: Unsupported protocol (0x8229) received messages.2:Sep 17 11:09:05 hg-cle-c pppd[746]: Unsupported protocol (0x7e33) received messages.2:Sep 17 11:09:17 hg-cle-c pppd[746]: Unsupported protocol (0xb0e8) received messages.2:Sep 17 11:10:15 hg-cle-c pppd[746]: Unsupported protocol (0x296b) received messages.2:Sep 17 11:10:17 hg-cle-c pppd[746]: Unsupported protocol (0xc9ec) received messages.2:Sep 17 11:10:18 hg-cle-c pppd[746]: Unsupported protocol (0x99b0) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0xc617) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0x2647) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0xcdff) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0x550e) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0xba5b) received messages.2:Sep 17 11:10:19 hg-cle-c pppd[746]: Unsupported protocol (0x7e04) received messages.2:Sep 17 11:10:20 hg-cle-c pppd[746]: Unsupported protocol (0xfa4c) received messages.2:Sep 17 11:10:20 hg-cle-c pppd[746]: Unsupported protocol (0x7de0) received messages.2:Sep 17 11:10:20 hg-cle-c pppd[746]: Unsupported protocol (0x3b31) received messages.2:Sep 17 11:10:20 hg-cle-c pppd[746]: Unsupported protocol (0xbe53) received messages.2:Sep 17 11:10:20 hg-cle-c pppd[746]: Unsupported protocol (0x5a55) received messages.2:Sep 17 11:10:22 hg-cle-c pppd[746]: Unsupported protocol (0x5d1f) received messages.2:Sep 17 11:10:22 hg-cle-c pppd[746]: Unsupported protocol (0x8299) received messages.2:Sep 17 11:10:23 hg-cle-c pppd[746]: Unsupported protocol (0x969) received messages.2:Sep 17 11:10:23 hg-cle-c pppd[746]: Unsupported protocol (0x1662) received messages.2:Sep 17 11:10:25 hg-cle-c pppd[746]: Unsupported protocol (0x90fe) received messages.2:Sep 17 11:10:25 hg-cle-c pppd[746]: Unsupported protocol (0xc8b9) received messages.2:Sep 17 11:10:27 hg-cle-c pppd[746]: Unsupported protocol (0xf808) received messages.2:Sep 17 11:10:27 hg-cle-c pppd[746]: Unsupported protocol (0x6b01) received messages.2:Sep 17 11:10:28 hg-cle-c pppd[746]: Unsupported protocol (0x4819) received messages.2:Sep 17 11:10:31 hg-cle-c pppd[746]: Unsupported protocol (0xa955) received messages.2:Sep 17 11:10:31 hg-cle-c pppd[746]: Unsupported protocol (0x5c06) received messages.2:Sep 17 11:10:31 hg-cle-c pppd[746]: Unsupported protocol (0xdd29) received messages.2:Sep 17 11:10:32 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xeb messages.2:Sep 17 11:10:34 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x87 messages.2:Sep 17 11:10:35 hg-cle-c pppd[746]: Unsupported protocol (0xf823) received messages.2:Sep 17 11:10:35 hg-cle-c pppd[746]: Unsupported protocol (0x69af) received messages.2:Sep 17 11:10:35 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x41 messages.2:Sep 17 11:10:37 hg-cle-c pppd[746]: Unsupported protocol (0xf1b5) received messages.2:Sep 17 11:10:37 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0x29 messages.2:Sep 17 11:10:38 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xdd messages.2:Sep 17 11:10:39 hg-cle-c pppd[746]: Protocol-Reject for unsupported protocol 0xf7 messages.2:Sep 17 11:10:45 hg-cle-c pppd[746]: Unsupported protocol (0xdfc) received messages.2:Sep 17 11:10:46 hg-cle-c pppd[746]: Unsupported protocol (0x4b46) received messages.2:Sep 17 11:10:48 hg-cle-c pppd[746]: Unsupported protocol (0xf945) received messages.2:Sep 17 11:10:48 hg-cle-c pppd[746]: Unsupported protocol (0xa7b) received messages.2:Sep 17 11:10:48 hg-cle-c pppd[746]: Unsupported protocol (0xa033) received messages.2:Sep 17 11:10:49 hg-cle-c pppd[746]: Unsupported protocol (0xa6c2) received messages.2:Sep 17 11:10:49 hg-cle-c pppd[746]: Unsupported protocol (0x5803) received messages.2:Sep 17 11:10:51 hg-cle-c pppd[746]: Unsupported protocol (0x936d) received messages.2:Sep 17 11:10:51 hg-cle-c pppd[746]: Unsupported protocol (0x47ac) received messages.2:Sep 17 11:10:52 hg-cle-c pppd[746]: Unsupported protocol (0x1895) received messages.2:Sep 17 11:10:52 hg-cle-c pppd[746]: Unsupported protocol (0xb800) received messages.2:Sep 17 11:10:54 hg-cle-c pppd[746]: Unsupported protocol (0xed8f) received messages.2:Sep 17 11:10:54 hg-cle-c pppd[746]: Unsupported protocol (0x2a7c) received messages.2:Sep 17 11:10:54 hg-cle-c pppd[746]: Unsupported protocol (0x6ec8) received messages.2:Sep 17 11:10:54 hg-cle-c pppd[746]: Unsupported protocol (0xb61) received messages.2:Sep 17 11:10:57 hg-cle-c pppd[746]: Unsupported protocol (0x9074) received messages.2:Sep 17 11:10:57 hg-cle-c pppd[746]: Unsupported protocol (0x4d3f) received messages.2:Sep 17 11:10:58 hg-cle-c pppd[746]: Unsupported protocol (0x8302) received messages.2:Sep 17 11:10:58 hg-cle-c pppd[746]: Unsupported protocol (0x9f7d) received messages.2:Sep 17 11:10:58 hg-cle-c pppd[746]: Unsupported protocol (0x5d5e) received messages.2:Sep 17 11:10:58 hg-cle-c pppd[746]: Unsupported protocol (0xca23) received messages.2:Sep 17 11:11:01 hg-cle-c pppd[746]: Unsupported protocol (0x21fa) received messages.2:Sep 17 11:11:01 hg-cle-c pppd[746]: Unsupported protocol (0x2c2) received messages.2:Sep 17 11:11:03 hg-cle-c pppd[746]: Unsupported protocol (0x5b04) received messages.2:Sep 17 11:11:03 hg-cle-c pppd[746]: Unsupported protocol (0xf29d) received messages.2:Sep 17 11:11:03 hg-cle-c pppd[746]: Unsupported protocol (0x943a) received messages.2:Sep 17 11:11:03 hg-cle-c pppd[746]: Unsupported protocol (0x3f49) received messages.2:Sep 17 11:11:06 hg-cle-c pppd[746]: Unsupported protocol (0x6c43) received messages.2:Sep 17 11:11:06 hg-cle-c pppd[746]: Unsupported protocol (0xc473) received messages.2:Sep 17 11:11:06 hg-cle-c pppd[746]: Unsupported protocol (0xf7a4) received messages.2:Sep 17 11:11:06 hg-cle-c pppd[746]: Unsupported protocol (0x889a) received messages.2:Sep 17 11:11:07 hg-cle-c pppd[746]: Unsupported protocol (0xcef0) received messages.2:Sep 17 11:11:07 hg-cle-c pppd[746]: Unsupported protocol (0x6b3f) received messages.2:Sep 17 11:11:07 hg-cle-c pppd[746]: Unsupported protocol (0x815d) received messages.2:Sep 17 11:11:07 hg-cle-c pppd[746]: Unsupported protocol (0x1e9a) received messages.2:Sep 17 11:11:09 hg-cle-c pppd[746]: Unsupported protocol (0x4414) received messages.2:Sep 17 11:11:09 hg-cle-c pppd[746]: Unsupported protocol (0x9304) received messages.2:Sep 17 11:11:10 hg-cle-c pppd[746]: Unsupported protocol (0x68c4) received messages.2:Sep 17 11:11:10 hg-cle-c pppd[746]: Unsupported protocol (0x3597) received messages.2:Sep 17 11:11:11 hg-cle-c pppd[746]: Unsupported protocol (0x4e20) received messages.2:Sep 17 11:11:11 hg-cle-c pppd[746]: Unsupported protocol (0xd905) received messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Unsupported protocol (0x5d90) received messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Unsupported protocol (0x7e60) received messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: LCP terminated by peer messages.2:Sep 17 11:11:12 hg-cle-c pptpd[745]: CTRL: Error with select(), quitting messages.2:Sep 17 11:11:12 hg-cle-c pptpd[745]: CTRL: Client 192.168.1.22 control connection finished messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Modem hangup messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Connection terminated. messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Connect time 9.0 minutes. messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Sent 13395 bytes, received 14862 bytes. messages.2:Sep 17 11:11:12 hg-cle-c pppd[746]: Exit. messages.2:Sep 17 11:11:33 hg-cle-c pptpd[877]: CTRL: Client 192.168.1.22 control connection started messages.2:Sep 17 11:11:33 hg-cle-c pptpd[877]: CTRL: Starting call (launching pppd, opening GRE) messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: pppd 2.3.8 started by root, uid 0 messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: Using interface ppp0 messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: Connect: ppp0 <--> /dev/ttyp1 messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: MSCHAP peer authentication succeeded for testuser messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: local IP address 192.168.1.241 messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: remote IP address 192.168.1.231 messages.2:Sep 17 11:11:33 hg-cle-c pppd[878]: MPPE 40 bit, stateless compression enabled messages.2:Sep 17 11:11:34 hg-cle-c pppd[878]: Unsupported protocol (0x4eb3) received messages.2:Sep 17 11:11:37 hg-cle-c pppd[878]: Unsupported protocol (0x9af6) received messages.2:Sep 17 11:11:38 hg-cle-c pppd[878]: Unsupported protocol (0x6e6a) received messages.2:Sep 17 11:11:40 hg-cle-c pppd[878]: Unsupported protocol (0xc27a) received messages.2:Sep 17 11:11:41 hg-cle-c pppd[878]: Unsupported protocol (0x8ba3) received messages.2:Sep 17 11:11:47 hg-cle-c pppd[878]: Unsupported protocol (0x1d5a) received messages.2:Sep 17 11:11:59 hg-cle-c pppd[878]: Unsupported protocol (0x459e) received messages.2:Sep 17 11:12:08 hg-cle-c pppd[878]: Unsupported protocol (0xd43b) received messages.2:Sep 17 11:12:09 hg-cle-c pppd[878]: Unsupported protocol (0xda7f) received messages.2:Sep 17 11:12:11 hg-cle-c pppd[878]: Unsupported protocol (0xb148) received messages.2:Sep 17 11:12:12 hg-cle-c pppd[878]: Unsupported protocol (0xd55f) received messages.2:Sep 17 11:12:23 hg-cle-c pppd[878]: Unsupported protocol (0xa7d4) received messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: LCP terminated by peer messages.2:Sep 17 11:12:24 hg-cle-c pptpd[877]: CTRL: Error with select(), quitting messages.2:Sep 17 11:12:24 hg-cle-c pptpd[877]: CTRL: Client 192.168.1.22 control connection finished messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: Modem hangup messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: Connection terminated. messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: Connect time 0.9 minutes. messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: Sent 1189 bytes, received 1408 bytes. messages.2:Sep 17 11:12:24 hg-cle-c pppd[878]: Exit. > > David. From AndrewF at artisansw.com Mon Sep 27 10:15:34 1999 From: AndrewF at artisansw.com (Andy Frost) Date: Mon Sep 27 10:15:34 1999 Subject: [pptp-server] ppp_mppe.o Message-ID: > If have followed the HOW/TO to the letterand read lots of relevant > messages from this board but I do not get a ppp_mppe.o module. I've > got slhc,bsd_comp & ppp_deflate modules but not the m$ encryption one. > > Ive patched pppd and configure... kinstall which at the end says " > adding mppe to make file " made all the modules etc but still no luck. > > Please help.... > From walterm at Gliatech.com Mon Sep 27 10:40:35 1999 From: walterm at Gliatech.com (Michael Walter) Date: Mon Sep 27 10:40:35 1999 Subject: [pptp-server] ppp_mppe.o Message-ID: 1) Before issuing the make modules SUBDIRS=drivers/net command did you manually copy the contents of /usr/src/linux/ppp-2.3.8/linux to /usr/src/linux/drivers/net and overwrite all files? 2) Did you copy rc4.h and rc4_enc.c from the SSLeay-0.6.6b source to the /usr/src/linux/ppp-2.3.8/linux and /usr/src/linux/drivers/net directories? 3) Have you tried insmod ppp_mppe from the /usr/src/linux/drivers/net directory? Michael J. Walter mcse Gliatech, Inc. walterm at gliatech.com mwalter at drwalter.com On Monday, September 27, 1999 11:17 PM, Andy Frost [SMTP:AndrewF at artisansw.com] wrote: > > > > If have followed the HOW/TO to the letterand read lots of relevant > > messages from this board but I do not get a ppp_mppe.o module. I've > > got slhc,bsd_comp & ppp_deflate modules but not the m$ encryption one. > > > > Ive patched pppd and configure... kinstall which at the end says " > > adding mppe to make file " made all the modules etc but still no luck. > > > > Please help.... > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From jcaspen at ittc.ukans.edu Mon Sep 27 13:19:09 1999 From: jcaspen at ittc.ukans.edu (Carlos Javier Castro Pena) Date: Mon Sep 27 13:19:09 1999 Subject: [pptp-server] ChapMS / ChapMS-v2 References: <4.1.19990927130120.00a72870@mail.rome.ocicnet.net> Message-ID: <37EFB510.CB1B6640@ittc.ukans.edu> > Is ChapMS/ChapMS-v2 required to set up a PPTP connection with MPPE encryption? MSCHAP should be required for MPPE encryption. (protocol specs) > Another question: I'm about to set up a VPN that has a server permanently > connected to the internet with a fixed IP address; however the clients > establish the connection with a dynamic IP. In order to refresh the routing > table properly I need to put something in the ip-up script, that is lanched > after the connection is established. On the client side, the task is > simple: just add a routing entry that make packets - which destination is > the server - be routed through the remote interface established by PPTP > connection. On the server side instead, I need to know who is the client > that is connected via the PPTP interface to add routing rules. How can I do? The server creates the routes automatically. From vio at ving.org Tue Sep 28 03:06:18 1999 From: vio at ving.org (vio at ving.org) Date: Tue Sep 28 03:06:18 1999 Subject: [pptp-server] Suomalainen E-postirekisteri Message-ID: <239.706706.737265@server02> Tietokeskuksestamme voit nyt ostaa E-postiluettelon, joka sis?lt?? 50.000 sek? yksityishenkil?iden ett? yritysten osoitetta Suomessa. Osoiteitta voit vapaasti k?ytt?? mainostaessasi tuotteitasi tai palveluitasi. L?het? E-posti ja anna tuleville asiakkaillesi tietoa kotisivustasi ja toiminnastasi. E-postista on tullut menestyksellisin, halvin ja voimaper?isin markkinointitapa. Halutessasi tilata luettelon katso Internetist?: http://home.swipnet.se/tolea/finn From jpc at geosys.fr Tue Sep 28 04:00:53 1999 From: jpc at geosys.fr (Jean-Paul CHAVANT) Date: Tue Sep 28 04:00:53 1999 Subject: [pptp-server] DialUP Networking 1.3 Message-ID: <003801bf098f$6a8d9460$7d03a8c0@pcjpc> hello, i am looking for DUN 1.3 for WIN95 can uses PPTP (VPN). I couldn't find the free patch on microsoft web site ... (#fucking# web site) ... sorry ! Someone can send me the patch or tell me where i can find it without problems ... ? Thanks Jean-Paul CHAVANT === GEOSYS SA Service Informatique http://www.geosys.fr From christopher at schulte.org Tue Sep 28 04:41:02 1999 From: christopher at schulte.org (Christopher Schulte) Date: Tue Sep 28 04:41:02 1999 Subject: [pptp-server] DialUP Networking 1.3 In-Reply-To: <003801bf098f$6a8d9460$7d03a8c0@pcjpc> Message-ID: <4.2.0.58.19990928043656.00c15220@pop.schulte.org> At 10:56 AM 9/28/99 +0200, you wrote: >hello, Hi There. >i am looking for DUN 1.3 for WIN95 can uses PPTP (VPN). I couldn't find the >free patch on microsoft web site ... (#fucking# web site) ... sorry ! >Someone can send me the patch or tell me where i can find it without >problems ... ? I agree. The MS site has always been a bit cumbersome to navigate, but this was not *too* hard to find. :) http://www.microsoft.com/windows95/downloads/ On that page is listed the DUN 1.3 upgrade, as well as a VPN update. Look under "NETWORKING" and you should see it. Regards, schulte.org admin >Thanks >Jean-Paul CHAVANT -- NAME: Christopher Schulte MAIL: christopher at schulte.org SITE: http://www.schulte.org/ FINGER(PGP): christopher at shell.schulte.org "she shines in a world full of ugliness" --Trent Reznor, Nine Inch Nails Halo 14 From AndrewF at artisansw.com Tue Sep 28 08:52:23 1999 From: AndrewF at artisansw.com (Andy Frost) Date: Tue Sep 28 08:52:23 1999 Subject: [pptp-server] ppp_mppe.o Message-ID: Thanks for your reply Michael. I'm sure I've tried all of these things... I've checked my make menuconfig,got rc4_skey.c & rc4_locl.h from open ssl and included them in ppp_mppe.c also. This is my current script I'm trying to work from.. Please note that my shortened file names are intermediately copied for fat based floppy. #!/bin/sh #ifconfig eth0 192.168.90.5 up #ifconfig eth1 10.10.10.5 up rm /usr/src/linux/drivers/net/ppp_mppe.c cd /usr/local/src/ tar zxvf ppp-23~1.gz tar zxvf ssleay~1.gz cp --force SSLeay-0.6.6b/crypto/rc4/rc4.h ppp-2.3.8/linux/ cp --force SSLeay-0.6.6b/crypto/rc4/rc4_enc.c ppp-2.3.8/linux/ cp --force SSLeay-0.6.6b/crypto/rc4/rc4_skey.c ppp-2.3.8/linux/ cp --force SSLeay-0.6.6b/crypto/rc4/rc4_locl.h ppp-2.3.8/linux/ cp --force ppp-2.3.8/linux/* /usr/src/linux/drivers/net patch -p0 < ppp-23~1.dif #check #include statments in pp_mppe.c #pico /usr/src/linux/drivers/net/ppp_mppe.c cd ppp-2.3.8 ./configure cd linux ./kinstall.sh cp --force * /usr/src/linux/drivers/net/ cd .. make cp --force pppd/pppd /usr/sbin/ cd /usr/src/linux make modules SUBDIRS=drivers/net make modules_install rmmod ppp cd /lib/modules/2.2.10/net/ insmod slhc insmod ppp insmod bsd_comp insmod ppp_deflate insmod ppp_mppe #the above and below do not wotk as there is no ppp_mppe.o cd /usr/src/linux/drivers/net insmod ppp_mppe cd /usr/local/src/ #tar zxvf pptpd-0.9.11.tgz #cd pptpd-0.9.11 #./configure #make #make install Thanks again I've clocked up over 10 days on this baby now..... -----Original Message----- From: Michael Walter [mailto:walterm at gliatech.com] Sent: Monday, September 27, 1999 4:37 PM To: 'Andy Frost'; PPTPD User Group (E-mail) Subject: RE: [pptp-server] ppp_mppe.o 1) Before issuing the make modules SUBDIRS=drivers/net command did you manually copy the contents of /usr/src/linux/ppp-2.3.8/linux to /usr/src/linux/drivers/net and overwrite all files? 2) Did you copy rc4.h and rc4_enc.c from the SSLeay-0.6.6b source to the /usr/src/linux/ppp-2.3.8/linux and /usr/src/linux/drivers/net directories? 3) Have you tried insmod ppp_mppe from the /usr/src/linux/drivers/net directory? Michael J. Walter mcse Gliatech, Inc. walterm at gliatech.com mwalter at drwalter.com On Monday, September 27, 1999 11:17 PM, Andy Frost [SMTP:AndrewF at artisansw.com] wrote: > > > > If have followed the HOW/TO to the letterand read lots of relevant > > messages from this board but I do not get a ppp_mppe.o module. I've > > got slhc,bsd_comp & ppp_deflate modules but not the m$ encryption one. > > > > Ive patched pppd and configure... kinstall which at the end says " > > adding mppe to make file " made all the modules etc but still no luck. > > > > Please help.... > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulte.org! From jasonf at Baldwingroup.COM Tue Sep 28 09:02:58 1999 From: jasonf at Baldwingroup.COM (Jason M. Felice) Date: Tue Sep 28 09:02:58 1999 Subject: [pptp-server] createHostSocket: Address already in use In-Reply-To: ; from bmbr on Mon, Sep 20, 1999 at 01:54:48PM -0600 References: <37E68FEB.5A50AC8@ittc.ukans.edu> Message-ID: <19990928100240.A5309@waco.baldwingroup.com> There is some sort of timeout and latency before an address:port pair becomes available for use again. Sometimes I've just had to wait a few minutes for the kernel to decide the connection really is closed (of course, that should appear in netstat also, as being in TCP_FIN_WAIT or TCP_FIN_WAIT2 states). Not sure if this helps, -Jay 'Eraserhead' Felice On Mon, Sep 20, 1999 at 01:54:48PM -0600, bmbr wrote: > I thought so as well.. however, after doing both a ps aux, AND rebooting > the system, i get the same error.. it's quite frustrating ;) > > bmbr > > On Mon, 20 Sep 1999, Carlos Javier Castro Pena wrote: > > > I had this error when 2 or more PPTP servers where running at the same time. > > Perhaps you can try rebooting. > > > > > > > > > > ------ > bmbr > bmbr at icelab.net > > May the flames from the bridges I burn light my way... > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! From oftedal at netpower.no Wed Sep 29 03:05:45 1999 From: oftedal at netpower.no (Einar Oftedal) Date: Wed Sep 29 03:05:45 1999 Subject: [pptp-server] help In-Reply-To: Message-ID: Sep 28 14:59:06 fw pptpd[8718]: CTRL: Client xxx.xxx.xxx.xxx control connection started Sep 28 14:59:06 fw pptpd[8718]: CTRL: Starting call (launching pppd, opening GRE) Sep 28 14:59:06 fw pptpd[8718]: CTRL: Allocating pty/tty pair Sep 28 14:59:06 fw pptpd[8718]: CTRL: Allocated pty/tty pair (/dev/ptyp2,/dev/ttyp2) Sep 28 14:59:06 fw pppd[8719]: pppd 2.3.8 started by root, uid 0 Sep 28 14:59:06 fw pppd[8719]: Using interface ppp0 Sep 28 14:59:06 fw pppd[8719]: Connect: ppp0 <--> /dev/ttyp2 Sep 28 14:59:06 fw pppd[8719]: sent [LCP ConfReq id=0x1 ] Sep 28 14:59:33 fw last message repeated 9 times Sep 28 14:59:36 fw pppd[8719]: LCP: timeout sending Config-Requests Sep 28 14:59:36 fw pppd[8719]: Connection terminated. Sep 28 14:59:36 fw pppd[8719]: Exit. Sep 28 14:59:36 fw pptpd[8718]: GRE: read(fd=5,buffer=804d518,len=8196) from PTY failed: status = -1 error = I/O error Sep 28 14:59:36 fw pptpd[8718]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) Sep 28 14:59:36 fw pptpd[8718]: CTRL: Client xxx.xxx.xxx.xxx control connection finished From kseel at utcorp.com Wed Sep 29 10:30:59 1999 From: kseel at utcorp.com (Kurt Seel) Date: Wed Sep 29 10:30:59 1999 Subject: [pptp-server] Problem with freebsd & pptp 1.0.0 Message-ID: <37F23271.E7F419DA@utcorp.com> I am running freebsd 2.2.6. I am using user ppp. I am getting communications throught the proto-47 to the ppp program. Here is the (long) syslog : Sep 26 14:22:52 gatekeeper ppp[10109]: Command: default: set speed 57600 Sep 26 14:22:52 gatekeeper ppp[10109]: Command: default: deny lqr Sep 26 14:22:52 gatekeeper ppp[10109]: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5 "" AT OK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT Sep 26 14:22:52 gatekeeper ppp[10109]: Command: default: set ctsrts on Sep 26 14:22:52 gatekeeper ppp[10109]: Command: default: set timeout 36000 36000 36000 Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Phase: Using interface: tun3 Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Command: pptp: set speed sync Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Command: pptp: enable pap Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Command: pptp: enable chap Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Command: pptp: set ns 146.145.135.13 146.145.135.29 Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Phase: PPP Started. Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Phase: Connected! Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: Phase: Packet mode enabled Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: LCP: State change Initial --> Closed Sep 26 14:22:52 gatekeeper ppp[10109]: tun3: LCP: State change Closed --> Stopped Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: LcpSendConfigReq Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: MRU[4] 1500 Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: MAGICNUM[6] 0x312238be Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: State change Stopped --> Req-Sent Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:53 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:54 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:55 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendConfigReq Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: MRU[4] 1500 Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: MAGICNUM[6] 0x312238be Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:56 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: LcpSendConfigReq Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: MRU[4] 1500 Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: MAGICNUM[6] 0x312238be Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:22:59 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:00 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:02 gatekeeper ppp[10109]: tun3: LCP: LcpSendConfigReq Sep 26 14:23:02 gatekeeper ppp[10109]: tun3: LCP: MRU[4] 1500 Sep 26 14:23:02 gatekeeper ppp[10109]: tun3: LCP: MAGICNUM[6] 0x312238be Sep 26 14:23:02 gatekeeper ppp[10109]: tun3: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: Unknown protocol 0x7eff (unrecognised protocol) Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: LCP: LcpSendProtoRej Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: Disconnected! Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: LCP: State change Req-Sent --> Starting Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: LCP: LcpLayerFinish Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: Modem: Connect time: 12 secs: 984 octets in, 0 octets out Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: total 82 bytes/sec Sep 26 14:23:04 gatekeeper ppp[10109]: tun3: Phase: NewPhase: Dead Sep 26 14:23:05 gatekeeper ppp[10109]: tun3: Phase: PPP Terminated (dead). Running a tcpdump gives me this : 14:48:34.603182 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: S 2170831:2170831(0) win 8192 (DF) 14:48:34.603543 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: S 118030720:118030720(0) ack 2170832 win 16616 (DF) 14:48:34.753561 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: . ack 1 win 8576 (DF) 14:48:34.813491 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: P 1:157(156) ack 1 win 8576 (DF) 14:48:34.816100 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: P 1:101(100) ack 157 win 16616 (DF) 14:48:35.163220 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: . ack 101 win 8476 (DF) 14:48:35.163473 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: P 101:157(56) ack 157 win 16616 (DF) 14:48:35.333236 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: P 157:325(168) ack 157 win 8420 (DF) 14:48:35.339961 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: P 157:189(32) ack 325 win 16616 (DF) 14:48:35.673577 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: . ack 189 win 8388 (DF) 14:48:36.153384 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:36.156073 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:36.163941 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:36.513177 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 26 14:48:36.515003 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:36.517770 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:36.683178 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:36.684885 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:36.687602 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:36.853474 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:36.860937 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:36.863900 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:37.023140 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:37.024851 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.027593 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:37.183199 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:37.184904 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.187701 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:37.343117 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:37.344795 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.347544 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:37.503157 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:37.504816 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.507529 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:37.663143 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:37.664832 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.668393 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:37.823174 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:37.824861 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.827944 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:37.983130 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:37.984799 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:37.987544 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:38.143150 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:38.144816 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.147518 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:38.333139 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:38.334880 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.337635 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:38.493326 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:38.495715 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.498426 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:38.653198 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:38.654911 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.657702 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:38.823137 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:38.824829 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.827542 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:38.973144 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:38.974831 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:38.977540 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:39.123154 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:39.124816 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:39.127551 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:39.283186 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:39.284899 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:39.287620 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:39.443165 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:39.444796 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:39.447532 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:39.613175 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 34 14:48:39.615797 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:39.618506 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 30 14:48:39.773136 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:39.774773 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:39.777509 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:40.243144 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 12 14:48:42.653257 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 20 14:48:42.654972 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:42.657706 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 20 14:48:42.803145 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 24 14:48:42.804822 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:42.807557 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 20 14:48:42.973154 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 54 14:48:42.974873 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:42.977629 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 50 14:48:43.143118 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 48 14:48:43.144808 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:43.147542 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 44 14:48:43.303177 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:43.304889 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:43.307652 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:43.473132 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 30 14:48:43.474787 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:43.477500 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 26 14:48:43.643114 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 24 14:48:43.644773 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:43.647458 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 20 14:48:43.803145 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 24 14:48:43.804790 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 12 14:48:43.807506 gatekeeper.utcorp.com > ttyc03.utcorp.com: ip-proto-47 20 14:48:44.543362 ttyc03.utcorp.com > gatekeeper.utcorp.com: ip-proto-47 12 14:48:51.426259 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: F 189:189(0) ack 325 win 16616 (DF) 14:48:51.593305 ttyc03.utcorp.com.iad3 > gatekeeper.utcorp.com.pptp: F 325:325(0) ack 190 win 8388 (DF) 14:48:51.593571 gatekeeper.utcorp.com.pptp > ttyc03.utcorp.com.iad3: . ack 326 win 16616 (DF) While all the proto-47 is going on MS Win98 says : 'Verifying username and password' Not that windows messages usually mean much ... I do see one messahe from pptpd, in /var/log/messages : Sep 26 14:54:04 gatekeeper pptpd[11646]: GRE: Bad checksum from pppd. just before all the proto-47 stuff ... I am so close! Could someone please help me? -- "Signature file failed Preliminary Design Review. Feasibility of a new signature is currently being evaluated." From missions at ocic.org Wed Sep 29 11:00:12 1999 From: missions at ocic.org (Nhan NGO DINH (OCIC Missionary Service)) Date: Wed Sep 29 11:00:12 1999 Subject: [pptp-server] Routing Message-ID: <4.1.19990929175750.00a76220@mail.rome.ocicnet.net> Hello all, I have installed a PPTP server on a Linux machine and a PPTP client on another Linux machine. I want to make something like that: Ethernet (192.168.0.0) -- PPTP Server (192.168.0.1) --> Internet <-- PPTP Client The PPTP Client must have the "virtual" IP address 192.168.0.200. When the PPTP connection is established, client and server assume dynamic IP addresses depending on pptpd.conf specifications in /etc directory. If I want to make data for 192.168.0.200 to pass through the internet tunneling gateway I must put routing informations manually. The PPTP client doesn't have a fixed IP address, and it is temporary connected to the internet, while the PPTP server is connected permanently to the internet with a fixed IP address. How can I do in order to allow routing entries to be added automatically on client connection? Thanks. --- Nhan NGO DINH (OCIC Missionary Service Technical Support) e-mail: missions at ocic.org web site: http://www.ocic.org/missions/index1.html From tmk at netmagic.net Wed Sep 29 11:26:54 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 29 11:26:54 1999 Subject: [pptp-server] Routing In-Reply-To: <4.1.19990929175750.00a76220@mail.rome.ocicnet.net> Message-ID: read the ppp howto. There is a file in /etc/ppp called ip-up that is run whenever a ppp connection comes up (pptp uses a ppp connection) you can put commands in there to add routing tables etc. If you could be more specific about what you want to do taht isnt working, i can probably help Kevin On Wed, 29 Sep 1999, Nhan NGO DINH (OCIC Missionary Service) wrote: > Hello all, > > I have installed a PPTP server on a Linux machine and a PPTP client on > another Linux machine. > > I want to make something like that: > > Ethernet (192.168.0.0) -- PPTP Server (192.168.0.1) --> Internet <-- PPTP > Client > > The PPTP Client must have the "virtual" IP address 192.168.0.200. When the > PPTP connection is established, client and server assume dynamic IP > addresses depending on pptpd.conf specifications in /etc directory. > > If I want to make data for 192.168.0.200 to pass through the internet > tunneling gateway I must put routing informations manually. > > The PPTP client doesn't have a fixed IP address, and it is temporary > connected to the internet, while the PPTP server is connected permanently > to the internet with a fixed IP address. > > How can I do in order to allow routing entries to be added automatically on > client connection? > > Thanks. > > --- > Nhan NGO DINH (OCIC Missionary Service Technical Support) > e-mail: missions at ocic.org > web site: http://www.ocic.org/missions/index1.html > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From tmk at netmagic.net Wed Sep 29 11:36:36 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 29 11:36:36 1999 Subject: [pptp-server] Problem with freebsd & pptp 1.0.0 In-Reply-To: <37F23271.E7F419DA@utcorp.com> Message-ID: it looks like the client is trying to use an unsupported protocol (ipx or netbeui pehaps?) your ppp server is rejecting those, and it reuses togive up. the bad checksum from GRE thing bothers me though. Check your modem init string and ppp escape character configs Kevin From kseel at utcorp.com Wed Sep 29 13:39:03 1999 From: kseel at utcorp.com (Kurt Seel) Date: Wed Sep 29 13:39:03 1999 Subject: [pptp-server] Problem with freebsd & pptp 1.0.0 References: Message-ID: <37F25E5D.33B81DDF@utcorp.com> tmk wrote: > it looks like the client is trying to use an unsupported protocol (ipx or > netbeui pehaps?) your ppp server is rejecting those, and it reuses togive > up. I have them all deselected, in both the vpn 'dialler' and the modem dialler. > > > the bad checksum from GRE thing bothers me though. Check your modem init > string and ppp escape character configs On the windows side? I don't know where. I see the checksum message just before all the 0x7fff thingeys, could pptpd be mangling the stream to ppp? > > > Kevin > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! -- "Signature file failed Preliminary Design Review. Feasibility of a new signature is currently being evaluated." From tmk at netmagic.net Wed Sep 29 13:41:53 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 29 13:41:53 1999 Subject: [pptp-server] Problem with freebsd & pptp 1.0.0 In-Reply-To: <37F25E5D.33B81DDF@utcorp.com> Message-ID: > I have them all deselected, in both the vpn 'dialler' and the modem > dialler. you'll need at least one.preferably tcpip.. Kevin > > > > > > > the bad checksum from GRE thing bothers me though. Check your modem init > > string and ppp escape character configs > > On the windows side? I don't know where. I see the checksum message > just before all the 0x7fff thingeys, could pptpd be mangling the stream > to ppp? > > > > > > > Kevin > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulte.org! > > -- > "Signature file failed Preliminary Design Review. > Feasibility of a new signature is currently being evaluated." > > > From kseel at utcorp.com Wed Sep 29 14:14:06 1999 From: kseel at utcorp.com (Kurt Seel) Date: Wed Sep 29 14:14:06 1999 Subject: [pptp-server] Problem with freebsd & pptp 1.0.0 References: Message-ID: <37F266A2.4B955EAA@utcorp.com> tmk wrote: > > I have them all deselected, in both the vpn 'dialler' and the modem > > dialler. > > you'll need at least one.preferably tcpip.. I'me sorry, I meant all but tcp/ip. Also, only the two dial-up adapters in the control panel (no ethernet) 2 protocol bindings: dialup->tcp/ip, vpn-dialup->tcp/ip. Also, the microsoft client (I want to mount a samba drive :-). > > > Kevin > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! -- "Signature file failed Preliminary Design Review. Feasibility of a new signature is currently being evaluated." From georgek at netwrx1.com Wed Sep 29 15:34:47 1999 From: georgek at netwrx1.com (George R. Kasica) Date: Wed Sep 29 15:34:47 1999 Subject: [pptp-server] PopTop Problem Message-ID: Sorry to bug you with this but I need to get it working soon and have had no success.... George Well, I've got pptpd 1.0 working well here, with a small problem.....I still seem to send all data down the "normal" channel be it dialup or ethernet connect rather than everything over the VPN....this causes the problem that I still appear to come to the ISPs news server from "outside" their network....how to I accomplish the following (the Client is WIN98 Server with pptpd on it Linux 2.2.5) IP Addresses are REAL there is no firewall between: Client Server ISP 205.254.202.120 ----- VPN ------------ 205.254.202.114 - 156.46.10.23 10.36.9.242 --------- INTERNET---------> I'm getting the VPN Adapter assigned the IP address above yet the traffic when trace routed seems to go through the 'Net rather than routing through the Server hence the problem with appearing from "outside" the net. Any suggestions, and please keep it simple and as clear as possible. >your route table may be sending the packets in a direction you may not have >expected. print our yout route table and i'll have a look > >-matt > Matt: Here it is in "steps" 1) Just ethernet connected, no dialup or VPN (cannot get out to Internet from here) Ethernet info 3.231.4.237 255.255.252.0 C:\WINDOWS\Desktop>route print Active Routes: Network Address Netmask Gateway Address Interface Metric 0.0.0.0 0.0.0.0 3.231.4.254 3.231.4.237 1 3.231.4.0 255.255.252.0 3.231.4.237 3.231.4.237 1 3.231.4.237 255.255.255.255 127.0.0.1 127.0.0.1 1 3.255.255.255 255.255.255.255 3.231.4.237 3.231.4.237 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 224.0.0.0 3.231.4.237 3.231.4.237 1 255.255.255.255 255.255.255.255 3.231.4.237 0.0.0.0 1 2) Dialup Connection with Ethernet Info Ethernet 3.231.4.237 255.255.252.0 Dialup: 208.254.238.104 255.255.255.255 Internet goes through here. Active Routes: Network Address Netmask Gateway Address Interface Metric 0.0.0.0 0.0.0.0 3.231.4.254 3.231.4.237 2 0.0.0.0 0.0.0.0 208.254.238.104 208.254.238.104 1 3.231.4.0 255.255.252.0 3.231.4.237 3.231.4.237 2 3.231.4.237 255.255.255.255 127.0.0.1 127.0.0.1 1 3.255.255.255 255.255.255.255 3.231.4.237 3.231.4.237 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 208.254.238.0 255.255.255.0 208.254.238.104 208.254.238.104 1 208.254.238.104 255.255.255.255 127.0.0.1 127.0.0.1 1 224.0.0.0 224.0.0.0 3.231.4.237 3.231.4.237 1 224.0.0.0 224.0.0.0 208.254.238.104 208.254.238.104 1 255.255.255.255 255.255.255.255 208.254.238.104 208.254.238.104 1 3) Ethernet with dialup and VPN Active: Info Ethernet 3.231.4.237 255.255.252.0 Dialup: 208.254.238.104 255.255.255.255 Internet goes through here. VPN: 205.254.202.120 255.255.255.0 Active Routes: Network Address Netmask Gateway Address Interface Metric 0.0.0.0 0.0.0.0 3.231.4.254 3.231.4.237 2 0.0.0.0 0.0.0.0 208.254.238.104 208.254.238.104 1 3.231.4.0 255.255.252.0 3.231.4.237 3.231.4.237 2 3.231.4.237 255.255.255.255 127.0.0.1 127.0.0.1 1 3.255.255.255 255.255.255.255 3.231.4.237 3.231.4.237 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 205.254.202.0 255.255.255.0 205.254.202.120 205.254.202.120 1 205.254.202.114 255.255.255.255 208.254.238.104 208.254.238.104 1 205.254.202.120 255.255.255.255 127.0.0.1 127.0.0.1 1 208.254.238.0 255.255.255.0 208.254.238.104 208.254.238.104 1 208.254.238.104 255.255.255.255 127.0.0.1 127.0.0.1 1 224.0.0.0 224.0.0.0 3.231.4.237 3.231.4.237 1 224.0.0.0 224.0.0.0 208.254.238.104 208.254.238.104 1 224.0.0.0 224.0.0.0 205.254.202.120 205.254.202.120 1 255.255.255.255 255.255.255.255 208.254.238.104 208.254.238.104 1 A trace route to news.alpha.net (156.46.10.23) shows: Trace news.alpha.net; Start time 09/24/99 09:23:42 Tracing route to 156.46.10.23 50 bytes from 156.46.10.23: time=175 ms Hop Avg Diff Address 1 104 104 206.115.150.210 tnt18.chi5.da.uu.net 2 102 -5 207.76.46.206 3 99 -5 152.63.64.22 132.ATM11-0-0.HR2.CHI1.ALTER.NET 4 103 2 146.188.208.46 103.ATM3-0.XR2.CHI4.ALTER.NET 5 102 1 146.188.208.13 194.ATM9-0-0.BR1.CHI1.ALTER.NET 6 123 21 137.39.250.6 gw14-chi-8-0.sprintlink.net 7 103 -11 144.232.10.157 sl-bb11-chi-2-1.sprintlink.net 8 104 1 144.232.0.202 sl-gw16-chi-8-0-0.sprintlink.net 9 762 660 144.228.207.18 sl-alphadot-2-1-0.sprintlink.net 10 145 -299 206.190.31.9 core51-h-1-0.mke.alpha.net 11 198 50 156.46.10.23 news.alpha.net End time 09/24/99 09:24:10 host reached But it does NOT go through the PPTP Server eagle.netwrx1.net (205.254.202.114) (thats a one not an L) If you'd like to try testing you can use the login of georgek and password of tibbs1 (thats a one not an L) Here is the netstat -nr from the PPTP Server: [root at eagle /root]# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 205.254.202.120 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.240 U 0 0 0 eth0 205.254.202.112 0.0.0.0 255.255.255.240 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 205.254.202.113 0.0.0.0 UG 0 0 0 eth0 From ajlill at ajlc.waterloo.on.ca Wed Sep 29 17:09:09 1999 From: ajlill at ajlc.waterloo.on.ca (ajlill at ajlc.waterloo.on.ca) Date: Wed Sep 29 17:09:09 1999 Subject: [pptp-server] Routing In-Reply-To: Your message of "Wed, 29 Sep 1999 09:30:09 PDT." Message-ID: <199909292208.WAA02222@matrix.ajlc.waterloo.on.ca> >>>>> "Kevin" == tmk writes: Kevin> read the ppp howto. There is a file in /etc/ppp called Kevin> ip-up that is run whenever a ppp connection comes up (pptp Kevin> uses a ppp connection) you can put commands in there to add Kevin> routing tables etc. If you could be more specific about Kevin> what you want to do taht isnt working, i can probably help Unforunatly, if you have more than one pptp client, ppp doesn't give you enough information to make routing decisions. What's needed is for pptpd to maintain a mapping from the client's real IP address to the address pair assigned to the PPP link. Then the ip-up script can do something intelligent. -- Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA President, A. J. Lill Consultants fax/data (519) 650 3571 539 Grand Valley Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 --------------- http://www.ajlc.waterloo.on.ca/ ---------------- "Welcome to All Things UNIX, where if it's not UNIX, it's CRAP!" From ajlill at ajlc.waterloo.on.ca Wed Sep 29 17:12:46 1999 From: ajlill at ajlc.waterloo.on.ca (ajlill at ajlc.waterloo.on.ca) Date: Wed Sep 29 17:12:46 1999 Subject: [pptp-server] Win98 problems In-Reply-To: Your message of "Fri, 24 Sep 1999 18:41:53 PDT." <000f01bf06f7$2658b620$071c0fc0@lala.net> Message-ID: <199909292212.WAA02354@matrix.ajlc.waterloo.on.ca> >>>>> "Kevin" == tmk writes: Kevin> I'd need to see log dumps for both machines to do much Kevin> more.. windows actually makes pretty good logs. Check the Kevin> record a log file for this connection box in windows, and Kevin> it will make a file called ppplog.txt in the windows dir I got VPN working from Win 98. I had to re-install dial-up networking after installing the V1.3 patch! (I am running the original version of Win 98.) Go figure! -- Tony Lill, Tony.Lill at AJLC.Waterloo.ON.CA President, A. J. Lill Consultants fax/data (519) 650 3571 539 Grand Valley Dr., Cambridge, Ont. N3H 2S2 (519) 241 2461 --------------- http://www.ajlc.waterloo.on.ca/ ---------------- "Welcome to All Things UNIX, where if it's not UNIX, it's CRAP!" From tmk at netmagic.net Wed Sep 29 18:53:16 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 29 18:53:16 1999 Subject: [pptp-server] PopTop Problem References: Message-ID: <008001bf0ad6$41548340$071c0fc0@lala.net> just a quick suggestion without reading the logs too thouroughly: try checking the 'use default gateway on remote network' checkbox in the dun settings Kevin From blalor at netDrives.com Wed Sep 29 21:05:54 1999 From: blalor at netDrives.com (Brian Lalor) Date: Wed Sep 29 21:05:54 1999 Subject: [pptp-server] pptp 1.0 and Win98 Message-ID: Hey all. I'm trying to get this thing working. I've followed the howto step by step and gotten the encryption working (I believe), but I'm still having problems. I've attached a syslog file from one attempt and I'll try to document what's happening below: ** Server side ** pptpd 1.0.0 ppp 2.3.8 with all that encryption stuff compiled in linux 2.2.15 with the compression modules loaded in and the encryption stuff compiled in eth0: 10.0.0.202 No masquerading or firewalling configured on this machine. ** Client side ** Network control panel looks like: Client for Microsoft Networks AMD PCNET Family Ethernet Adapter (PCI-ISA) Dial-Up Adapter Microsoft Virtual Private Networking Adapter NDISWAN -> Microsoft Virtual Private Networking Adapter NetBEUI -> AMD PCNET Family Ethernet Adapter (PCI-ISA) TCP/IP -> AMD PCNET Family Ethernet Adapter (PCI-ISA) TCP/IP -> Dial-Up Adapter Dial-up networking profile in question: General: (ah, hell, this is right) Server Types: Advanced options: [x] Log on to network [x] Enable software compression [x] Require encrypted password [x] Require data encryption [x] Record a log file for this connection (dunno where this is supposed to go...) Allowed network protocols: [ ] NetBEUI [ ] IPX/SPX Compatible [x] TCP/IP TCP/IP Settings: o Server assigned IP address o Server assigned name server addresses [ ] Use IP header compression [ ] Use default gateway on remote network So, I try to dial up and I get: Error 720: Dial-Up Networking could not negotiate a compatible set of network protocols you specified in the Server Type settings. Check your network configuration in the Control Panel then try the connection again. Looking at the log file, I just can't figure out what I've missed. Can someone *please* help me out? I'm really dyin' here... :-) -- Brian Lalor, Web Honkey netDrives blalor at netDrives.com 607-272-5650 x7167 -------------- next part -------------- lock debug name cumulus auth require-chap +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless proxyarp -------------- next part -------------- Sep 29 21:51:36 cumulus pptpd[16631]: CTRL: Client 10.0.0.210 control connection started Sep 29 21:51:36 cumulus pptpd[16631]: CTRL: Starting call (launching pppd, opening GRE) Sep 29 21:51:36 cumulus pppd[16632]: pppd 2.3.8 started by root, uid 0 Sep 29 21:51:36 cumulus pppd[16632]: Using interface ppp0 Sep 29 21:51:36 cumulus pppd[16632]: Connect: ppp0 <--> /dev/pts/4 Sep 29 21:51:36 cumulus pppd[16632]: sent [LCP ConfReq id=0x1 ] Sep 29 21:51:36 cumulus pppd[16632]: rcvd [LCP ConfReq id=0x1 < 0d 03 06>] Sep 29 21:51:36 cumulus pppd[16632]: sent [LCP ConfRej id=0x1 < 0d 03 06>] Sep 29 21:51:36 cumulus pppd[16632]: rcvd [LCP ConfReq id=0x2 ] Sep 29 21:51:36 cumulus pppd[16632]: sent [LCP ConfAck id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [LCP ConfReq id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [LCP ConfNak id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [LCP ConfReq id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [LCP ConfAck id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CHAP Challenge id=0x1 <6c0cc63327466ba3>, name = "cumulus"] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CHAP Response id=0x1 <5b02d914bd4c1ffb01cf862e9e2d8daab5fde949b3e5e5acd81dd62ad46bd37f62ca9a78ff9e737523120c61b948acce01>, name = "DOMAIN\\blalor"] Sep 29 21:51:39 cumulus pppd[16632]: sent [CHAP Success id=0x1 "Welcome to cumulus.ith.glyphtech.com."] Sep 29 21:51:39 cumulus pppd[16632]: sent [IPCP ConfReq id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfReq id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: MSCHAP peer authentication succeeded for GLYPH\\blalor Sep 29 21:51:39 cumulus pppd[16632]: rcvd [IPCP ConfReq id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [IPCP ConfRej id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfReq id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfRej id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [IPCP ConfRej id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfRej id=0x1 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfReq id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [IPCP ConfReq id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [IPCP ConfRej id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfReq id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfNak id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [IPCP ConfAck id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfNak id=0x2 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfReq id=0x3 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfReq id=0x3 ] Sep 29 21:51:39 cumulus pppd[16632]: sent [CCP ConfAck id=0x3 ] Sep 29 21:51:39 cumulus pppd[16632]: rcvd [CCP ConfAck id=0x3 ] Sep 29 21:51:39 cumulus pppd[16632]: MPPE 40 bit, stateless compression enabled Sep 29 21:51:42 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:42 cumulus pppd[16632]: rcvd [IPCP ConfAck id=0x2 ] Sep 29 21:51:42 cumulus pppd[16632]: rcvd [IPCP ConfReq id=0x3 ] Sep 29 21:51:42 cumulus pppd[16632]: sent [IPCP ConfRej id=0x3 ] Sep 29 21:51:42 cumulus pppd[16632]: rcvd [IPCP TermReq id=0x4] Sep 29 21:51:42 cumulus pppd[16632]: sent [IPCP TermAck id=0x4] Sep 29 21:51:45 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:46 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:51:48 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:48 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:51:51 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:51 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:51:54 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:54 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:51:57 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:51:57 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:00 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:52:00 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:03 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:52:03 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:06 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:52:06 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:09 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:52:09 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:12 cumulus pppd[16632]: sent [IPCP ConfReq id=0x2 ] Sep 29 21:52:12 cumulus pppd[16632]: rcvd [IPCP TermAck id=0x2] Sep 29 21:52:14 cumulus pppd[16632]: rcvd [LCP TermReq id=0x3] Sep 29 21:52:14 cumulus pppd[16632]: LCP terminated by peer Sep 29 21:52:14 cumulus pppd[16632]: sent [LCP TermAck id=0x3] Sep 29 21:52:14 cumulus pptpd[16631]: CTRL: Error with select(), quitting Sep 29 21:52:14 cumulus pptpd[16631]: CTRL: Client 10.0.0.210 control connection finished Sep 29 21:52:14 cumulus pppd[16632]: Modem hangup Sep 29 21:52:14 cumulus pppd[16632]: Connection terminated. Sep 29 21:52:14 cumulus pppd[16632]: Exit. -------------- next part -------------- # see pptpd.conf(5) speed 115200 localip 192.168.0.234-238 remoteip 192.168.1.234-238 From tmk at netmagic.net Wed Sep 29 22:52:45 1999 From: tmk at netmagic.net (tmk) Date: Wed Sep 29 22:52:45 1999 Subject: [pptp-server] pptp 1.0 and Win98 References: Message-ID: <000b01bf0af7$b7558be0$071c0fc0@lala.net> make sure you have the DUN 1.3 update installed. Most people find they have to uninstall/reinstall to get it working anywyas. it's probably the DNS thing. You should use the msdns option for ppp to tell it what nameserver to use. a log from teh windows box would be nice if that doesnt work (check make a log file, and send the ppplog.txt file) Kevin ----- Original Message ----- From: Brian Lalor To: Sent: Wednesday, September 29, 1999 7:05 PM Subject: [pptp-server] pptp 1.0 and Win98 > Hey all. I'm trying to get this thing working. I've followed the howto > step by step and gotten the encryption working (I believe), but I'm still > having problems. I've attached a syslog file from one attempt and I'll > try to document what's happening below: > > ** Server side ** > pptpd 1.0.0 > ppp 2.3.8 with all that encryption stuff compiled in > linux 2.2.15 with the compression modules loaded in and the encryption > stuff compiled in > > eth0: 10.0.0.202 > > No masquerading or firewalling configured on this machine. > > ** Client side ** > Network control panel looks like: > Client for Microsoft Networks > AMD PCNET Family Ethernet Adapter (PCI-ISA) > Dial-Up Adapter > Microsoft Virtual Private Networking Adapter > NDISWAN -> Microsoft Virtual Private Networking Adapter > NetBEUI -> AMD PCNET Family Ethernet Adapter (PCI-ISA) > TCP/IP -> AMD PCNET Family Ethernet Adapter (PCI-ISA) > TCP/IP -> Dial-Up Adapter > > Dial-up networking profile in question: > General: (ah, hell, this is right) > Server Types: > Advanced options: > [x] Log on to network > [x] Enable software compression > [x] Require encrypted password > [x] Require data encryption > [x] Record a log file for this connection > (dunno where this is supposed to go...) > Allowed network protocols: > [ ] NetBEUI > [ ] IPX/SPX Compatible > [x] TCP/IP > TCP/IP Settings: > o Server assigned IP address > o Server assigned name server addresses > [ ] Use IP header compression > [ ] Use default gateway on remote network > > So, I try to dial up and I get: > > Error 720: Dial-Up Networking could not negotiate a compatible set of > network protocols you specified in the Server Type settings. > Check your network configuration in the Control Panel then try the > connection again. > > Looking at the log file, I just can't figure out what I've missed. Can > someone *please* help me out? I'm really dyin' here... :-) > > -- > Brian Lalor, Web Honkey > netDrives > blalor at netDrives.com > 607-272-5650 x7167 > From jewell at mit.edu Thu Sep 30 03:35:33 1999 From: jewell at mit.edu (Darrin B. Jewell) Date: Thu Sep 30 03:35:33 1999 Subject: [pptp-server] NetBSD packages for poptop and mppe for testing Message-ID: <199909300834.EAA05671@dbj.ne.mediaone.net> I have created two netbsd `packages' for the poptop pptp server and microsoft encryption extensions to ppp. The NetBSD package system allows for simple installation and management of third party software on the NetBSD operating system. I am making them available at: I am subscribed to current-users at netbsd.org and pptp-server at lists.schulte.org. It is probably more useful to hold discussion in one of those forums than it is to send me personal mail, unless you have something that needs to be incorporated into the package. Please read the notes below. In particular, note that the MPPE module is not ready for production use. Enjoy, Darrin Darrin B. Jewell 1999-09-30T04:30:19-0400 poptop notes: . The poptop package uses the distribution of poptop pretty much out of the box. The only significant modification was to accept a configure option to allow the use of an alternate pppd than the one shipped with NetBSD. . Setting POPTOP_USE_MPPE=yes in /etc/mk.conf will cause poptop top use the ppp-mppe package to support microsoft point to point encryption. . Your kernel should not be compiled with any gre(4) devices. Comment out lines like this from your kernel config file: #pseudo-device gre 2 # generic L3 over IP tunnel It might be useful at some point to have pptpd be able to use the built in netbsd gre(4) driver, but at the moment it will just keep them from getting to the pptpd. ppp-mppe notes: . This is not yet ready for production use, but does work well enough that I could bring up an encrypted connection from an NT client to a NetBSD server. Still, it is easy to crash. Feel free to fix. . Provides a replacement pppd and a loadable kernel module (lkm) which provides the mppe encryption. Alternately, it could be compiled into the kernel if you know what your are doing and don't want to use a lkm. . It is based on the linux mppe ppp patches available from the poptop web site. . It uses ppp-2.3.9 and openssl-0.9.2b . STAC LZS compression is not included. . I test it on a netbsd-1.4.1 server with an NT client, but it should work on -current as well. I don't really use it myself, which is one reason that I'm making it available even though it isn't really ready. . In order to use 128 bit encryption, you probably need to increase the value of CCP_MAX_OPTION_LENGTH from 32 (64 is a good value, but 35 should be minimal) in /sys/net/ppp-comp.h and rebuild your kernel. Otherwise, there isn't enough room to transfer the keys from the pppd to the kernel module. . Your kernel config file should have at least these: options PPP_FILTER # Active filter support for PPP (requires bpf) pseudo-device ppp 2 # Point-to-Point Protocol . The lkm pretty much misuses the ppp compression/decompression hooks to perform its encryption. This creates a few bugs, some of which are security related. Know that MPPE is not particularly secure. (<==notice!) . Doesn't deal correctly with the ppp mtu because MPPE expands the packet size. . Is easy to crash. It doesn't successfully recover from lost packets or decryption failure. I can immediately bring cause it to hang by doing a `ping -s 50000 -c 1 remote-ip'. Fixes are appreciated, I cannot guarantee that I will address problems myself. . Lacks documentation. UTSL. . The patches provided in the package are rougly divided into these groups patch-a* -- sync ppp-2.3.9 to netbsd-current patch-b* -- add mppe to ppp-2.3.9 patch-c* -- creates a lkm for mppe that works with the ppp already in the kernel. patch-d* -- misc tweaks to deal with various netbsd kernel versions, compiling as a package, and a non-function ppp lkm. (See source for details.) . requires the kernel source to be present to compile. This is due to the issues discussed in netbsd PR 5377. . Makes a gross assumption about an internal structure in the pcap library to do ppp filtering. This allows the package to build without the complete netbsd source code tree online. References: NetBSD: The NetBSD package system: The PoPToP pptp server: Microsoft VPN software: Point to Point Networking standards: Unix PPP implementation: From blalor at netDrives.com Thu Sep 30 08:15:30 1999 From: blalor at netDrives.com (Brian Lalor) Date: Thu Sep 30 08:15:30 1999 Subject: [pptp-server] pptp 1.0 and Win98 In-Reply-To: <000b01bf0af7$b7558be0$071c0fc0@lala.net> Message-ID: On Wed, 29 Sep 1999, tmk wrote: > make sure you have the DUN 1.3 update installed. Most people find they have > to uninstall/reinstall to get it working anywyas. I thought that was only for Windows 95? > it's probably the DNS thing. You should use the msdns option for ppp to tell > it what nameserver to use. a log from teh windows box would be nice if that > doesnt work (check make a log file, and send the ppplog.txt file) Hmmm. I'm attaching that file. An interesting line is 09-30-1999 09:06:51.45 - IPCP : IP address is 0. That seems kind of weird... I added "ms-dns 10.0.0.2" to my ppp/options. Also attaching pptpd.log. Just a side note, I'm running Win98 in a VMware session and the clock seems to precess, so the times are out of whack. Thanks again, B -- Brian Lalor, Web Honkey netDrives blalor at netDrives.com 607-272-5650 x7167 -------------- next part -------------- 09-30-1999 09:06:48.46 - Microsoft Dial Up Adapter log opened. 09-30-1999 09:06:48.46 - Server type is PPP (Point to Point Protocol). 09-30-1999 09:06:48.46 - FSA : Adding Control Protocol 80fd (CCP) to control protocol chain. 09-30-1999 09:06:48.46 - FSA : Protocol not bound - skipping control protocol 803f (NBFCP). 09-30-1999 09:06:48.46 - FSA : Adding Control Protocol 8021 (IPCP) to control protocol chain. 09-30-1999 09:06:48.47 - FSA : Protocol not bound - skipping control protocol 802b (IPXCP). 09-30-1999 09:06:48.47 - FSA : Adding Control Protocol c029 (CallbackCP) to control protocol chain. 09-30-1999 09:06:48.47 - FSA : Adding Control Protocol c027 (no description) to control protocol chain. 09-30-1999 09:06:48.47 - FSA : Encrypted Password required. 09-30-1999 09:06:48.47 - FSA : Adding Control Protocol c223 (CHAP) to control protocol chain. 09-30-1999 09:06:48.47 - FSA : Adding Control Protocol c021 (LCP) to control protocol chain. 09-30-1999 09:06:48.47 - LCP : Callback negotiation enabled. 09-30-1999 09:06:48.47 - LCP : Layer started. 09-30-1999 09:06:48.47 - PPP : Transmitting Control Packet of length: 25 09-30-1999 09:06:48.47 - Data 0000: c0 21 01 01 00 17 02 06 | .!..... 09-30-1999 09:06:48.47 - Data 0008: 00 0a 00 00 05 06 01 e8 | ........ 09-30-1999 09:06:48.47 - Data 0010: 95 57 07 02 08 02 0d 03 | .W...... 09-30-1999 09:06:48.47 - Data 0018: 06 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:48.49 - PPP : Received Control Packet of length: 9 09-30-1999 09:06:48.49 - Data 0000: c0 21 04 01 00 07 0d 03 | .!...... 09-30-1999 09:06:48.49 - Data 0008: 06 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:48.49 - LCP : Received configure reject for callback control protocol option. 09-30-1999 09:06:48.49 - PPP : Transmitting Control Packet of length: 22 09-30-1999 09:06:48.49 - Data 0000: c0 21 01 02 00 14 02 06 | .!...... 09-30-1999 09:06:48.50 - Data 0008: 00 0a 00 00 05 06 01 e8 | ........ 09-30-1999 09:06:48.50 - Data 0010: 95 57 07 02 08 02 00 00 | .W...... 09-30-1999 09:06:48.51 - PPP : Received Control Packet of length: 22 09-30-1999 09:06:48.51 - Data 0000: c0 21 02 02 00 14 02 06 | .!...... 09-30-1999 09:06:48.51 - Data 0008: 00 0a 00 00 05 06 01 e8 | ........ 09-30-1999 09:06:48.51 - Data 0010: 95 57 07 02 08 02 00 00 | .W...... 09-30-1999 09:06:51.32 - PPP : Received Control Packet of length: 27 09-30-1999 09:06:51.32 - Data 0000: c0 21 01 01 00 19 02 06 | .!..... 09-30-1999 09:06:51.32 - Data 0008: 00 00 00 00 03 05 c2 23 | .......# 09-30-1999 09:06:51.32 - Data 0010: 81 05 06 6a e4 d1 30 07 | ...j..0. 09-30-1999 09:06:51.32 - Data 0018: 02 08 02 00 00 00 00 00 | ........ 09-30-1999 09:06:51.33 - LCP : Received and accepted ACCM of 0. 09-30-1999 09:06:51.33 - LCP : NAK authentication protocol 23c2 with protocol c223 (CHAP). 09-30-1999 09:06:51.33 - LCP : Naking possibly loopback magic number. 09-30-1999 09:06:51.33 - PPP : Transmitting Control Packet of length: 17 09-30-1999 09:06:51.34 - Data 0000: c0 21 03 01 00 0f 03 05 | .!...... 09-30-1999 09:06:51.34 - Data 0008: c2 23 80 05 06 6a e4 d1 | .#...j.. 09-30-1999 09:06:51.34 - Data 0010: 30 00 00 00 00 00 00 00 | 0....... 09-30-1999 09:06:51.38 - PPP : Received Control Packet of length: 27 09-30-1999 09:06:51.38 - Data 0000: c0 21 01 02 00 19 02 06 | .!..... 09-30-1999 09:06:51.38 - Data 0008: 00 00 00 00 03 05 c2 23 | .......# 09-30-1999 09:06:51.38 - Data 0010: 80 05 06 6b 2d 05 45 07 | ...k-.E. 09-30-1999 09:06:51.38 - Data 0018: 02 08 02 00 00 00 00 00 | ........ 09-30-1999 09:06:51.38 - LCP : Received and accepted ACCM of 0. 09-30-1999 09:06:51.38 - LCP : Received and accepted authentication protocol c223 (CHAP). 09-30-1999 09:06:51.38 - LCP : Received and accepted magic number 6b2d0545. 09-30-1999 09:06:51.38 - LCP : Received and accepted protocol field compression option. 09-30-1999 09:06:51.38 - LCP : Received and accepted address+control field compression option. 09-30-1999 09:06:51.38 - PPP : Transmitting Control Packet of length: 27 09-30-1999 09:06:51.38 - Data 0000: c0 21 02 02 00 19 02 06 | .!..... 09-30-1999 09:06:51.38 - Data 0008: 00 00 00 00 03 05 c2 23 | .......# 09-30-1999 09:06:51.38 - Data 0010: 80 05 06 6b 2d 05 45 07 | ...k-.E. 09-30-1999 09:06:51.38 - Data 0018: 02 08 02 00 00 00 00 00 | ........ 09-30-1999 09:06:51.38 - LCP : Layer up. 09-30-1999 09:06:51.38 - CHAP : Layer started. 09-30-1999 09:06:51.40 - PPP : Received Control Packet of length: 22 09-30-1999 09:06:51.40 - Data 0000: c2 23 01 01 00 14 08 0e | .#...... 09-30-1999 09:06:51.40 - Data 0008: 92 27 e7 a8 fe dc f0 63 | .'.....c 09-30-1999 09:06:51.40 - Data 0010: 75 6d 75 6c 75 73 00 00 | umulus.. 09-30-1999 09:06:51.43 - PPP : Transmitting Control Packet of length: 68 09-30-1999 09:06:51.43 - Data 0000: c2 23 02 01 00 42 31 92 | .#...B1. 09-30-1999 09:06:51.43 - Data 0008: 59 d4 5e 7c 3d c8 d2 88 | Y.^|=... 09-30-1999 09:06:51.43 - Data 0010: 20 30 8f 1b b7 6c 9b 34 | 0..l.4 09-30-1999 09:06:51.43 - Data 0018: ce b2 66 1a 86 86 3c dd | ..f..<. 09-30-1999 09:06:51.43 - Data 0020: 89 ec bf f5 37 22 3f e8 | ....7"?. 09-30-1999 09:06:51.43 - Data 0028: 05 88 a7 6c c9 d5 2b db | ...l..+. 09-30-1999 09:06:51.43 - Data 0030: eb 94 9a 1b a3 d2 70 01 | .....p. 09-30-1999 09:06:51.43 - Data 0038: 47 4c 59 50 48 5c 62 6c | GLYPH\bl 09-30-1999 09:06:51.43 - Data 0040: 61 6c 6f 72 00 00 00 00 | alor.... 09-30-1999 09:06:51.45 - PPP : Received Control Packet of length: 43 09-30-1999 09:06:51.45 - Data 0000: c2 23 03 01 00 29 57 65 | .#...)We 09-30-1999 09:06:51.45 - Data 0008: 6c 63 6f 6d 65 20 74 6f | lcome to 09-30-1999 09:06:51.45 - Data 0010: 20 63 75 6d 75 6c 75 73 | cumulus 09-30-1999 09:06:51.45 - Data 0018: 2e 69 74 68 2e 67 6c 79 | .ith.gly 09-30-1999 09:06:51.45 - Data 0020: 70 68 74 65 63 68 2e 63 | phtech.c 09-30-1999 09:06:51.45 - Data 0028: 6f 6d 2e 00 00 00 00 00 | om...... 09-30-1999 09:06:51.45 - CHAP : Login was successful. 09-30-1999 09:06:51.45 - CHAP : Layer up. 09-30-1999 09:06:51.45 - IPCP : Layer started. 09-30-1999 09:06:51.45 - IPCP : IP address is 0. 09-30-1999 09:06:51.45 - CCP : Layer started. 09-30-1999 09:06:51.46 - PPP : Transmitting Control Packet of length: 36 09-30-1999 09:06:51.46 - Data 0000: 80 21 01 01 00 22 03 06 | .!...".. 09-30-1999 09:06:51.46 - Data 0008: 00 00 00 00 81 06 00 00 | ........ 09-30-1999 09:06:51.46 - Data 0010: 00 00 82 06 00 00 00 00 | ........ 09-30-1999 09:06:51.46 - Data 0018: 83 06 00 00 00 00 84 06 | ........ 09-30-1999 09:06:51.46 - Data 0020: 00 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:51.46 - PPP : Transmitting Control Packet of length: 17 09-30-1999 09:06:51.46 - Data 0000: 80 fd 01 01 00 0f 12 06 | ........ 09-30-1999 09:06:51.46 - Data 0008: 01 00 00 31 11 05 00 01 | ...1.... 09-30-1999 09:06:51.46 - Data 0010: 04 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:51.46 - PPP : Received Control Packet of length: 18 09-30-1999 09:06:51.46 - Data 0000: 80 21 01 01 00 10 03 06 | .!...... 09-30-1999 09:06:51.46 - Data 0008: 0a 00 00 ca 02 06 00 2d | .......- 09-30-1999 09:06:51.46 - Data 0010: 0f 01 00 00 00 00 00 00 | ........ 09-30-1999 09:06:51.46 - IPCP : Received and accepted IP address of a0000ca. 09-30-1999 09:06:51.46 - PPP : Transmitting Control Packet of length: 12 09-30-1999 09:06:51.46 - Data 0000: 80 21 04 01 00 0a 02 06 | .!...... 09-30-1999 09:06:51.46 - Data 0008: 00 2d 0f 01 00 00 00 00 | .-...... 09-30-1999 09:06:51.46 - PPP : Received Control Packet of length: 23 09-30-1999 09:06:51.46 - Data 0000: 80 fd 01 01 00 15 1a 04 | ...... 09-30-1999 09:06:51.46 - Data 0008: 78 00 18 04 78 00 12 06 | x..x... 09-30-1999 09:06:51.46 - Data 0010: 01 00 00 60 15 03 2f 00 | ...`./. 09-30-1999 09:06:51.46 - PPP : Transmitting Control Packet of length: 17 09-30-1999 09:06:51.46 - Data 0000: 80 fd 04 01 00 0f 1a 04 | ....... 09-30-1999 09:06:51.46 - Data 0008: 78 00 18 04 78 00 15 03 | x..x.. 09-30-1999 09:06:51.46 - Data 0010: 2f 00 00 00 00 00 00 00 | /....... 09-30-1999 09:06:51.48 - PPP : Received Control Packet of length: 24 09-30-1999 09:06:51.48 - Data 0000: 80 21 04 01 00 16 03 06 | .!..... 09-30-1999 09:06:51.48 - Data 0008: 00 00 00 00 82 06 00 00 | ........ 09-30-1999 09:06:51.48 - Data 0010: 00 00 84 06 00 00 00 00 | ........ 09-30-1999 09:06:51.48 - PPP : Transmitting Control Packet of length: 28 09-30-1999 09:06:51.48 - Data 0000: 80 21 01 02 00 1a 01 0a | .!..... 09-30-1999 09:06:51.48 - Data 0008: 00 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:54.48 - PPP : Transmitting Control Packet of length: 28 09-30-1999 09:06:54.48 - Data 0000: 80 21 01 03 00 1a 01 0a | .!..... 09-30-1999 09:06:54.48 - Data 0008: 00 00 00 00 0a 00 00 ca | ........ 09-30-1999 09:06:54.48 - Data 0010: 81 06 00 00 00 00 83 06 | ........ 09-30-1999 09:06:54.48 - Data 0018: 00 00 00 00 00 00 00 00 | ........ 09-30-1999 09:06:54.49 - PPP : Received Control Packet of length: 16 09-30-1999 09:06:54.49 - Data 0000: 80 21 04 03 00 0e 01 0a | .!...... 09-30-1999 09:06:54.49 - Data 0008: 00 00 00 00 0a 00 00 ca | ........ 09-30-1999 09:06:54.49 - IPCP : No addresses negotiated. 09-30-1999 09:06:54.49 - PPP : Transmitting Control Packet of length: 6 09-30-1999 09:06:54.49 - Data 0000: 80 21 05 04 00 04 00 00 | .!...... 09-30-1999 09:06:54.50 - PPP : Received Control Packet of length: 6 09-30-1999 09:06:54.50 - Data 0000: 80 21 06 04 00 04 00 00 | .!...... 09-30-1999 09:06:54.50 - IPCP : Layer finished. 09-30-1999 09:06:54.50 - FSA : Last control protocol failed. 09-30-1999 09:06:54.50 - FSA : No network protocols were successfuly negotiated. 09-30-1999 09:06:54.57 - PPP : Received Control Packet of length: 12 09-30-1999 09:06:54.57 - Data 0000: 80 21 01 02 00 0a 03 06 | .!...... 09-30-1999 09:06:54.57 - Data 0008: 0a 00 00 ca 00 00 00 00 | ........ 09-30-1999 09:06:54.57 - IPCP : Received and accepted IP address of a0000ca. 09-30-1999 09:06:54.57 - PPP : Transmitting Control Packet of length: 6 09-30-1999 09:06:54.57 - Data 0000: 80 21 06 02 00 04 00 00 | .!...... 09-30-1999 09:06:55.96 - Remote access driver is shutting down. 09-30-1999 09:06:55.96 - CRC Errors 0 09-30-1999 09:06:55.96 - Timeout Errors 0 09-30-1999 09:06:55.96 - Alignment Errors 0 09-30-1999 09:06:55.96 - Overrun Errors 0 09-30-1999 09:06:55.96 - Framing Errors 0 09-30-1999 09:06:55.96 - Buffer Overrun Errors 0 09-30-1999 09:06:55.96 - Incomplete Packets 0 09-30-1999 09:06:55.96 - Bytes Received 344 09-30-1999 09:06:55.96 - Bytes Transmittted 377 09-30-1999 09:06:55.96 - Frames Received 19 09-30-1999 09:06:55.96 - Frames Transmitted 18 09-30-1999 09:06:55.96 - LCP : Layer down. 09-30-1999 09:06:55.96 - CHAP : Layer down. 09-30-1999 09:06:55.96 - CCP : Layer down. 09-30-1999 09:06:55.96 - PPP : Transmitting Control Packet of length: 6 09-30-1999 09:06:55.96 - Data 0000: c0 21 05 03 00 04 00 00 | .!...... 09-30-1999 09:06:55.97 - PPP : Received Control Packet of length: 6 09-30-1999 09:06:55.97 - Data 0000: c0 21 06 03 00 04 00 00 | .!...... 09-30-1999 09:06:55.97 - LCP : Received terminate acknowledgement. 09-30-1999 09:06:55.97 - LCP : Layer finished. 09-30-1999 09:06:55.97 - Microsoft Dial Up Adapter log closed. -------------- next part -------------- Sep 30 09:10:38 cumulus pptpd[17543]: CTRL: Client 10.0.0.210 control connection started Sep 30 09:10:38 cumulus pptpd[17543]: CTRL: Starting call (launching pppd, opening GRE) Sep 30 09:10:38 cumulus pppd[17544]: pppd 2.3.8 started by root, uid 0 Sep 30 09:10:38 cumulus pppd[17544]: Using interface ppp0 Sep 30 09:10:38 cumulus pppd[17544]: Connect: ppp0 <--> /dev/pts/5 Sep 30 09:10:38 cumulus pppd[17544]: sent [LCP ConfReq id=0x1 ] Sep 30 09:10:38 cumulus pppd[17544]: rcvd [LCP ConfReq id=0x1 < 0d 03 06>] Sep 30 09:10:38 cumulus pppd[17544]: sent [LCP ConfRej id=0x1 < 0d 03 06>] Sep 30 09:10:38 cumulus pppd[17544]: rcvd [LCP ConfReq id=0x2 ] Sep 30 09:10:38 cumulus pppd[17544]: sent [LCP ConfAck id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [LCP ConfReq id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [LCP ConfNak id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [LCP ConfReq id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [LCP ConfAck id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CHAP Challenge id=0x1 <0e9227e7a8fedcf0>, name = "cumulus"] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CHAP Response id=0x1 <9259d45e7c3dc8d28820308f1bb76c9b34ceb2661a86863cdd89ecbff537223fe80588a76cc9d52bdbeb949a1ba3d27001>, name = "GLYPH\\blalor"] Sep 30 09:10:41 cumulus pppd[17544]: sent [CHAP Success id=0x1 "Welcome to cumulus.ith.glyphtech.com."] Sep 30 09:10:41 cumulus pppd[17544]: sent [IPCP ConfReq id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfReq id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: MSCHAP peer authentication succeeded for GLYPH\\blalor Sep 30 09:10:41 cumulus pppd[17544]: rcvd [IPCP ConfReq id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [IPCP ConfRej id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfReq id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfRej id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [IPCP ConfRej id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [IPCP ConfReq id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfRej id=0x1 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfReq id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [IPCP ConfReq id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [IPCP ConfRej id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfReq id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfNak id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [IPCP ConfAck id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfNak id=0x2 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfReq id=0x3 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfReq id=0x3 ] Sep 30 09:10:41 cumulus pppd[17544]: sent [CCP ConfAck id=0x3 ] Sep 30 09:10:41 cumulus pppd[17544]: rcvd [CCP ConfAck id=0x3 ] Sep 30 09:10:41 cumulus pppd[17544]: MPPE 40 bit, stateless compression enabled Sep 30 09:10:44 cumulus pppd[17544]: rcvd [IPCP ConfReq id=0x3 ] Sep 30 09:10:44 cumulus pppd[17544]: sent [IPCP ConfRej id=0x3 ] Sep 30 09:10:44 cumulus pppd[17544]: rcvd [IPCP TermReq id=0x4] Sep 30 09:10:44 cumulus pppd[17544]: sent [IPCP TermAck id=0x4] Sep 30 09:10:44 cumulus pppd[17544]: sent [IPCP ConfReq id=0x2 ] Sep 30 09:10:44 cumulus pppd[17544]: rcvd [IPCP TermAck id=0x2] Sep 30 09:10:45 cumulus pppd[17544]: rcvd [LCP TermReq id=0x3] Sep 30 09:10:45 cumulus pppd[17544]: LCP terminated by peer Sep 30 09:10:45 cumulus pppd[17544]: sent [LCP TermAck id=0x3] Sep 30 09:10:45 cumulus pptpd[17543]: CTRL: Error with select(), quitting Sep 30 09:10:45 cumulus pptpd[17543]: CTRL: Client 10.0.0.210 control connection finished Sep 30 09:10:45 cumulus pppd[17544]: Modem hangup Sep 30 09:10:45 cumulus pppd[17544]: Connection terminated. Sep 30 09:10:45 cumulus pppd[17544]: Exit. From Steven.Cowles at CEN.AMEDD.ARMY.MIL Thu Sep 30 10:43:30 1999 From: Steven.Cowles at CEN.AMEDD.ARMY.MIL (Cowles, Steven W) Date: Thu Sep 30 10:43:30 1999 Subject: [pptp-server] PopTop and NT 4.0 (sp5 128bit) Message-ID: <13E4088C3FC0D211A2C000A0C9EA318E6649A3@DASMTHKHN467> Has anyone in this group successfully connected (using PopTop) and transfered data using NT 4.0 (SP5 128bit)? The reason I asked is I have not been successful at transferring data when establishing a pptp connection. My linux box (ppp) seems to authenciate, but thats about it. Pings, etc... do not work. The route tables etc... look to be fine. Also, I am trying to connect to my linux box over the internet (through) my linux based firewall that is configured with ipchains. I have added what I thought were the correct entries i.e. port 47, etc.... If anyone has been successful in using poptop through a linux based firewall, could you send me your ipchains commands so that I can verify that I have correctly setup my system at my end. I really think this is the source of my problems but have been unsuccessful at getting any data to pass acroos the VPN. I noticed the following error in my log files. Does anyone have an idea if this could be the problem? I have noticed some other posts (log files) that do not have this entry. Sep 30 09:31:10 voyager pptpd[13137]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Thanks Steve Cowles From map at primenet.com Thu Sep 30 11:00:52 1999 From: map at primenet.com (Mark Pitman) Date: Thu Sep 30 11:00:52 1999 Subject: [pptp-server] PopTop and NT 4.0 (sp5 128bit) In-Reply-To: <13E4088C3FC0D211A2C000A0C9EA318E6649A3@DASMTHKHN467> Message-ID: There are patches that you have to add for ipchains to pass the pptp protocols through. It is not "port 47", but protocol 47 (GRE). Take a look at this website: ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html On Thu, 30 Sep 1999, Cowles, Steven W wrote: > Has anyone in this group successfully connected (using PopTop) and > transfered data using NT 4.0 (SP5 128bit)? > > The reason I asked is I have not been successful at transferring data when > establishing a pptp connection. My linux box (ppp) seems to authenciate, but > thats about it. Pings, etc... do not work. The route tables etc... look to > be fine. > > Also, I am trying to connect to my linux box over the internet (through) my > linux based firewall that is configured with ipchains. I have added what I > thought were the correct entries i.e. port 47, etc.... If anyone has been > successful in using poptop through a linux based firewall, could you send me > your ipchains commands so that I can verify that I have correctly setup my > system at my end. I really think this is the source of my problems but have > been unsuccessful at getting any data to pass acroos the VPN. > > I noticed the following error in my log files. Does anyone have an idea if > this could be the problem? I have noticed some other posts (log files) that > do not have this entry. > > Sep 30 09:31:10 voyager pptpd[13137]: CTRL: Ignored a SET LINK INFO packet > with real ACCMs! > > Thanks > Steve Cowles > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > Mark A. Pitman map at primenet.com "A computer lets you make more mistakes faster than any invention in human history - with the possible exception of handguns and tequila." --Mitch Radcliffe, "Technology Review" (1992) From tmk at netmagic.net Thu Sep 30 11:01:41 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 30 11:01:41 1999 Subject: [pptp-server] PopTop and NT 4.0 (sp5 128bit) In-Reply-To: <13E4088C3FC0D211A2C000A0C9EA318E6649A3@DASMTHKHN467> Message-ID: I havent seen any posts concerning 128bit encryption and SP5, but i'm pretty sure that works. just to be sure, you mean protocol 47 and not port 47 right? ipchains -A input -p 47 -d -j ACCEPT is the kind of thing you want to use. As i understood it there was a bit of documentation around that covered how to allow pptp stuff through a firewall. The ACCM msg is character escape sequences used to get around reserved charsbeing sent over a telnet type connection, but we dont use that so they can be safely ignored. Check your ip allocations and ip forwarding Kevin On Thu, 30 Sep 1999, Cowles, Steven W wrote: > Has anyone in this group successfully connected (using PopTop) and > transfered data using NT 4.0 (SP5 128bit)? > > The reason I asked is I have not been successful at transferring data when > establishing a pptp connection. My linux box (ppp) seems to authenciate, but > thats about it. Pings, etc... do not work. The route tables etc... look to > be fine. > > Also, I am trying to connect to my linux box over the internet (through) my > linux based firewall that is configured with ipchains. I have added what I > thought were the correct entries i.e. port 47, etc.... If anyone has been > successful in using poptop through a linux based firewall, could you send me > your ipchains commands so that I can verify that I have correctly setup my > system at my end. I really think this is the source of my problems but have > been unsuccessful at getting any data to pass acroos the VPN. > > I noticed the following error in my log files. Does anyone have an idea if > this could be the problem? I have noticed some other posts (log files) that > do not have this entry. > > Sep 30 09:31:10 voyager pptpd[13137]: CTRL: Ignored a SET LINK INFO packet > with real ACCMs! > > Thanks > Steve Cowles > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From JimVanEtten at ENVISIONit.ca Thu Sep 30 12:22:32 1999 From: JimVanEtten at ENVISIONit.ca (JimVanEtten at ENVISIONit.ca) Date: Thu Sep 30 12:22:32 1999 Subject: [pptp-server] Cannot determine ethernet address for proxy ARP Message-ID: I connect and authenticate fine to the PPTP server but when I try to ping anything on the subnet I get this error. Can anyone help me out. From rdale at digital-mission.com Thu Sep 30 12:45:45 1999 From: rdale at digital-mission.com (Robert Dale) Date: Thu Sep 30 12:45:45 1999 Subject: [pptp-server] pptp 1.0 and Win98 In-Reply-To: Message-ID: On Wed, 29 Sep 1999, Brian Lalor wrote: > Hey all. I'm trying to get this thing working. I've followed the howto > step by step and gotten the encryption working (I believe), but I'm still > having problems. I've attached a syslog file from one attempt and I'll > try to document what's happening below: What we had do... o First, we did the HOWTO install. Including the latest DUN. But then we got the same error messages as you. A little reading on the mailing list archives proved useful. o So, we follwed the advice of a guy in a similar situation. We uninstalled VPN, the re-installed it per his instructions. Briefly, install through add/remove programs, not networking. Re-installed the DUN and settings. o Presto! It worked with 40-bit encryption. Whee.. -- Robert Dale Digital Mission http://www.digital-mission.com From tmk at netmagic.net Thu Sep 30 12:52:49 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 30 12:52:49 1999 Subject: [pptp-server] Cannot determine ethernet address for proxy ARP In-Reply-To: Message-ID: sure. this is a common problem. basically, you have proxyarp as an option for pppd. ARP is teh mechanism that tcp/ip (and others) use to determine if an address is present on the local network or not. For an ip to be reachable without routing (present on the local network) it has to be in teh she same subnet as the rest of the computers. You have most likely chosen local/remote ip addresses that are not on the same subnet as the 'protected' network. There is no point in using ARP if your clients are on a different subnet. to fix it, change the local/remote ips to addresses on your protected network, or disable proxyarp and use routing you will also need t be sure that ip forwarding and proxy arp are enabled in the kernel.. to do this you do: echo 1 > /proc/sys/net/ipv4/ip_forward and i think it is similar for proxy arp. like: echo 1 > /proc/sys/net/ethernet/all/proxy_arp not 100% sure on the second one. hunt around for routing to work, the computers on the protected netowrk need to have the linux box as a gateway Kevin On Thu, 30 Sep 1999 JimVanEtten at ENVISIONit.ca wrote: > I connect and authenticate fine to the PPTP server but when I try to ping > anything on the subnet I get this error. Can anyone help me out. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From blalor at netDrives.com Thu Sep 30 13:18:42 1999 From: blalor at netDrives.com (Brian Lalor) Date: Thu Sep 30 13:18:42 1999 Subject: [pptp-server] pptp 1.0 and Win98 In-Reply-To: Message-ID: On Thu, 30 Sep 1999, Robert Dale wrote: > o So, we follwed the advice of a guy in a similar situation. > We uninstalled VPN, the re-installed it per his instructions. > Briefly, install through add/remove programs, not networking. > Re-installed the DUN and settings. Grabbed the dun40.exe patch, but that doesn't appear in the install/uninstall list. Anyway, I'm more-or-less up and running. It connects, but I've gotta figure out the routing... -- Brian Lalor, Web Honkey netDrives blalor at netDrives.com 607-272-5650 x7167 From rdale at digital-mission.com Thu Sep 30 13:26:55 1999 From: rdale at digital-mission.com (Robert Dale) Date: Thu Sep 30 13:26:55 1999 Subject: [pptp-server] pptp 1.0 and Win98 In-Reply-To: Message-ID: On Thu, 30 Sep 1999, Brian Lalor wrote: > On Thu, 30 Sep 1999, Robert Dale wrote: > > > o So, we follwed the advice of a guy in a similar situation. > > We uninstalled VPN, the re-installed it per his instructions. > > Briefly, install through add/remove programs, not networking. > > Re-installed the DUN and settings. > > Grabbed the dun40.exe patch, but that doesn't appear in the > install/uninstall list. Anyway, I'm more-or-less up and running. It > connects, but I've gotta figure out the routing... You misunderstand. You uninstall/re-install the _VPN_ via add/remove progs. The DUN patch is just executed as you normally would. There seems to be something different happening with the VPN install when going through add/remove programs. Or maybe it's just the act of remove/re-installing it. Either way, it's ridiculous! *kicks MS* Glad I don't have to live with it ;) -- Robert Dale Digital Mission http://www.digital-mission.com From JimVanEtten at ENVISIONit.ca Thu Sep 30 15:52:46 1999 From: JimVanEtten at ENVISIONit.ca (JimVanEtten at ENVISIONit.ca) Date: Thu Sep 30 15:52:46 1999 Subject: [pptp-server] PPTP client connecting to PoPToP Message-ID: Does anyone have the PPTP client connecting to the PoPToP server. I am looking for the documentation for PPTP client. I am not sure what I am to use for pppd options. Any help would be welcome. Bye for now Jim Van Etten From jcaspen at eagle.cc.ukans.edu Thu Sep 30 16:28:48 1999 From: jcaspen at eagle.cc.ukans.edu (C Javier Castro Pena) Date: Thu Sep 30 16:28:48 1999 Subject: [pptp-server] PPTP client connecting to PoPToP In-Reply-To: Message-ID: PPTP client for linux? If this is the case, you need to configure it from the command line. > Does anyone have the PPTP client connecting to the PoPToP server. I am > looking for the documentation for PPTP client. I am not sure what I am to > use for pppd options. Any help would be welcome. From nngodinh at tiscalinet.it Thu Sep 30 18:20:26 1999 From: nngodinh at tiscalinet.it (Nhan NGO DINH) Date: Thu Sep 30 18:20:26 1999 Subject: [pptp-server] Routing Message-ID: <4.1.19991001010900.00a7d1a0@pop.tiscalinet.it> >read the ppp howto. There is a file in /etc/ppp called ip-up that is run >whenever a ppp connection comes up (pptp uses a ppp connection) you can >put commands in there to add routing tables etc. If you could be more >specific about what you want to do taht isnt working, i can probably help On the client side I can easly write a ip-up routing configuration script, and I already know how to do it. The problem is how can I write the script on the server side: in order to know for which IP address I must set up the routing, I must know the name of the client, how can I do that? I give an example: if the server has the "virtual" IP address 192.168.0.1, and the client has the "virtual" IP address 192.168.0.200, on the client side It's simple: in the ip-up script I must set up: route add -host 192.168.0.1 gw $REMOTE_ADDR Where $REMOTE_ADDR is the PPTP interface IP address of the server that Linux give to me as a parameter. In the server how can I set up this? route add -host $CLIENT_VIRTUAL_IP gw $REMOTE_ADDR How can I know the $CLIENT_VIRTUAL_IP? Thanks. --- Nhan NGO DINH e-mail: nngodinh at tiscalinet.it web site: http://www.tiscalinet.it/nngodinh From rdale at digital-mission.com Thu Sep 30 18:40:18 1999 From: rdale at digital-mission.com (Robert Dale) Date: Thu Sep 30 18:40:18 1999 Subject: [pptp-server] Routing In-Reply-To: <4.1.19991001010900.00a7d1a0@pop.tiscalinet.it> Message-ID: On Thu, 30 Sep 1999, Nhan NGO DINH wrote: > I give an example: if the server has the "virtual" IP address 192.168.0.1, > and the client has the "virtual" IP address 192.168.0.200, on the client > side It's simple: in the ip-up script I must set up: > > route add -host 192.168.0.1 gw $REMOTE_ADDR > > Where $REMOTE_ADDR is the PPTP interface IP address of the server that > Linux give to me as a parameter. > > In the server how can I set up this? > > route add -host $CLIENT_VIRTUAL_IP gw $REMOTE_ADDR > > How can I know the $CLIENT_VIRTUAL_IP? ip-up is called with these parameters: interface-name tty-device speed local-IP-address remote-IP-address ipparam They go from $1 to $6. That probably should be in the PPP-HOWTO. -- Robert Dale Digital Mission http://www.digital-mission.com From tmk at netmagic.net Thu Sep 30 18:47:30 1999 From: tmk at netmagic.net (tmk) Date: Thu Sep 30 18:47:30 1999 Subject: [pptp-server] Routing In-Reply-To: <4.1.19991001010900.00a7d1a0@pop.tiscalinet.it> Message-ID: ppp passes 6 variables to ip-up. you can read about them in the ppp howto in section 23. it explains that. i think $5 is the virtual IP addr. route add -host 192.168.0.1 gw $REMOTE_ADDR tells it to send all traffic intended for 192.168.0.1 through the new pptp client. If that is what you want, fine. if you want all traffic for the pptp client to be routed through 192.168.0.1, that is done automatically. for all the rest of you: READ THE PPP HOWTO! there are lots of tricks you can do with the ip-up script. It is very powerful. learn it. use it. :) Kevin > and the client has the "virtual" IP address 192.168.0.200, on the client > side It's simple: in the ip-up script I must set up: > > route add -host 192.168.0.1 gw $REMOTE_ADDR > > Where $REMOTE_ADDR is the PPTP interface IP address of the server that > Linux give to me as a parameter. > > In the server how can I set up this? > > route add -host $CLIENT_VIRTUAL_IP gw $REMOTE_ADDR > > How can I know the $CLIENT_VIRTUAL_IP? > > Thanks. > > --- > Nhan NGO DINH > e-mail: nngodinh at tiscalinet.it > web site: http://www.tiscalinet.it/nngodinh > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > From matthewr at moreton.com.au Thu Sep 30 19:08:12 1999 From: matthewr at moreton.com.au (Matthew Ramsay) Date: Thu Sep 30 19:08:12 1999 Subject: [pptp-server] v1 RPMs and 2.3.10 mppe patch Message-ID: <99100110013701.17862@gibberling.moreton.com.au> Chris Wong sent me the PoPToP v1.0.0 RPMs. Daniel Sulley also sent me a 2.3.10 mppe PPP patch (no RC4 -- you still have to grab that somewhere else). If you're interested in these files: http://www.moretonbay.com/vpn/download_pptp.html From grivitz at i-tel.com Thu Sep 30 20:01:33 1999 From: grivitz at i-tel.com (Edward 'Ted' Holtz) Date: Thu Sep 30 20:01:33 1999 Subject: [pptp-server] v1 RPMs and 2.3.10 mppe patch In-Reply-To: <99100110013701.17862@gibberling.moreton.com.au> Message-ID: The www.moretonbay.com server seems to be serving stuff as text. Could you correct the mime types? Also, pptpd-1.0.0.tgz seems to not be a complete file. The server stops when it is half downloaded. Thanks. On Fri, 1 Oct 1999, Matthew Ramsay wrote: > Chris Wong sent me the PoPToP v1.0.0 RPMs. Daniel Sulley also sent me a 2.3.10 > mppe PPP patch (no RC4 -- you still have to grab that somewhere else). If > you're interested in these files: > > http://www.moretonbay.com/vpn/download_pptp.html > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulte.org! > wWwWw Edward "Ted" Holtz grivitz at i-tel.com (o) (o) Operations Manager ==ooOO== U ==OOoo============================================= Impact Telecommunications, Inc oooO Oooo Denver, CO 80202-3714 USA ======\ (==) /================================================ \ \/ / Tel: +1-303-285-0111 Fax: +1-303-285-0110 From christopher at schulte.org Thu Sep 30 20:12:58 1999 From: christopher at schulte.org (Christopher Schulte) Date: Thu Sep 30 20:12:58 1999 Subject: [pptp-server] v1 RPMs and 2.3.10 mppe patch In-Reply-To: References: <99100110013701.17862@gibberling.moreton.com.au> Message-ID: <4.2.0.58.19990930200847.00b998f0@pop.schulte.org> At 07:01 PM 9/30/99 -0600, you wrote: > >The www.moretonbay.com server seems to be serving stuff as text. Could >you correct the mime types? > >Also, pptpd-1.0.0.tgz seems to not be a complete file. The server stops >when it is half downloaded. > >Thanks. I cannot speak for the www.moretonbay.com server, but just for the heck of it, I've mirrored it on my ftp server for the time being, just in case something has run foul over there. ftp://ftp.schulte.org/misc/pptpd-1.0.0.tgz My ftp server is quite busy at times, and you may not be able to get into it right away. I'm sorry, but please do not email me asking for elevated access to the server. :-) regards, schulte.org admin -- NAME: Christopher Schulte MAIL: christopher at schulte.org SITE: http://www.schulte.org/ FINGER(PGP): christopher at shell.schulte.org "How can't we be happy, when we live in a world where pizza is just a phone call away?!" --Christopher Schulte From tkil at scrye.com Thu Sep 30 23:53:03 1999 From: tkil at scrye.com (Anthony Foiani) Date: Thu Sep 30 23:53:03 1999 Subject: [pptp-server] Troubles with GRE masquerading Message-ID: <14324.15915.705730.816371@slinky.scrye.com> My apologies if this is not the appropriate list for this topic. Any pointers to a more appropriate list would be welcome. My further apologies for this message being as long as it is; I was perhaps overzealous in adding information. Thanks for your patience. :) I'm trying to set up PPTP between external MS clients and an internal (behind a masquerading Linux firewall) "poptop" PPTP server, using private IP addresses behind the firewall. I can get the PPTP client to talk to the server when they are both on the private IP LAN behind the firewall. When I try to go through the firewall, however, I am not having any luck. The firewall is running linux 2.2.12, with the "ip_masq_vpn-2.2.11" patch applied. I'm using rinetd to forward the intial tcp/1723 traffic, and that part of the process is working well. The PPTP server starts up, and tries to launch ppp. The communication from pppd seems very one-sided, however: | Sep 30 20:02:29 pptp-server pptpd[2193]: MGR: Launching /usr/local/sbin/pptpctrl to handle client | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: local address = 192.168.1.221 | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: remote address = 192.168.1.201 | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: Client 192.168.1.1 control connection started | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: Received PPTP Control Message (type: 1) | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: Made a START CTRL CONN RPLY packet | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: I wrote 156 bytes to the client. | Sep 30 20:02:29 pptp-server pptpd[2193]: CTRL: Sent packet to client | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Received PPTP Control Message (type: 7) | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Set parameters to 152 maxbps, 16 window size | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Made a OUT CALL RPLY packet | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Starting call (launching pppd, opening GRE) | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: pty_fd = 4 | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: tty_fd = 5 | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: I wrote 32 bytes to the client. | Sep 30 20:02:30 pptp-server pptpd[2194]: CTRL (PPPD Launcher): Connection speed = 115200 | Sep 30 20:02:30 pptp-server pptpd[2194]: CTRL (PPPD Launcher): local address = 192.168.1.221 | Sep 30 20:02:30 pptp-server pptpd[2194]: CTRL (PPPD Launcher): remote address = 192.168.1.201 | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Sent packet to client | Sep 30 20:02:30 pptp-server pppd[2194]: pppd 2.3.8 started by root, uid 0 | Sep 30 20:02:30 pptp-server pppd[2194]: Using interface ppp0 | Sep 30 20:02:30 pptp-server pppd[2194]: Connect: ppp0 <--> /dev/pts/2 | Sep 30 20:02:30 pptp-server pppd[2194]: sent [LCP ConfReq id=0x1 ] | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Received PPTP Control Message (type: 15) | Sep 30 20:02:30 pptp-server pptpd[2193]: CTRL: Got a SET LINK INFO packet with standard ACCMs | Sep 30 20:02:33 pptp-server pppd[2194]: sent [LCP ConfReq id=0x1 ] | Sep 30 20:02:57 pptp-server last message repeated 8 times | Sep 30 20:03:00 pptp-server pppd[2194]: LCP: timeout sending Config-Requests | Sep 30 20:03:00 pptp-server pptpd[2193]: GRE: read(fd=4,buffer=804d700,len=8196) from PTY failed: status = -1 error = Input/output error | Sep 30 20:03:00 pptp-server pptpd[2193]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) | Sep 30 20:03:00 pptp-server pptpd[2193]: CTRL: Client 192.168.1.1 control connection finished | Sep 30 20:03:00 pptp-server pptpd[2193]: CTRL: Exiting now | Sep 30 20:03:00 pptp-server pppd[2194]: Connection terminated. | Sep 30 20:03:00 pptp-server pppd[2194]: Exit. Note that it is sending the LCP packets, never receiving. I presume this is at least one of the reasons that the PPTP session is failing, and it looks like my GRE masquerading is not happinging. Trying to test this with the patched "traceroute" utility was unenlightening. "traceroute -G external_client" from the firewall external interface works; but doing the same from the pptpd server doesn't work; it only gets as far as the firewall. The firewall claims (in the log) that it's setting up a GRE masq, but it doesn't seem to ever be used. The firewall is configured with ipchains, and the only DENY rule (on the input chain) is set to log all denied packets. I have a gre MASQ rule in place, and it is triggered; should I not be using the ipchains masquerading for GRE? I have downloaded "ipfwd", but I find it confusing; I would expect a masquerading tool to have both a "to" and "from" setting, and ipfwd only accepts one address -- and it's not obvious to me which it is. The ipchains configuration is taken from one of the FAQs (which one, I must say that I don't quite remember anymore; I've been working on this off and on for a week or more). To fit it into the RedHat (6.0) boot scheme, it is run by sourcing: /etc/sysconfig/network-scripts/ifcfg-eth0 where eth0 is the external interface; the masquerading option (which does work for internal TCP services) must be selected on the external port, which I found mildly counterintuitive. In this case, my "ifcfg-eth0" file contains: | DEVICE=eth0 | ONBOOT=yes | MASQUERADE=no | INTERNAL=no | | IPADDR=216.17.137.20 | GATEWAY=216.17.137.30 | NETMASK=255.255.255.224 | | MASQ_VPN_PPTP=yes | PPTP_CLIENT=0/0 | PPTP_SERVER=192.168.1.11 which is sourced before the following code is run: | if [ "x${MASQ_VPN_PPTP}x" = "xyesx" ] ; | then | if [ -n "$PPTP_CLIENT" -a -n "$PPTP_SERVER" ] ; | then | ipchains -A input -j ACCEPT -p tcp -i $DEVICE \ | -s $PPTP_CLIENT pptp -d $IPADDR | ipchains -A forward -j MASQ -p tcp -i $DEVICE \ | -s $PPTP_SERVER -d $PPTP_CLIENT pptp | ipchains -A output -j ACCEPT -p tcp -i $DEVICE \ | -s $IPADDR -d $PPTP_CLIENT pptp | | ipchains -A input -j ACCEPT -p gre -i $DEVICE \ | -s $PPTP_CLIENT -d $IPADDR | ipchains -A forward -j MASQ -p gre -i $DEVICE \ | -s $PPTP_SERVER -d $PPTP_CLIENT | ipchains -A output -j ACCEPT -p gre -i $DEVICE \ | -s $IPADDR -d $PPTP_CLIENT | else | echo "WARNING: cannot do VPN MASQ without PPTP_* specs" | fi | fi This results in ipchains which look like: | # ipchains -L input -vxn | nl -v -1 | -1 Chain input (policy DENY: 1613 packets, 136292 bytes): | 0 pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports | 24 0 0 ACCEPT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 216.17.137.20 1723 -> * | 25 80 4240 ACCEPT gre ------ 0xFF 0x00 eth0 0.0.0.0/0 216.17.137.20 n/a | # ipchains -L forward -vxn | nl -v -1 | -1 Chain forward (policy ACCEPT: 276 packets, 12972 bytes): | 0 pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports | 1 0 0 MASQ tcp ------ 0xFF 0x00 eth0 192.168.1.11 0.0.0.0/0 * -> 1723 | 2 58 2784 MASQ gre ------ 0xFF 0x00 eth0 192.168.1.11 0.0.0.0/0 n/a | # ipchains -L output -vxn | nl -v -1 | -1 Chain output (policy ACCEPT: 269548 packets, 58413041 bytes): | 0 pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports | 5 0 0 ACCEPT tcp ------ 0xFF 0x00 eth0 216.17.137.20 0.0.0.0/0 * -> 1723 | 6 260 12480 ACCEPT gre ------ 0xFF 0x00 eth0 216.17.137.20 0.0.0.0/0 n/a If it helps examples, here's my configuration. external client address: 199.174.224.195 (ppp to netcom denver) immediate external network: 216.17.137.0/27 external firewall interface: 216.17.137.20 (eth0) internal firewall interface: 192.168.1.1 (eth1) internal network: 192.168.1.0/24 internal PPTP server: 192.168.1.11 (eth0) Any tips would be appreciated. Even if you don't have answers, I could definitely use suggestions about how to get more information about this problem. I'm currently completely clueless about where these packets are going, and why they're not coming back. (Well, I suspect that they're being sent off without getting properly masqueraded; but what do I use to masquerade them? ipfwd? If so, what's a reasonable invocation line for my setup?) If I can provide more information that might help pin this problem down, please just let me know. Thanks very much in advance for your time, Tony p.s. When I did get pptpd to connect over the LAN, it kept this pattern up for the duration of the connection; this pattern appears in the log about once every second or two. | Sep 30 19:02:31 pptp-server pppd[2138]: rcvd [CCP ConfReq id=0x8 ] | Sep 30 19:02:31 pptp-server pppd[2138]: sent [CCP ConfRej id=0x8 ] | Sep 30 19:02:32 pptp-server pppd[2138]: sent [CCP ConfReq id=0x1] | Sep 30 19:02:32 pptp-server pppd[2138]: rcvd [CCP ConfAck id=0x1] I'm guessing that the PPTP client is trying to upgrade the connection to some form of encrypted conversation, and pptpd is refusing. Where should I look to fix this issue? My /etc/ppp/options file contains: | lock | name pptp-server | debug | auth | +chap | +chapms | +chapms-v2 | require-chap | mppe-40 | mppe-128 | mppe-stateless | proxyarp And I did compile pptp (and pppd) according to the instructions on the poptop HOWTO/FAQ, including the crypto libraries. Hm... I wonder if those "+" signs were supposed to be in there, or just some sort of patch indication?