From wim.ceulemans at nice.be Fri Dec 1 03:53:10 2000 From: wim.ceulemans at nice.be (Wim Ceulemans) Date: Fri, 01 Dec 2000 10:53:10 +0100 Subject: [pptp-server] PTY read or GRE write failed Message-ID: <3A277506.623665CC@nice.be> Hi I have looked through the archives and read all messages relating to the error "PTY read or GRE write failed". I found a lot of postings similar to mine, but no solution. I have this problem connecting from a Windows NT4 system to my linux box, it does not happen connecting from a Windows95/98 system. Could someone shed some light on the solution to this problem. An extract from the log is included below. I am using ppp-2.3.11 and pptp-1.0.0 with kernel 2.2.14. This is our options.pptp file: # # Special options for ppp started via pptpd # lock debug auth +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless proxyarp Extract from the log: 08:02:19 pptpd[18021]: MGR: Launching /ub/pkg/pptp/sbin/pptpctrl to handle client 08:02:19 pptpd[18021]: CTRL: local address = 192.0.20.7 08:02:19 pptpd[18021]: CTRL: remote address = 192.0.20.240 08:02:19 pptpd[18021]: CTRL: pppd speed = 115200 08:02:19 pptpd[18021]: CTRL: pppd options file = /ub/etc/ppp/options.pptpd 08:02:19 pptpd[18021]: CTRL: Client 212.35.18.27 control connection started 08:02:19 pptpd[18021]: CTRL: Received PPTP Control Message (type: 1) 08:02:19 pptpd[18021]: CTRL: Made a START CTRL CONN RPLY packet 08:02:19 pptpd[18021]: CTRL: I wrote 156 bytes to the client. 08:02:19 pptpd[18021]: CTRL: Sent packet to client 08:02:22 pptpd[18021]: CTRL: Received PPTP Control Message (type: 7) 08:02:22 pptpd[18021]: CTRL: Set parameters to 0 maxbps, 16 window size 08:02:22 pptpd[18021]: CTRL: Made a OUT CALL RPLY packet 08:02:22 pptpd[18021]: CTRL: Starting call (launching pppd, opening GRE) 08:02:22 pptpd[18021]: CTRL: pty_fd = 5 08:02:22 pptpd[18021]: CTRL: tty_fd = 6 08:02:22 pptpd[18021]: CTRL: I wrote 32 bytes to the client. 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): Connection speed = 115200 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): local address = 192.0.20.7 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): remote address = 192.0.20.240 08:02:22 pptpd[18021]: CTRL: Sent packet to client 08:02:56 pptpd[18021]: GRE: read(fd=5,buffer=804dac0,len=8196) from PTY failed: status = -1 error = Input/output error 08:02:56 pptpd[18021]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) 08:02:56 pptpd[18021]: CTRL: Client 212.35.18.27 control connection finished 08:02:56 pptpd[18021]: CTRL: Exiting now 08:02:56 pptpd[824]: MGR: Reaped child 18021 Regards Wim Ceulemans From jabba1974 at gmx.de Fri Dec 1 05:27:18 2000 From: jabba1974 at gmx.de (Sven Williger) Date: Fri, 1 Dec 2000 12:27:18 +0100 Subject: [pptp-server] PPTP server for internet IPXSPX gaming ? Message-ID: Hi ! I'm asking for help because i'm not very firm with PPTP, VPN and IPX on a linux box. Is there any way to do such scenario?: My friends and me want to play some Windows-Games which have IPX/SPX support only over the internet (like Starcraft). Now my idea was some sort of VPN with my linuxbox as PPTP server where my friends could login to over the internet and establish an ipx/spx connection to my internal network (with 2 other Windows Clients). How can i do this? i read the PPTP documentation and the FAQ, but it's only orientated for office use. Maybe someone is running such solution already? i'm connected to the internet with DSL with 768/128kBit/s so there be enough speed for atleast 2 other ISDN Users. BUT THEY DONT HAVE LINUX ! Just pure Windows. I would be really gld if someone could help me with this... Thanks.... Sven From phil at vibrationresearch.com Fri Dec 1 08:09:08 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Fri, 1 Dec 2000 09:09:08 -0500 Subject: [pptp-server] PTY read or GRE write failed In-Reply-To: <3A277506.623665CC@nice.be> Message-ID: <001101c05ba0$4565d350$4500a8c0@vibrationresearch.com> "PTY read or GRE write failed" is a generic message that means that pppd exited. To solve your problem you will have to find the pppd log messages and find out why pppd aborted prematurely. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wim Ceulemans > Sent: Friday, December 01, 2000 4:53 AM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] PTY read or GRE write failed > > > Hi > > I have looked through the archives and read all messages relating to the > error "PTY read or GRE write failed". I found a lot of postings similar > to mine, but no solution. I have this problem connecting from a Windows > NT4 system to my linux box, it does not happen connecting from a > Windows95/98 system. > > Could someone shed some light on the solution to this problem. An > extract from the log is included below. I am using ppp-2.3.11 and > pptp-1.0.0 with kernel 2.2.14. > > This is our options.pptp file: > > # > # Special options for ppp started via pptpd > # > lock > debug > auth > +chap > +chapms > +chapms-v2 > mppe-40 > mppe-128 > mppe-stateless > proxyarp > > > Extract from the log: > > 08:02:19 pptpd[18021]: MGR: Launching /ub/pkg/pptp/sbin/pptpctrl to > handle client > 08:02:19 pptpd[18021]: CTRL: local address = 192.0.20.7 > 08:02:19 pptpd[18021]: CTRL: remote address = 192.0.20.240 > 08:02:19 pptpd[18021]: CTRL: pppd speed = 115200 > 08:02:19 pptpd[18021]: CTRL: pppd options file = > /ub/etc/ppp/options.pptpd > 08:02:19 pptpd[18021]: CTRL: Client 212.35.18.27 control connection > started > 08:02:19 pptpd[18021]: CTRL: Received PPTP Control Message (type: 1) > 08:02:19 pptpd[18021]: CTRL: Made a START CTRL CONN RPLY packet > 08:02:19 pptpd[18021]: CTRL: I wrote 156 bytes to the client. > 08:02:19 pptpd[18021]: CTRL: Sent packet to client > 08:02:22 pptpd[18021]: CTRL: Received PPTP Control Message (type: 7) > 08:02:22 pptpd[18021]: CTRL: Set parameters to 0 maxbps, 16 window size > 08:02:22 pptpd[18021]: CTRL: Made a OUT CALL RPLY packet > 08:02:22 pptpd[18021]: CTRL: Starting call (launching pppd, opening GRE) > 08:02:22 pptpd[18021]: CTRL: pty_fd = 5 > 08:02:22 pptpd[18021]: CTRL: tty_fd = 6 > 08:02:22 pptpd[18021]: CTRL: I wrote 32 bytes to the client. > 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): Connection speed = 115200 > 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): local address = 192.0.20.7 > 08:02:22 pptpd[18022]: CTRL (PPPD Launcher): remote address = > 192.0.20.240 > 08:02:22 pptpd[18021]: CTRL: Sent packet to client > 08:02:56 pptpd[18021]: GRE: read(fd=5,buffer=804dac0,len=8196) from PTY > failed: status = -1 error = Input/output error > 08:02:56 pptpd[18021]: CTRL: PTY read or GRE write failed > (pty,gre)=(5,6) > 08:02:56 pptpd[18021]: CTRL: Client 212.35.18.27 control connection > finished > 08:02:56 pptpd[18021]: CTRL: Exiting now > 08:02:56 pptpd[824]: MGR: Reaped child 18021 > > Regards > > Wim Ceulemans > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From jlovell at p-inet.net Fri Dec 1 11:35:10 2000 From: jlovell at p-inet.net (Jim Lovell) Date: Fri, 1 Dec 2000 11:35:10 -0600 Subject: [pptp-server] Windows 2000 connection stability? Message-ID: We are running PoPToP and connecting to it via the Windows 2000 VPN client. At first the connections works great but after about 5 minutes no more packets are forwarded from the Linux box. We have traced the connection and all the packets make it to the PoPToP box but none are returned. As I said it works great for about 5 minutes then it dies. Any Thoughts?? Jim Lovell Prairie iNet 515-440-0848 x118 jlovell at p-inet.net From phil at vibrationresearch.com Fri Dec 1 11:57:55 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Fri, 1 Dec 2000 12:57:55 -0500 Subject: [pptp-server] Windows 2000 connection stability? In-Reply-To: Message-ID: <001601c05bc0$3b4eead0$4500a8c0@vibrationresearch.com> From glenn.robinson at btinternet.com Sat Dec 2 05:11:48 2000 From: glenn.robinson at btinternet.com (glenn.robinson at btinternet.com) Date: Sat, 2 Dec 2000 11:11:48 GMT Subject: [pptp-server] WinNT client behind Linux firewall Message-ID: <3a28d8f4.855.0@btinternet.com> I can connect to my pptp server if I'm connected directly to my ISP from my WinNT PC. When I'm at home the WinNT pc is sitting behind a Linux router/firewall which connects to the net. In this scenario I cannot connect to the Office pptp server. I assume this is something to do with NAT as I can't get a connection even if I clear the firewall rules. Any ideas/suggestions? Thanks Glenn From Steve at SteveCowles.com Sat Dec 2 08:37:33 2000 From: Steve at SteveCowles.com (Cowles, Steve) Date: Sat, 2 Dec 2000 08:37:33 -0600 Subject: [pptp-server] WinNT client behind Linux firewall Message-ID: <90769AF04F76D41186C700A0C90AFC3EE5B4@defiant.infohiiway.com> > -----Original Message----- > From: glenn.robinson at btinternet.com > [mailto:glenn.robinson at btinternet.com] > Sent: Saturday, December 02, 2000 5:12 AM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] WinNT client behind Linux firewall > > > I can connect to my pptp server if I'm connected directly > to my ISP from my WinNT PC. When I'm at home the > WinNT pc is sitting behind a Linux router/firewall which > connects to the net. > > In this scenario I cannot connect to the Office pptp > server. I assume this is something to do with NAT as I > can't get a connection even if I clear the firewall rules. > > Any ideas/suggestions? > > Thanks > > Glenn Sound like you need to patch your linux firewalls kernel to support PPTP masquerading. Checkout: http://www.impsec.org/linux/masquerade/ip_masq_vpn.html Steve Cowles From jacoposilva at tin.it Sat Dec 2 12:44:37 2000 From: jacoposilva at tin.it (Jacopo Silva) Date: Sat, 2 Dec 2000 19:44:37 +0100 Subject: [pptp-server] errors - little help... Message-ID: <001c01c05c8f$ed57b200$100aa8c0@cerbero> I configured my pptpd server on a Linux Box that has a public IP address. When I try to get access from the Win9x clients from the internet I always get some connection error. I enclude the log from syslogd . Is there anyone who can help me? Thanks, Jacopo /var/log/messages: logging at facility *.info ------------------------- pptpd[14029]: CTRL: Client 212.216.45.243 control connection started pptpd[14029]: CTRL: Starting call (launching pppd, opening GRE) pptpd[14029]: CTRL: Error with select(), quitting pptpd[14029]: CTRL: Client 212.216.45.243 control connection finished pppd[14030]: no device specified and stdin is not a tty pptpd[14050]: MGR: Manager process started pptpd[14050]: MGR: Couldn't create host socket pptpd[14052]: CTRL: Client 212.216.45.243 control connection started pptpd[14052]: CTRL: Starting call (launching pppd, opening GRE) pppd[14053]: pppd 2.3.11 started by root, uid 0 pppd[14053]: Using interface ppp0 pppd[14053]: Connect: ppp0 <--> /dev/pts/1 pptpd[14052]: CTRL: Error with select(), quitting pptpd[14052]: CTRL: Client 212.216.45.243 control connection finished pppd[14053]: Modem hangup pppd[14053]: Connection terminated. pppd[14053]: Exit. /var/log/daemon.log, logging at daemon.debug -------------------- pptpd[14073]: MGR: Launching /usr/sbin/pptpctrl to handle client pptpd[14073]: CTRL: local address = 192.168.1.170 pptpd[14073]: CTRL: remote address = 192.168.1.191 pptpd[14073]: CTRL: pppd options file = /etc/ppp/options.pptp pptpd[14073]: CTRL: Client 212.216.45.243 control connection started pptpd[14073]: CTRL: Received PPTP Control Message (type: 1) pptpd[14073]: CTRL: Made a START CTRL CONN RPLY packet pptpd[14073]: CTRL: I wrote 156 bytes to the client. pptpd[14073]: CTRL: Sent packet to client pptpd[14073]: CTRL: Received PPTP Control Message (type: 7) pptpd[14073]: CTRL: Set parameters to 0 maxbps, 16 window size pptpd[14073]: CTRL: Made a OUT CALL RPLY packet pptpd[14073]: CTRL: Starting call (launching pppd, opening GRE) pptpd[14073]: CTRL: pty_fd = 5 pptpd[14073]: CTRL: tty_fd = 6 pptpd[14073]: CTRL: I wrote 32 bytes to the client. pptpd[14073]: CTRL: Sent packet to client pptpd[14074]: CTRL (PPPD Launcher): Connection speed = 115200 pptpd[14074]: CTRL (PPPD Launcher): local address = 192.168.1.170 pptpd[14074]: CTRL (PPPD Launcher): remote address = 192.168.1.191 pppd[14074]: pppd 2.3.11 started by root, uid 0 pptpd[14073]: CTRL: Received PPTP Control Message (type: 12) pptpd[14073]: CTRL: Made a CALL DISCONNECT RPLY packet pptpd[14073]: CTRL: Received CALL CLR request (closing call) pptpd[14073]: CTRL: I wrote 148 bytes to the client. pptpd[14073]: CTRL: Sent packet to client pptpd[14073]: CTRL: Error with select(), quitting pptpd[14073]: CTRL: Client 212.216.45.243 control connection finished pptpd[14073]: CTRL: Exiting now pptpd[14027]: MGR: Reaped child 14073 pppd[14074]: Using interface ppp0 pppd[14074]: Connect: ppp0 <--> /dev/pts/1 pppd[14074]: sent [LCP ConfReq id=0x1 ] pppd[14074]: write: warning: Errore di input/output (5) pppd[14074]: Modem hangup pppd[14074]: Connection terminated. pppd[14074]: Exit. From kcr at asicint.com Sat Dec 2 17:55:46 2000 From: kcr at asicint.com (Kurt Robinson) Date: Sat, 2 Dec 2000 18:55:46 -0500 Subject: [pptp-server] Poor Throughput/Performance Message-ID: <20001202185546.A32664@postal.asicint.com> I am in a bit of a loss here on my attempts at using poptop along with 98 and a cable modem. I've got pptpd1.0.0 running along with ppp2.3.11 and I can connect and authenticate exactly as I should. But the performance hit I am getting, when moving files via ftp is incredibly slow./of I am gettting files transfers at 1kb/s or less, compared with 14kb/s without pptpd. I've got speed set at 115200 via pptpd.conf, though I've tried other settings. Its a local ip with proxyarp on, and network routes are correct. Any ideas? Kurt Robinson kcr at asicint.com From phil at vibrationresearch.com Sat Dec 2 19:00:18 2000 From: phil at vibrationresearch.com (Phil Van Baren) Date: Sat, 2 Dec 2000 20:00:18 -0500 Subject: [pptp-server] Poor Throughput/Performance In-Reply-To: <20001202185546.A32664@postal.asicint.com> Message-ID: <000601c05cc4$6758eb80$56108318@mw.mediaone.net> First guess would be dropped or out-of-order packets. Can't do much about dropped packets, but for out-of-order packets, using pptpd-1.1.2 should help. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Kurt Robinson > Sent: Saturday, December 02, 2000 6:56 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Poor Throughput/Performance > > > I am in a bit of a loss here on my attempts at using poptop along with > 98 and a cable modem. I've got pptpd1.0.0 running along with ppp2.3.11 > and I can connect and authenticate exactly as I should. But the > performance > hit I am getting, when moving files via ftp is incredibly slow./of > > I am gettting files transfers at 1kb/s or less, compared with > 14kb/s without > pptpd. I've got speed set at 115200 via pptpd.conf, though I've > tried other > settings. Its a local ip with proxyarp on, and network routes > are correct. > > Any ideas? > > Kurt Robinson > kcr at asicint.com > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From kend at flyingtoasters.net Sun Dec 3 17:40:13 2000 From: kend at flyingtoasters.net (kend at flyingtoasters.net) Date: Sun, 3 Dec 2000 18:40:13 -0500 (EST) Subject: [pptp-server] Duplicate IP addresses (remote and local)? Message-ID: I'm trying to get PoPToP running for my company, and... well, I'm failing. I'm able to get *one* system up, but any other systems that bring up the connection get the same IP addresses as the first one. Here's the pertinent (I think!) chunck from my pptpd.conf file: (Okay; upon reflection, here are the only non-commented lines in my pptpd.conf file.) speed 115200 localip 192.168.2.200-219 remoteip 192.168.2.220-239 Isn't this right? Or... am I missing something stuuuupid? Thanks! -Ken From baust at healthdec.com Sun Dec 3 17:15:42 2000 From: baust at healthdec.com (Brian Aust) Date: Sun, 3 Dec 2000 18:15:42 -0500 Subject: [pptp-server] Duplicate IP addresses (remote and local)? Message-ID: Hi Ken, Well i can think of two things... well actually three, to check. 1. in my pptpd.conf file, my localip is ONLY the IP address of the poptop server, it isn't a range. 2. do you have a DNS and DHCP server listed in your options file? There should be a line like: ms-wins 10.1.1.2 (or whatever the IP addy of your WINS server is) 3. make sure you have ip_forwarding enabled on your machine so that the WINS server can dish addresses out. Hope this helps, Brian Aust -----Original Message----- From: kend at flyingtoasters.net [mailto:kend at flyingtoasters.net] Sent: Sunday, December 03, 2000 6:40 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Duplicate IP addresses (remote and local)? I'm trying to get PoPToP running for my company, and... well, I'm failing. I'm able to get *one* system up, but any other systems that bring up the connection get the same IP addresses as the first one. Here's the pertinent (I think!) chunck from my pptpd.conf file: (Okay; upon reflection, here are the only non-commented lines in my pptpd.conf file.) speed 115200 localip 192.168.2.200-219 remoteip 192.168.2.220-239 Isn't this right? Or... am I missing something stuuuupid? Thanks! -Ken _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From baust at healthdec.com Sun Dec 3 19:26:06 2000 From: baust at healthdec.com (Brian Aust) Date: Sun, 3 Dec 2000 20:26:06 -0500 Subject: [pptp-server] Poor Throughput/Performance Message-ID: Maybe I'm missing something, but where exactly is pptpd-1.1.2? I'm at the www.moretonbay.com/vpn/download_pptp.html page, and i only see 1.0.0 for stable release, and 1.1.1 for development. Is moretonbay.com not the official homepage for poptop, or were you just speaking about 1.1.2 in terms of WHEN it comes out in the future? Thanks, Brian -----Original Message----- From: Phil Van Baren [mailto:phil at vibrationresearch.com] Sent: Saturday, December 02, 2000 8:00 PM To: pptp-server at lists.schulte.org Subject: RE: [pptp-server] Poor Throughput/Performance First guess would be dropped or out-of-order packets. Can't do much about dropped packets, but for out-of-order packets, using pptpd-1.1.2 should help. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Kurt Robinson > Sent: Saturday, December 02, 2000 6:56 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Poor Throughput/Performance > > > I am in a bit of a loss here on my attempts at using poptop along with > 98 and a cable modem. I've got pptpd1.0.0 running along with ppp2.3.11 > and I can connect and authenticate exactly as I should. But the > performance > hit I am getting, when moving files via ftp is incredibly slow./of > > I am gettting files transfers at 1kb/s or less, compared with > 14kb/s without > pptpd. I've got speed set at 115200 via pptpd.conf, though I've > tried other > settings. Its a local ip with proxyarp on, and network routes > are correct. > > Any ideas? > > Kurt Robinson > kcr at asicint.com > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From phil at vibrationresearch.com Sun Dec 3 19:32:56 2000 From: phil at vibrationresearch.com (Phil Van Baren) Date: Sun, 3 Dec 2000 20:32:56 -0500 Subject: [pptp-server] Poor Throughput/Performance In-Reply-To: Message-ID: <000401c05d92$20f96ec0$56108318@mw.mediaone.net> The web page for pptpd is at http://poptop.lineo.com The mortonbay site is an old site that hasn't been updated in quite a while. > -----Original Message----- > From: Brian Aust [mailto:baust at healthdec.com] > Sent: Sunday, December 03, 2000 8:26 PM > To: 'Phil Van Baren'; pptp-server at lists.schulte.org > Subject: RE: [pptp-server] Poor Throughput/Performance > > > Maybe I'm missing something, but where exactly is pptpd-1.1.2? I'm at the > www.moretonbay.com/vpn/download_pptp.html page, and i only see 1.0.0 for > stable release, and 1.1.1 for development. Is moretonbay.com not the > official homepage for poptop, or were you just speaking about > 1.1.2 in terms > of WHEN it comes out in the future? > > Thanks, > Brian > > -----Original Message----- > From: Phil Van Baren [mailto:phil at vibrationresearch.com] > Sent: Saturday, December 02, 2000 8:00 PM > To: pptp-server at lists.schulte.org > Subject: RE: [pptp-server] Poor Throughput/Performance > > > First guess would be dropped or out-of-order packets. Can't do much about > dropped packets, but for out-of-order packets, using pptpd-1.1.2 should > help. > > > -----Original Message----- > > From: pptp-server-admin at lists.schulte.org > > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Kurt Robinson > > Sent: Saturday, December 02, 2000 6:56 PM > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] Poor Throughput/Performance > > > > > > I am in a bit of a loss here on my attempts at using poptop along with > > 98 and a cable modem. I've got pptpd1.0.0 running along with ppp2.3.11 > > and I can connect and authenticate exactly as I should. But the > > performance > > hit I am getting, when moving files via ftp is incredibly slow./of > > > > I am gettting files transfers at 1kb/s or less, compared with > > 14kb/s without > > pptpd. I've got speed set at 115200 via pptpd.conf, though I've > > tried other > > settings. Its a local ip with proxyarp on, and network routes > > are correct. > > > > Any ideas? > > > > Kurt Robinson > > kcr at asicint.com > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulteconsulting.com! > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From xfzhu at seu.edu.cn Mon Dec 4 03:38:26 2000 From: xfzhu at seu.edu.cn (Zhu Xiaofeng) Date: Mon, 4 Dec 2000 17:38:26 +0800 Subject: [pptp-server] Help Message-ID: <003001c05dd5$f41b9740$521877ca@SUNSHINE> Hi everyone: I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is following: PoPToP server cisco router x.x.24.198 <--------> x.x.24.1 <----> real Internet | | | win2000 x.x.24.99 /etc/ppp/options debug name linux auth require-chap proxyarp /etc/pptpd.conf option /etc/ppp/options debug speed 115200 localip x.x.24.220-229 remoteip x.x.24.230-239 My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real Internet. All address are real IP addresses.I don't think it need NAT or IP MASQE .Is it OK? Should I do more configration on x.x.24.198 ? When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client address x.x.24.230 and PPP server address is x.x.24.220 . Ping x.x.24.230 is not accessable but x.x.24.220 is accessable from other computer x.x.24.200 .I don't know much about "proxyarp",but I think it is x.x.24.230 that can be accessable. Why? xfzhu. From Olivier.Cherrier at cediti.be Mon Dec 4 04:45:16 2000 From: Olivier.Cherrier at cediti.be (Olivier Cherrier) Date: Mon, 4 Dec 2000 11:45:16 +0100 Subject: [pptp-server] pptp for OpenBSD Message-ID: Hello. I am trying to set up a poptop 1.0.0 server under a 2.8 OpenBSD box. I am reading the faq http://www.moretonbay.com/vpn/releases/HOWTO-PoPToP.txt Do you know what I have to change in this faq which is for Linux ? Thanks for your help and ideas. Olivier Cherrier Belgium. From david.landgren at bpinet.com Mon Dec 4 05:37:57 2000 From: david.landgren at bpinet.com (David LANDGREN) Date: Mon, 4 Dec 2000 12:37:57 +0100 Subject: [pptp-server] pptp for OpenBSD Message-ID: |I am trying to set up a poptop 1.0.0 server under a 2.8 OpenBSD box. It is doable. |I am reading the faq http://www.moretonbay.com/vpn/releases/HOWTO-PoPToP.txt Read http://heyer.supranet.net/pptp/ |Do you know what I have to change in this faq which is for Linux ? It also has *BSD sections, read closely. Compile with --with-bsdppp and recompile the kernel removing the gre pseudo-device David Landgren -- Paris Perl Mongers => http://paris.pm.org/ From kend at flyingtoasters.net Mon Dec 4 13:46:47 2000 From: kend at flyingtoasters.net (kend at flyingtoasters.net) Date: Mon, 4 Dec 2000 14:46:47 -0500 (EST) Subject: [pptp-server] Duplicate IP addresses (remote and local)? In-Reply-To: Message-ID: On Sun, 3 Dec 2000, Brian Aust wrote: > Hi Ken, > > Well i can think of two things... well actually three, to check. > > 1. in my pptpd.conf file, my localip is ONLY the IP address of the > poptop server, it isn't a range. Hmmm. I'll give that a shot. > 2. do you have a DNS and DHCP server listed in your options file? > There should be a line like: ms-wins 10.1.1.2 (or whatever the IP addy of > your WINS server is) No, I didn't; I was really just trying to get it passing IP (i and hadn't (yet) concerned myself with DNS. Out of curiosity: - where is this documented? I don't recall seeing mention of this in the PoPToP FAQs and HOWTOs. - Why would I need the DHCP server to be listed? Is there interaction with the DHCP server for info that DHCP would normally dish out? > 3. make sure you have ip_forwarding enabled on your machine so that > the WINS server can dish addresses out. Yah -- this is enabled. Packets pass through quite nicely... Thanks for your prompt response to my original e-mail! -Ken > Hope this helps, > Brian Aust > > > > -----Original Message----- > From: kend at flyingtoasters.net [mailto:kend at flyingtoasters.net] > Sent: Sunday, December 03, 2000 6:40 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Duplicate IP addresses (remote and local)? > > > I'm trying to get PoPToP running for my company, and... well, I'm > failing. I'm able to get *one* system up, but any other systems that > bring up the connection get the same IP addresses as the first > one. Here's the pertinent (I think!) chunck from my pptpd.conf file: > > (Okay; upon reflection, here are the only non-commented lines in my > pptpd.conf file.) > > speed 115200 > localip 192.168.2.200-219 > remoteip 192.168.2.220-239 > > Isn't this right? Or... am I missing something stuuuupid? > > Thanks! > > -Ken > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From Steve at SteveCowles.com Mon Dec 4 14:27:07 2000 From: Steve at SteveCowles.com (Cowles, Steve) Date: Mon, 4 Dec 2000 14:27:07 -0600 Subject: [pptp-server] Duplicate IP addresses (remote and local)? Message-ID: <90769AF04F76D41186C700A0C90AFC3EE5BC@defiant.infohiiway.com> > -----Original Message----- > From: Brian Aust [mailto:baust at healthdec.com] > Sent: Sunday, December 03, 2000 5:16 PM > To: 'kend at flyingtoasters.net'; pptp-server at lists.schulte.org > Subject: RE: [pptp-server] Duplicate IP addresses (remote and local)? > > > Hi Ken, > > Well i can think of two things... well actually three, to check. > > 1. in my pptpd.conf file, my localip is ONLY the IP > address of the poptop server, it isn't a range. > 2. do you have a DNS and DHCP server listed in your > options file? There should be a line like: ms-wins 10.1.1.2 > (or whatever the IP addy of your WINS server is) Just for clarification, Windows Internet Name Service (WINS) has nothing to do with Domain Name Service (DNS) or even Dynamic Host Configuration Protocol (DHCP). Although, if your running Microsoft's DNS server , WINS can be configured to update the MS DNS server zone files dynamically. i.e. When a MS client (Win9x, NT, W2K) registers with a WINS server, the MS DNS server will create two DNS records. 1) An "A" (address) record for the host. 2) An Inverse Address Arpa Record (PTR) for the host. (reverse lookup) This is actually pretty cool (and works), the MS Netbios name is registered with the MS DNS server. i.e. You can "ping" the client by its Netbios Name, not some arbitrary FQDN like dhcp1.mydomain.com, dhcp2.mydomain.com, etc... WINS - In /etc/ppp/options, this option is specified with "ms-wins" parameter. DNS - In /etc/ppp/options, this option is specified with the "ms-dns" parameter. DHCP - Although I wish Poptop could be configured to use a DHCP scope to set and configure remote PPTP clients... to this date, I'm not aware of this capability in PopTop. If I'm wrong, please show me how. I will reconfigure my PopTop server in a minute. Its been awhile, but I believe Microsoft's PPTP server can be configured to assign remote IP's from a predefined DHCP scope. Steve Cowles From jvonau at home.com Mon Dec 4 19:38:11 2000 From: jvonau at home.com (Jerry Vonau) Date: Mon, 04 Dec 2000 19:38:11 -0600 Subject: [pptp-server] Duplicate IP addresses (remote and local)? References: <90769AF04F76D41186C700A0C90AFC3EE5BC@defiant.infohiiway.com> Message-ID: <3A2C4703.4834BE97@home.com> >Cowles, Steve wrote: >DHCP - Although I wish Poptop could be configured to use a DHCP scope to set >and configure remote PPTP clients... to this date, I'm not aware of this >capability in PopTop. If I'm wrong, please show me how. I will reconfigure >my PopTop server in a minute . This would be nice, I'd be in your footsteps. >Its been awhile, but I believe Microsoft's PPTP server can be configured to >assign remote IP's from a predefined DHCP scope. Yes it does, just be sure to limit the range that it can grab. If you don't, it will take all of the available address. Found that out when may laptop users couldn't get a pi, the nt box had requested and received the entire subnet. Just my 2 cents worth. Jerry Vonau From xfzhu at seu.edu.cn Mon Dec 4 20:54:46 2000 From: xfzhu at seu.edu.cn (Zhu Xiaofeng) Date: Tue, 5 Dec 2000 10:54:46 +0800 Subject: [pptp-server] "proxyarp" or " route" Message-ID: <004801c05e66$ba3c4100$521877ca@SUNSHINE> Hi everyone: I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is following: PoPToP server cisco router x.x.24.198 <--------> x.x.24.1 <----> real Internet | | | win2000 x.x.24.99 /etc/ppp/options debug name linux auth require-chap proxyarp /etc/pptpd.conf option /etc/ppp/options debug speed 115200 localip x.x.24.220-229 remoteip x.x.24.230-239 My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real Internet. All address are real IP addresses.I don't think it need NAT or IP MASQE .Is it OK? Should I do more configration on x.x.24.198 ? When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client address x.x.24.230 and PPP server address is x.x.24.220 . Ping x.x.24.230 is not accessable but x.x.24.220 is accessable from other computer x.x.24.200 .I don't know much about "proxyarp",but I think it is x.x.24.230 that can be accessable. Why? xfzhu. From georgev at citadelcomputer.com.au Mon Dec 4 21:43:05 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 5 Dec 2000 14:43:05 +1100 Subject: [pptp-server] "proxyarp" or " route" Message-ID: <90C35E9FADC0D41184770000E860EB4901BC88@cittech> I think you need IP forwarding (Not IP masquerading) turned on.. Have your got any IPCHAINS rules turned on which might be killing it? Can you use tcpdump to determine where the pings are going? -----Original Message----- From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] Sent: Tuesday, December 05, 2000 1:55 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] "proxyarp" or " route" Hi everyone: I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is following: PoPToP server cisco router x.x.24.198 <--------> x.x.24.1 <----> real Internet | | | win2000 x.x.24.99 /etc/ppp/options debug name linux auth require-chap proxyarp /etc/pptpd.conf option /etc/ppp/options debug speed 115200 localip x.x.24.220-229 remoteip x.x.24.230-239 My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real Internet. All address are real IP addresses.I don't think it need NAT or IP MASQE .Is it OK? Should I do more configration on x.x.24.198 ? When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client address x.x.24.230 and PPP server address is x.x.24.220 . Ping x.x.24.230 is not accessable but x.x.24.220 is accessable from other computer x.x.24.200 .I don't know much about "proxyarp",but I think it is x.x.24.230 that can be accessable. Why? xfzhu. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From woodbury at niehs.nih.gov Tue Dec 5 12:11:32 2000 From: woodbury at niehs.nih.gov (Gregory G. Woodbury) Date: Tue, 05 Dec 2000 13:11:32 -0500 Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (RHat 6.2) Message-ID: <3A2D2FD4.F05E8A5F@niehs.nih.gov> Does anyone have the MPPE patches for PPPD that work with version 2.3.11 of PPPD from the RedHat 6.2 distribution? Thanks in Advance. -- Gregory Woodbury SysAdmin group OAO NIEHS ITSSC work phone:919 361 5444 x404 woodbury at niehs.nih.gov From baust at healthdec.com Tue Dec 5 12:40:17 2000 From: baust at healthdec.com (Brian Aust) Date: Tue, 5 Dec 2000 13:40:17 -0500 Subject: [pptp-server] Rebuilt PoPToP - now it doesn't work :-( Message-ID: Well I'd had a working PoPToP box for my organisation for 8 months until a German hacker broke in and compromised it. So this past weekend I rebuilt it, and sadly to say, I can't get it back up and running. I'm running RHAT6.2, pptpd-1.0.0-1 RPM, and pppd 2.3.11. No patches, no encryption. Just basic poptop. Here's the var/log/messages printout: Dec 5 14:22:07 BNYATALIE pptpd[1681]: CTRL: Client 24.25.24.109 control connect ion started Dec 5 14:22:07 BNYATALIE pptpd[1681]: CTRL: Starting call (launching pppd, open ing GRE) Dec 5 14:22:08 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the Univ ersity of California Dec 5 14:22:08 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 5 14:22:08 BNYATALIE kernel: PPP line discipline registered. Dec 5 14:22:08 BNYATALIE kernel: registered device ppp0 Dec 5 14:22:08 BNYATALIE pppd[1682]: pppd 2.3.11 started by root, uid 0 Dec 5 14:22:08 BNYATALIE pppd[1682]: Using interface ppp0 Dec 5 14:22:08 BNYATALIE pppd[1682]: Connect: ppp0 <--> /dev/pts/1 Dec 5 14:22:38 BNYATALIE pptpd[1681]: CTRL: Error with select(), quitting Dec 5 14:22:38 BNYATALIE pptpd[1681]: CTRL: Client 24.25.24.109 control connect ion finished Dec 5 14:22:38 BNYATALIE pppd[1682]: Modem hangup Dec 5 14:22:38 BNYATALIE pppd[1682]: Connection terminated. Dec 5 14:22:38 BNYATALIE pppd[1682]: Exit. Here's the options file: lock debug auth +chap proxyarp ms-dns 10.1.1.2 ms-wins 10.1.1.2 domain healthdec.com name bnyatalie In pptpd.conf, i simply have: speed 115200 localip 10.1.1.69 (the addy of the poptop server) remoteip 10.3.1.1-99 (internal DHCP assigns this) I do have ip_forwarding enabled in /proc/sys/net/ipv4/ip_forward. What bothers me is that i previously had this working perfectly, and i'd saved my options and chap-secrets files. The only big difference is that before, my server was a multi-homed machine that had both external and internal interfaces. The new server is purely internal interface, behind a Checkpoint FW-1 firewall. But i've opened up TCP 1723, as well as IP header protocol 47 (GRE). And it looks like the error is on the poptop server, not with packets failing to get there. What is really missing is authentication. Usually in the past, even if it failed, i at least got "baust authenticated, assigned IP address 10.3.1.2" or something like that... here, it doesn't look like it's even consulting the chap-secrets file. Thanks, Brian From phil at vibrationresearch.com Tue Dec 5 12:38:53 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Tue, 5 Dec 2000 13:38:53 -0500 Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (RHat 6.2) In-Reply-To: <3A2D2FD4.F05E8A5F@niehs.nih.gov> Message-ID: <000501c05eea$9e024140$4500a8c0@vibrationresearch.com> See http://www.vibres.com/pptpd/example.html and/or http://www.vibres.com/pptpd/pptpd-FAQ.txt > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Gregory G. > Woodbury > Sent: Tuesday, December 05, 2000 1:12 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd > (RHat 6.2) > > > Does anyone have the MPPE patches for PPPD that work with version > 2.3.11 of PPPD > from the RedHat 6.2 distribution? > > Thanks in Advance. > -- > Gregory Woodbury > SysAdmin group OAO NIEHS ITSSC > work phone:919 361 5444 x404 > woodbury at niehs.nih.gov > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From baust at healthdec.com Tue Dec 5 12:42:02 2000 From: baust at healthdec.com (Brian Aust) Date: Tue, 5 Dec 2000 13:42:02 -0500 Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (R Hat 6.2) Message-ID: Here: http://poptop.lineo.com/download_pptp.html Halfway down the page, underneath MSCHAPv2 and MPPE patches. Cheers, Brian -----Original Message----- From: Gregory G. Woodbury [mailto:woodbury at niehs.nih.gov] Sent: Tuesday, December 05, 2000 1:12 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (RHat 6.2) Does anyone have the MPPE patches for PPPD that work with version 2.3.11 of PPPD from the RedHat 6.2 distribution? Thanks in Advance. -- Gregory Woodbury SysAdmin group OAO NIEHS ITSSC work phone:919 361 5444 x404 woodbury at niehs.nih.gov _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Tue Dec 5 13:45:04 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Wed, 6 Dec 2000 06:45:04 +1100 Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (R Hat 6.2) Message-ID: <90C35E9FADC0D41184770000E860EB4901BC95@cittech> Best site that I found was http://www.vibres.com/pptpd/example.html though I had compiling problem with 2.2.16-3 so I upgraded the kernel to 2.2.17 and it works like a beaut. -----Original Message----- From: Gregory G. Woodbury [mailto:woodbury at niehs.nih.gov] Sent: Wednesday, December 06, 2000 5:12 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] Anyone got the PPPD patch for 2.3.11 of pppd (RHat 6.2) Does anyone have the MPPE patches for PPPD that work with version 2.3.11 of PPPD from the RedHat 6.2 distribution? Thanks in Advance. -- Gregory Woodbury SysAdmin group OAO NIEHS ITSSC work phone:919 361 5444 x404 woodbury at niehs.nih.gov _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From xfzhu at seu.edu.cn Wed Dec 6 01:02:05 2000 From: xfzhu at seu.edu.cn (Zhu Xiaofeng) Date: Wed, 6 Dec 2000 15:02:05 +0800 Subject: [pptp-server] "proxyarp" or " route" References: <90C35E9FADC0D41184770000E860EB4901BC88@cittech> Message-ID: <005a01c05f52$70e8dd00$521877ca@SUNSHINE> My question is : When PPTP client connect to PPTP(PoPToP) server , it set up a ppp connection between Server and Client . And Client get an IP for PPP client side and Server get an IP for PPP server side . Is it the PPP client side IP address "proxyarp" or the PPP server side IP address "proxyarp"? Client <-------PPP OVER PPTP--------> SERVER x.x.x.1 x.x.x.2 Though on x.x.x.3 ping x.x.x.1 and x.x.x.2: x.x.x.1 is not accessable x.x.x.2 is accessable. But when I use Microsoft PPTP server , the result is on the contrary. I use sniffer to watch IP data .It didn't seem that ARP reply was sent out as what I had thought by PoPToP SERVER . ----- Original Message ----- From: "George Vieira" To: "'Zhu Xiaofeng'" Cc: "PPTP List (E-mail)" Sent: Tuesday, December 05, 2000 11:43 AM Subject: RE: [pptp-server] "proxyarp" or " route" > I think you need IP forwarding (Not IP masquerading) turned on.. > > Have your got any IPCHAINS rules turned on which might be killing it? > Can you use tcpdump to determine where the pings are going? > > > -----Original Message----- > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > Sent: Tuesday, December 05, 2000 1:55 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] "proxyarp" or " route" > > > Hi everyone: > > I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is > following: > > PoPToP server cisco router > x.x.24.198 <--------> x.x.24.1 <----> real Internet > | > | > | > win2000 > x.x.24.99 > > /etc/ppp/options > > debug > name linux > auth > require-chap > proxyarp > > /etc/pptpd.conf > > option /etc/ppp/options > debug > speed 115200 > localip x.x.24.220-229 > remoteip x.x.24.230-239 > > My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real > Internet. > All address are real IP addresses.I don't think it need NAT or IP MASQE .Is > it OK? > Should I do more configration on x.x.24.198 ? > > When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client > address x.x.24.230 and PPP > server address is x.x.24.220 . Ping x.x.24.230 is not accessable but > x.x.24.220 is accessable from other > computer x.x.24.200 .I don't know much about "proxyarp",but I think it is > x.x.24.230 that can be accessable. > Why? > > > xfzhu. > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From georgev at citadelcomputer.com.au Wed Dec 6 03:00:13 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Wed, 6 Dec 2000 20:00:13 +1100 Subject: [pptp-server] "proxyarp" or " route" Message-ID: <90C35E9FADC0D41184770000E860EB4901BCAD@cittech> proxyarp should be running on the server side (PPTPD). Can the (x.x.x.1) client ping x.x.x.2 OK as well as x.x.x.3 . Or does it ping only the .2 server? Your logs should also mention about proxyarp attaching to the ETH0/1/2 device. eg. "Dec 4 06:43:27 linuxdev pppd[24131]: found interface eth0 for proxy arp" This means that proxy arp is using the local ETH0 device to listen for requests to x.x.x.1 Can you sent us some logs on the server side. -----Original Message----- From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] Sent: Wednesday, December 06, 2000 6:02 PM To: George Vieira Cc: PPTP List (E-mail) Subject: Re: [pptp-server] "proxyarp" or " route" My question is : When PPTP client connect to PPTP(PoPToP) server , it set up a ppp connection between Server and Client . And Client get an IP for PPP client side and Server get an IP for PPP server side . Is it the PPP client side IP address "proxyarp" or the PPP server side IP address "proxyarp"? Client <-------PPP OVER PPTP--------> SERVER x.x.x.1 x.x.x.2 Though on x.x.x.3 ping x.x.x.1 and x.x.x.2: x.x.x.1 is not accessable x.x.x.2 is accessable. But when I use Microsoft PPTP server , the result is on the contrary. I use sniffer to watch IP data .It didn't seem that ARP reply was sent out as what I had thought by PoPToP SERVER . ----- Original Message ----- From: "George Vieira" To: "'Zhu Xiaofeng'" Cc: "PPTP List (E-mail)" Sent: Tuesday, December 05, 2000 11:43 AM Subject: RE: [pptp-server] "proxyarp" or " route" > I think you need IP forwarding (Not IP masquerading) turned on.. > > Have your got any IPCHAINS rules turned on which might be killing it? > Can you use tcpdump to determine where the pings are going? > > > -----Original Message----- > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > Sent: Tuesday, December 05, 2000 1:55 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] "proxyarp" or " route" > > > Hi everyone: > > I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is > following: > > PoPToP server cisco router > x.x.24.198 <--------> x.x.24.1 <----> real Internet > | > | > | > win2000 > x.x.24.99 > > /etc/ppp/options > > debug > name linux > auth > require-chap > proxyarp > > /etc/pptpd.conf > > option /etc/ppp/options > debug > speed 115200 > localip x.x.24.220-229 > remoteip x.x.24.230-239 > > My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real > Internet. > All address are real IP addresses.I don't think it need NAT or IP MASQE .Is > it OK? > Should I do more configration on x.x.24.198 ? > > When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client > address x.x.24.230 and PPP > server address is x.x.24.220 . Ping x.x.24.230 is not accessable but > x.x.24.220 is accessable from other > computer x.x.24.200 .I don't know much about "proxyarp",but I think it is > x.x.24.230 that can be accessable. > Why? > > > xfzhu. > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From nickb at bigpond.net.au Wed Dec 6 04:07:01 2000 From: nickb at bigpond.net.au (Nick Blievers) Date: Wed, 06 Dec 2000 21:07:01 +1100 Subject: [pptp-server] "proxyarp" or " route" References: <004801c05e66$ba3c4100$521877ca@SUNSHINE> Message-ID: <3A2E0FC4.F1FAEDAA@bigpond.net.au> Hi, I'm not really sure what you are trying to achieve here, perhaps you could clarify. When you say x.x.24.99 'dials up' the PoPToP server, do you really mean using a modem? If so, and you are dialing up directly to the linux box, you need to set up your routing and maybe the cisco filtering rules, and leave PoPToP out of it. If you are connected to the same LAN, then what is stopping you accessing the web directly? Please clarify what you are trying to achieve as there are several different different issues here, and then we can work on one at a time. For clarification: NAT = Network Address Translation. On the 2.2 series kernel this is achieved via IP Masquerading. A <---> B <----> C So, A can talk to C, seemingly directly, but C thinks the packets come from B. This can be cool to use to allow access to the net from hosts with private IPs. ARP = Address Resolution Protocol. This is used to translate an IP address to a hardware address (usually an ethernet one) arp maintains a cache of hardware addresses, although if a hardware address is not found, then arp broadcasts a packet to every host on the ethernet requesting the owner of IP address xxxx speak up and send its hardware address back. Proxying arp requests means replying to arp requests for IP's other than your own. eg A<--->B<--->C The AB link is non-ethernet (eg dial-up) and the BC link IS ethernet (say 100Mbit UTP in an office or something), then C will not necessarily know about A, as A will never receive an ethernet broadcast (eg an arp request) from C. However, B will, and B can be made into an arp proxy and answer the query on A's behalf. Or to put it another way proxyarp "will have the effect of making the peer appear to other systems to be on the local ethernet" (from the pppd man page), so that is useful for using So, the long and the short of it is, get a ppp link to the server first (either via dial-up or directly), and get THAT working, then work out whether you need the rest. PPTP may not be the answer you need. Hope this (rather long winded) reply helps. Nick Blievers Zhu Xiaofeng wrote: > Hi everyone: > > I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration is > following: > > PoPToP server cisco router > x.x.24.198 <--------> x.x.24.1 <----> real Internet > | > | > | > win2000 > x.x.24.99 > > /etc/ppp/options > > debug > name linux > auth > require-chap > proxyarp > > /etc/pptpd.conf > > option /etc/ppp/options > debug > speed 115200 > localip x.x.24.220-229 > remoteip x.x.24.230-239 > > My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real > Internet. > All address are real IP addresses.I don't think it need NAT or IP MASQE .Is > it OK? > Should I do more configration on x.x.24.198 ? > > When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client > address x.x.24.230 and PPP > server address is x.x.24.220 . Ping x.x.24.230 is not accessable but > x.x.24.220 is accessable from other > computer x.x.24.200 .I don't know much about "proxyarp",but I think it is > x.x.24.230 that can be accessable. > Why? > > xfzhu. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! From woodbury at niehs.nih.gov Wed Dec 6 13:17:12 2000 From: woodbury at niehs.nih.gov (Gregory G. Woodbury) Date: Wed, 06 Dec 2000 14:17:12 -0500 Subject: [pptp-server] PPP modules and RH Kernel 2.2.14-12 Message-ID: <3A2E90B8.CED62EE8@niehs.nih.gov> Trying to build kernel modules for ppp for pptp with mppe. I get an error when compiling the "make modules" portion of the kernel build. Specificially: >make[2]: Entering directory `/usr/src/linux-2.2.14/drivers/net' >gcc -D__KERNEL__ -I/usr/src/linux-2.2.14/include -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -fno-strict-aliasing -D__SMP__ -pipe -fno-strength-reduce -m486 -malign-loops=2 -malign-jumps=2 -malign-functions=2 -DCPU=686 -DMODULE -DMODVERSIONS -include /usr/src/linux-2.2.14/include/linux/modversions.h -DEXPORT_SYMTAB -c ppp.c >ppp.c:188: warning: static declaration for `ppp_register_compressor_Rsmp9682e733' follows non-static >ppp.c:189: warning: static declaration for `ppp_unregister_compressor_Rsmpa1b928df' follows non-static >ppp.c: In function `rcv_proto_unknown': >ppp.c:2563: too few arguments to function `kill_fasync_Reb615c27' >make[2]: *** [ppp.o] Error 1 >make[2]: Leaving directory `/usr/src/linux-2.2.14/drivers/net' >make[1]: *** [_modsubdir_net] Error 2 >make[1]: Leaving directory `/usr/src/linux-2.2.14/drivers' >make: *** [_mod_drivers] Error 2 Has anyone seen this before, has it been solved, should I try a different kernel version? Thanks. -- Gregory Woodbury SysAdmin group OAO NIEHS ITSSC work phone:919 361 5444 x404 woodbury at niehs.nih.gov From phil at vibrationresearch.com Wed Dec 6 13:53:35 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Wed, 6 Dec 2000 14:53:35 -0500 Subject: [pptp-server] PPP modules and RH Kernel 2.2.14-12 In-Reply-To: <3A2E90B8.CED62EE8@niehs.nih.gov> Message-ID: <001001c05fbe$37f67ea0$4500a8c0@vibrationresearch.com> I think this happens if you use patch files with DOS pair terminating the lines. To fix this, you can either use emacs to edit the messed up files (this usually hits header files in the #define lines with line-continuation escapes), and remove any ^M characters from the file. Or, convert the patch file to unix format (using dos2unix), and re-apply the patches. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Gregory G. > Woodbury > Sent: Wednesday, December 06, 2000 2:17 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] PPP modules and RH Kernel 2.2.14-12 > > > Trying to build kernel modules for ppp for pptp with mppe. I get > an error when > compiling the "make modules" portion of the kernel build. Specificially: > > >make[2]: Entering directory `/usr/src/linux-2.2.14/drivers/net' > >gcc -D__KERNEL__ -I/usr/src/linux-2.2.14/include -Wall > -Wstrict-prototypes -O2 -fomit-frame-pointer -fno-strict-aliasing > -D__SMP__ -pipe -fno-strength-reduce -m486 -malign-loops=2 > -malign-jumps=2 -malign-functions=2 -DCPU=686 -DMODULE > -DMODVERSIONS -include > /usr/src/linux-2.2.14/include/linux/modversions.h > -DEXPORT_SYMTAB -c ppp.c > >ppp.c:188: warning: static declaration for > `ppp_register_compressor_Rsmp9682e733' follows non-static > >ppp.c:189: warning: static declaration for > `ppp_unregister_compressor_Rsmpa1b928df' follows non-static > >ppp.c: In function `rcv_proto_unknown': > >ppp.c:2563: too few arguments to function `kill_fasync_Reb615c27' > >make[2]: *** [ppp.o] Error 1 > >make[2]: Leaving directory `/usr/src/linux-2.2.14/drivers/net' > >make[1]: *** [_modsubdir_net] Error 2 > >make[1]: Leaving directory `/usr/src/linux-2.2.14/drivers' > >make: *** [_mod_drivers] Error 2 > > Has anyone seen this before, has it been solved, should I try a > different kernel > version? > Thanks. > > -- > Gregory Woodbury > SysAdmin group OAO NIEHS ITSSC > work phone:919 361 5444 x404 > woodbury at niehs.nih.gov > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From rcd at amherst.com Wed Dec 6 14:14:19 2000 From: rcd at amherst.com (Rob) Date: Wed, 06 Dec 2000 15:14:19 -0500 Subject: [pptp-server] Compiling Kernel with PPP References: <3A2E90B8.CED62EE8@niehs.nih.gov> Message-ID: <3A2E9E1B.7E3C20B5@amherst.com> I too am also having difficulties integrating the ppp files into the kernel source for compilation. I using RedHat 6.2, with kernel-2.2.17. I read through the Redhat-HOWTO on the web site & followed the directions exactly. I received no compilation errors when building PPP with the 2 patches mppe patches. In the kernel config, I have IP chains, GRE tunnels over IP & PPP setup as mods. But once I ran make modules SUBDIRS=drivers/net, I get evil errors. Any help is appreciated. -Rob From phil at vibrationresearch.com Wed Dec 6 14:56:44 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Wed, 6 Dec 2000 15:56:44 -0500 Subject: [pptp-server] Compiling Kernel with PPP In-Reply-To: <3A2E9E1B.7E3C20B5@amherst.com> Message-ID: <001301c05fc7$0a711e50$4500a8c0@vibrationresearch.com> Do your evil errors resemble these? 7.4 Errors while building pppd, pptpd, and kernel modules 7.4.1. Get PPP_VERSION or PPP_MAGIC undefined error message while compiling ppp kernel modules Solution: add the following lines to /usr/src/linux/include/linux/if_ppp.h #define PPP_VERSION "2.3.11" #define PPP_MAGIC 0x5002 /* Magic value for the ppp structure */ 7.4.2. Get "structure has no member named `tty_pushing'" error messages while compiling ppp kernel modules This is probably because the mppe patches you used were for an older version of the kernel, and the ppp structure in the header file if_pppvar.h changed in the version of the kernel you have. Solution: apply the patch http://www.vibrationresearch.com/pptpd/if_ppp_2.2.17.diff to the kernel sources. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Rob > Sent: Wednesday, December 06, 2000 3:14 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Compiling Kernel with PPP > > > > I too am also having difficulties integrating the ppp files into the > kernel source for compilation. > > I using RedHat 6.2, with kernel-2.2.17. I read through the Redhat-HOWTO > on the web site & followed the directions exactly. > > I received no compilation errors when building PPP with the 2 patches > mppe patches. > > In the kernel config, I have IP chains, GRE tunnels over IP & PPP setup > as mods. But once I ran make modules SUBDIRS=drivers/net, I get evil > errors. > > Any help is appreciated. > > -Rob > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From georgev at citadelcomputer.com.au Wed Dec 6 15:15:50 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Thu, 7 Dec 2000 08:15:50 +1100 Subject: [pptp-server] PPP modules and RH Kernel 2.2.14-12 Message-ID: <90C35E9FADC0D41184770000E860EB4901BCAE@cittech> Make your life a hell of alot easier... use the "tr" command tr -d "\r" < filenamewithcrlf > filenamenewwithoutcr -----Original Message----- From: Philip Van Baren [mailto:phil at vibrationresearch.com] Sent: Thursday, December 07, 2000 6:54 AM To: pptp-server at lists.schulte.org Subject: RE: [pptp-server] PPP modules and RH Kernel 2.2.14-12 I think this happens if you use patch files with DOS pair terminating the lines. To fix this, you can either use emacs to edit the messed up files (this usually hits header files in the #define lines with line-continuation escapes), and remove any ^M characters from the file. Or, convert the patch file to unix format (using dos2unix), and re-apply the patches. > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Gregory G. > Woodbury > Sent: Wednesday, December 06, 2000 2:17 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] PPP modules and RH Kernel 2.2.14-12 > > > Trying to build kernel modules for ppp for pptp with mppe. I get > an error when > compiling the "make modules" portion of the kernel build. Specificially: > > >make[2]: Entering directory `/usr/src/linux-2.2.14/drivers/net' > >gcc -D__KERNEL__ -I/usr/src/linux-2.2.14/include -Wall > -Wstrict-prototypes -O2 -fomit-frame-pointer -fno-strict-aliasing > -D__SMP__ -pipe -fno-strength-reduce -m486 -malign-loops=2 > -malign-jumps=2 -malign-functions=2 -DCPU=686 -DMODULE > -DMODVERSIONS -include > /usr/src/linux-2.2.14/include/linux/modversions.h > -DEXPORT_SYMTAB -c ppp.c > >ppp.c:188: warning: static declaration for > `ppp_register_compressor_Rsmp9682e733' follows non-static > >ppp.c:189: warning: static declaration for > `ppp_unregister_compressor_Rsmpa1b928df' follows non-static > >ppp.c: In function `rcv_proto_unknown': > >ppp.c:2563: too few arguments to function `kill_fasync_Reb615c27' > >make[2]: *** [ppp.o] Error 1 > >make[2]: Leaving directory `/usr/src/linux-2.2.14/drivers/net' > >make[1]: *** [_modsubdir_net] Error 2 > >make[1]: Leaving directory `/usr/src/linux-2.2.14/drivers' > >make: *** [_mod_drivers] Error 2 > > Has anyone seen this before, has it been solved, should I try a > different kernel > version? > Thanks. > > -- > Gregory Woodbury > SysAdmin group OAO NIEHS ITSSC > work phone:919 361 5444 x404 > woodbury at niehs.nih.gov > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Wed Dec 6 15:17:44 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Thu, 7 Dec 2000 08:17:44 +1100 Subject: [pptp-server] Compiling Kernel with PPP Message-ID: <90C35E9FADC0D41184770000E860EB4901BCAF@cittech> I used this site to compile it and worked great.. http://www.vibres.com/pptpd/example.html I nuked my source directory before doing the procedures though.. had changes which it though was up to date.... -----Original Message----- From: Rob [mailto:rcd at amherst.com] Sent: Thursday, December 07, 2000 7:14 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] Compiling Kernel with PPP I too am also having difficulties integrating the ppp files into the kernel source for compilation. I using RedHat 6.2, with kernel-2.2.17. I read through the Redhat-HOWTO on the web site & followed the directions exactly. I received no compilation errors when building PPP with the 2 patches mppe patches. In the kernel config, I have IP chains, GRE tunnels over IP & PPP setup as mods. But once I ran make modules SUBDIRS=drivers/net, I get evil errors. Any help is appreciated. -Rob _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From rcd at amherst.com Wed Dec 6 15:52:03 2000 From: rcd at amherst.com (Rob) Date: Wed, 06 Dec 2000 16:52:03 -0500 Subject: [pptp-server] Compiling Kernel with PPP References: <001301c05fc7$0a711e50$4500a8c0@vibrationresearch.com> Message-ID: <3A2EB503.448D4EAF@amherst.com> That diff patch did the trick -- thanks. I was starting to go through the FAQ when I got the email.... argh! Mindless time wasted on frustration. -Rob > > Do your evil errors resemble these? > > 7.4 Errors while building pppd, pptpd, and kernel modules > > 7.4.1. Get PPP_VERSION or PPP_MAGIC undefined error message while compiling > ppp kernel modules > > Solution: add the following lines to /usr/src/linux/include/linux/if_ppp.h > #define PPP_VERSION "2.3.11" > #define PPP_MAGIC 0x5002 /* Magic value for the ppp structure */ > > 7.4.2. Get "structure has no member named `tty_pushing'" error messages > while compiling ppp kernel modules > > This is probably because the mppe patches you used were for an older > version > of the kernel, and the ppp structure in the header file if_pppvar.h changed > in the version of the kernel you have. > > Solution: apply the patch > http://www.vibrationresearch.com/pptpd/if_ppp_2.2.17.diff > to the kernel sources. > > > -----Original Message----- > > From: pptp-server-admin at lists.schulte.org > > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Rob > > Sent: Wednesday, December 06, 2000 3:14 PM > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] Compiling Kernel with PPP > > > > > > > > I too am also having difficulties integrating the ppp files into the > > kernel source for compilation. > > > > I using RedHat 6.2, with kernel-2.2.17. I read through the Redhat-HOWTO > > on the web site & followed the directions exactly. > > > > I received no compilation errors when building PPP with the 2 patches > > mppe patches. > > > > In the kernel config, I have IP chains, GRE tunnels over IP & PPP setup > > as mods. But once I ran make modules SUBDIRS=drivers/net, I get evil > > errors. > > > > Any help is appreciated. > > > > -Rob > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulteconsulting.com! > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! From vgill at technologist.com Wed Dec 6 16:41:50 2000 From: vgill at technologist.com (Vern H. Gill) Date: Wed, 6 Dec 2000 14:41:50 -0800 Subject: [pptp-server] Linux client can't stay connected Message-ID: <000601c05fd5$ba22f5e0$3705a8c0@gillnet.org> I can connect and add the route, which doesn't seem to work anyway. But, after a couple minutes it drops the connection. Here are my logs. Thanks. The problem seems to be related to CCP: timeout sending Config-Requests Also, the speed is only showing on the client machine as 38400, how can I get a higher speed? server log; Dec 6 14:18:06 linus kernel: ppp_ioctl: set flags to f09000b Dec 6 14:18:06 linus kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:18:06 linus kernel: ppp_ioctl: set flags to f090008 Dec 6 14:18:07 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:18:07 linus kernel: ppp_tty_ioctl: set rcv asyncmap 0 Dec 6 14:18:07 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:18:07 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:18:07 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:18:07 linus kernel: ppp: receive buffer, count = 18 Dec 6 14:18:07 linus kernel: 7E FF 7D 23 C0 21 7D 26 ~.}#.!}& Dec 6 14:18:07 linus kernel: 7D 22 7D 20 7D 24 94 7D }"} }$.} Dec 6 14:18:07 linus kernel: 2D 7E -~ Dec 6 14:18:07 linus kernel: ppp: receive buffer, count = 18 Dec 6 14:18:07 linus kernel: 7E FF 7D 23 C0 21 7D 26 ~.}#.!}& Dec 6 14:18:07 linus kernel: 7D 22 7D 20 7D 24 94 7D }"} }$.} Dec 6 14:18:07 linus kernel: 2D 7E -~ Dec 6 14:18:07 linus kernel: ppp: channel ppp2 closing. Dec 6 14:18:07 linus kernel: ppp2 released Dec 6 14:18:07 linus kernel: ppp2: ccp closed Dec 6 14:18:07 linus kernel: ppp_ioctl: set dbg flags to 90000 Dec 6 14:18:08 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:18:08 linus kernel: ppp_tty_ioctl: set xasyncmap Dec 6 14:18:08 linus kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:18:08 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:18:08 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:18:08 linus kernel: ppp_tty_ioctl: set rcv asyncmap ffffffff Dec 6 14:18:08 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:18:08 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:18:08 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:18:08 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:18:08 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:18:08 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:18:08 linus kernel: ppp: channel ppp2 closing. Dec 6 14:18:08 linus kernel: ppp2 released Dec 6 14:18:08 linus kernel: ppp2: ccp closed Dec 6 14:18:36 linus kernel: ppp: channel ppp1 closing. Dec 6 14:18:36 linus kernel: ppp1 released Dec 6 14:18:36 linus kernel: ppp1: ccp closed Dec 6 14:19:19 linus kernel: ppp_ioctl: set dbg flags to 90000 Dec 6 14:19:19 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:19:19 linus kernel: ppp_tty_ioctl: set xasyncmap Dec 6 14:19:19 linus kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:19:19 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:19:19 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:19:19 linus kernel: ppp_tty_ioctl: set rcv asyncmap ffffffff Dec 6 14:19:21 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:21 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:21 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:21 linus kernel: ppp: receive buffer, count = 46 Dec 6 14:19:21 linus kernel: 7E FF 7D 23 C0 21 7D 21 ~.}#.!}! Dec 6 14:19:21 linus kernel: 7D 21 7D 20 7D 34 7D 22 }!} }4}" Dec 6 14:19:21 linus kernel: 7D 26 7D 20 7D 20 7D 20 }&} } } Dec 6 14:19:21 linus kernel: 7D 20 7D 25 7D 26 7D 27 } }%}&}' Dec 6 14:19:21 linus kernel: FD BC EE 7D 27 7D 22 7D ...}'}"} Dec 6 14:19:21 linus kernel: 28 7D 22 E7 8D 7E (}"..~ Dec 6 14:19:21 linus kernel: ppp: tossing frame (e0) Dec 6 14:19:21 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:21 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:21 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:22 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:22 linus kernel: ppp: receive buffer, count = 46 Dec 6 14:19:22 linus kernel: 7E FF 7D 23 C0 21 7D 21 ~.}#.!}! Dec 6 14:19:22 linus kernel: 7D 21 7D 20 7D 34 7D 22 }!} }4}" Dec 6 14:19:22 linus kernel: 7D 26 7D 20 7D 20 7D 20 }&} } } Dec 6 14:19:22 linus kernel: 7D 20 7D 25 7D 26 7D 27 } }%}&}' Dec 6 14:19:22 linus kernel: FD BC EE 7D 27 7D 22 7D ...}'}"} Dec 6 14:19:22 linus kernel: 28 7D 22 E7 8D 7E (}"..~ Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:22 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:22 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:22 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:22 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:22 linus kernel: ppp: receive buffer, count = 60 Dec 6 14:19:22 linus kernel: 7E FF 7D 23 C0 21 7D 22 ~.}#.!}" Dec 6 14:19:22 linus kernel: 7D 21 7D 20 7D 3D 7D 21 }!} }=}! Dec 6 14:19:23 linus kernel: 7D 24 7D 25 D2 7D 22 7D }$}%.}"} Dec 6 14:19:23 linus kernel: 26 7D 20 7D 20 7D 20 7D &} } } } Dec 6 14:19:23 linus kernel: 20 7D 23 7D 25 C2 23 81 }#}%.#. Dec 6 14:19:23 linus kernel: 7D 25 7D 26 BE BE 7D 3E }%}&..}> Dec 6 14:19:23 linus kernel: B0 7D 27 7D 22 7D 28 7D .}'}"}(} Dec 6 14:19:23 linus kernel: 22 A6 DE 7E "..~ Dec 6 14:19:23 linus kernel: ppp_tty_ioctl: set xmit asyncmap 0 Dec 6 14:19:23 linus kernel: ppp_ioctl: set flags to f090003 Dec 6 14:19:23 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:19:23 linus kernel: ppp_tty_ioctl: set rcv asyncmap 0 Dec 6 14:19:23 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:23 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:23 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:23 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:23 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:23 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:23 linus kernel: ppp: receive buffer, count = 20 Dec 6 14:19:23 linus kernel: 7E C0 21 7D 2A 7D 20 7D ~.!}*} } Dec 6 14:19:23 linus kernel: 20 7D 28 7D 27 FD BC EE }(}'... Dec 6 14:19:23 linus kernel: 7D 36 EF 7E }6.~ Dec 6 14:19:23 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:23 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:24 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:24 linus kernel: ppp: receive buffer, count = 80 Dec 6 14:19:24 linus kernel: 7E C2 23 7D 22 7D 21 7D ~.#}"}!} Dec 6 14:19:24 linus kernel: 20 3B 31 75 35 AC 5B C2 ;1u5.[. Dec 6 14:19:24 linus kernel: B4 AC F6 7D 2F C8 70 3A ...}/.p: Dec 6 14:19:24 linus kernel: 5D D1 D9 E7 7D 20 7D 20 ]...} } Dec 6 14:19:24 linus kernel: 7D 20 7D 20 7D 20 7D 20 } } } } Dec 6 14:19:24 linus kernel: 7D 20 7D 20 6F 6D 9B B7 } } om.. Dec 6 14:19:24 linus kernel: 7D 2F 7D 30 C2 78 38 8B }/}0.x8. Dec 6 14:19:24 linus kernel: 52 74 4C A6 83 4E E0 35 RtL..N.5 Dec 6 14:19:24 linus kernel: 72 2B A2 E2 E3 E9 7D 20 r+....} Dec 6 14:19:24 linus kernel: 76 67 69 6C 6C F4 87 7E vgill..~ Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:24 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:24 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:24 linus kernel: ppp: receive buffer, count = 38 Dec 6 14:19:24 linus kernel: 7E 80 21 7D 21 7D 21 7D ~.!}!}!} Dec 6 14:19:24 linus kernel: 20 7D 30 7D 23 7D 26 7D }0}#}&} Dec 6 14:19:24 linus kernel: 20 7D 20 7D 20 7D 20 7D } } } } Dec 6 14:19:24 linus kernel: 22 7D 26 7D 20 2D 7D 2F "}&} -}/ Dec 6 14:19:24 linus kernel: 7D 21 27 7D 34 7E }!'}4~ Dec 6 14:19:24 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:24 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:25 linus kernel: ppp: receive buffer, count = 44 Dec 6 14:19:25 linus kernel: 7E 80 FD 7D 21 7D 21 7D ~..}!}!} Dec 6 14:19:25 linus kernel: 20 7D 35 7D 3A 7D 24 78 }5}:}$x Dec 6 14:19:25 linus kernel: 7D 20 7D 38 7D 24 78 7D } }8}$x} Dec 6 14:19:25 linus kernel: 20 7D 32 7D 26 7D 21 7D }2}&}!} Dec 6 14:19:25 linus kernel: 20 7D 20 60 7D 35 7D 23 } `}5}# Dec 6 14:19:25 linus kernel: 2F 6E 72 7E /nr~ Dec 6 14:19:25 linus kernel: ppp_proto_ccp rcvd=1 code=1 flags=f090003 Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:25 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:25 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:25 linus kernel: ppp: receive buffer, count = 36 Dec 6 14:19:25 linus kernel: 7E 80 21 7D 22 7D 21 7D ~.!}"}!} Dec 6 14:19:25 linus kernel: 20 7D 30 7D 23 7D 26 C0 }0}#}&. Dec 6 14:19:25 linus kernel: A8 7D 25 7D 21 7D 22 7D .}%}!}"} Dec 6 14:19:25 linus kernel: 26 7D 20 2D 7D 2F 7D 21 &} -}/}! Dec 6 14:19:25 linus kernel: 7D 3B 39 7E };9~ Dec 6 14:19:25 linus kernel: ppp_ioctl: set flags to f090043 Dec 6 14:19:25 linus kernel: ppp_proto_ccp rcvd=0 code=1 flags=f090043 Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:25 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:25 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:25 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:26 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:26 linus kernel: ppp: receive buffer, count = 25 Dec 6 14:19:26 linus kernel: 7E 80 FD 7D 24 7D 21 7D ~..}$}!} Dec 6 14:19:26 linus kernel: 20 7D 2A 7D 32 7D 26 7D }*}2}&} Dec 6 14:19:26 linus kernel: 21 7D 20 7D 20 40 56 8E !} } @V. Dec 6 14:19:26 linus kernel: 7E ~ Dec 6 14:19:26 linus kernel: ppp_proto_ccp rcvd=1 code=4 flags=f090043 Dec 6 14:19:26 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:26 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:26 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:26 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:26 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:26 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:26 linus kernel: ppp: receive buffer, count = 36 Dec 6 14:19:26 linus kernel: 7E 80 21 7D 21 7D 22 7D ~.!}!}"} Dec 6 14:19:26 linus kernel: 20 7D 30 7D 23 7D 26 C0 }0}#}&. Dec 6 14:19:26 linus kernel: A8 7D 25 7D 2B 7D 22 7D .}%}+}"} Dec 6 14:19:26 linus kernel: 26 7D 20 2D 7D 2F 7D 21 &} -}/}! Dec 6 14:19:26 linus kernel: 7D 33 92 7E }3.~ Dec 6 14:19:27 linus kernel: ppp_proto_ccp rcvd=0 code=4 flags=f090043 Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:27 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:27 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:27 linus kernel: ppp: receive buffer, count = 31 Dec 6 14:19:27 linus kernel: 7E 80 FD 7D 21 7D 22 7D ~..}!}"} Dec 6 14:19:27 linus kernel: 20 7D 2D 7D 32 7D 26 7D }-}2}&} Dec 6 14:19:27 linus kernel: 21 7D 20 7D 20 60 7D 35 !} } `}5 Dec 6 14:19:27 linus kernel: 7D 23 2F CE 7D 35 7E }#/.}5~ Dec 6 14:19:27 linus kernel: ppp_proto_ccp rcvd=1 code=1 flags=f090043 Dec 6 14:19:27 linus kernel: ppp_proto_ccp rcvd=0 code=1 flags=f090043 Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:27 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=1 PROTO=880B Dec 6 14:19:27 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:27 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:27 linus kernel: ppp: receive buffer, count = 20 Dec 6 14:19:27 linus kernel: 7E 80 FD 7D 22 7D 22 7D ~..}"}"} Dec 6 14:19:27 linus kernel: 20 7D 27 7D 35 7D 23 2F }'}5}#/ Dec 6 14:19:27 linus kernel: 7D 2F AB 7E }/.~ Dec 6 14:19:27 linus kernel: ppp_proto_ccp rcvd=1 code=2 flags=f090043 Dec 6 14:19:27 linus kernel: ppp1: decomp running Dec 6 14:19:28 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 VER=81 PROTO=880B Dec 6 14:19:28 linus kernel: ip_masq_in_get_gre(): lookup 192.168.5.53->192.168.5.1 CID=0 FAIL Dec 6 14:19:28 linus kernel: ip_demasq_gre(): 192.168.5.53 -> 192.168.5.1 CID=0 no masq table, discarding Dec 6 14:19:28 linus kernel: ppp_ioctl: set maxcid to 16 Dec 6 14:19:28 linus kernel: ppp_ioctl: set flags to f092047 Dec 6 14:19:28 linus kernel: ppp: set np 0 to 0 Dec 6 14:19:28 linus kernel: ppp_proto_ccp rcvd=0 code=3 flags=f092047 Dec 6 14:19:31 linus kernel: ppp_proto_ccp rcvd=0 code=1 flags=f090047 Dec 6 14:19:58 linus last message repeated 9 times Dec 6 14:21:59 linus kernel: ppp_ioctl: set flags to f09004b Dec 6 14:21:59 linus kernel: ppp: set np 0 to 1 Dec 6 14:21:59 linus kernel: ppp1: ccp closed Dec 6 14:21:59 linus kernel: ppp_ioctl: set flags to f09000b Dec 6 14:21:59 linus kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:21:59 linus kernel: ppp_ioctl: set flags to f090008 Dec 6 14:21:59 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:21:59 linus kernel: ppp_tty_ioctl: set rcv asyncmap 0 Dec 6 14:22:05 linus kernel: ppp: channel ppp1 closing. Dec 6 14:22:05 linus kernel: ppp1 released Dec 6 14:22:05 linus kernel: ppp1: ccp closed Dec 6 14:22:05 linus kernel: ppp_ioctl: set dbg flags to 90000 Dec 6 14:22:05 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:22:05 linus kernel: ppp_tty_ioctl: set xasyncmap Dec 6 14:22:05 linus kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:22:05 linus kernel: ppp_ioctl: set flags to 90000 Dec 6 14:22:05 linus kernel: ppp_ioctl: set mru to 5dc Dec 6 14:22:05 linus kernel: ppp_tty_ioctl: set rcv asyncmap ffffffff Dec 6 14:23:50 linus kernel: ppp: channel ppp1 closing. Dec 6 14:23:50 linus kernel: ppp1 released Dec 6 14:23:50 linus kernel: ppp1: ccp closed client log; Dec 6 14:23:35 patty (unknown)[1214]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:531]: Client connection established. Dec 6 14:23:36 patty (unknown)[1214]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:637]: Outgoing call established. Dec 6 14:23:36 patty pppd[1216]: pppd 2.3.11 started by root, uid 0 Dec 6 14:23:36 patty kernel: ppp_ioctl: set dbg flags to 90000 Dec 6 14:23:36 patty kernel: ppp_ioctl: set flags to 90000 Dec 6 14:23:36 patty pppd[1216]: Using interface ppp0 Dec 6 14:23:36 patty pppd[1216]: Connect: ppp0 <--> /dev/ttya0 Dec 6 14:23:36 patty kernel: ppp_tty_ioctl: set xasyncmap Dec 6 14:23:36 patty kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff Dec 6 14:23:36 patty kernel: ppp_ioctl: set flags to 90000 Dec 6 14:23:36 patty kernel: ppp_ioctl: set mru to 5dc Dec 6 14:23:36 patty kernel: ppp_tty_ioctl: set rcv asyncmap ffffffff Dec 6 14:23:39 patty kernel: ppp_tty_ioctl: set xmit asyncmap 0 Dec 6 14:23:39 patty kernel: ppp_ioctl: set flags to f090003 Dec 6 14:23:39 patty kernel: ppp_ioctl: set mru to 5dc Dec 6 14:23:39 patty kernel: ppp_tty_ioctl: set rcv asyncmap 0 Dec 6 14:23:41 patty pppd[1216]: Remote message: S=C75A1445D4B3404B8A9CC90DE90429BE54B8B049 Dec 6 14:23:41 patty kernel: ppp_ioctl: set flags to f090043 Dec 6 14:23:44 patty kernel: ppp_ioctl: set maxcid to 16 Dec 6 14:23:44 patty kernel: ppp_ioctl: set flags to f091047 Dec 6 14:23:44 patty pppd[1216]: found interface eth0 for proxy arp Dec 6 14:23:44 patty pppd[1216]: local IP address 192.168.5.11 Dec 6 14:23:44 patty pppd[1216]: remote IP address 192.168.5.1 Dec 6 14:24:15 patty pppd[1216]: CCP: timeout sending Config-Requests Dec 6 14:25:39 patty (unknown)[1214]: log[pptp_conn_close:pptp_ctrl.c:275]: Closing PPTP connection From xfzhu at seu.edu.cn Wed Dec 6 21:17:55 2000 From: xfzhu at seu.edu.cn (Zhu Xiaofeng) Date: Thu, 7 Dec 2000 11:17:55 +0800 Subject: [pptp-server] "proxyarp" or " route" References: <90C35E9FADC0D41184770000E860EB4901BCAD@cittech> Message-ID: <004d01c05ffc$4aa9c050$521877ca@SUNSHINE> Hi: Thank u for help. I know "proxyarp" run on the server side(PPTPD) . I had thought it was PPP client side IP address (in PPTP say remote IP ) should be proxyarp-ed out by PPTP server .But actually the local IP address was proxyarp-ed out. So another computer on Lan can't get an arp reply of PPTP remote IP address . Dec 7 10:22:43 linux pptpd[4869]: CTRL: Client x.x.x.82 control connection started Dec 7 10:22:43 linux pptpd[4869]: CTRL: Starting call (launching pppd, openingGRE) Dec 7 10:22:43 linux modprobe: modprobe: Can't locate module char-major-108 Dec 7 10:22:43 linux kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 7 10:22:43 linux kernel: PPP: version 2.3.7 (demand dialling) Dec 7 10:22:43 linux kernel: PPP line discipline registered. Dec 7 10:22:43 linux kernel: registered device ppp0 Dec 7 10:22:43 linux pptpd[4869]: GRE: Discarding duplicate packet Dec 7 10:22:43 linux pppd[4870]: pppd 2.3.10 started by root, uid 0 Dec 7 10:22:43 linux pppd[4870]: Using interface ppp0 Dec 7 10:22:43 linux pppd[4870]: Connect: ppp0 <--> /dev/pts/2 Dec 7 10:22:45 linux pptpd[4869]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 7 10:22:46 linux kernel: PPP BSD Compression module registered Dec 7 10:22:46 linux kernel: PPP Deflate Compression module registered Dec 7 10:22:46 linux pppd[4870]: CHAP peer authentication succeeded for billy Dec 7 10:22:46 linux pppd[4870]: found interface eth0 for proxy arp Dec 7 10:22:46 linux pppd[4870]: local IP address x.x.x.221 Dec 7 10:22:46 linux pppd[4870]: remote IP address x.x.x.231 So ping x.x.x.221 is accessable from x.x.x.99 ping x.x.x.231 is not accessable form x.x.x.99 ----- Original Message ----- From: "George Vieira" To: "'Zhu Xiaofeng'" Cc: "PPTP List (E-mail)" Sent: Wednesday, December 06, 2000 5:00 PM Subject: RE: [pptp-server] "proxyarp" or " route" > proxyarp should be running on the server side (PPTPD). > Can the (x.x.x.1) client ping x.x.x.2 OK as well as x.x.x.3 . Or does it > ping only the .2 server? > > Your logs should also mention about proxyarp attaching to the ETH0/1/2 > device. eg. > > "Dec 4 06:43:27 linuxdev pppd[24131]: found interface eth0 for proxy arp" > > > This means that proxy arp is using the local ETH0 device to listen for > requests to x.x.x.1 > > Can you sent us some logs on the server side. > > -----Original Message----- > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > Sent: Wednesday, December 06, 2000 6:02 PM > To: George Vieira > Cc: PPTP List (E-mail) > Subject: Re: [pptp-server] "proxyarp" or " route" > > > My question is : > When PPTP client connect to PPTP(PoPToP) server , it set up a ppp connection > between Server and Client . And Client get an IP for PPP client side > and Server get an IP for PPP server side . > Is it the PPP client side IP address "proxyarp" > or the PPP server side IP address "proxyarp"? > > Client <-------PPP OVER PPTP--------> SERVER > x.x.x.1 x.x.x.2 > Though on x.x.x.3 ping x.x.x.1 and x.x.x.2: > x.x.x.1 is not accessable > x.x.x.2 is accessable. > > But when I use Microsoft PPTP server , the result is on the contrary. > > I use sniffer to watch IP data .It didn't seem that ARP reply was sent out > as what I had thought by PoPToP SERVER . > > ----- Original Message ----- > From: "George Vieira" > To: "'Zhu Xiaofeng'" > Cc: "PPTP List (E-mail)" > Sent: Tuesday, December 05, 2000 11:43 AM > Subject: RE: [pptp-server] "proxyarp" or " route" > > > > I think you need IP forwarding (Not IP masquerading) turned on.. > > > > Have your got any IPCHAINS rules turned on which might be killing it? > > Can you use tcpdump to determine where the pings are going? > > > > > > -----Original Message----- > > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > > Sent: Tuesday, December 05, 2000 1:55 PM > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] "proxyarp" or " route" > > > > > > Hi everyone: > > > > I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network configuration > is > > following: > > > > PoPToP server cisco router > > x.x.24.198 <--------> x.x.24.1 <----> real Internet > > | > > | > > | > > win2000 > > x.x.24.99 > > > > /etc/ppp/options > > > > debug > > name linux > > auth > > require-chap > > proxyarp > > > > /etc/pptpd.conf > > > > option /etc/ppp/options > > debug > > speed 115200 > > localip x.x.24.220-229 > > remoteip x.x.24.230-239 > > > > My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access real > > Internet. > > All address are real IP addresses.I don't think it need NAT or IP MASQE > .Is > > it OK? > > Should I do more configration on x.x.24.198 ? > > > > When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client > > address x.x.24.230 and PPP > > server address is x.x.24.220 . Ping x.x.24.230 is not accessable but > > x.x.24.220 is accessable from other > > computer x.x.24.200 .I don't know much about "proxyarp",but I think it is > > x.x.24.230 that can be accessable. > > Why? > > > > > > xfzhu. > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulteconsulting.com! > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulteconsulting.com! > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From ajlill at ajlc.waterloo.on.ca Thu Dec 7 00:36:34 2000 From: ajlill at ajlc.waterloo.on.ca (Tony Lill) Date: Thu, 07 Dec 2000 01:36:34 EST Subject: [pptp-server] Connecting problem Caught signal 11 In-Reply-To: Your message of "Mon, 27 Nov 2000 16:28:03 GMT." <20001127162803.E3079@greenspot> Message-ID: <200012070636.BAA10291@spider.ajlc.waterloo.on.ca> That's caused by a bug in the ppp daemon. There is a call to lcpdebug with the incorrect numbero of arguments in lcp.c where it handles one of the callback messages: Index: pppd/lcp.c =================================================================== RCS file: /CVSROOT/network/daemons/ppp/pppd/lcp.c,v retrieving revision 1.1.1.1 diff -c -r1.1.1.1 lcp.c *** pppd/lcp.c 2000/09/07 03:38:37 1.1.1.1 --- pppd/lcp.c 2000/12/07 06:35:23 *************** *** 1538,1544 **** #ifdef CBCP_SUPPORT case CI_CALLBACK: ! LCPDEBUG((LOG_INFO, "lcp_reqci: rcvd CBCP")); if (!ao->neg_cbcp || cilen != CILEN_CHAR) { orc = CONFREJ; --- 1538,1544 ---- #ifdef CBCP_SUPPORT case CI_CALLBACK: ! LCPDEBUG(("lcp_reqci: rcvd CBCP")); if (!ao->neg_cbcp || cilen != CILEN_CHAR) { orc = CONFREJ; >>>>> "Martin" == Martin Feeney writes: Martin> On Mon, 27 Nov 2000 16:00:25 NorbertSchmidt wrote: >> Nov 27 16:52:01 notes pppd[8647]: rcvd [LCP ConfReq id=0x0 >> < 11 04 06 4e> < 13 17 01 0x2fc1> 5d f3 >> df 90 c4 77 11 d4 ab 3e 00 04 ac 3d 38 58 00 00 00 00>] Nov 27 >> 16:52:01 notes pppd[8647]: Fatal signal 11 >> I guess the Fatal signal 11 and the line before that are where >> the problem is, but I couldn't find anything in the FAQ's. >> What'S wrong??? Martin> NT, even though it's not requesting a callback seems to Martin> want to know what level of support is provided for Martin> callbacks. Martin> Try putting one or both of the following in your Martin> pptpd.options file: Martin> -callback nocallback Martin> Martin. Martin> _______________________________________________ Martin> pptp-server maillist - pptp-server at lists.schulte.org Martin> http://lists.schulte.org/mailman/listinfo/pptp-server List Martin> services provided by www.schulteconsulting.com! From dargento at ibsd.com Thu Dec 7 06:49:49 2000 From: dargento at ibsd.com (Andreas D'ARgento) Date: Thu, 07 Dec 2000 13:49:49 +0100 Subject: [pptp-server] VPN Message-ID: <3A2F876D.5030001@ibsd.com> Hi, i've got problems connecting a MS Windows NT4.0 Workstation to a Suse Linux 6.4 PPTP Server the authetication etc... seems to work... but at the end i am running in timeouts. Here is the syslog... Dec 7 13:49:06 inka pptpd[246]: CTRL: pty_fd = 5 Dec 7 13:49:06 inka pptpd[246]: CTRL: tty_fd = 6 Dec 7 13:49:06 inka pptpd[246]: CTRL: I wrote 32 bytes to the client. Dec 7 13:49:06 inka pptpd[247]: CTRL (PPPD Launcher): Connection speed = 115200 Dec 7 13:49:06 inka pptpd[247]: CTRL (PPPD Launcher): local address = 192.168.0.1 Dec 7 13:49:06 inka pptpd[247]: CTRL (PPPD Launcher): remote address = 192.168.0.201 Dec 7 13:49:06 inka pptpd[246]: CTRL: Sent packet to client Dec 7 13:49:06 inka pptpd[246]: CTRL: Received PPTP Control Message (type: 15) Dec 7 13:49:06 inka pptpd[246]: CTRL: Got a SET LINK INFO packet with standard ACCMs Dec 7 13:49:06 inka pppd[247]: pppd 2.3.11 started by root, uid 0 Dec 7 13:49:06 inka pppd[247]: Using interface ppp0 Dec 7 13:49:06 inka pppd[247]: Connect: ppp0 <--> /dev/pts/1 Dec 7 13:49:06 inka pppd[247]: sent [LCP ConfReq id=0x1 ] Dec 7 13:49:06 inka pppd[247]: Timeout 0x8050ba0:0x807a2c0 in 3 seconds. Dec 7 13:49:06 inka pppd[247]: rcvd [LCP ConfReq id=0x0 ] Dec 7 13:49:06 inka pppd[247]: lcp_reqci: returning CONFACK. Dec 7 13:49:06 inka pppd[247]: sent [LCP ConfAck id=0x0 ] Dec 7 13:49:06 inka pptpd[246]: CTRL: Received PPTP Control Message (type: 15) Dec 7 13:49:06 inka pptpd[246]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 7 13:49:06 inka pppd[247]: rcvd [LCP ConfAck id=0x1 ] Dec 7 13:49:06 inka pppd[247]: Untimeout 0x8050ba0:0x807a2c0. Dec 7 13:49:06 inka pppd[247]: sent [LCP EchoReq id=0x0 magic=0x8a09821d] Dec 7 13:49:06 inka pppd[247]: Timeout 0x80537f0:0x807a2c0 in 30 seconds. Dec 7 13:49:06 inka pppd[247]: cbcp_lowerup Dec 7 13:49:06 inka pppd[247]: want: 2 Dec 7 13:49:06 inka pppd[247]: sent [CHAP Challenge id=0x1 , name = "inka"] Dec 7 13:49:06 inka pppd[247]: Timeout 0x80569f0:0x807a5a0 in 3 seconds. Dec 7 13:49:06 inka pppd[247]: rcvd [LCP EchoRep id=0x0 magic=0x190c] Dec 7 13:49:06 inka pppd[247]: rcvd [CHAP Response id=0x1 <70899f7eb492996a63432e434a82a1060000000000000000955f0370a68537efe1ebadb1 3b9e6fa967c75bc1783cc43a00>, name = "IBSD\\dhw-rd"] Dec 7 13:49:06 inka pppd[247]: Untimeout 0x80569f0:0x807a5a0. Dec 7 13:49:06 inka pppd[247]: ChapReceiveResponse: rcvd type MS-CHAP-V2 Dec 7 13:49:06 inka pppd[247]: sent [CHAP Success id=0x1 "S=D79069322FA66270C7C85EE10DC553111E8FA3F1"] Dec 7 13:49:06 inka pppd[247]: cbcp_open Dec 7 13:49:06 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:06 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:06 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:06 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:06 inka pppd[247]: MSCHAP-v2 peer authentication succeeded for IBSD\\dhw-rd Dec 7 13:49:09 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:09 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:09 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:09 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:12 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:12 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:12 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:12 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:15 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:15 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:15 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:15 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:18 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:18 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:18 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:18 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:21 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:21 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:21 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:21 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:24 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:24 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:24 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:24 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:27 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:27 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:27 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:27 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:30 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:30 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:30 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:30 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:33 inka pppd[247]: sent [IPCP ConfReq id=0x1 ] Dec 7 13:49:33 inka pppd[247]: Timeout 0x8050ba0:0x807a520 in 3 seconds. Dec 7 13:49:33 inka pppd[247]: sent [CCP ConfReq id=0x1 ] Dec 7 13:49:33 inka pppd[247]: Timeout 0x8050ba0:0x807a640 in 3 seconds. Dec 7 13:49:36 inka pppd[247]: sent [LCP EchoReq id=0x1 magic=0x8a09821d] Dec 7 13:49:36 inka pppd[247]: Timeout 0x80537f0:0x807a2c0 in 30 seconds. Dec 7 13:49:36 inka pppd[247]: rcvd [LCP EchoRep id=0x1 magic=0x190c] Dec 7 13:49:36 inka pppd[247]: IPCP: timeout sending Config-Requests Dec 7 13:49:36 inka pppd[247]: Untimeout 0x80537f0:0x807a2c0. Dec 7 13:49:36 inka pppd[247]: cbcp_lowerdown Dec 7 13:49:36 inka pppd[247]: Untimeout 0x8050ba0:0x807a640. Dec 7 13:49:36 inka pppd[247]: sent [LCP TermReq id=0x2 "No network protocols running"] Dec 7 13:49:36 inka pppd[247]: Timeout 0x8050ba0:0x807a2c0 in 3 seconds. Dec 7 13:49:36 inka pptpd[246]: CTRL: Received PPTP Control Message (type: 15) Dec 7 13:49:36 inka pptpd[246]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 7 13:49:36 inka pppd[247]: rcvd [LCP TermAck id=0x2] Dec 7 13:49:36 inka pppd[247]: Untimeout 0x8050ba0:0x807a2c0. Dec 7 13:49:36 inka pppd[247]: Connection terminated. Dec 7 13:49:36 inka pppd[247]: Connect time 0.5 minutes. Dec 7 13:49:36 inka pppd[247]: Sent 904 bytes, received 227 bytes. Dec 7 13:49:36 inka pppd[247]: Exit. Dec 7 13:49:36 inka pptpd[246]: GRE: read(fd=5,buffer=804dac0,len=8196) from PTY failed: status = -1 error = Input/output error Dec 7 13:49:36 inka pptpd[246]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) Dec 7 13:49:36 inka pptpd[246]: CTRL: Client 213.68.117.101 control connection finished Dec 7 13:49:36 inka pptpd[246]: CTRL: Exiting now Dec 7 13:49:36 inka pptpd[245]: MGR: Reaped child 246 What is the reason for this ?? can anybody help me? Best regards Andreas D'Argento From news at eflorian.de Thu Dec 7 08:18:42 2000 From: news at eflorian.de (Florian Eggert) Date: Thu, 7 Dec 2000 15:18:42 +0100 Subject: [pptp-server] Connect linux PPTP server with NT VPN server? Message-ID: <000701c06058$9a7e2240$0301a8c0@mercury> Hi! I need some help with setting up the pptp server the way I need it. This is my situation. Windows NT Box -- LAN -- Linux Box -- Internet -- VPN Server (running NT). I need to connect to the NT VPN server with my own NT box. I can access the internet only via my linux box. The linux machine is also running a firewall. I can ping the ip address of the NT VPN server, but connect to it. I think this is due to the lack of pptp ipsec masquerading support of my linux (2.2.16). Now the big question: Would it be a solution for me to set up the pptp server on my linux box? Can I connect the linux pptp server with the VPN NT server and then access this connection from my own NT machine? Any help is appreciated, since a solution is very important for me. Thanks, Florian From admin at balticom.lv Thu Dec 7 11:03:57 2000 From: admin at balticom.lv (Dmitry N. Shevchuk) Date: Thu, 7 Dec 2000 19:03:57 +0200 Subject: [pptp-server] Win9x encryption problems Message-ID: <000801c0606f$b0680fa0$0b0aa8c0@admin> I've setup pptpd-1.0.1 with ppp-2.3.11. When I check the box "Require data encryption" on my Win98 box, it connects, but doesn't actualy work. When I desect this option all works fine. With Win2000 and WinME encryption works fine. Does anyone know why? Is the problem in Win98(as Win2000 and ME works) or in pptpd/pppd on my Linux box(Slackware 2.2.17)? Dmitry N. Shevchuk -------------- next part -------------- An HTML attachment was scrubbed... URL: From Steve at SteveCowles.com Thu Dec 7 11:05:37 2000 From: Steve at SteveCowles.com (Cowles, Steve) Date: Thu, 7 Dec 2000 11:05:37 -0600 Subject: [pptp-server] Connect linux PPTP server with NT VPN server? Message-ID: <90769AF04F76D41186C700A0C90AFC3EE5C5@defiant.infohiiway.com> > -----Original Message----- > From: Florian Eggert [mailto:news at eflorian.de] > Sent: Thursday, December 07, 2000 8:19 AM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Connect linux PPTP server with NT VPN server? > > > Hi! > I need some help with setting up the pptp server the way I need it. > This is my situation. > > Windows NT Box -- LAN -- Linux Box -- Internet -- VPN Server > (running NT). > > I need to connect to the NT VPN server with my own NT box. I > can access the internet only via my linux box. The linux machine > is also running a firewall. I can ping the ip address of the NT > VPN server, but connect to it. I think this is due to the lack > of pptp ipsec masquerading support of my linux (2.2.16). > Now the big question: Would it be a solution for me to set up the > pptp server on my linux box? Can I connect the linux pptp server > with the VPN NT server and then access this connection from my > own NT machine? > Any help is appreciated, since a solution is very important for me. > > Thanks, > Florian I think you are limited to the two options (solutions) you talked about in your post. Both will work. They are just implemented differently. Connecting from your WinNT box (behind Linux firewall): 1) You will need to apply John Hardin's VPN masq patches to your firewalls kernel. 2) Open the appropriate port/protocols for PPTP. protocol 47/TCP port 1723 Connecting from firewall with PPTP client (not server): 1) No need to apply John Hardin's VPN masq patches 2) Open the appropriate port/protocols for PPTP. protocol 47/TCP port 1723 3) Insure routing tables and ipchain rules reflect using PPP device for packets destined for the remote LAN. The later option is typically considered a LAN to LAN tunnel as opposed to a HOST to LAN tunnel in the first option. Although, you really have not specified the LAN (if any) at the remote NT VPN server. Steve Cowles From rcd at amherst.com Thu Dec 7 15:41:16 2000 From: rcd at amherst.com (Rob) Date: Thu, 07 Dec 2000 16:41:16 -0500 Subject: [pptp-server] My Goal References: <3A2F876D.5030001@ibsd.com> Message-ID: <3A3003FC.9544BA46@amherst.com> Here's a quick question. I'm at the point where I have to update the ipchains (according to the Setup Guide). Here is how my network is setup. I have the main firewall. Everything else is in behind it. The firewall ip-masq & ip-forwards. The PPTP server is inside the firewall. Now do I execute those ipchain rules to the PPTP server or to the firewall? I assume that some must be done to the PPTP server (like accepting all pptp connections). I'm just not 100% sure which ones I should implement onto the PPTP server. -Rob From xfzhu at seu.edu.cn Thu Dec 7 20:05:06 2000 From: xfzhu at seu.edu.cn (Zhu Xiaofeng) Date: Fri, 8 Dec 2000 10:05:06 +0800 Subject: [pptp-server] "proxyarp" or " route" References: <90C35E9FADC0D41184770000E860EB4901BCC1@cittech> Message-ID: <003701c060bb$48cd2a50$521877ca@SUNSHINE> I don't know how to set up route . So I send u my log and "netstat" result . PPTP Client is Win2000 with LAN IP 202.119.24.82 . PPTP Server is Turbo Linux 6.0 with LAN IP 202.119.24.198 Default Route is 202.119.24.1 "log message" Dec 8 10:07:25 linux pppd[5531]: Using interface ppp0 Dec 8 10:07:25 linux pppd[5531]: Connect: ppp0 <--> /dev/pts/2 Dec 8 10:07:27 linux pptpd[5530]: CTRL: Ignored a SET LINK INFO packet with rea l ACCMs! Dec 8 10:07:27 linux kernel: PPP BSD Compression module registered Dec 8 10:07:27 linux kernel: PPP Deflate Compression module registered Dec 8 10:07:27 linux pppd[5531]: CHAP peer authentication succeeded for billy Dec 8 10:07:27 linux pppd[5531]: found interface eth0 for proxy arp Dec 8 10:07:27 linux pppd[5531]: local IP address 202.119.24.220 Dec 8 10:07:27 linux pppd[5531]: remote IP address 202.119.24.230 "netstat -rn" Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 202.119.24.230 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 202.119.24.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 202.119.24.1 0.0.0.0 UG 0 0 0 eth0 Only PPTP server can ping 202.119.24.230 . Why another computer can't access 202.119.24.230(PPTP remote IP address) ? If u had set up PPTP before ,would u mind sent ur configuration to me ? Thank u. ----- Original Message ----- From: "George Vieira" To: "'Zhu Xiaofeng'" Sent: Thursday, December 07, 2000 5:44 PM Subject: RE: [pptp-server] "proxyarp" or " route" > I don't think your route would be added automatically unless you specify > defaultroute in pppd options which is a no no when you are already on > internet.. > > do a `netstat -rn` and get the list of the routes when connected.. > > should add like this when connected > > route add -net x.x.x.o/24 gw x.x.x.221 > > -----Original Message----- > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > Sent: Thursday, December 07, 2000 6:36 PM > To: George Vieira > Subject: Re: [pptp-server] "proxyarp" or " route" > > > All address are in same LAN . > Should I add route ? > I can access PPTP server's real address x.x.x.198 through VPN. I think > route table is added automaticly. > > Thank u. > > ----- Original Message ----- > From: "George Vieira" > To: "'Zhu Xiaofeng'" > Sent: Thursday, December 07, 2000 11:25 AM > Subject: RE: [pptp-server] "proxyarp" or " route" > > > > did you add the routes for the VPN lan??? > > > > -----Original Message----- > > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > > Sent: Thursday, December 07, 2000 2:18 PM > > To: pptp-server at lists.schulte.org > > Cc: George Vieira > > Subject: Re: [pptp-server] "proxyarp" or " route" > > > > > > Hi: > > Thank u for help. > > I know "proxyarp" run on the server side(PPTPD) . I had thought it > was > > PPP client side > > IP address (in PPTP say remote IP ) should be proxyarp-ed out by PPTP > > server .But actually > > the local IP address was proxyarp-ed out. So another computer on Lan can't > > get an arp reply of > > PPTP remote IP address . > > > > Dec 7 10:22:43 linux pptpd[4869]: CTRL: Client x.x.x.82 control > connection > > started > > Dec 7 10:22:43 linux pptpd[4869]: CTRL: Starting call (launching pppd, > > openingGRE) > > Dec 7 10:22:43 linux modprobe: modprobe: Can't locate module > char-major-108 > > Dec 7 10:22:43 linux kernel: CSLIP: code copyright 1989 Regents of the > > University of California > > Dec 7 10:22:43 linux kernel: PPP: version 2.3.7 (demand dialling) > > Dec 7 10:22:43 linux kernel: PPP line discipline registered. > > Dec 7 10:22:43 linux kernel: registered device ppp0 > > Dec 7 10:22:43 linux pptpd[4869]: GRE: Discarding duplicate packet > > Dec 7 10:22:43 linux pppd[4870]: pppd 2.3.10 started by root, uid 0 > > Dec 7 10:22:43 linux pppd[4870]: Using interface ppp0 > > Dec 7 10:22:43 linux pppd[4870]: Connect: ppp0 <--> /dev/pts/2 > > Dec 7 10:22:45 linux pptpd[4869]: CTRL: Ignored a SET LINK INFO packet > with > > real ACCMs! > > Dec 7 10:22:46 linux kernel: PPP BSD Compression module registered > > Dec 7 10:22:46 linux kernel: PPP Deflate Compression module registered > > Dec 7 10:22:46 linux pppd[4870]: CHAP peer authentication succeeded for > > billy > > Dec 7 10:22:46 linux pppd[4870]: found interface eth0 for proxy arp > > Dec 7 10:22:46 linux pppd[4870]: local IP address x.x.x.221 > > Dec 7 10:22:46 linux pppd[4870]: remote IP address x.x.x.231 > > > > So ping x.x.x.221 is accessable from x.x.x.99 > > ping x.x.x.231 is not accessable form x.x.x.99 > > > > > > ----- Original Message ----- > > From: "George Vieira" > > To: "'Zhu Xiaofeng'" > > Cc: "PPTP List (E-mail)" > > Sent: Wednesday, December 06, 2000 5:00 PM > > Subject: RE: [pptp-server] "proxyarp" or " route" > > > > > > > proxyarp should be running on the server side (PPTPD). > > > Can the (x.x.x.1) client ping x.x.x.2 OK as well as x.x.x.3 . Or does it > > > ping only the .2 server? > > > > > > Your logs should also mention about proxyarp attaching to the ETH0/1/2 > > > device. eg. > > > > > > "Dec 4 06:43:27 linuxdev pppd[24131]: found interface eth0 for proxy > arp" > > > > > > > > > This means that proxy arp is using the local ETH0 device to listen for > > > requests to x.x.x.1 > > > > > > Can you sent us some logs on the server side. > > > > > > -----Original Message----- > > > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > > > Sent: Wednesday, December 06, 2000 6:02 PM > > > To: George Vieira > > > Cc: PPTP List (E-mail) > > > Subject: Re: [pptp-server] "proxyarp" or " route" > > > > > > > > > My question is : > > > When PPTP client connect to PPTP(PoPToP) server , it set up a ppp > > connection > > > between Server and Client . And Client get an IP for PPP client side > > > and Server get an IP for PPP server side . > > > Is it the PPP client side IP address "proxyarp" > > > or the PPP server side IP address "proxyarp"? > > > > > > Client <-------PPP OVER PPTP--------> SERVER > > > x.x.x.1 x.x.x.2 > > > Though on x.x.x.3 ping x.x.x.1 and x.x.x.2: > > > x.x.x.1 is not accessable > > > x.x.x.2 is accessable. > > > > > > But when I use Microsoft PPTP server , the result is on the contrary. > > > > > > I use sniffer to watch IP data .It didn't seem that ARP reply was sent > > out > > > as what I had thought by PoPToP SERVER . > > > > > > ----- Original Message ----- > > > From: "George Vieira" > > > To: "'Zhu Xiaofeng'" > > > Cc: "PPTP List (E-mail)" > > > Sent: Tuesday, December 05, 2000 11:43 AM > > > Subject: RE: [pptp-server] "proxyarp" or " route" > > > > > > > > > > I think you need IP forwarding (Not IP masquerading) turned on.. > > > > > > > > Have your got any IPCHAINS rules turned on which might be killing it? > > > > Can you use tcpdump to determine where the pings are going? > > > > > > > > > > > > -----Original Message----- > > > > From: Zhu Xiaofeng [mailto:xfzhu at seu.edu.cn] > > > > Sent: Tuesday, December 05, 2000 1:55 PM > > > > To: pptp-server at lists.schulte.org > > > > Subject: [pptp-server] "proxyarp" or " route" > > > > > > > > > > > > Hi everyone: > > > > > > > > I setup PoPToP 1.0.0 on my Turbo linux 6.0 . My network > configuration > > > is > > > > following: > > > > > > > > PoPToP server cisco router > > > > x.x.24.198 <--------> x.x.24.1 <----> real Internet > > > > | > > > > | > > > > | > > > > win2000 > > > > x.x.24.99 > > > > > > > > /etc/ppp/options > > > > > > > > debug > > > > name linux > > > > auth > > > > require-chap > > > > proxyarp > > > > > > > > /etc/pptpd.conf > > > > > > > > option /etc/ppp/options > > > > debug > > > > speed 115200 > > > > localip x.x.24.220-229 > > > > remoteip x.x.24.230-239 > > > > > > > > My idea is to let x.x.24.99 dial on x.x.24.198 via PPTP to access > real > > > > Internet. > > > > All address are real IP addresses.I don't think it need NAT or IP > MASQE > > > .Is > > > > it OK? > > > > Should I do more configration on x.x.24.198 ? > > > > > > > > When I dial up from x.x.24.99 to x.x.24.198 ,win2000 get PPP client > > > > address x.x.24.230 and PPP > > > > server address is x.x.24.220 . Ping x.x.24.230 is not accessable but > > > > x.x.24.220 is accessable from other > > > > computer x.x.24.200 .I don't know much about "proxyarp",but I think it > > is > > > > x.x.24.230 that can be accessable. > > > > Why? > > > > > > > > > > > > xfzhu. > > > > > > > > > > > > _______________________________________________ > > > > pptp-server maillist - pptp-server at lists.schulte.org > > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > > List services provided by www.schulteconsulting.com! > > > > _______________________________________________ > > > > pptp-server maillist - pptp-server at lists.schulte.org > > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > > List services provided by www.schulteconsulting.com! > > > > > > > _______________________________________________ > > > pptp-server maillist - pptp-server at lists.schulte.org > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > List services provided by www.schulteconsulting.com! > > > > > > From opjose at EX-PRESSNET.COM Fri Dec 8 02:25:41 2000 From: opjose at EX-PRESSNET.COM (Jose M. Sanchez) Date: Fri, 8 Dec 2000 03:25:41 -0500 Subject: [pptp-server] Mandrake 7.2 question (is everything there?) In-Reply-To: <39FF91B8.5E20A17@themccords.com> Message-ID: Hi all; A question. I recently reformatted and upgraded my firewall system from Mandrake 7.02 to 7.2. Prior to this upgrade, I had installed pptp and all the ppp patches. Without installing any additional firewall rules my Masq'd clients could connect to remote NT VPN servers over the internet without a problem. Now under 7.2 I notice that PPTP & the GRE modules already exist. Indeed attempts to patch the kernel sources cause compilation failures. Following the directions to look at the symbol tabl of the installed kernel indicates that all of the components are already there. So, do I have to apply any patches to the 2.2.17-18mdk kernel supplied with Mandrake? If not what is different now? I.E. What do I have to do to enable Masq'd clients to connect to VPN NT hosts? Thanks! -JMS From baust at healthdec.com Fri Dec 8 08:12:30 2000 From: baust at healthdec.com (Brian Aust) Date: Fri, 8 Dec 2000 09:12:30 -0500 Subject: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Message-ID: Well I did finally get PoPToP running yesterday, or so i thought. It worked yesterday, but now when i try to connect today it fails!! And absolutely nothing has changed on the poptop server at all. Plus, the messages log looks different for the two connection atttempts (yesterday vs. today). Here's the log from yesterday where it worked: ------------------------------------------------------- Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection started Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Starting call (launching pppd, opening GRE) Dec 7 14:01:08 BNYATALIE pppd[3047]: pppd 2.3.11 started by root, uid 0 Dec 7 14:01:08 BNYATALIE kernel: registered device ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Using interface ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Connect: ppp1 <--> /dev/pts/2 Dec 7 14:01:08 BNYATALIE kernel: PPP BSD Compression module registered Dec 7 14:01:08 BNYATALIE pppd[3047]: CHAP peer authentication succeeded for ameyers Dec 7 14:01:09 BNYATALIE pppd[3047]: found interface eth0 for proxy arp Dec 7 14:01:09 BNYATALIE pppd[3047]: local IP address 10.1.1.69 Dec 7 14:01:09 BNYATALIE pppd[3047]: remote IP address 10.3.1.2 Dec 7 14:01:09 BNYATALIE pppd[3047]: CCP terminated by peer Dec 7 14:01:09 BNYATALIE pppd[3047]: Compression disabled by peer. Dec 7 14:03:13 BNYATALIE pppd[3047]: LCP terminated by peer Dec 7 14:03:13 BNYATALIE pppd[3047]: Modem hangup Dec 7 14:03:13 BNYATALIE pppd[3047]: Connection terminated. Dec 7 14:03:13 BNYATALIE pppd[3047]: Connect time 2.1 minutes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Sent 52428 bytes, received 31847 bytes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Exit. Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Error with select(), quitting Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection finished ------------------------------------------------------ Now this worked fine, and 12 hours pass, and I try to connect just now. Here's the messages file from 5 minutes ago: -------------------------------------------------------- Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion started Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Starting call (launching pppd, open ing GRE) Dec 8 09:54:51 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the Univ ersity of California Dec 8 09:54:51 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 8 09:54:51 BNYATALIE kernel: PPP line discipline registered. Dec 8 09:54:51 BNYATALIE kernel: registered device ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: pppd 2.3.11 started by root, uid 0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Using interface ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Connect: ppp0 <--> /dev/pts/0 Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Error with select(), quitting Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion finished Dec 8 09:55:21 BNYATALIE pppd[3633]: Modem hangup Dec 8 09:55:21 BNYATALIE pppd[3633]: Connection terminated. Dec 8 09:55:21 BNYATALIE pppd[3633]: Exit. ----------------------------------------------------- Can anyone see what changed between yesterday and today to make this fail?? Differences I can see are that today uses "ppp0" instead of "ppp1"... and that clearly it doesn't even get around to attempt the CHAP authentication. Any ideas would really be welcome! Thanks, Brian R. Aust From ellis at efront.com Fri Dec 8 16:24:00 2000 From: ellis at efront.com (ellis of geeknews.com) Date: Fri, 8 Dec 2000 14:24:00 -0800 Subject: [pptp-server] PoPToP problems. Message-ID: <003101c06165$90573780$ec0e0418@ellis> A friend and I are setting up a VPN. We started off with a fresh install of Mandrake 7.2 then installed PoPToP, PPPD, DHCPD and Samba. Well, I'm at home and the server is at his house. The server has 2 NICs, one for the internet connection and the other to the inter 198.168.1.x network. I can connect to the VPN and can ping the internal machine and the other connected client just fine. I can also use the servers gateway to browse the internet if I want. So that's all fine. The problems come up when I try to browse the network. We can't see each other in there, just our selves. We can do a Net View \\ip to see what each computer is sharing. For the second problem deals with gaming. If we run a q3a server for a local network (not internet) play, we can't see the server when we do a search for local network game. I've been looking what could be the problem with the games. When a client game is looking for a networked game, it sends out a broadcast. I'm figuring ether the PPPTD or the PPPD is not relaying the broadcasts. Has anyone seen this before or knows how to make it where it relays the broadcast? http://www.geeknews.com - News for geeks, by geeks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From stephan.fehrenbach at modulo3.de Mon Dec 11 08:35:40 2000 From: stephan.fehrenbach at modulo3.de (Stephan Fehrenbach) Date: Mon, 11 Dec 2000 15:35:40 +0100 Subject: [pptp-server] ppp with mppe : unresolved symbol RC4_set_key Message-ID: <001901c0637f$a33e0100$6500a8c0@modulo3.de> Hello, I am trying to compile ppp-2.3.11 with mppe patch. If I comment out the reference to rc4_skey.c in ppp_mppe.c the module everything compiles, but if I do insmod ppp_mppe I get the error: /lib/modules/2.0.38/net/ppp_mppe.o: unresolved symbol RC4_set_key If I dont't comment out reference to rc4_skey.c I get a compiler error doing: make modules In file included from ppp_mppe.c:68: rc4_skey.c:66: conflicting types for `RC4_options' rc4.h:86: previous declaration of `RC4_options' rc4_skey.c:89: conflicting types for `RC4_set_key' rc4.h:87: previous declaration of `RC4_set_key' make[2]: *** [ppp_mppe.o] Error 1 make[1]: *** [modules] Error 2 make: *** [modules] Error 2 I am Using Kernel 2.0.38 with subs-patch-1.38, SSLeay-0.9.0b ppp-2.3.11 ppp-2.3.11-openssl-0.9.5-mppe.patch. Has somebody a solution for this problem? Greatings Stephan Fehrenbach -- modulo3 gmbh fon 0211 - 876720-00 Stephan Fehrenbach fax 0211 - 876720-27 Karl-Rudolf-Stra?e 172 e-mail stephan.fehrenbach at modulo3.de D-40215 D?sseldorf web http://www.modulo3.de From baust at healthdec.com Mon Dec 11 09:21:31 2000 From: baust at healthdec.com (Brian Aust) Date: Mon, 11 Dec 2000 10:21:31 -0500 Subject: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Message-ID: Well... I finally got it to work again after i uninstalled the PPP rpm and the PPTPD rpm and then reinstalled... However, what happens is the same as before!! It works for a day, and then it fails. It was working for me last night, but now I try it this morning and it just fails. It really is frustrating because nothing has changed since yesterday. Here are the two logs: YESTERDAY, WHEN IT WORKED: Dec 10 17:57:57 BNYATALIE pptpd[773]: CTRL: Client 24.163.35.141 control connection started Dec 10 17:57:57 BNYATALIE pptpd[773]: CTRL: Starting call (launching pppd, opening GRE) Dec 10 17:57:57 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 10 17:57:57 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 10 17:57:57 BNYATALIE kernel: PPP line discipline registered. Dec 10 17:57:57 BNYATALIE kernel: registered device ppp0 Dec 10 17:57:57 BNYATALIE pppd[774]: pppd 2.3.11 started by root, uid 0 Dec 10 17:57:57 BNYATALIE pppd[774]: Using interface ppp0 Dec 10 17:57:57 BNYATALIE pppd[774]: Connect: ppp0 <--> /dev/pts/1 Dec 10 17:57:57 BNYATALIE pppd[774]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access Dec 10 17:57:57 BNYATALIE kernel: PPP BSD Compression module registered Dec 10 17:57:57 BNYATALIE kernel: PPP Deflate Compression module registered Dec 10 17:57:57 BNYATALIE pppd[774]: CHAP peer authentication succeeded for baust Dec 10 17:57:57 BNYATALIE pppd[774]: found interface eth0 for proxy arp Dec 10 17:57:57 BNYATALIE pppd[774]: local IP address 10.1.1.69 Dec 10 17:57:57 BNYATALIE pppd[774]: remote IP address 10.3.1.2 Dec 10 17:57:57 BNYATALIE pppd[774]: CCP terminated by peer Dec 10 17:57:57 BNYATALIE pppd[774]: Compression disabled by peer. TODAY, WHEN IT FAILED: Dec 11 11:07:32 BNYATALIE pptpd[1261]: CTRL: Client 24.190.239.133 control connection started Dec 11 11:07:32 BNYATALIE pptpd[1261]: CTRL: Starting call (launching pppd, opening GRE) Dec 11 11:07:32 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 11 11:07:32 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 11 11:07:32 BNYATALIE kernel: PPP line discipline registered. Dec 11 11:07:32 BNYATALIE kernel: registered device ppp0 Dec 11 11:07:32 BNYATALIE pppd[1262]: pppd 2.3.11 started by root, uid 0 Dec 11 11:07:32 BNYATALIE pppd[1262]: Using interface ppp0 Dec 11 11:07:32 BNYATALIE pppd[1262]: Connect: ppp0 <--> /dev/pts/2 Dec 11 11:07:53 BNYATALIE inetd[484]: pid 1259: exit status 1 Dec 11 11:08:02 BNYATALIE pptpd[1261]: CTRL: Error with select(), quitting Dec 11 11:08:02 BNYATALIE pptpd[1261]: CTRL: Client 24.190.239.133 control connection finished Dec 11 11:08:02 BNYATALIE pppd[1262]: Modem hangup Dec 11 11:08:02 BNYATALIE pppd[1262]: Connection terminated. Dec 11 11:08:02 BNYATALIE pppd[1262]: Exit. Very frustrating :-( Brian -----Original Message----- From: George Vieira [mailto:georgev at citadelcomputer.com.au] Sent: Friday, December 08, 2000 8:22 PM To: 'Brian Aust' Subject: RE: [pptp-server] PoPToP works, then doesn't ?? Any ideas? have you tried killing any traces of old connections and restart PPTPD and the client? kill `cat /var/run/ppp0.pid` # <- as long as this isn't your internet connection kill `cat /var/run/ppp1.pid` kill `cat /var/run/ppp1.pid` rm -f /var/run/pptp/* # <- this on the client -----Original Message----- From: Brian Aust [mailto:baust at healthdec.com] Sent: Saturday, December 09, 2000 1:13 AM To: 'pptp-server at lists.schulte.org' Subject: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Well I did finally get PoPToP running yesterday, or so i thought. It worked yesterday, but now when i try to connect today it fails!! And absolutely nothing has changed on the poptop server at all. Plus, the messages log looks different for the two connection atttempts (yesterday vs. today). Here's the log from yesterday where it worked: ------------------------------------------------------- Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection started Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Starting call (launching pppd, opening GRE) Dec 7 14:01:08 BNYATALIE pppd[3047]: pppd 2.3.11 started by root, uid 0 Dec 7 14:01:08 BNYATALIE kernel: registered device ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Using interface ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Connect: ppp1 <--> /dev/pts/2 Dec 7 14:01:08 BNYATALIE kernel: PPP BSD Compression module registered Dec 7 14:01:08 BNYATALIE pppd[3047]: CHAP peer authentication succeeded for ameyers Dec 7 14:01:09 BNYATALIE pppd[3047]: found interface eth0 for proxy arp Dec 7 14:01:09 BNYATALIE pppd[3047]: local IP address 10.1.1.69 Dec 7 14:01:09 BNYATALIE pppd[3047]: remote IP address 10.3.1.2 Dec 7 14:01:09 BNYATALIE pppd[3047]: CCP terminated by peer Dec 7 14:01:09 BNYATALIE pppd[3047]: Compression disabled by peer. Dec 7 14:03:13 BNYATALIE pppd[3047]: LCP terminated by peer Dec 7 14:03:13 BNYATALIE pppd[3047]: Modem hangup Dec 7 14:03:13 BNYATALIE pppd[3047]: Connection terminated. Dec 7 14:03:13 BNYATALIE pppd[3047]: Connect time 2.1 minutes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Sent 52428 bytes, received 31847 bytes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Exit. Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Error with select(), quitting Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection finished ------------------------------------------------------ Now this worked fine, and 12 hours pass, and I try to connect just now. Here's the messages file from 5 minutes ago: -------------------------------------------------------- Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion started Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Starting call (launching pppd, open ing GRE) Dec 8 09:54:51 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the Univ ersity of California Dec 8 09:54:51 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 8 09:54:51 BNYATALIE kernel: PPP line discipline registered. Dec 8 09:54:51 BNYATALIE kernel: registered device ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: pppd 2.3.11 started by root, uid 0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Using interface ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Connect: ppp0 <--> /dev/pts/0 Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Error with select(), quitting Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion finished Dec 8 09:55:21 BNYATALIE pppd[3633]: Modem hangup Dec 8 09:55:21 BNYATALIE pppd[3633]: Connection terminated. Dec 8 09:55:21 BNYATALIE pppd[3633]: Exit. ----------------------------------------------------- Can anyone see what changed between yesterday and today to make this fail?? Differences I can see are that today uses "ppp0" instead of "ppp1"... and that clearly it doesn't even get around to attempt the CHAP authentication. Any ideas would really be welcome! Thanks, Brian R. Aust _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From baust at healthdec.com Mon Dec 11 09:34:21 2000 From: baust at healthdec.com (Brian Aust) Date: Mon, 11 Dec 2000 10:34:21 -0500 Subject: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Message-ID: ONe other thing i noticed that may or may not have an effect on things: Dec 10 17:57:57 BNYATALIE pppd[774]: found interface eth0 for proxy arp Dec 10 17:57:57 BNYATALIE pppd[774]: local IP address 10.1.1.69 Dec 10 17:57:57 BNYATALIE pppd[774]: remote IP address 10.3.1.2 Dec 10 17:57:57 BNYATALIE pppd[774]: CCP terminated by peer Dec 10 17:57:57 BNYATALIE pppd[774]: Compression disabled by peer. Dec 11 02:40:13 BNYATALIE pppd[774]: LCP terminated by peer Dec 11 02:40:13 BNYATALIE pppd[774]: Modem hangup Dec 11 02:40:13 BNYATALIE pppd[774]: Connection terminated. Dec 11 02:40:13 BNYATALIE pppd[774]: Connect time 522.3 minutes. Dec 11 02:40:13 BNYATALIE pppd[774]: Sent 418477 bytes, received 180825 bytes. Dec 11 02:40:13 BNYATALIE pppd[774]: Exit. Dec 11 02:40:13 BNYATALIE pptpd[773]: CTRL: Error with select(), quitting Dec 11 02:40:13 BNYATALIE pptpd[773]: CTRL: Client 24.163.35.141 control connection finished Dec 11 03:00:01 BNYATALIE kernel: PPP: ppp line discipline successfully unregistered Note that I was online for 522 minutes there... and at 2:40AM i disconnected... but look at the last line. It took 20 minutes for the poptop server to successfully unregister the ppp line discipline. I don't recall this back in the days that my poptop server ran smoothly. Does this indicate something not working right? bca -----Original Message----- From: Brian Aust Sent: Monday, December 11, 2000 10:22 AM To: 'George Vieira' Cc: 'pptp-server at lists.schulte.org' Subject: RE: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Well... I finally got it to work again after i uninstalled the PPP rpm and the PPTPD rpm and then reinstalled... However, what happens is the same as before!! It works for a day, and then it fails. It was working for me last night, but now I try it this morning and it just fails. It really is frustrating because nothing has changed since yesterday. Here are the two logs: YESTERDAY, WHEN IT WORKED: Dec 10 17:57:57 BNYATALIE pptpd[773]: CTRL: Client 24.163.35.141 control connection started Dec 10 17:57:57 BNYATALIE pptpd[773]: CTRL: Starting call (launching pppd, opening GRE) Dec 10 17:57:57 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 10 17:57:57 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 10 17:57:57 BNYATALIE kernel: PPP line discipline registered. Dec 10 17:57:57 BNYATALIE kernel: registered device ppp0 Dec 10 17:57:57 BNYATALIE pppd[774]: pppd 2.3.11 started by root, uid 0 Dec 10 17:57:57 BNYATALIE pppd[774]: Using interface ppp0 Dec 10 17:57:57 BNYATALIE pppd[774]: Connect: ppp0 <--> /dev/pts/1 Dec 10 17:57:57 BNYATALIE pppd[774]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access Dec 10 17:57:57 BNYATALIE kernel: PPP BSD Compression module registered Dec 10 17:57:57 BNYATALIE kernel: PPP Deflate Compression module registered Dec 10 17:57:57 BNYATALIE pppd[774]: CHAP peer authentication succeeded for baust Dec 10 17:57:57 BNYATALIE pppd[774]: found interface eth0 for proxy arp Dec 10 17:57:57 BNYATALIE pppd[774]: local IP address 10.1.1.69 Dec 10 17:57:57 BNYATALIE pppd[774]: remote IP address 10.3.1.2 Dec 10 17:57:57 BNYATALIE pppd[774]: CCP terminated by peer Dec 10 17:57:57 BNYATALIE pppd[774]: Compression disabled by peer. TODAY, WHEN IT FAILED: Dec 11 11:07:32 BNYATALIE pptpd[1261]: CTRL: Client 24.190.239.133 control connection started Dec 11 11:07:32 BNYATALIE pptpd[1261]: CTRL: Starting call (launching pppd, opening GRE) Dec 11 11:07:32 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 11 11:07:32 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 11 11:07:32 BNYATALIE kernel: PPP line discipline registered. Dec 11 11:07:32 BNYATALIE kernel: registered device ppp0 Dec 11 11:07:32 BNYATALIE pppd[1262]: pppd 2.3.11 started by root, uid 0 Dec 11 11:07:32 BNYATALIE pppd[1262]: Using interface ppp0 Dec 11 11:07:32 BNYATALIE pppd[1262]: Connect: ppp0 <--> /dev/pts/2 Dec 11 11:07:53 BNYATALIE inetd[484]: pid 1259: exit status 1 Dec 11 11:08:02 BNYATALIE pptpd[1261]: CTRL: Error with select(), quitting Dec 11 11:08:02 BNYATALIE pptpd[1261]: CTRL: Client 24.190.239.133 control connection finished Dec 11 11:08:02 BNYATALIE pppd[1262]: Modem hangup Dec 11 11:08:02 BNYATALIE pppd[1262]: Connection terminated. Dec 11 11:08:02 BNYATALIE pppd[1262]: Exit. Very frustrating :-( Brian -----Original Message----- From: George Vieira [mailto:georgev at citadelcomputer.com.au] Sent: Friday, December 08, 2000 8:22 PM To: 'Brian Aust' Subject: RE: [pptp-server] PoPToP works, then doesn't ?? Any ideas? have you tried killing any traces of old connections and restart PPTPD and the client? kill `cat /var/run/ppp0.pid` # <- as long as this isn't your internet connection kill `cat /var/run/ppp1.pid` kill `cat /var/run/ppp1.pid` rm -f /var/run/pptp/* # <- this on the client -----Original Message----- From: Brian Aust [mailto:baust at healthdec.com] Sent: Saturday, December 09, 2000 1:13 AM To: 'pptp-server at lists.schulte.org' Subject: [pptp-server] PoPToP works, then doesn't ?? Any ideas? Well I did finally get PoPToP running yesterday, or so i thought. It worked yesterday, but now when i try to connect today it fails!! And absolutely nothing has changed on the poptop server at all. Plus, the messages log looks different for the two connection atttempts (yesterday vs. today). Here's the log from yesterday where it worked: ------------------------------------------------------- Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection started Dec 7 14:01:08 BNYATALIE pptpd[3046]: CTRL: Starting call (launching pppd, opening GRE) Dec 7 14:01:08 BNYATALIE pppd[3047]: pppd 2.3.11 started by root, uid 0 Dec 7 14:01:08 BNYATALIE kernel: registered device ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Using interface ppp1 Dec 7 14:01:08 BNYATALIE pppd[3047]: Connect: ppp1 <--> /dev/pts/2 Dec 7 14:01:08 BNYATALIE kernel: PPP BSD Compression module registered Dec 7 14:01:08 BNYATALIE pppd[3047]: CHAP peer authentication succeeded for ameyers Dec 7 14:01:09 BNYATALIE pppd[3047]: found interface eth0 for proxy arp Dec 7 14:01:09 BNYATALIE pppd[3047]: local IP address 10.1.1.69 Dec 7 14:01:09 BNYATALIE pppd[3047]: remote IP address 10.3.1.2 Dec 7 14:01:09 BNYATALIE pppd[3047]: CCP terminated by peer Dec 7 14:01:09 BNYATALIE pppd[3047]: Compression disabled by peer. Dec 7 14:03:13 BNYATALIE pppd[3047]: LCP terminated by peer Dec 7 14:03:13 BNYATALIE pppd[3047]: Modem hangup Dec 7 14:03:13 BNYATALIE pppd[3047]: Connection terminated. Dec 7 14:03:13 BNYATALIE pppd[3047]: Connect time 2.1 minutes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Sent 52428 bytes, received 31847 bytes. Dec 7 14:03:13 BNYATALIE pppd[3047]: Exit. Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Error with select(), quitting Dec 7 14:03:13 BNYATALIE pptpd[3046]: CTRL: Client 24.25.7.203 control connection finished ------------------------------------------------------ Now this worked fine, and 12 hours pass, and I try to connect just now. Here's the messages file from 5 minutes ago: -------------------------------------------------------- Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion started Dec 8 09:54:51 BNYATALIE pptpd[3632]: CTRL: Starting call (launching pppd, open ing GRE) Dec 8 09:54:51 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the Univ ersity of California Dec 8 09:54:51 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 8 09:54:51 BNYATALIE kernel: PPP line discipline registered. Dec 8 09:54:51 BNYATALIE kernel: registered device ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: pppd 2.3.11 started by root, uid 0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Using interface ppp0 Dec 8 09:54:51 BNYATALIE pppd[3633]: Connect: ppp0 <--> /dev/pts/0 Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Error with select(), quitting Dec 8 09:55:21 BNYATALIE pptpd[3632]: CTRL: Client 24.163.35.141 control connec tion finished Dec 8 09:55:21 BNYATALIE pppd[3633]: Modem hangup Dec 8 09:55:21 BNYATALIE pppd[3633]: Connection terminated. Dec 8 09:55:21 BNYATALIE pppd[3633]: Exit. ----------------------------------------------------- Can anyone see what changed between yesterday and today to make this fail?? Differences I can see are that today uses "ppp0" instead of "ppp1"... and that clearly it doesn't even get around to attempt the CHAP authentication. Any ideas would really be welcome! Thanks, Brian R. Aust _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From phil at vibrationresearch.com Mon Dec 11 09:51:56 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Mon, 11 Dec 2000 10:51:56 -0500 Subject: [pptp-server] ppp with mppe : unresolved symbol RC4_set_key In-Reply-To: <001901c0637f$a33e0100$6500a8c0@modulo3.de> Message-ID: <000401c0638a$4a0e1f10$4500a8c0@vibrationresearch.com> From blowy at pi.be Mon Dec 11 12:04:23 2000 From: blowy at pi.be (blowy) Date: Mon, 11 Dec 2000 19:04:23 +0100 Subject: [pptp-server] ipx multiple connections Message-ID: <001b01c0639c$cab93fc0$0301000a@roma> Hello, I can't get pptpd working to accept multiple pptp ipx connections. I read the previous messages on the list, but couldn't find an answer. Is there anybody with the same problems or anyone who fixed it ? Thanks, blowy From jrioux at entrata.com Mon Dec 11 15:37:59 2000 From: jrioux at entrata.com (John D. Rioux) Date: Mon, 11 Dec 2000 16:37:59 -0500 Subject: [pptp-server] pptp linux client connecting to Microsoft VPN server Message-ID: <3A354937.B98379D1@entrata.com> I am attempting to get the pptp linux client running on R.H. 6.2 Kernel 2.2.14-5. I have downloaded ppp-mppe-2.3.11-9.i386.rpm and pptp-linux-1.0.2-6.i386.rpm from http://merced.needsabeating.com/pptp.html and installed them on the machine and recompiled all modules. When I connect I get an error message on the NT server's eventlog that the client did not negotiate strong encryption. In the pppd.log file on the linux client I see the following: [pptp_dispatch_crtl_packet:pptp_ctrl.c 538] Client connection established [pptp_dispatch_crtl_packet:pptp_ctrl.c 645] Outgoing call established Call ID 0 peer's ID 0 [pptp_dispatch_crtl_packet:pptp_ctrl.c 679] Call closed NTFY call ID 0 [pptp_dispatch_crtl_packet:pptp_ctrl.c 275] Closing pptp connection Any ideas where I chould go from here ?? TIA Regards, John Rioux From brad1tech at yahoo.com Mon Dec 11 20:07:54 2000 From: brad1tech at yahoo.com (Brad Pimm) Date: Mon, 11 Dec 2000 18:07:54 -0800 (PST) Subject: [pptp-server] How to configure this>? Message-ID: <20001212020754.12017.qmail@web3801.mail.yahoo.com> My boss wishes to connect to our office from his home. He has Win98 with a cable modem at home. The office is set up with Squid Proxy on a NT network. The office also is on cable modem. How can PoPtOp help us achieve our goal? Thanks Brad Primm ===== IT Services Field Technician Cri Digital 614-268-1268 brad1tech at yahoo.com brad at copierresources.com http://www.copierresources.com __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ From bbj at hhknet.dk Tue Dec 12 06:10:33 2000 From: bbj at hhknet.dk (Bjarke Bruun) Date: Tue, 12 Dec 2000 13:10:33 +0100 Subject: [pptp-server] First time error Message-ID: <3A3615B9.1C5E07A7@hhknet.dk> Hi, I'm new on list and to VPN that has not already been setup by someone else. I have installed the pptp server and the pptp-linux client on a client, but I can't get a connection, that is a working one. I get this error message from the server: ----- Dec 12 12:58:49 server pptpd[2643]: CTRL: Client X.X.X.X control connection started Dec 12 12:58:49 server pptpd[2643]: CTRL: EOF or bad error reading ctrl packet length. Dec 12 12:58:49 server pptpd[2643]: CTRL: couldn't read packet header (exit) Dec 12 12:58:49 server pptpd[2643]: CTRL: CTRL read failed ----- and from the client, wheter I only put the hostname or any of the other pppd options as a paramete: ----- warn[open_unixsock:pptp_callmgr.c:308]: Call manager for Y.Y.Y.Y is already running. fatal[callmgr_main:pptp_callmgr.c:124]: Could not open unix socket for Y.Y.Y.Y fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256 ----- The main two things that I can't understand is thet the client says that a call manager is already running, because the client exits and leaves no running or hanging processes (and I have waited for netstat to report that the 1723 port is not in use) and the second is that the server says that is gets a bad EOF/error reading what ever the client is sending. Does anyone have any suggestions to what it might be ? my first server was pptp version 1.1.1 but problem is exactly the same with 1.0.0 version. Pptp-linux version is 1.0.2. Any help appriciated -- Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk __ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . From georgev at citadelcomputer.com.au Tue Dec 12 20:21:04 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Wed, 13 Dec 2000 13:21:04 +1100 Subject: [pptp-server] First time error Message-ID: <90C35E9FADC0D41184770000E860EB4901BD13@cittech> Install version 1.1.2 to save you hassles now and later. Also the client appears to be having problems creating a socket for connection. Possible there isn't enough PTYs to use.. or possible this is a real socket.. others here may object. What version/distro of linux is the client as I think this is the first problem part? -----Original Message----- From: Bjarke Bruun [mailto:bbj at hhknet.dk] Sent: Tuesday, December 12, 2000 11:11 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] First time error Hi, I'm new on list and to VPN that has not already been setup by someone else. I have installed the pptp server and the pptp-linux client on a client, but I can't get a connection, that is a working one. I get this error message from the server: ----- Dec 12 12:58:49 server pptpd[2643]: CTRL: Client X.X.X.X control connection started Dec 12 12:58:49 server pptpd[2643]: CTRL: EOF or bad error reading ctrl packet length. Dec 12 12:58:49 server pptpd[2643]: CTRL: couldn't read packet header (exit) Dec 12 12:58:49 server pptpd[2643]: CTRL: CTRL read failed ----- and from the client, wheter I only put the hostname or any of the other pppd options as a paramete: ----- warn[open_unixsock:pptp_callmgr.c:308]: Call manager for Y.Y.Y.Y is already running. fatal[callmgr_main:pptp_callmgr.c:124]: Could not open unix socket for Y.Y.Y.Y fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256 ----- The main two things that I can't understand is thet the client says that a call manager is already running, because the client exits and leaves no running or hanging processes (and I have waited for netstat to report that the 1723 port is not in use) and the second is that the server says that is gets a bad EOF/error reading what ever the client is sending. Does anyone have any suggestions to what it might be ? my first server was pptp version 1.1.1 but problem is exactly the same with 1.0.0 version. Pptp-linux version is 1.0.2. Any help appriciated -- Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk __ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From brad1tech at yahoo.com Wed Dec 13 08:07:50 2000 From: brad1tech at yahoo.com (Brad Pimm) Date: Wed, 13 Dec 2000 06:07:50 -0800 (PST) Subject: [pptp-server] pptpd installation Message-ID: <20001213140750.21028.qmail@web3807.mail.yahoo.com> I have Linux 6.2 redhat release I have attempted install of pptpd so we can browse our NT network from remote locations. Our NT network relies on Squid for proxy service. Is pptpd the best choice? When we dial in to linux, you have been disconnected from the compuetr... any ideas, brad ===== IT Services Field Technician Cri Digital 614-268-1268 brad1tech at yahoo.com brad at copierresources.com http://www.copierresources.com __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ From gord at amador.ca Wed Dec 13 08:21:06 2000 From: gord at amador.ca (Gord Belsey) Date: Wed, 13 Dec 2000 07:21:06 -0700 Subject: [pptp-server] First time error References: <3A3615B9.1C5E07A7@hhknet.dk> Message-ID: <00fa01c0650f$efbefd40$280111ac@amadorinc.com> Bjarke: Here's myn guess. On the client, check /var/run/pptp. The client (or at least the one I use....by C. S. Ananian) creates a file in their named for the IP address of the server. However, it doesn't clen it up when it dies, fails or is brought down in any way. When you try to fire up the client again, you get the socket in use error. I added a line in /etc/ppp/ip-down.local to remove this file when pptp's ppp interface goes down. On the server side, I added lcp-echo-failure 10 and lcp-echo-interval 1 to /etc/ppp/options. This says "no response after 1 second = failure" and "10 failures means link is dead...close it". You can adjust the numbers, but I found this cleans up the server side so it's ready to accept a new connection from that client. Basically, PoPToP and the pptp client is good stuff, but it was up to me to write scripts to do clean up, and to start, restart and stop a client connection. Note that I'm still running PoPToP 1.0.0, so your mileage may vary. Hope this helps Gord Belsey ----- Original Message ----- From: Bjarke Bruun To: Sent: Tuesday, December 12, 2000 5:10 AM Subject: [pptp-server] First time error > Hi, I'm new on list and to VPN that has not already been setup by > someone else. > > I have installed the pptp server and the pptp-linux client on a client, > but I can't get a connection, that is a working one. > > I get this error message from the server: > > ----- > Dec 12 12:58:49 server pptpd[2643]: CTRL: Client X.X.X.X control > connection started > Dec 12 12:58:49 server pptpd[2643]: CTRL: EOF or bad error reading ctrl > packet length. > Dec 12 12:58:49 server pptpd[2643]: CTRL: couldn't read packet header > (exit) > Dec 12 12:58:49 server pptpd[2643]: CTRL: CTRL read failed > ----- > and from the client, wheter I only put the hostname or any of the other > pppd options as a paramete: > > ----- > warn[open_unixsock:pptp_callmgr.c:308]: Call manager for Y.Y.Y.Y is > already running. > fatal[callmgr_main:pptp_callmgr.c:124]: Could not open unix socket for > Y.Y.Y.Y > fatal[launch_callmgr:pptp.c:213]: Call manager exited with error 256 > ----- > > The main two things that I can't understand is thet the client says that > a call manager is already running, because the client exits and leaves > no running or hanging processes (and I have waited for netstat to report > that the 1723 port is not in use) and the second is that the server says > that is gets a bad EOF/error reading what ever the client is sending. > > Does anyone have any suggestions to what it might be ? > > my first server was pptp version 1.1.1 but problem is exactly the same > with 1.0.0 version. Pptp-linux version is 1.0.2. > > Any help appriciated > > -- > Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk > __ > / / (_)__ __ ____ __ > / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a > /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! From jkreger at avidsolutionsinc.com Thu Dec 14 07:06:08 2000 From: jkreger at avidsolutionsinc.com (Justin Kreger) Date: Thu, 14 Dec 2000 08:06:08 -0500 Subject: [pptp-server] Authentication using SMB for MS-CHAP Message-ID: <6B8A85826C35D31193BD0090278589C80FE706@CIC-EXCHANGE> OK, Over the last few months, I, and many others have expressed intrest in authenticating off of NT boxen over a network. To our displeasure, no such patch exists. Within the last month, I have been communicating with others on if we could patch pppd somehow to get it to authenticate off of a NT server. The idea was proposed that we use libsmb. So I took a look at the smb pam mod, which seems to have its own smb library with it. Below I will post my notes on the smb_auth.c file from pamsmbd. Due to work, school, and the fact I never really learned C or C++ to any extent, I am forced to ask for help in this endever, and to have some questions answered. I think that right now, we could adapt some code from pamsmbd and use it to authenticate off of a NT server. But this raises some questions. 1. In the pppsmb (authentication off of the samba passwd file) patched version of pppd, where dose pppd decide that the hash that is being sumbitted is real and good? 2. It appears that pamsmbd is designed to take a cleartext passwd and encrypt it, Can we change this? 3. What exactly do we need to be sending a NT server to login? Just the hash? What dose pppd get from a connecting client? a login and then a password hash? If I am not totally insane, I think that we could just take the hash that the remote computer is submitting, and then go and use that to see if it works with logging into a NT server. What do you guys think? Can this be done? I think it can with a little effort. Smb_auth.c: The login function returns this: 0 = sucess 1/2 = error 3 = not loged in queue_user talks to pamsmbd with username, passwd, domain pamsmbd: they seem to all be functions smbwork.c: con#=SMB_Connect_Server: gets null,pimary, and domain is primary the server name or ip? it is a char, servername SMB_Negotiate: gets con #, and protos (refer to file for array) SMB_Logon_Server:sends a conn #, username, then pass is a function, return the number SMB_Logoff_Server: recvs con numi note: check to see if crypt is performed also, may want to see exactly what is passed, just the hash? Can we just send the hash? -------------------------- Justin Kreger, MCSE Network Administrator Avid Solutions Inc. From fruza at hotmail.com Thu Dec 14 11:39:50 2000 From: fruza at hotmail.com (Fernando Ruza) Date: Thu, 14 Dec 2000 18:39:50 +0100 Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? Message-ID: Hi !! I have the following architecture working ok, publicing the dinamic IP address of my PPTP Server each time is connected to internet with the dinamic DNS CJB.NET. PPTP Client dial-up connection Linux Masq. Firewall & 192.168.1.100 <-------------------------> PPTP Server with modem in both 192.168.1.1 boxes PCs | (PPTP Client&Server) | Intranet Office | network --------------------------- | | ... | 192.168.1.2 | | 192.168.1.3 | 192.168.1.99 Everything seems to work ok, however from the client I can access to the PCs in the Intranet Office network connecting but with the IP addresses not by their names and also I cannot see them with the Network Neighborhood windows program. Is it possible to see all the Intranet office network from the files explorer or Network Neighborhood and see all the name of the PCs there ?? The PPTP Client PC has also a name and it also has the same Workgroup name than the PCs in the intranet office network. Thanks in advanced for any help, Good work !! Fernando Ruza _____________________________________________________________________________________ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com From kelly.black at testquest.com Thu Dec 14 12:20:26 2000 From: kelly.black at testquest.com (Kelly Black) Date: Thu, 14 Dec 2000 12:20:26 -0600 Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? In-Reply-To: ; from fruza@hotmail.com on Thu, Dec 14, 2000 at 06:39:50PM +0100 References: Message-ID: <20001214122026.A17340@testquest.com> You may wish to run a samba server on the FW & PPTP server box, and set it up as a WINS server, or point it to a WINS server on the local net. This would allow browsing. I have that working a my site (thanks to everyone on the list for the help!!!) You should be able to push out the WINS server IP address via the /etc/ppp/options file with the line: ms-wins 192.168.1.XX (with XX the i.p. of the internal WINS server, or the Samba WINS server). Hope this helps, Kelly Black On Thu, Dec 14, 2000 at 06:39:50PM +0100, Fernando Ruza wrote: > Hi !! > > I have the following architecture working ok, publicing the dinamic IP > address of my PPTP Server each time is connected to internet with the > dinamic DNS CJB.NET. > > PPTP Client dial-up connection Linux Masq. Firewall & > 192.168.1.100 <-------------------------> PPTP Server > with modem in both 192.168.1.1 > boxes PCs | > (PPTP Client&Server) | Intranet Office > | network > --------------------------- > | | ... | > 192.168.1.2 | | > 192.168.1.3 | > 192.168.1.99 > > Everything seems to work ok, however from the client I can access to the PCs > in the Intranet Office network connecting but with the IP addresses not by > their names and also I cannot see them with the Network Neighborhood windows > program. > > Is it possible to see all the Intranet office network from the files > explorer or Network Neighborhood and see all the name of the PCs there ?? > > The PPTP Client PC has also a name and it also has the same Workgroup name > than the PCs in the intranet office network. > > Thanks in advanced for any help, > > Good work !! > > Fernando Ruza > > > _____________________________________________________________________________________ > Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From glenn.robinson at btinternet.com Thu Dec 14 23:27:33 2000 From: glenn.robinson at btinternet.com (Glenn Robinson) Date: Fri, 15 Dec 2000 05:27:33 -0000 Subject: [pptp-server] Can't seem to end the pptp client Message-ID: <000801c06657$ba3f6a80$0200a8c0@flyingfields.co.uk> Hello, I'm using pptp server and client. After using pptp pptpd_servername ............................... I get a succesful connection on ppp0. How do I terminate this connection. Using ifdown ppp0 doesn't work. Thanks Glenn -------------- next part -------------- An HTML attachment was scrubbed... URL: From taro at nub.co.uk Fri Dec 15 02:10:45 2000 From: taro at nub.co.uk (Tom Owen) Date: Fri, 15 Dec 2000 08:10:45 -0000 Subject: [pptp-server] gettext unresolved external compilation error Message-ID: <3A39D205.13640.4E6354@localhost> Compiling poptop 1.0.1 and 1.1.2, on my slackware 7 server, I get checking for gettext in -lintl... (cached) yes ./configure: XTRALIBS_MGR: command not found =============================================== Configuration chosen: PPPd IP allocation: No. PPPd: Standard. LIBWRAP security: No. Mode: IP tunneling server (PAC). =============================================== If I then proceed, gettext is an undefined symbol. The fix is to edit .configure. The line XTRALIBS_MGR = "$XTRALIBS_MGR -lintl" Should be XTRALIBS_MGR="$XTRALIBS_MGR -lintl" (no space around the equals) Then rerun ./configure and it's all cushty. Tom From harald at scharf.co.at Fri Dec 15 12:12:34 2000 From: harald at scharf.co.at (Harald Scharf) Date: Fri, 15 Dec 2000 10:12:34 -0800 Subject: [pptp-server] ppp_mppe seems to die Message-ID: <003501c066c2$9a2098d0$e83121d4@softpoint.com> Hello to all, i have a problem, when i connect to pptpd with Micro$oft encryption enabled. The connection is up for several seconds, or minutes, and then it breaks without any error message. I tried to locate the error with comparing the Routing Tables on Client and Server, but they seem to be ok. This is the Output from the Syslog : Dec 15 12:13:48 fwneu pptpd[31081]: CTRL: Starting call (launching pppd, opening GRE) Dec 15 12:13:48 fwneu pppd[31082]: pppd 2.3.8 started by root, uid 0 Dec 15 12:13:48 fwneu pppd[31082]: Using interface ppp1 Dec 15 12:13:48 fwneu pppd[31082]: Connect: ppp1 <--> /dev/pts/2 Dec 15 12:13:48 fwneu pptpd[31081]: GRE: Discarding duplicate packet Dec 15 12:13:50 fwneu pptpd[31081]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 15 12:13:50 fwneu pppd[31082]: MSCHAP-v2 peer authentication succeeded for hs Dec 15 12:13:50 fwneu pppd[31082]: Cannot determine ethernet address for proxy ARP Dec 15 12:13:50 fwneu pppd[31082]: local IP address 192.168.3.1 Dec 15 12:13:50 fwneu pppd[31082]: remote IP address 192.168.2.236 Dec 15 12:13:50 fwneu pppd[31082]: MPPE 40 bit, stateless compression enabled I tried the Setup on two different Linux Systems. SuSE Linux 6.3 and RedHat Linux 6.1, both with Kernel Release 2.2.15. pptpd Version : 0.9.17 pppd Version 2.3.8 with mppe Patches. Clients : Windows 2000, Windows 98 or Windows NT My pptpd.conf : debug speed 115200 localip 192.168.3.1 remoteip 192.168.2.234-238 name fwneu My ppp options File : require-chap +chap +chapms +chapms-v2 auth mppe-40 mppe-128 mppe-stateless proxyarp debug If MPPE is disabled, the connection is stable. Any idea ? Harald Enns, Austria -------------- next part -------------- An HTML attachment was scrubbed... URL: From fruza at hotmail.com Fri Dec 15 08:56:42 2000 From: fruza at hotmail.com (Fernando Ruza) Date: Fri, 15 Dec 2000 15:56:42 +0100 Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? Message-ID: Yes, I forgot to say that I already had a Samba server in the FW & PPTP server box. I have configured that Samba server as a WINS server and I have written its IP address in the options.pptp file (ms-wins 192.168.1.1) however, I'm not able to get the browse list from the samba server yet. I don't know what happens. I have assigned a static IP address to the PPTP client with the chap-secret file and I have configured the samba server following the rules in the SMB-Howto ("Using Samba Across Routed Networks") and BROWSING.txt file of samba documentation (right now I'm reviewed again the BROWSING.txt file to see if I forgot something) I think everything is ok, however I cannot browse the PCs in the VPN network. I'm not using encryption password and the rules of the FW are very simple allowing everything (for now). The PPTP Client PC is a Windows'95 with Service Pack 1 and the packages for VPN. It also receives well the IP of the WINS server. I use the following versions in the Linux PPTP Server: pptpd-1.0.0-1 ppp-2.3.10-1 kernel-2.2.12-20 samba-2.0.5a-12 My options.pptp file is the following: -------------- options.pptp -------------------- debug name axilin mru 1450 mtu 1450 auth require-chap proxyarp +chap # Para ver los demas ordenadores de la red con Samba ms-wins 192.168.1.1 ---------------------------------------------------------- and my smb.conf file is: -------------- smb.conf -------------------- workgroup = VPN server string = Samba Server hosts allow = 192.162.1. 127. log file = /var/log/samba/log.%m max log size = 50 security = share socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 192.168.1.255 remote announce = 192.168.1.255 domain master = yes preferred master = yes wins support = yes dns proxy = yes unix password sync = no comment = linux box (Red Hat 6.1) encrypt passwords = yes map to guest = never password level = 0 null passwords = no os level = 0 preferred master = no domain master = no wins support = no dead time = 0 debug level = 1 #===== Share Definitions ======= [homes] comment = Home Directories browseable = no writable = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes ---------------------------------------------------- In the firewall I accept all the policies and I just have masquerading to access internet from the intranet office network and this works fine. Thanks in advanced for any help !! Best regards to everybody, Fernando Ruza >You may wish to run a samba server on the FW & PPTP server box, and set it >up as a WINS server, or point it to a WINS server on the local net. This >would allow browsing. I have that working a my site (thanks to everyone on >the list for the help!!!) You should be able to push out the WINS server >IP address via the /etc/ppp/options file with the line: >ms-wins 192.168.1.XX (with XX the i.p. of the internal WINS server, or the >Samba WINS server). > >Hope this helps, >Kelly Black > >On Thu, Dec 14, 2000 at 06:39:50PM +0100, Fernando Ruza wrote: >Hi !! > >I have the following architecture working ok, publicing the dinamic IP >address of my PPTP Server each time is connected to internet with the >dinamic DNS CJB.NET. > >PPTP Client dial-up connection Linux Masq. Firewall & >192.168.1.100 <-------------------------> PPTP Server > with modem in both 192.168.1.1 > boxes PCs | > (PPTP Client&Server) | Intranet Office > | network > --------------------------- > | | ... | > 192.168.1.2 | | > 192.168.1.3 | > 192.168.1.99 > >Everything seems to work ok, however from the client I can access to the >PCs in the Intranet Office network connecting but with the IP addresses not >by their names and also I cannot see them with the Network Neighborhood >windows program. > >Is it possible to see all the Intranet office network from the files >explorer or Network Neighborhood and see all the name of the PCs there ?? > >The PPTP Client PC has also a name and it also has the same Workgroup name >than the PCs in the intranet office network. > >Thanks in advanced for any help, > >Good work !! > >Fernando Ruza > > >_____________________________________________________________________________________ >Get more from the Web. FREE MSN Explorer download : >http://explorer.msn.com > >_______________________________________________ >pptp-server maillist - pptp-server at lists.schulte.org >http://lists.schulte.org/mailman/listinfo/pptp-server >List services provided by www.schulteconsulting.com! > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. From phil at vibrationresearch.com Fri Dec 15 09:40:27 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Fri, 15 Dec 2000 10:40:27 -0500 Subject: [pptp-server] ppp_mppe seems to die In-Reply-To: <003501c066c2$9a2098d0$e83121d4@softpoint.com> Message-ID: <000901c066ad$59bbf740$4500a8c0@vibrationresearch.com> This is probably a problem with a bug in the ppp_mppe. See the FAQ for details and solutions. Look for "Compressed data" in http://www.vibres.com/pptpd/pptpd-FAQ.txt Also, see http://poptop.lineo.com for the latest docs and latest version of pptpd. -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Harald Scharf Sent: Friday, December 15, 2000 1:13 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] ppp_mppe seems to die Hello to all, i have a problem, when i connect to pptpd with Micro$oft encryption enabled. The connection is up for several seconds, or minutes, and then it breaks without any error message. I tried to locate the error with comparing the Routing Tables on Client and Server, but they seem to be ok. This is the Output from the Syslog : Dec 15 12:13:48 fwneu pptpd[31081]: CTRL: Starting call (launching pppd, opening GRE) Dec 15 12:13:48 fwneu pppd[31082]: pppd 2.3.8 started by root, uid 0 Dec 15 12:13:48 fwneu pppd[31082]: Using interface ppp1 Dec 15 12:13:48 fwneu pppd[31082]: Connect: ppp1 <--> /dev/pts/2 Dec 15 12:13:48 fwneu pptpd[31081]: GRE: Discarding duplicate packet Dec 15 12:13:50 fwneu pptpd[31081]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 15 12:13:50 fwneu pppd[31082]: MSCHAP-v2 peer authentication succeeded for hs Dec 15 12:13:50 fwneu pppd[31082]: Cannot determine ethernet address for proxy ARP Dec 15 12:13:50 fwneu pppd[31082]: local IP address 192.168.3.1 Dec 15 12:13:50 fwneu pppd[31082]: remote IP address 192.168.2.236 Dec 15 12:13:50 fwneu pppd[31082]: MPPE 40 bit, stateless compression enabled I tried the Setup on two different Linux Systems. SuSE Linux 6.3 and RedHat Linux 6.1, both with Kernel Release 2.2.15. pptpd Version : 0.9.17 pppd Version 2.3.8 with mppe Patches. Clients : Windows 2000, Windows 98 or Windows NT My pptpd.conf : debug speed 115200 localip 192.168.3.1 remoteip 192.168.2.234-238 name fwneu My ppp options File : require-chap +chap +chapms +chapms-v2 auth mppe-40 mppe-128 mppe-stateless proxyarp debug If MPPE is disabled, the connection is stable. Any idea ? Harald Enns, Austria From Steve at SteveCowles.com Fri Dec 15 10:46:50 2000 From: Steve at SteveCowles.com (Cowles, Steve) Date: Fri, 15 Dec 2000 10:46:50 -0600 Subject: [pptp-server] Can I see the network from the PPTP Client PC ? ? Message-ID: <90769AF04F76D41186C700A0C90AFC3EE5CA@defiant.infohiiway.com> See inserts below. > -----Original Message----- > From: Fernando Ruza [mailto:fruza at hotmail.com] > Subject: [pptp-server] Can I see the network from the PPTP > Client PC ?? > > My options.pptp file is the following: > > -------------- options.pptp -------------------- > debug > name axilin > mru 1450 > mtu 1450 > auth > require-chap > proxyarp > +chap > > # Para ver los demas ordenadores de la red con Samba > ms-wins 192.168.1.1 > ---------------------------------------------------------- > > and my smb.conf file is: > > -------------- smb.conf -------------------- > workgroup = VPN > server string = Samba Server > hosts allow = 192.162.1. 127. > log file = /var/log/samba/log.%m > max log size = 50 > security = share > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > remote browse sync = 192.168.1.255 > remote announce = 192.168.1.255 > domain master = yes > preferred master = yes > wins support = yes Good!! WINS server is enabled. > dns proxy = yes > unix password sync = no > comment = linux box (Red Hat 6.1) > encrypt passwords = yes > map to guest = never > password level = 0 > null passwords = no > os level = 0 > preferred master = no > domain master = no > wins support = no Huh! Above you have WINS support enabled, now your disabling WINS support. Bzzt!! Also, look at the "preferred master" setting. > dead time = 0 > debug level = 1 > > #===== Share Definitions ======= > [homes] > comment = Home Directories > browseable = no > writable = yes > > [tmp] > comment = Temporary file space > path = /tmp > read only = no > public = yes Don't forget that all other Windows systems on your LAN must "register" with the WINS server for them to be seen in Network Neighborhood from the remote PPTP client. Otherwise the master browser list is generated through broadcast packets. Steve COwles From aj at becogent.com Fri Dec 15 11:25:03 2000 From: aj at becogent.com (Ostergaard, AJ) Date: Fri, 15 Dec 2000 17:25:03 -0000 Subject: [pptp-server] Authenticating but not encrypting or compressing (rh server/w2k c lient) Message-ID: <711BAB851D83D311907E00508B5A6AAB71F950@homer.cogentcom.co.uk> Hello there, After much reading and struggling (including reading this mailing list right back to June) I still can't figure out why this won't work. The problem is I can't get it to encrypt or compress the tunnel. I have attached as much info as possible just to show that everything else seems OK. As you can see below I get authenticated but w2k says 'Compression: (none)' in the status dialog. The message which seems to be the culprit (and I don't understand it nor have I found any info on it) is "CTRL: Ignored a SET LINK INFO packet with real ACCMs!". My versions are Joey's rpms from http://www.spiretech.com/~joey/pptp/ i.e. kernel-2.2.16-3, ppp-2.3.11-4 & pptpd-1.0.0-1. Thank you all in advance for your suggestions, AJ /var/log/messages: Dec 15 17:53:36 justforkix pptpd[784]: CTRL: Client 172.16.2.93 control connection started Dec 15 17:53:36 justforkix pptpd[784]: CTRL: Starting call (launching pppd, opening GRE) Dec 15 17:53:37 justforkix kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 15 17:53:37 justforkix kernel: PPP: version 2.3.7 (demand dialling) Dec 15 17:53:37 justforkix kernel: PPP line discipline registered. Dec 15 17:53:37 justforkix kernel: registered device ppp0 Dec 15 17:53:37 justforkix pppd[785]: pppd 2.3.11 started by root, uid 0 Dec 15 17:53:37 justforkix pppd[785]: Using interface ppp0 Dec 15 17:53:37 justforkix pppd[785]: Connect: ppp0 <--> /dev/pts/0 Dec 15 17:53:37 justforkix pptpd[784]: GRE: Discarding duplicate packet Dec 15 17:53:39 justforkix pptpd[784]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 15 17:53:39 justforkix kernel: PPP BSD Compression module registered Dec 15 17:53:39 justforkix kernel: PPP MPPE compression module registered Dec 15 17:53:39 justforkix kernel: PPP Deflate Compression module registered Dec 15 17:53:39 justforkix pppd[785]: MSCHAP-v2 peer authentication succeeded for COGENT\\AOSTERGA Dec 15 17:53:39 justforkix pptpd[784]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 15 17:53:39 justforkix pppd[785]: LCP terminated by peer (@\RM-9^@ Thanks very much Steve, it's working now. I didn't realize that those lines where there. It was my fault. However, there is one more thing. Now, I can see all the PCs in the intranet office network except the PPTP Client PC itself. And also in the intranet office network there is one NT workstation which share some directories, however each time I want to connect to this PC from any other one (the rest are Win'95 PCs) I get a message in the screen saying that I have to introduce a password for the share IPC$ and I cannot connect to it never. Do you have any clue about what's this ?? Thanks for everything again and regards, Fernando Ruza ============================================== Fri, 15 Dec 2000 10:46:50 -0600 Cowles, Steve Steve at SteveCowles.com wrote: See inserts below. >-----Original Message----- >From: Fernando Ruza [mailto:fruza at hotmail.com] >Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? > >My options.pptp file is the following: > >-------------- options.pptp -------------------- >debug >name axilin >mru 1450 >mtu 1450 >auth >require-chap >proxyarp >+chap > ># Para ver los demas ordenadores de la red con Samba >ms-wins 192.168.1.1 >---------------------------------------------------------- > >and my smb.conf file is: > >-------------- smb.conf -------------------- >workgroup = VPN >server string = Samba Server >hosts allow = 192.162.1. 127. >log file = /var/log/samba/log.%m >max log size = 50 >security = share >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >remote browse sync = 192.168.1.255 >remote announce = 192.168.1.255 >domain master = yes >preferred master = yes >wins support = yes Good!! WINS server is enabled. >dns proxy = yes >unix password sync = no >comment = linux box (Red Hat 6.1) >encrypt passwords = yes >map to guest = never >password level = 0 >null passwords = no >os level = 0 >preferred master = no >domain master = no >wins support = no Huh! Above you have WINS support enabled, now your disabling WINS support. Bzzt!! Also, look at the "preferred master" setting. >dead time = 0 >debug level = 1 > >#===== Share Definitions ======= >[homes] > comment = Home Directories > browseable = no > writable = yes > >[tmp] > comment = Temporary file space > path = /tmp > read only = no > public = yes Don't forget that all other Windows systems on your LAN must "register" with the WINS server for them to be seen in Network Neighborhood from the remote PPTP client. Otherwise the master browser list is generated through broadcast packets. Steve COwles _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. From jeremyb at hksys.com Fri Dec 15 13:07:16 2000 From: jeremyb at hksys.com (Jeremy Bettis) Date: Fri, 15 Dec 2000 13:07:16 -0600 Subject: [pptp-server] Authenticating but not encrypting or compressing (rh server/w2k c lient) References: <711BAB851D83D311907E00508B5A6AAB71F950@homer.cogentcom.co.uk> Message-ID: <003001c066ca$505d4290$1501000a@hksys.com> I don't have any help for you, but on my system I can connect to the Linux box with Windows 2000 if I turn off encryption, but if I turn it on I get the error "Remote computer does not support specified encryption". I must have forgotten a patch to ppp. I know I didn't apply the mppe stateless, that's probably what I need. Just thinking out loud here. -- Jeremy Bettis -- Hickman-Kenyon Systems, Inc. jeremyb at hksys.com From georgev at citadelcomputer.com.au Fri Dec 15 20:54:10 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Sat, 16 Dec 2000 13:54:10 +1100 Subject: [pptp-server] RE: Can I see the network from the PPTP Client PC ?? Message-ID: <90C35E9FADC0D41184770000E860EB4901BD51@cittech> Firstly, is it a typo in the email only or have to messed up your smb.conf file with the 192.162.1. instead of 192.168.1.? Also, Do you or don't you want your smb to be domain master and prefered master as you have mentioned it twice below and yet the first set say "yes" and yet further down you say "no".. hosts allow = 192.162.1. 127. domain master = yes preferred master = yes preferred master = no domain master = no Does your proxyarp work? It should say that it's found a device to proxy from, usually eth0 or something.. -----Original Message----- From: Fernando Ruza [mailto:fruza at hotmail.com] Sent: Saturday, December 16, 2000 1:57 AM To: pptp-server at lists.schulte.org Cc: kelly.black at testquest.com; George Vieira Subject: Can I see the network from the PPTP Client PC ?? Yes, I forgot to say that I already had a Samba server in the FW & PPTP server box. I have configured that Samba server as a WINS server and I have written its IP address in the options.pptp file (ms-wins 192.168.1.1) however, I'm not able to get the browse list from the samba server yet. I don't know what happens. I have assigned a static IP address to the PPTP client with the chap-secret file and I have configured the samba server following the rules in the SMB-Howto ("Using Samba Across Routed Networks") and BROWSING.txt file of samba documentation (right now I'm reviewed again the BROWSING.txt file to see if I forgot something) I think everything is ok, however I cannot browse the PCs in the VPN network. I'm not using encryption password and the rules of the FW are very simple allowing everything (for now). The PPTP Client PC is a Windows'95 with Service Pack 1 and the packages for VPN. It also receives well the IP of the WINS server. I use the following versions in the Linux PPTP Server: pptpd-1.0.0-1 ppp-2.3.10-1 kernel-2.2.12-20 samba-2.0.5a-12 My options.pptp file is the following: -------------- options.pptp -------------------- debug name axilin mru 1450 mtu 1450 auth require-chap proxyarp +chap # Para ver los demas ordenadores de la red con Samba ms-wins 192.168.1.1 ---------------------------------------------------------- and my smb.conf file is: -------------- smb.conf -------------------- workgroup = VPN server string = Samba Server hosts allow = 192.162.1. 127. log file = /var/log/samba/log.%m max log size = 50 security = share socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 remote browse sync = 192.168.1.255 remote announce = 192.168.1.255 domain master = yes preferred master = yes wins support = yes dns proxy = yes unix password sync = no comment = linux box (Red Hat 6.1) encrypt passwords = yes map to guest = never password level = 0 null passwords = no os level = 0 preferred master = no domain master = no wins support = no dead time = 0 debug level = 1 #===== Share Definitions ======= [homes] comment = Home Directories browseable = no writable = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes ---------------------------------------------------- From tasya_2002 at yahoo.com Sun Dec 17 06:36:16 2000 From: tasya_2002 at yahoo.com (Food4thought) Date: 17 Dec 00 06:36:16 +-0700 Subject: [pptp-server] Thoughts of encouragement Message-ID: <20001217010017.0666F535EC@smtp4.cbn.net.id> Sad but true.............. When we're young and able, we do almost everything including risking our own health in pursue of wealth comfort zone. As the years add up to our age, we would risk all our wealth to regain our lost health. .......The pattern never stops. Mission Possible : "share wealth and health at the same time" _________________________________________________ http://fat4tune.resourcez.com From machineman at acmecity.com Sat Dec 16 20:18:35 2000 From: machineman at acmecity.com (machine man) Date: Sat, 16 Dec 2000 18:18:35 -0800 Subject: [pptp-server] upgrade from RH6.2 kernel for pptpd and NIC trouble Message-ID: <2B558989CB2D4D1178F300807C3DD8C1@machineman.acmecity.com> Hi, I followed the excellently detailed instructions for upgrading your kernel from vanilla RedHat 6.2 to 2.2.17 from the URL www.vibres.com/pptpd/example.html, specifically for pptpd. Everything went smoothly, until I rebooted my computer, and then it gave me the error "Delaying eth0 initialization" for my network card. I've tried re-installing 6.2 and following the instructions on the above URL twice, once with the SMC EtherPowerII and once with the Linksys EtherFast (PNIC) card. Both times, the NIC fails to come up. Now I know this is more of a kernel issue rather than a pptpd issue, but I'm hoping that maybe someone came across the same issue, and knows what the fix is? I'm a newbie to Linux (but not to computers), but pptpd was my impetus to explore Linux, so I'm hoping there's an expert out there that might be able to point me in the right direction! Thanks for any help, Kevin Sent by AcmeCity Mail From georgev at citadelcomputer.com.au Sat Dec 16 22:44:40 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Sun, 17 Dec 2000 15:44:40 +1100 Subject: [pptp-server] upgrade from RH6.2 kernel for pptpd and NIC tro uble Message-ID: <90C35E9FADC0D41184770000E860EB4901BD53@cittech> What do you have in your /etc/conf.modules ? Is the card specifically being assigned a IO and IRQ? Eg. [root at newjackswing /root]# cat /etc/conf.modules alias parport_lowlevel parport_pc alias eth0 ne options ne io=0x300 irq=15 #<-- specifically telling where the NIC is alias eth1 ne1 options ne1 io=0x340 irq=5 #<-- specifically telling where the NIC is first try a `lsmod` and see if your NIC modules is in there. eg. [root at newjackswing /root]# lsmod Module Size Used by ppp_deflate 40788 2 (autoclean) ip_masq_icq 7608 1 ip_masq_ftp 2616 0 (unused) ip_masq_portfw 2560 10 (autoclean) ppp 20204 4 (autoclean) [ppp_deflate] slhc 4500 1 (autoclean) [ppp] ne1 6736 1 (autoclean) #<---- NE2000 for ADSL ne 6732 1 (autoclean) #<---- NE2000 for LAN 8390 6420 0 (autoclean) [ne1 ne] If it is there then try unloading the card and do a `modprobe ne io=0x300 irq=5` or whatever card and settings you have.. If it errors that it can't find the module then you haven't compiled the module drivers for the card. -----Original Message----- From: machine man [mailto:machineman at acmecity.com] Sent: Sunday, December 17, 2000 1:19 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] upgrade from RH6.2 kernel for pptpd and NIC trouble Hi, I followed the excellently detailed instructions for upgrading your kernel from vanilla RedHat 6.2 to 2.2.17 from the URL www.vibres.com/pptpd/example.html, specifically for pptpd. Everything went smoothly, until I rebooted my computer, and then it gave me the error "Delaying eth0 initialization" for my network card. I've tried re-installing 6.2 and following the instructions on the above URL twice, once with the SMC EtherPowerII and once with the Linksys EtherFast (PNIC) card. Both times, the NIC fails to come up. Now I know this is more of a kernel issue rather than a pptpd issue, but I'm hoping that maybe someone came across the same issue, and knows what the fix is? I'm a newbie to Linux (but not to computers), but pptpd was my impetus to explore Linux, so I'm hoping there's an expert out there that might be able to point me in the right direction! Thanks for any help, Kevin Sent by AcmeCity Mail _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Sat Dec 16 22:48:21 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Sun, 17 Dec 2000 15:48:21 +1100 Subject: [pptp-server] Can I see the network from the PPTP Client PC ? ? Message-ID: <90C35E9FADC0D41184770000E860EB4901BD54@cittech> Yes but did you specify `ms-wins ##.##.##.##` in your /etc/ppp/options.pptpd? So your machine won't register itself into the WINS server without it. -----Original Message----- From: Fernando Ruza [mailto:fruza at hotmail.com] Sent: Saturday, December 16, 2000 5:58 AM To: pptp-server at lists.schulte.org Cc: Steve at SteveCowles.com Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? Thanks very much Steve, it's working now. I didn't realize that those lines where there. It was my fault. However, there is one more thing. Now, I can see all the PCs in the intranet office network except the PPTP Client PC itself. And also in the intranet office network there is one NT workstation which share some directories, however each time I want to connect to this PC from any other one (the rest are Win'95 PCs) I get a message in the screen saying that I have to introduce a password for the share IPC$ and I cannot connect to it never. Do you have any clue about what's this ?? Thanks for everything again and regards, Fernando Ruza ============================================== Fri, 15 Dec 2000 10:46:50 -0600 Cowles, Steve Steve at SteveCowles.com wrote: See inserts below. >-----Original Message----- >From: Fernando Ruza [mailto:fruza at hotmail.com] >Subject: [pptp-server] Can I see the network from the PPTP Client PC ?? > >My options.pptp file is the following: > >-------------- options.pptp -------------------- >debug >name axilin >mru 1450 >mtu 1450 >auth >require-chap >proxyarp >+chap > ># Para ver los demas ordenadores de la red con Samba >ms-wins 192.168.1.1 >---------------------------------------------------------- > >and my smb.conf file is: > >-------------- smb.conf -------------------- >workgroup = VPN >server string = Samba Server >hosts allow = 192.162.1. 127. >log file = /var/log/samba/log.%m >max log size = 50 >security = share >socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >remote browse sync = 192.168.1.255 >remote announce = 192.168.1.255 >domain master = yes >preferred master = yes >wins support = yes Good!! WINS server is enabled. >dns proxy = yes >unix password sync = no >comment = linux box (Red Hat 6.1) >encrypt passwords = yes >map to guest = never >password level = 0 >null passwords = no >os level = 0 >preferred master = no >domain master = no >wins support = no Huh! Above you have WINS support enabled, now your disabling WINS support. Bzzt!! Also, look at the "preferred master" setting. >dead time = 0 >debug level = 1 > >#===== Share Definitions ======= >[homes] > comment = Home Directories > browseable = no > writable = yes > >[tmp] > comment = Temporary file space > path = /tmp > read only = no > public = yes Don't forget that all other Windows systems on your LAN must "register" with the WINS server for them to be seen in Network Neighborhood from the remote PPTP client. Otherwise the master browser list is generated through broadcast packets. Steve COwles _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From jacoposilva at tin.it Sun Dec 17 11:15:27 2000 From: jacoposilva at tin.it (Jacopo Silva) Date: Sun, 17 Dec 2000 17:15:27 +0000 Subject: [pptp-server] PAM In-Reply-To: <200012161802.MAA56583@poontang.schulte.org> Message-ID: <5.0.2.1.2.20001217171412.00aaa0c0@box.tin.it> Anyone evere experienced authenticating pptp users with Pam? Do I need to use "login" option in ppp? Does it work only with pap? Thanks for any suggestion. Jacopo From vlad at eetc.com Mon Dec 18 09:46:50 2000 From: vlad at eetc.com (Vlad Strezhnev) Date: Mon, 18 Dec 2000 09:46:50 -0600 Subject: [pptp-server] Connection is on, communication is off: "no masq table" in the log Message-ID: <003501c06909$bcc9d560$0300000a@father> Our corporate pptpd server is behind a firewall. It looks like everything is configured properly and connections are smooth both from DMZ and from outside. The problem is the persistent complete losses of communication after random periods of time (say 10 min to 1 hour) when the client is connected from outside (eg from home DSL). The connections from DMZ do not have this problem. The worst thing is that since no disconnection is reported to the client, the auto reconnect option does not work. The only way to restore the communication is to manually stop and restart the VPN client. The log shows a lot of " ip_demasq_gre() ... no masq table" errors but no preceeding "ip_masq_in_get_gre(): lookup ... FAIL" errors. So the previous discussion of this problem in this mailing list might not be not applicable. Following is the log of the last minutes of the recent unattended session that "theoretically" lasted for more then 6 hours but died somewhere in the middle of the night :-( (PS The real IPs were removed from the log.) Any hits on what's happening will be much appreciated. ###Start of the log ##### Dec 18 05:27:52 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:30:12 [ Firewall IP (internal) ] last message repeated 3 times Dec 18 05:32:49 [ Firewall IP (internal) ] last message repeated 12 times Dec 18 05:34:21 [ Firewall IP (internal) ] last message repeated 3 times Dec 18 05:34:25 [ Firewall IP (internal) ] last message repeated 3 times Dec 18 05:37:28 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:39:56 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:39:58 [ Firewall IP (internal) ] last message repeated 2 times Dec 18 05:47:54 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:49:26 [ Firewall IP (internal) ] last message repeated 3 times Dec 18 05:52:01 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:52:02 [ Firewall IP (internal) ] last message repeated 2 times Dec 18 05:56:16 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:56:52 [ Firewall IP (internal) ] last message repeated 10 times Dec 18 05:56:53 [ Firewall IP (internal) ] last message repeated 2 times Dec 18 05:57:06 [ PPTPD Server IP ] pptpd[27407]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Dec 18 05:57:06 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:57:08 [ Firewall IP (internal) ] kernel: ip_demasq_gre(): [ DSL router IP ] -> [ Firewall IP (external) ] CID=0 no masq table, discarding Dec 18 05:57:12 [ PPTPD Server IP ] pppd[27408]: Modem hangup Dec 18 05:57:12 [ PPTPD Server IP ] pppd[27408]: Connection terminated. Dec 18 05:57:12 [ PPTPD Server IP ] pppd[27408]: Connect time 414.4 minutes. Dec 18 05:57:12 [ PPTPD Server IP ] pppd[27408]: Sent 1631331 bytes, received 345410 bytes. Dec 18 05:57:12 [ PPTPD Server IP ] pptpd[27407]: CTRL: Error with select(), quitting Dec 18 05:57:12 [ PPTPD Server IP ] pptpd[27407]: CTRL: Client [ DSL router IP ] control connection finished Dec 18 05:57:12 [ PPTPD Server IP ] pppd[27408]: Exit. -------------- next part -------------- An HTML attachment was scrubbed... URL: From cboye at stud.uni-goettingen.de Mon Dec 18 11:21:02 2000 From: cboye at stud.uni-goettingen.de (Christian Boye) Date: Mon, 18 Dec 2000 18:21:02 +0100 (MET) Subject: [pptp-server] ppp_mppe seems to die In-Reply-To: <003501c066c2$9a2098d0$e83121d4@softpoint.com> Message-ID: On 15 Dec, Harald Scharf wrote: > Hello to all, > i have a problem, when i connect to pptpd with > Micro$oft encryption enabled. > The connection is up for several seconds, or minutes, and then > it breaks without any error message. > I tried to locate the error with comparing the Routing Tables on Client > and Server, but they seem to be ok. > This is the Output from the Syslog : I have the same problem. I use a linux on both sides (pppd-2.3.11 with mppe-patches). The connection is up for several seconds and then it breaks. This is the server logfile: Dec 18 20:12:29 wave01 pppd[13518]: MPPE 128 bit, stateless compression enabled Dec 18 20:12:59 wave01 pppd[13518]: sent [CHAP Challenge id=0x2 <...>, name = "wave01"] Dec 18 20:12:59 wave01 pppd[13518]: Timeout 0x8056b00:0x807aa40 in 3 seconds. Dec 18 20:12:59 wave01 pppd[13518]: rcvd [CHAP Response id=0x2 <...>, name = "user" Dec 18 20:12:59 wave01 pppd[13518]: Untimeout 0x8056b00:0x807aa40. Dec 18 20:12:59 wave01 pppd[13518]: ChapReceiveResponse: rcvd type MS-CHAP-V2 Dec 18 20:12:59 wave01 pppd[13518]: sent [CHAP Success id=0x2 "..."] Dec 18 20:12:59 wave01 pppd[13518]: Timeout 0x8056b80:0x807aa40 in 30 seconds. Dec 18 20:12:59 wave01 pppd[13518]: MSCHAP-v2 peer authentication succeeded for user Dec 18 20:12:59 wave01 pppd[13518]: rcvd [CCP ResetReq id=0x4] Dec 18 20:12:59 wave01 pppd[13518]: sent [CCP ResetAck id=0x4] Dec 18 20:12:59 wave01 kernel: mppe_comp_reset Dec 18 20:13:00 wave01 pppd[13518]: rcvd [CCP ResetReq id=0x5] Dec 18 20:13:00 wave01 pppd[13518]: sent [CCP ResetAck id=0x5] Dec 18 20:13:00 wave01 kernel: mppe_comp_reset My options on server side: lock debug name wave01 domain funk.local proxyarp plugin /usr/lib/ppp/smbpasswd.so noaccomp nobsdcomp nodeflate nopcomp nopredictor1 novj novjccomp require-chapms-v2 chap-interval 30 +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless auth My options on client side: lock hode-password name user defaultroute mppe-40 mppe-128 mppe-stateless If MPPE was disabled on both sides or on the client only, the connection is stable. Christian -- Universitaet Goettingen - Internet-Hotline (Administration) Platz der Goettinger Sieben 5, D-37073 Goettingen, Germany Phone: +49-551-398392, E-Mail: cboye at stud.uni-goettingen.de PGP-Key: http://www.stud.uni-goettingen.de/~cboye From poptop at omnitracs.com.mx Mon Dec 18 11:44:29 2000 From: poptop at omnitracs.com.mx (poptop at omnitracs.com.mx) Date: Mon, 18 Dec 2000 11:44:29 -0600 (CST) Subject: [pptp-server] PPTPD.LOG flooding the disk Message-ID: <977161469.3a3e4cfd46cde@www.omnitracs.com.mx> Hi, Im getting an error message that floods my pptpd logs in my poptop servers. It seems that the client is able to stablish a pptp session but, then after a time out, the pptpd closes the connection, but the pptpd process that was handling that link remains alive, producing an error message that eventually will fill up the hard disk. In these cases I have to manually kill the pptpd process and the syslog. pptpd[17835] CTRL: Client X.X.X.X control connection started pptpd[17835] CTRL: Starting Call (launching pppd,Opening GRE) pppd[17836] pppd 2.3.8 started by root, uid 0 pppd[17836] Using interface ppp0 .... Connection goes on, some data transfer, yadaa, yadda, pptpd[17835] CTRL: Session timed out, ending call pptpd[17835] CTRL: Client X.X.X.X control connection finished .... pppd then runs ip-down, yadda, yadda, yadda. pppd[17836] Exit. /* Then these 3 lines keeps on repeating and repeating and repeating and they wont stop, they just wont stoppp!!!*/ pptpd[17385] CTRL: EOF or bad error reading ctrl packet lenght pptpd[17385] CTRL: could't read packet header( exit ) pptpd[17385] CTRL: Unexpected control message 0 in disconnect sequence pptpd[17385] CTRL: EOF or bad error reading ctrl packet lenght pptpd[17385] CTRL: could't read packet header( exit ) pptpd[17385] CTRL: Unexpected control message 0 in disconnect sequence pptpd[17385] CTRL: EOF or bad error reading ctrl packet lenght pptpd[17385] CTRL: could't read packet header( exit ) pptpd[17385] CTRL: Unexpected control message 0 in disconnect sequence pptpd[17385] CTRL: EOF or bad error reading ctrl packet lenght pptpd[17385] CTRL: could't read packet header( exit ) pptpd[17385] CTRL: Unexpected control message 0 in disconnect sequence Any clue? My poptop server works fine with other clients. Im using the current stable version, on a Redhat 6.0. TIA ------------------------------------------------- This mail sent through IMP: www.omnitracs.com.mx From phil at vibrationresearch.com Mon Dec 18 12:00:05 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Mon, 18 Dec 2000 13:00:05 -0500 Subject: [pptp-server] ppp_mppe seems to die In-Reply-To: Message-ID: <001501c0691c$59bec850$4500a8c0@vibrationresearch.com> This most likely is due to a bug in ppp_mppe that makes it fail to re-sync after a dropped packet. Patch your ppp_mppe.c file with http://www.vibres.com/pptpd/ppp_mppe_compressed_data_fix.diff See http://www.vibres.com/pptpd/pptpd-FAQ.txt for more details. From phil at vibrationresearch.com Mon Dec 18 12:27:33 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Mon, 18 Dec 2000 13:27:33 -0500 Subject: [pptp-server] PPTPD.LOG flooding the disk In-Reply-To: <977161469.3a3e4cfd46cde@www.omnitracs.com.mx> Message-ID: <001601c06920$305d3a60$4500a8c0@vibrationresearch.com> This has been fixed in version 1.0.1 and 1.1.2, at http://poptop.lineo.com Note that the information at moretonbay.com/vpn is no longer being updated. > -----Original Message----- > Im getting an error message that floods my pptpd logs > in my poptop servers. > > Any clue? My poptop server works fine with other clients. > Im using the current stable version, on a Redhat 6.0. From giulioo at pobox.com Mon Dec 18 12:37:32 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Mon, 18 Dec 2000 19:37:32 +0100 Subject: [pptp-server] Logging actual remote ip addr Message-ID: <20001218183855.6A61E163AB@i3.golden.dom> I'm using pptpd 1.1.2 on linux redhat 61, ppp 2.3.11, kernel 2.2.16. 1) pptpd issue Is there a way to get the actual ip address of the remote end from pptpd in order to send an email with it to someone? Right now, I use pppd ip-up as the email trigger, and look for REM_IP=`/bin/egrep "CTRL: Client .* control connection started" /var/log/local2|/usr/bin/tail -1|/usr/bin/awk '{print $8}'` I'd like a more deterministic way to do it. 2) pppd issue Is there a way to get the chap login name used by the remote end (to send an email...) Thanks -- giulioo at pobox.com From bbj at hhknet.dk Mon Dec 18 12:56:52 2000 From: bbj at hhknet.dk (Bjarke Bruun) Date: Mon, 18 Dec 2000 19:56:52 +0100 Subject: [pptp-server] Default routes Message-ID: <3A3E5DF4.3006B822@hhknet.dk> Hi again, I got the pptpd and pptp-linux up and running, but now I only get one default route for the local network. That is not what I want. I want to be able to get a default route for a network instead of just a VPN between to machines. Can anyone help with the ipchains setup ? localip = 192.168.3.0-255 remoteip = 192.168.20.0-255 That works fine but I want to be able to make a route from remoteip to 192.168.2.0 and 192.168.1.0 networks, so I can utilize the VPN... I'm rusty with ipchains, but will appriciate any help you can give. -- Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk __ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . From cboye at stud.uni-goettingen.de Mon Dec 18 13:04:17 2000 From: cboye at stud.uni-goettingen.de (Christian Boye) Date: Mon, 18 Dec 2000 20:04:17 +0100 (MET) Subject: [pptp-server] ppp_mppe seems to die In-Reply-To: <001801c06922$29525500$4500a8c0@vibrationresearch.com> Message-ID: On 18 Dec, Philip Van Baren wrote: > The patch is to the ppp_mppe kernel module, and not pppd. Sorry, i have pached the ppp_mppe kernel module. > Are you sure that you have patched and reinstalled the ppp_mppe > module on both the client and server? Yes. The connection is up for exactly 30seconds (the chap-timeout-time given by 'chap-internval 30' in /etc/ppp/options). After this time, the server send a new challenge to the client and the client answers with a response. Then the client send a lot of 'ResetReq's to the server and it is impossible to transfer data. Christian -- Universitaet Goettingen - Internet-Hotline (Administration) Platz der Goettinger Sieben 5, D-37073 Goettingen, Germany Phone: +49-551-398392, E-Mail: cboye at stud.uni-goettingen.de PGP-Key: http://www.stud.uni-goettingen.de/~cboye From georgev at citadelcomputer.com.au Mon Dec 18 13:48:29 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 19 Dec 2000 06:48:29 +1100 Subject: [pptp-server] Logging actual remote ip addr Message-ID: <90C35E9FADC0D41184770000E860EB4901BD6D@cittech> Yes you can, everybody has to remember that pptp is really a PPP link. So use the /etc/ppp/ip-up.local and /etc/ppp/ip-down.local to control your links that come up and down. Even pass the ipparam paramter into the pppd options so you can detect what type of connection it is in your scripts... Like mine. Just add a line somewhere and pass $1 $2 $3 $4 $5 $6 to get all information possible. ---------------------------- #!/bin/sh LINK=$6 if [ ! $LINK ]; then LINK="adsl" # Set linkname to ADSL coz theres a weird bug which ipparam doesn't passed from rp-pppoe echo "Setting LINK to ADSL" | logger -p local0.notice -t "IP-UP.LOCAL" fi # # Start fetchmail service for POP3 retrieval # /usr/bin/fetchmail -d 300 # These are the parameters passed to script by PPPD # interface-name tty-device speed local-IP-address remote-IP-address ipparam echo "Script Started for ($LINK) using $5" | logger -p local0.notice -t "IP-UP.LOCAL" case $LINK in pptp) echo "($LINK): PPTP connection started." | logger -p local0.notice -t "IP-UP.LOCAL" # # Add route for Citadel private network # echo "($LINK): Adding routes for clients." | logger -p local0.notice -t "IP-UP.LOCAL" route add -net 192.168.194.0/24 gw $5 # Client1 route add -net 10.10.0.0/24 gw $5 # Client2 route add -net 10.10.10.0/24 gw $5 # Client3 route add -host 203.34.20.3 gw $5 # Client4 ;; adsl) echo "$(LINK): ADSL connection up. Executing DDNS update to $4" | logger -p local0.notice -t "IP-UP.LOCAL" sleep 3 /usr/local/ddclient-2.3.6/ddclient -host mydomainlocation.dyndns.org -ip $4 OLDPPTP=`tail -1 /var/run/ppp-pptp.pid` kill `cat /var/run/$OLDPPTP.pid` # To kill old pptp session if ADSL disconnects and reconnects. ;; *) echo "($LINK): Unknown PPP invocation" >> /var/log/pppdial.log echo "($LINK): Unknown PPP invocation" | logger -p local0.notice -t "IP-UP.LOCAL" STATUS=`/usr/local/ddclient-2.3.6/ddclient -host newjackswing.dyndns.org -ip $4` if [ ! $STATUS = 0 ]; then echo "($LINK): Error updating DDNS" >> /var/log/pppdial.log fi kill `cat /var/run/ppp-pptp.pid` /bin/pptp-dev ;; esac # # Reload firewall rules # [ -x /etc/rc.d/init.d/firewall ] && /etc/rc.d/init.d/firewall reload -----Original Message----- From: Giulio Orsero [mailto:giulioo at pobox.com] Sent: Tuesday, December 19, 2000 5:38 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] Logging actual remote ip addr I'm using pptpd 1.1.2 on linux redhat 61, ppp 2.3.11, kernel 2.2.16. 1) pptpd issue Is there a way to get the actual ip address of the remote end from pptpd in order to send an email with it to someone? Right now, I use pppd ip-up as the email trigger, and look for REM_IP=`/bin/egrep "CTRL: Client .* control connection started" /var/log/local2|/usr/bin/tail -1|/usr/bin/awk '{print $8}'` I'd like a more deterministic way to do it. 2) pppd issue Is there a way to get the chap login name used by the remote end (to send an email...) Thanks -- giulioo at pobox.com _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From giulioo at pobox.com Mon Dec 18 14:00:29 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Mon, 18 Dec 2000 21:00:29 +0100 Subject: [pptp-server] Logging actual remote ip addr In-Reply-To: <90C35E9FADC0D41184770000E860EB4901BD6D@cittech> References: <90C35E9FADC0D41184770000E860EB4901BD6D@cittech> Message-ID: <20001218200151.D85621637C@i3.golden.dom> On Tue, 19 Dec 2000 06:48:29 +1100, you wrote: >Yes you can, everybody has to remember that pptp is really a PPP link. So >use the /etc/ppp/ip-up.local and /etc/ppp/ip-down.local to control your >links that come up and down. > >Even pass the ipparam paramter into the pppd options so you can detect what >type of connection it is in your scripts... Like mine. Just add a line >somewhere and pass $1 $2 $3 $4 $5 $6 to get all information possible. I'd already tried that, but those variables contain the ip address of the vpn, not the actual address of the remote client. If the remote client internet address is 212.x.x.x, and the vpn address assigned by pptpd to that client is 192.168.1.10, then $5 says 192.168.1.10, while I want 212.x.x.x. Is there a way to change this behavior? Thanks -- giulioo at pobox.com From georgev at citadelcomputer.com.au Mon Dec 18 15:08:30 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 19 Dec 2000 08:08:30 +1100 Subject: [pptp-server] PPTPD.LOG flooding the disk Message-ID: <90C35E9FADC0D41184770000E860EB4901BD6E@cittech> Why doesn't somebody put something on that site indicating that it is outdated and to vist poptop.lineo.com instead? Most search engines find moretonbay.com ..... -----Original Message----- From: Philip Van Baren [mailto:phil at vibrationresearch.com] Sent: Tuesday, December 19, 2000 5:28 AM To: pptp-server at lists.schulte.org Subject: RE: [pptp-server] PPTPD.LOG flooding the disk This has been fixed in version 1.0.1 and 1.1.2, at http://poptop.lineo.com Note that the information at moretonbay.com/vpn is no longer being updated. > -----Original Message----- > Im getting an error message that floods my pptpd logs > in my poptop servers. > > Any clue? My poptop server works fine with other clients. > Im using the current stable version, on a Redhat 6.0. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Mon Dec 18 15:47:48 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 19 Dec 2000 08:47:48 +1100 Subject: [pptp-server] Logging actual remote ip addr Message-ID: <90C35E9FADC0D41184770000E860EB4901BD71@cittech> I don't know how that can be... because your PPP shows up as... eg.. ppp1 Link encap:Point-to-Point Protocol inet addr:10.0.0.1 P-t-P:10.0.0.68 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:231490 errors:0 dropped:0 overruns:0 frame:0 TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 So how the hell is it reporting the external addresses... Just add the following line into your /etc/ppp/ip-up.local and watch the logs as your bring the link up echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log Bring the link up and then look at this file.. let me know what you get.. Change IPs if it's internet addresses for privacy if responding to the mailling list. thanks, George -----Original Message----- From: Giulio Orsero [mailto:giulioo at pobox.com] Sent: Tuesday, December 19, 2000 7:00 AM To: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Logging actual remote ip addr On Tue, 19 Dec 2000 06:48:29 +1100, you wrote: >Yes you can, everybody has to remember that pptp is really a PPP link. So >use the /etc/ppp/ip-up.local and /etc/ppp/ip-down.local to control your >links that come up and down. > >Even pass the ipparam paramter into the pppd options so you can detect what >type of connection it is in your scripts... Like mine. Just add a line >somewhere and pass $1 $2 $3 $4 $5 $6 to get all information possible. I'd already tried that, but those variables contain the ip address of the vpn, not the actual address of the remote client. If the remote client internet address is 212.x.x.x, and the vpn address assigned by pptpd to that client is 192.168.1.10, then $5 says 192.168.1.10, while I want 212.x.x.x. Is there a way to change this behavior? Thanks -- giulioo at pobox.com _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From giulioo at pobox.com Mon Dec 18 16:03:39 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Mon, 18 Dec 2000 23:03:39 +0100 Subject: [pptp-server] Logging actual remote ip addr In-Reply-To: <90C35E9FADC0D41184770000E860EB4901BD71@cittech> References: <90C35E9FADC0D41184770000E860EB4901BD71@cittech> Message-ID: <20001218220502.154731637C@i3.golden.dom> On Tue, 19 Dec 2000 08:47:48 +1100, you wrote: >I don't know how that can be... because your PPP shows up as... eg.. >ppp1 Link encap:Point-to-Point Protocol > inet addr:10.0.0.1 P-t-P:10.0.0.68 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > RX packets:231490 errors:0 dropped:0 overruns:0 frame:0 > TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:10 >So how the hell is it reporting the external addresses... Sorry, I don't understand. Suppose I use in pptpd.conf: localip 10.0.0.1 remoteip 10.0.0.68 (just an example to follow you on the above output) and suppose a client connects to its ISP and gets ip 212.x.x.x. that clients connect to my VPN server, say 210.x.x.x. Then, the variables in ip-up will show 10.0.0.1 and 10.0.0.68, while I want to know the 212.x.x.x address of the client which I only see in the pptpd log (through syslog) >Just add the following line into your /etc/ppp/ip-up.local and watch the >logs as your bring the link up >echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log $4 and $5 would be 10.0.0.1 and 10.0.0.68 As far as I understand pptd<--->pppd interaction, pppd only sees internal/vpn addresses (the one you specify in pptpd.conf), not the real internet addresses (the one I want to automatically email to someone). -- giulioo at pobox.com From poptop at omnitracs.com.mx Mon Dec 18 16:21:52 2000 From: poptop at omnitracs.com.mx (poptop at omnitracs.com.mx) Date: Mon, 18 Dec 2000 16:21:52 -0600 (CST) Subject: [pptp-server] PPTPD.LOG flooding the disk In-Reply-To: <001601c06920$305d3a60$4500a8c0@vibrationresearch.com> References: <001601c06920$305d3a60$4500a8c0@vibrationresearch.com> Message-ID: <977178112.3a3e8e00a3941@www.omnitracs.com.mx> Hey thanks Phillip! altough I feel like if I did not make my homework.:/ Best regards. Mensaje citado por: Philip Van Baren : > This has been fixed in version 1.0.1 and 1.1.2, at > http://poptop.lineo.com > > Note that the information at moretonbay.com/vpn is no longer being > updated. > > > -----Original Message----- > > Im getting an error message that floods my pptpd logs > > in my poptop servers. > > > > Any clue? My poptop server works fine with other clients. > > Im using the current stable version, on a Redhat 6.0. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > ------------------------------------------------- This mail sent through IMP: www.omnitracs.com.mx From georgev at citadelcomputer.com.au Mon Dec 18 17:48:05 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 19 Dec 2000 10:48:05 +1100 Subject: [pptp-server] Logging actual remote ip addr Message-ID: <90C35E9FADC0D41184770000E860EB4901BD73@cittech> Oh sorry, I missed the very last line in your email and I know now what IP you meant... sorry. I can't see any other info on that except in /var/log/messages file. I don't know of any other way except to use the line below in your ip-up.local .. problem with with it is if you get 2 people connecting to the PPTPD server at the same time that it could possibly grab the wrong IP for the wrong client. grep "CTRL: Client" /var/log/messages | grep started | tail -1 | cut -f 8 -d " " -----Original Message----- From: Giulio Orsero [mailto:giulioo at pobox.com] Sent: Tuesday, December 19, 2000 9:04 AM To: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Logging actual remote ip addr On Tue, 19 Dec 2000 08:47:48 +1100, you wrote: >I don't know how that can be... because your PPP shows up as... eg.. >ppp1 Link encap:Point-to-Point Protocol > inet addr:10.0.0.1 P-t-P:10.0.0.68 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > RX packets:231490 errors:0 dropped:0 overruns:0 frame:0 > TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:10 >So how the hell is it reporting the external addresses... Sorry, I don't understand. Suppose I use in pptpd.conf: localip 10.0.0.1 remoteip 10.0.0.68 (just an example to follow you on the above output) and suppose a client connects to its ISP and gets ip 212.x.x.x. that clients connect to my VPN server, say 210.x.x.x. Then, the variables in ip-up will show 10.0.0.1 and 10.0.0.68, while I want to know the 212.x.x.x address of the client which I only see in the pptpd log (through syslog) >Just add the following line into your /etc/ppp/ip-up.local and watch the >logs as your bring the link up >echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log $4 and $5 would be 10.0.0.1 and 10.0.0.68 As far as I understand pptd<--->pppd interaction, pppd only sees internal/vpn addresses (the one you specify in pptpd.conf), not the real internet addresses (the one I want to automatically email to someone). -- giulioo at pobox.com _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Tue Dec 19 02:52:06 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Tue, 19 Dec 2000 19:52:06 +1100 Subject: [pptp-server] Logging actual remote ip addr Message-ID: <90C35E9FADC0D41184770000E860EB4901BD7B@cittech> I actually found a way of doing this in a more proper fashion.. If you run PPTPD from the inet services and use TCP wrappers, you can spawn a script for every connection using the TCP wrappers hosts.allow file. I have tested this and I hope people archive this somewhere on a site because I ain't keeping this set up. /etc/inetd.conf # Please Note, the next line is ONE LINE pptpctrl stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/pptpctrl 0 1 /etc/pp p/options.pptp 1 115200 1 10.10.0.1 0 0 /etc/hosts.allow # Spawns the script on every connection pptpctrl: ALL : spawn (/sbin/pptpdlog %n %a %d) /sbin/pptplog # Logs IPName IP DaemonProc #!/bin/bash echo "[`date +\"%D\"`] : $1 $2 $3" >> /var/log/pptpuser.log I hope this helps somebody out there.. -----Original Message----- From: George Vieira Sent: Tuesday, December 19, 2000 10:48 AM To: 'Giulio Orsero'; pptp-server at lists.schulte.org Subject: RE: [pptp-server] Logging actual remote ip addr Oh sorry, I missed the very last line in your email and I know now what IP you meant... sorry. I can't see any other info on that except in /var/log/messages file. I don't know of any other way except to use the line below in your ip-up.local .. problem with with it is if you get 2 people connecting to the PPTPD server at the same time that it could possibly grab the wrong IP for the wrong client. grep "CTRL: Client" /var/log/messages | grep started | tail -1 | cut -f 8 -d " " -----Original Message----- From: Giulio Orsero [mailto:giulioo at pobox.com] Sent: Tuesday, December 19, 2000 9:04 AM To: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Logging actual remote ip addr On Tue, 19 Dec 2000 08:47:48 +1100, you wrote: >I don't know how that can be... because your PPP shows up as... eg.. >ppp1 Link encap:Point-to-Point Protocol > inet addr:10.0.0.1 P-t-P:10.0.0.68 Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > RX packets:231490 errors:0 dropped:0 overruns:0 frame:0 > TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:10 >So how the hell is it reporting the external addresses... Sorry, I don't understand. Suppose I use in pptpd.conf: localip 10.0.0.1 remoteip 10.0.0.68 (just an example to follow you on the above output) and suppose a client connects to its ISP and gets ip 212.x.x.x. that clients connect to my VPN server, say 210.x.x.x. Then, the variables in ip-up will show 10.0.0.1 and 10.0.0.68, while I want to know the 212.x.x.x address of the client which I only see in the pptpd log (through syslog) >Just add the following line into your /etc/ppp/ip-up.local and watch the >logs as your bring the link up >echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log $4 and $5 would be 10.0.0.1 and 10.0.0.68 As far as I understand pptd<--->pppd interaction, pppd only sees internal/vpn addresses (the one you specify in pptpd.conf), not the real internet addresses (the one I want to automatically email to someone). -- giulioo at pobox.com _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From fruza at yahoo.com Tue Dec 19 03:29:33 2000 From: fruza at yahoo.com (=?iso-8859-1?q?Fernando=20Ruza?=) Date: Tue, 19 Dec 2000 01:29:33 -0800 (PST) Subject: [pptp-server] can't locate module char-major-108 Message-ID: <20001219092933.6377.qmail@web2202.mail.yahoo.com> Hello there !!, I have included encryption to the connection of my PPTP server. So far, everything seems to be ok I can connect using the encription password option from my Win95 clients however in my pptpd log file I have a line with the following error and I don't know what's the meaning of this: can't locate module char-major-108 Do I need to compile some new module ?? Did I forget something ?? Any help would be appreciate, Thanks in advanced, Fernando Ruza ===== --------------------------------------------------------- Fernando Ruza Rodr?guez fruza at yahoo.com Tfno curro:0034 91 8877051 Tfno movil:649 020078 __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ From godfrey at hattaway-associates.com Tue Dec 19 05:23:27 2000 From: godfrey at hattaway-associates.com (Godfrey Livingstone) Date: Wed, 20 Dec 2000 00:23:27 +1300 Subject: [pptp-server] Logging actual remote ip addr References: <90C35E9FADC0D41184770000E860EB4901BD7B@cittech> Message-ID: <3A3F452E.E793CF4F@hattaway-associates.com> I use tcpwrappers to limit access to to pptp-server but I run the server as a deamon. I wanted to know who tried to connect and who connected So I log the IPaddress the name associated with the address and if an ident server is available the user who tried to connect. Dec 19 23:59:16 server01 pptpd[775]: CTRL: ALLOWED by tcp_wrappers connection from XX-XX-XX-XXX.isp.net [XX.XX.XX.XXX] user "unknown" I wrote the following patch to output information on those who connect or attempt to connect , maybe this helps it applies to either pptd version. Godfrey ################################################################# --- pptpd-1.0.0/pptpmanager.c Thu Sep 23 12:01:28 1999 +++ pptpd-1.0.0.patched/pptpmanager.c Mon Sep 25 14:46:51 2000 @@ -188,11 +188,20 @@ * type deny so probably best to just drop it immediately like * this, as tcp wrappers usually do. */ + syslog(LOG_INFO, "CTRL: DENYED by tcp_wrappers connection from %s [%s] user \"%s\"", + eval_hostname(&(r.client)), + eval_hostaddr(&(r.client)), + eval_user(&r)); close(clientSocket); /* this would never be file descriptor 0, so use it as a error * value */ clientSocket = 0; + } else { + syslog(LOG_INFO, "CTRL: ALLOWED by tcp_wrappers connection from %s [%s] user \"%s\"", + eval_hostname(&(r.client)), + eval_hostaddr(&(r.client)), + eval_user(&r)); } } #endif ################################################################################################### George Vieira wrote: > I actually found a way of doing this in a more proper fashion.. > > If you run PPTPD from the inet services and use TCP wrappers, you can spawn > a script for every connection using the TCP wrappers hosts.allow file. > I have tested this and I hope people archive this somewhere on a site > because I ain't keeping this set up. > > /etc/inetd.conf # Please Note, the next line is ONE LINE > pptpctrl stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/pptpctrl 0 1 > /etc/pp > p/options.pptp 1 115200 1 10.10.0.1 0 0 > > /etc/hosts.allow # Spawns the script on every connection > pptpctrl: ALL : spawn (/sbin/pptpdlog %n %a %d) > > /sbin/pptplog # Logs IPName IP DaemonProc > #!/bin/bash > echo "[`date +\"%D\"`] : $1 $2 $3" >> /var/log/pptpuser.log > > I hope this helps somebody out there.. > > -----Original Message----- > From: George Vieira > Sent: Tuesday, December 19, 2000 10:48 AM > To: 'Giulio Orsero'; pptp-server at lists.schulte.org > Subject: RE: [pptp-server] Logging actual remote ip addr > > Oh sorry, I missed the very last line in your email and I know now what IP > you meant... sorry. > > I can't see any other info on that except in /var/log/messages file. > > I don't know of any other way except to use the line below in your > ip-up.local .. problem with with it is if you get 2 people connecting to the > PPTPD server at the same time that it could possibly grab the wrong IP for > the wrong client. > > grep "CTRL: Client" /var/log/messages | grep started | tail -1 | cut -f 8 -d > " " > > -----Original Message----- > From: Giulio Orsero [mailto:giulioo at pobox.com] > Sent: Tuesday, December 19, 2000 9:04 AM > To: pptp-server at lists.schulte.org > Subject: Re: [pptp-server] Logging actual remote ip addr > > On Tue, 19 Dec 2000 08:47:48 +1100, you wrote: > > >I don't know how that can be... because your PPP shows up as... eg.. > >ppp1 Link encap:Point-to-Point Protocol > > inet addr:10.0.0.1 P-t-P:10.0.0.68 Mask:255.255.255.255 > > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 > > RX packets:231490 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:10 > >So how the hell is it reporting the external addresses... > Sorry, I don't understand. > Suppose I use in pptpd.conf: > localip 10.0.0.1 > remoteip 10.0.0.68 (just an example to follow you on the above output) > and suppose a client connects to its ISP and gets ip 212.x.x.x. > that clients connect to my VPN server, say 210.x.x.x. > > Then, the variables in ip-up will show 10.0.0.1 and 10.0.0.68, while I > want to know the 212.x.x.x address of the client which I only see in the > pptpd log (through syslog) > > >Just add the following line into your /etc/ppp/ip-up.local and watch the > >logs as your bring the link up > >echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log > $4 and $5 would be 10.0.0.1 and 10.0.0.68 > > As far as I understand pptd<--->pppd interaction, pppd only sees > internal/vpn addresses (the one you specify in pptpd.conf), not the real > internet addresses (the one I want to automatically email to someone). > > -- > giulioo at pobox.com > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! From Steve at SteveCowles.com Tue Dec 19 07:16:53 2000 From: Steve at SteveCowles.com (Cowles, Steve) Date: Tue, 19 Dec 2000 07:16:53 -0600 Subject: [pptp-server] can't locate module char-major-108 Message-ID: <90769AF04F76D41186C700A0C90AFC3EE5D3@defiant.infohiiway.com> > -----Original Message----- > From: Fernando Ruza > > Hello there !!, > > I have included encryption to the connection of my > PPTP server. So far, everything seems to be ok I can > connect using the encryption password option from my > Win95 clients however in my pptpd log file I have a > line with the following error and I don't know what's > the meaning of this: > > can't locate module char-major-108 No need to re-compile, just add the following line to your /etc/conf.modules file. alias char-major-108 ppp_generic Steve Cowles From giulioo at pobox.com Tue Dec 19 08:30:38 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue, 19 Dec 2000 15:30:38 +0100 Subject: [pptp-server] Logging actual remote ip addr In-Reply-To: <90C35E9FADC0D41184770000E860EB4901BD7B@cittech> References: <90C35E9FADC0D41184770000E860EB4901BD7B@cittech> Message-ID: <20001219143207.76EB416462@i3.golden.dom> On Tue, 19 Dec 2000 19:52:06 +1100, you wrote: >I actually found a way of doing this in a more proper fashion.. > >If you run PPTPD from the inet services and use TCP wrappers, you can spawn >a script for every connection using the TCP wrappers hosts.allow file. Thanks, I'm going to try this or similar in the next days. -- giulioo at pobox.com From vlast at eetc.com Tue Dec 19 10:17:46 2000 From: vlast at eetc.com (Vlad Strezhnev) Date: Tue, 19 Dec 2000 10:17:46 -0600 Subject: [pptp-server] Re: Connection is on, communication is off... Message-ID: <3A3F8A29.97C8559B@eetc.com> Following my yesterday's posting, here are some additional debug info. This is form firewall log. It shows that for about 10 min everithhing was OK, then suddenly ip_masq_in_gre() lookups start failing. This state could last for hours with active connection and no communication. Any ideas? ### Dec 18 14:04:58 SparcFirewall kernel: ip_masq_gre(): creating GRE masq for [PPTPD server IP] -> [Remote IP] CID=C000 MCID=58E1 Dec 18 14:04:58 SparcFirewall kernel: ip_masq_gre(): O-routed from [Firewall IP] Dec 18 14:04:58 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 VER=81 PROTO=880B Dec 18 14:04:58 SparcFirewall kernel: ip_masq_in_get_gre(): lookup [Remote IP]->[Firewall IP] CID=58E1 OK Dec 18 14:04:58 SparcFirewall kernel: ip_demasq_gre(): I-routed to [PPTPD server IP] CID=0 Dec 18 14:04:58 SparcFirewall kernel: ip_masq_gre(): [PPTPD server IP] -> [Remote IP] CID=C000 VER=81 PROTO=880B Dec 18 14:04:58 SparcFirewall kernel: ip_masq_gre(): O-routed from [Firewall IP] ..... Dec 18 14:11:23 SparcFirewall kernel: ip_masq_in_get_gre(): lookup [Remote IP]->[Firewall IP] CID=58E1 OK Dec 18 14:11:23 SparcFirewall kernel: ip_demasq_gre(): I-routed to [PPTPD server IP] CID=0 Dec 18 14:11:23 SparcFirewall kernel: ip_masq_gre(): [PPTPD server IP] -> [Remote IP] CID=4000 VER=81 PROTO=880B Dec 18 14:11:23 SparcFirewall kernel: ip_masq_gre(): O-routed from [Firewall IP] Dec 18 14:17:21 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 VER=1 PROTO=880B Dec 18 14:17:21 SparcFirewall kernel: ip_masq_in_get_gre(): lookup [Remote IP]->[Firewall IP] CID=0 FAIL Dec 18 14:17:21 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 no masq table, discarding Dec 18 14:20:32 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 VER=1 PROTO=880B Dec 18 14:20:32 SparcFirewall kernel: ip_masq_in_get_gre(): lookup [Remote IP]->[Firewall IP] CID=0 FAIL Dec 18 14:20:32 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 no masq table, discarding Dec 18 14:20:32 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 VER=1 PROTO=880B Dec 18 14:20:32 SparcFirewall kernel: ip_masq_in_get_gre(): lookup [Remote IP]->[Firewall IP] CID=0 FAIL Dec 18 14:20:32 SparcFirewall kernel: ip_demasq_gre(): [Remote IP] -> [Firewall IP] CID=0 no masq table, discarding ...... ### ...... From pontus at svulst.multima.se Tue Dec 19 10:22:58 2000 From: pontus at svulst.multima.se (Pontus Claesson) Date: Tue, 19 Dec 2000 17:22:58 +0100 Subject: [pptp-server] Setting up a pptp server Message-ID: <200012191622.RAA10827@svulst.multima.se> I\'m quite new to this so please be patient to me. I\'v sett up a RedHat 6.1 box runnning 2.2.17 and ipchains as a firewall for a internal 10.0.0.1 net. I want to connect to the firewall somewhere on the internet and be able to se all the \"internal\" machines, mount their disks an log on the W2k domain thats inside there. After spending some time reading manny FAQ\'s and HOWTO\'s I\'m still a little confused. Can someone please tell me if this is the right way to manage this. Get the source for ppp 2.3.8. Get the source for SSLeya Get the some kind of patch for ppp. Aply the patches on ppp, and then compile it. I\'m currently running ppp 2.3.10-1 and have succeed installing the pptpd RPM. When I try connecting to the server (with all the ipchains wide open) I get several errors such as No free connection slots ot IPs - no more can connect. peer refused to authenticate: terminating link Can someone please help me with some bright ideas to sett this upp and to config ipchains to accept the connections. From drjchris at yahoo.com Tue Dec 19 10:50:12 2000 From: drjchris at yahoo.com (Chris Carella) Date: Tue, 19 Dec 2000 08:50:12 -0800 (PST) Subject: [pptp-server] options pushing out DNS Message-ID: <20001219165012.33492.qmail@web9708.mail.yahoo.com> With the following line in my options file mswins 192.168.0.1 I can have poptop push the wins server information to remote windows client... is there a similar function to allow me to push out the DNS server to the client? I'd like to point the remote client to one machine running DNS. MS Exchange/Outlook, loves to use the c:\windows\hosts file, why not just have it get hosts from one gnu/linux machine that has all the network ip information? Well just wondering if it is possible, and if not, where do I start if I want to try and code this functionality into it. Thanks Christopher J Carella __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ From jared at wanware.com Tue Dec 19 11:16:27 2000 From: jared at wanware.com (Jared Riley) Date: Tue, 19 Dec 2000 12:16:27 -0500 Subject: [pptp-server] options pushing out DNS References: <20001219165012.33492.qmail@web9708.mail.yahoo.com> Message-ID: <008101c069df$6c956f10$0364000a@shprd1.on.wave.home.com> Hi, ----- Original Message ----- From: "Chris Carella" > With the following line in my options file > mswins 192.168.0.1 > > I can have poptop push the wins server information to remote > windows client... is there a similar function to allow me to > push out the DNS server to the client? Yes. The option is "ms-dns". You can find all of the legal options by doing man pppd. Jared From Geoff at incognito.com Tue Dec 19 12:34:06 2000 From: Geoff at incognito.com (Denning, Geoff) Date: Tue, 19 Dec 2000 10:34:06 -0800 Subject: [pptp-server] Routing IPX/SPX through Poptop Message-ID: <716D440F8C29D311991100A0C9204874C2DA0D@GIDGET.INCOGNITO.COM> Hi everyone, I'm fairly new to the Poptop VPN server, but I've managed to configure it to the point where it successfully routes TCP/IP, and I can connect to it using a Microsoft VPN client. However, I have been unsuccessful in getting it to route IPX/SPX. When I attempt to connect to the server using Windows 2000, Windows reports that it was unable to negotiate a compatible set of protocols for IPX/SPX, or something like that. Anyone have some hints on how to configure IPX/SPX routing on Poptop? From georgev at citadelcomputer.com.au Tue Dec 19 15:25:45 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Wed, 20 Dec 2000 08:25:45 +1100 Subject: [pptp-server] Setting up a pptp server Message-ID: <90C35E9FADC0D41184770000E860EB4901BD7E@cittech> I have RedHat 6.2 and upgraded my kernel to 2.2.17 from 2.2.16-3 and used the instructions at http://www.vibres.com/pptpd/example.html Worked well for me. Don't downgrade your PPP to 2.3.8 but use the latest or 2.3.11 -----Original Message----- From: Pontus Claesson [mailto:pontus at svulst.multima.se] Sent: Wednesday, December 20, 2000 3:23 AM To: pptp-server Subject: [pptp-server] Setting up a pptp server I\'m quite new to this so please be patient to me. I\'v sett up a RedHat 6.1 box runnning 2.2.17 and ipchains as a firewall for a internal 10.0.0.1 net. I want to connect to the firewall somewhere on the internet and be able to se all the \"internal\" machines, mount their disks an log on the W2k domain thats inside there. After spending some time reading manny FAQ\'s and HOWTO\'s I\'m still a little confused. Can someone please tell me if this is the right way to manage this. Get the source for ppp 2.3.8. Get the source for SSLeya Get the some kind of patch for ppp. Aply the patches on ppp, and then compile it. I\'m currently running ppp 2.3.10-1 and have succeed installing the pptpd RPM. When I try connecting to the server (with all the ipchains wide open) I get several errors such as No free connection slots ot IPs - no more can connect. peer refused to authenticate: terminating link Can someone please help me with some bright ideas to sett this upp and to config ipchains to accept the connections. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From georgev at citadelcomputer.com.au Tue Dec 19 15:31:38 2000 From: georgev at citadelcomputer.com.au (George Vieira) Date: Wed, 20 Dec 2000 08:31:38 +1100 Subject: [pptp-server] options pushing out DNS Message-ID: <90C35E9FADC0D41184770000E860EB4901BD7F@cittech> yes, this is a standard pppd question and not a pptpd question. use this in your /etc/ppp/options file ms-dns xxx.xxx.xxx.xxx -----Original Message----- From: Chris Carella [mailto:drjchris at yahoo.com] Sent: Wednesday, December 20, 2000 3:50 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] options pushing out DNS With the following line in my options file mswins 192.168.0.1 I can have poptop push the wins server information to remote windows client... is there a similar function to allow me to push out the DNS server to the client? I'd like to point the remote client to one machine running DNS. MS Exchange/Outlook, loves to use the c:\windows\hosts file, why not just have it get hosts from one gnu/linux machine that has all the network ip information? Well just wondering if it is possible, and if not, where do I start if I want to try and code this functionality into it. Thanks Christopher J Carella __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/ _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From cboye at stud.uni-goettingen.de Tue Dec 19 15:44:27 2000 From: cboye at stud.uni-goettingen.de (Christian Boye) Date: Tue, 19 Dec 2000 22:44:27 +0100 (MET) Subject: [pptp-server] two bugs in pppd (mppe-patch) Message-ID: hi, i have found two bugs in the pppd, more concrete in the mppe-patch (pppd/chap_ms.c:ChapMS_v2_Auth) near line 326. SHA1_Update(&Context, Magic2, sizeof(Magic2) - 1); SHA1_Final(Digest, &Context); - s = stpcpy(StrResponse, "S="); + s = strcpy(StrResponse, "S="); + s += 2; for(i = 0; i < SHA_DIGEST_LENGTH; ++i) { *s++ = HexDigs[Digest[i] >> 4]; *s++ = HexDigs[Digest[i] & 0x0F]; } *s = '\0'; BCOPY(StrResponse, cstate->response, sizeof(StrResponse)); The function stpcpy is unknown and does not initialize the variable s. It should be strcpy. But without 's += 2' the "S=" is overwritten by the ASCII-digest. Christian -- Universitaet Goettingen - Internet-Hotline (Administration) Platz der Goettinger Sieben 5, D-37073 Goettingen, Germany Phone: +49-551-398392, E-Mail: cboye at stud.uni-goettingen.de PGP-Key: http://www.stud.uni-goettingen.de/~cboye From pontus at svulst.multima.se Wed Dec 20 08:15:01 2000 From: pontus at svulst.multima.se (Pontus Claesson) Date: Wed, 20 Dec 2000 15:15:01 +0100 Subject: [pptp-server] forwarding GRE Message-ID: <200012201415.PAA11517@svulst.multima.se> Does annyone know how to forward the GRE protocol using IPfwd and IPchains? Regards /Pontus From ffranco at interlog.com Wed Dec 20 09:05:19 2000 From: ffranco at interlog.com (Francisco Franco) Date: Wed, 20 Dec 2000 10:05:19 -0500 Subject: [pptp-server] Routing Problem Message-ID: <3A40CAAE.6B014149@interlog.com> Hi Folks, I am running the POPTOP and I am able to connect to the network using VPN. I can access the immediate network on the other side of the firewall, however, I want to connect to another network on the inside of my network. I started to address this problem by adding a routing entry to the firewall machine and now I am able to ping that network and machines in that network is able to ping the firewall machine. However, when I dial-up with VPN, I am unable to take advantage of the routing tables on the dial-up machine. I have tried to add the route to windows without success. Here is the example: _______ Can't get here. / V S --------------- X --------------- X ------------- T My VPN Firewall ^ Internal Target Client PC | Router | I can get here and see all the devices in this network. Part of options.pptp includes the following: +++ proxyarp ms-wins 192.168.1.100 ms-dns 192.168.1.100 +++ Any suggestions? Francisco -------------- next part -------------- A non-text attachment was scrubbed... Name: ffranco.vcf Type: text/x-vcard Size: 418 bytes Desc: Card for Francisco Franco URL: From baust at healthdec.com Wed Dec 20 09:28:34 2000 From: baust at healthdec.com (Brian Aust) Date: Wed, 20 Dec 2000 10:28:34 -0500 Subject: [pptp-server] Unreliable poptop continues :-( Message-ID: Guys, this is really starting to get to me. I have a poptop server running here at work which USED to work just fine for half a year, and recently, since a rebuild, is flaky. Just this morning, within the span of 2 minutes, two different clients tried to access it. One worked, and one failed. And the one that failed DID work yesterday! Here's the logs for my successful attempt about 5 minutes ago. Please note the 3rd line: ------------------------------- Dec 20 11:14:04 BNYATALIE pptpd[1476]: CTRL: Client 24.163.35.141 control connection started Dec 20 11:14:04 BNYATALIE pptpd[1476]: CTRL: Starting call (launching pppd, opening GRE) Dec 20 11:14:04 BNYATALIE kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 20 11:14:04 BNYATALIE kernel: PPP: version 2.3.7 (demand dialling) Dec 20 11:14:04 BNYATALIE kernel: PPP line discipline registered. Dec 20 11:14:04 BNYATALIE kernel: registered device ppp0 Dec 20 11:14:04 BNYATALIE pppd[1477]: pppd 2.3.10 started by root, uid 0 Dec 20 11:14:04 BNYATALIE pppd[1477]: Using interface ppp0 Dec 20 11:14:04 BNYATALIE pppd[1477]: Connect: ppp0 <--> /dev/pts/2 Dec 20 11:14:05 BNYATALIE kernel: PPP BSD Compression module registered Dec 20 11:14:05 BNYATALIE kernel: PPP Deflate Compression module registered Dec 20 11:14:05 BNYATALIE pppd[1477]: CHAP peer authentication succeeded for baust Dec 20 11:14:05 BNYATALIE pppd[1477]: found interface eth0 for proxy arp Dec 20 11:14:05 BNYATALIE pppd[1477]: local IP address 10.1.1.69 Dec 20 11:14:05 BNYATALIE pppd[1477]: remote IP address 10.3.1.1 Dec 20 11:14:05 BNYATALIE pppd[1477]: CCP terminated by peer Dec 20 11:14:05 BNYATALIE pppd[1477]: Compression disabled by peer. Dec 20 11:14:36 BNYATALIE pppd[1477]: LCP terminated by peer Dec 20 11:14:36 BNYATALIE pptpd[1476]: CTRL: Error with select(), quitting Dec 20 11:14:36 BNYATALIE pptpd[1476]: CTRL: Client 24.163.35.141 control connection finished Dec 20 11:14:36 BNYATALIE pppd[1477]: Modem hangup Dec 20 11:14:36 BNYATALIE pppd[1477]: Connection terminated. Dec 20 11:14:36 BNYATALIE pppd[1477]: Connect time 0.6 minutes. Dec 20 11:14:36 BNYATALIE pppd[1477]: Sent 1308 bytes, received 2558 bytes. Dec 20 11:14:36 BNYATALIE pppd[1477]: Exit. -------------------------------- Now a minute later, a different client tries to get in (she was able to get in yesterday with no problems): -------------------------------- Dec 20 11:15:00 BNYATALIE pptpd[1482]: CTRL: Client 24.190.9.158 control connection started Dec 20 11:15:00 BNYATALIE pptpd[1482]: CTRL: Starting call (launching pppd, opening GRE) Dec 20 11:15:00 BNYATALIE pppd[1483]: pppd 2.3.10 started by root, uid 0 Dec 20 11:15:00 BNYATALIE pppd[1483]: Using interface ppp0 Dec 20 11:15:00 BNYATALIE pppd[1483]: Connect: ppp0 <--> /dev/pts/2 Dec 20 11:15:30 BNYATALIE pptpd[1482]: CTRL: Error with select(), quitting Dec 20 11:15:30 BNYATALIE pptpd[1482]: CTRL: Client 24.190.9.158 control connection finished Dec 20 11:15:30 BNYATALIE pppd[1483]: Modem hangup Dec 20 11:15:30 BNYATALIE pppd[1483]: Connection terminated. Dec 20 11:15:30 BNYATALIE pppd[1483]: Exit. ------------------------------- See the difference? Up in the first effort, i get a CSLIP University of California statement, which didn't happen a mere 1 minute later with the 2nd client. The kernel is not even kicking in the 2nd client. Why is this sometimes working and sometimes not? It was working JUST FINE for the 2nd client yesterday, but then she tries today and gets that failure. Any ideas at all? I've tried so many combinations of poptop and ppp versions. Right now i'm using 1.0.0 with 2.3.10, but i've been trying with 1.0.1 and 2.3.11, with similar results. Any help or insight anyone can provide would be greatly appreciated. Cheers, Brian Aust -----Original Message----- From: George Vieira [mailto:georgev at citadelcomputer.com.au] Sent: Tuesday, December 19, 2000 4:26 PM To: 'Pontus Claesson'; pptp-server Subject: RE: [pptp-server] Setting up a pptp server I have RedHat 6.2 and upgraded my kernel to 2.2.17 from 2.2.16-3 and used the instructions at http://www.vibres.com/pptpd/example.html Worked well for me. Don't downgrade your PPP to 2.3.8 but use the latest or 2.3.11 -----Original Message----- From: Pontus Claesson [mailto:pontus at svulst.multima.se] Sent: Wednesday, December 20, 2000 3:23 AM To: pptp-server Subject: [pptp-server] Setting up a pptp server I\'m quite new to this so please be patient to me. I\'v sett up a RedHat 6.1 box runnning 2.2.17 and ipchains as a firewall for a internal 10.0.0.1 net. I want to connect to the firewall somewhere on the internet and be able to se all the \"internal\" machines, mount their disks an log on the W2k domain thats inside there. After spending some time reading manny FAQ\'s and HOWTO\'s I\'m still a little confused. Can someone please tell me if this is the right way to manage this. Get the source for ppp 2.3.8. Get the source for SSLeya Get the some kind of patch for ppp. Aply the patches on ppp, and then compile it. I\'m currently running ppp 2.3.10-1 and have succeed installing the pptpd RPM. When I try connecting to the server (with all the ipchains wide open) I get several errors such as No free connection slots ot IPs - no more can connect. peer refused to authenticate: terminating link Can someone please help me with some bright ideas to sett this upp and to config ipchains to accept the connections. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From tmesick at uticacorp.com Wed Dec 20 12:17:12 2000 From: tmesick at uticacorp.com (Todd R. Mesick) Date: Wed, 20 Dec 2000 13:17:12 -0500 Subject: [pptp-server] PPTP and Win NT Message-ID: I am new to VPN, So I wanted to ask if what I am trying to due is possible. I have a Lan and on the lan I have a Linux gateway with two ethernet cards. One is connected to the lan and the other is connected to a cisco router. The linux machine servers as the Proxy server, DNS server and gateway. I would like to put VPN on it and have people connect in from home, however I need them to log on to an NT server(which is in the lan), so they can get there exchange mail and view the intranet web page, etc. I have pptpd running on the linux box and I am able to start a pptp session internally, but when I try to make an outside connection to it, I get an error " 619: the specified port is not connected". If anyone has any input or knows of a better solution, please e-mail me at tmesick at uticacorp.com. Thank you Todd Mesick From rcd at amherst.com Wed Dec 20 13:31:59 2000 From: rcd at amherst.com (Robert Dege) Date: Wed, 20 Dec 2000 14:31:59 -0500 Subject: [pptp-server] PPTP Probs Message-ID: <3A41092F.144C18AC@comptekamherst.com> This is my current setup: Linux PPTP --> Internet --> Masq and --> PPTP Server & Client Firewall Local Intranet Here's what I've done so far: On my PPTP Server On My Firewall ==================== =============== Installed PPP-2.3.11 Implemented ALL IP-Chains in Setup Guide Installed PPTP-1.1.2 Patched 2.2.16 kernel with ip_masq_pptp My Problem is that I am still getting Connection timeouts from my pptp server. debugging info: Dec 20 10:40:01 quark kernel: PPP: ppp line discipline successfully unregistered Dec 20 10:41:35 quark pptpd[7463]: CTRL: Client 12.19.228.57 control connection started Dec 20 10:41:35 quark pptpd[7463]: CTRL: Starting call (launching pppd, opening GRE) Dec 20 10:41:36 quark kernel: CSLIP: code copyright 1989 Regents of the University of California Dec 20 10:41:36 quark kernel: PPP: version 2.3.11 (demand dialling) Dec 20 10:41:36 quark kernel: PPP line discipline registered. Dec 20 10:41:36 quark kernel: registered device ppp0 Dec 20 10:41:36 quark pppd[7464]: pppd 2.3.11 started by root, uid 0 Dec 20 10:41:36 quark pppd[7464]: Using interface ppp0 Dec 20 10:41:36 quark pppd[7464]: Connect: ppp0 <--> /dev/pts/1 Dec 20 10:42:06 quark pppd[7464]: LCP: timeout sending Config-Requests Dec 20 10:42:06 quark pppd[7464]: Connection terminated. Dec 20 10:42:06 quark pppd[7464]: Exit. Dec 20 10:42:06 quark pptpd[7463]: Error reading from pppd: Input/output error Dec 20 10:42:06 quark pptpd[7463]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5) Dec 20 10:42:06 quark pptpd[7463]: CTRL: Client 12.19.228.57 control connection finished As you can see, it gets an LCP timeout. I thought that this was because of the GRE packets not getting through. That's when I patched the kernel with the pptp patch. Now here's the kicker. When I receive a PPTP session connection, the firewall doesn't load the pptp module. Can one of the IP chain rules from the Setup guide be causing some problems? Here is the log from the firewall/ip_masq server: Dec 20 11:41:35 firewall kernel: Packet log: input ACCEPT eth1 PROTO=6 x.x.228.57:1038 x.x.228.50:1723 L=48 S=0x00 I=48384 F=0x4000 T=128 SYN (#2) Any help is appreciated. -Rob From poptop at omnitracs.com.mx Wed Dec 20 13:45:36 2000 From: poptop at omnitracs.com.mx (poptop at omnitracs.com.mx) Date: Wed, 20 Dec 2000 13:45:36 -0600 (CST) Subject: [pptp-server] PROXY's success stories...anyone? Message-ID: <977341536.3a410c605a55f@www.omnitracs.com.mx> Hi, The company I work for is about to start a widespread PPTP deployment with about 100 customers. Our PoPToP server is working great and several test have been made with W95,W98, and WNT clients. Catch is that several of our clients will be working behind PROXY's servers, mainly Microsoft Proxy server, PROXY+, among others... So I was wondering if you guys could post some success stories about what proxy servers have you made work with PPTP. ANd perhaps post some tips about what to do in each case. ( I think that letting GRE pass is the toughest issue I guess )... So, any comment will be very appreciated. Thank you very much for your help! :) ------------------------------------------------- This mail sent through IMP: www.omnitracs.com.mx From beutner at algonet.se Thu Dec 21 07:31:21 2000 From: beutner at algonet.se (Magnus Beutner) Date: Thu, 21 Dec 2000 14:31:21 +0100 Subject: [pptp-server] forwarding GRE References: <200012201415.PAA11517@svulst.multima.se> Message-ID: <001901c06b52$51629780$1e7511ac@datorteket.lan> Hi You can't do it with 'ipforward' without patching etc. but You can do it with 'ipchains' here's how: _ipchains_-A_forward__-p_47__-s___-d___-j_ACCEPT_ note! You should neglect the underscores _ , I put them there in order to avoid the word-wrapping feature. // nmb ----- Original Message ----- From: "Pontus Claesson" To: Sent: Wednesday, December 20, 2000 3:15 PM Subject: [pptp-server] forwarding GRE > Does annyone know how to forward the GRE protocol using IPfwd and IPchains? > > Regards > > /Pontus > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > From toma at rulez.org Thu Dec 21 07:08:39 2000 From: toma at rulez.org (Tamas SZERB) Date: Thu, 21 Dec 2000 14:08:39 +0100 (CET) Subject: [pptp-server] pptpd porting under SCO Unixware 7 Message-ID: The port to that operating system is almost done, any notice or interesting will be welcomed. -- VWOL Tamas SZERB GPG public key: http://alabama.inf.elte.hu/~toma/gpgkey-toma.asc From bbj at hhknet.dk Thu Dec 21 12:19:44 2000 From: bbj at hhknet.dk (Bjarke Bruun) Date: Thu, 21 Dec 2000 19:19:44 +0100 Subject: [pptp-server] problems with 2000 Message-ID: <3A4249C0.A3F86ACE@hhknet.dk> I have the system up and running for Linux, with a little start/stop script that easily can be made a init.d script, but I can't log on to the pptp server with win 2000. $ cat /etc/ppp/options lock auth +chap +chapms-v2 mppe-40 mppe-128 mppe-stateless No matter how I setup the default pptp connection for win 2000 I get this message: $ tail /var/log/messages -n Dec 21 17:18:53 pitr pptpd[3255]: CTRL: Starting call (launching pppd, opening GRE) Dec 21 17:18:53 pitr pppd[3256]: pppd 2.3.11 started by root, uid 0 Dec 21 17:18:53 pitr pppd[3256]: Using interface ppp0 Dec 21 17:18:53 pitr pppd[3256]: Connect: ppp0 <--> /dev/pts/2 Dec 21 17:19:23 pitr pppd[3256]: LCP: timeout sending Config-Requests Dec 21 17:19:23 pitr pppd[3256]: Connection terminated. Dec 21 17:19:23 pitr pppd[3256]: Exit. Dec 21 17:19:23 pitr pptpd[3255]: GRE: read(fd=4,buffer=804d7c0,len=8196) from PTY failed: status = -1 error = Input/output error Dec 21 17:19:23 pitr pptpd[3255]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) Dec 21 17:19:23 pitr pptpd[3255]: CTRL: Client 192.168.2.120 control connection finished Does anyone know what to do ?? the win 2000 client is Windows 2000 Professional. -- Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk __ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . From neale at lowendale.com.au Thu Dec 21 14:57:56 2000 From: neale at lowendale.com.au (Neale Banks) Date: Fri, 22 Dec 2000 07:57:56 +1100 (EST) Subject: [pptp-server] problems with 2000 In-Reply-To: <3A4249C0.A3F86ACE@hhknet.dk> Message-ID: On Thu, 21 Dec 2000, Bjarke Bruun wrote: [...] > Does anyone know what to do ?? the win 2000 client is Windows 2000 > Professional. Include debug in ppp options and show us what then appears in ppp logs. HTH, Neale. From Stefan.Strehle at JAW.AT Fri Dec 22 03:10:14 2000 From: Stefan.Strehle at JAW.AT (Strehle Stefan) Date: Fri, 22 Dec 2000 10:10:14 +0100 Subject: [pptp-server] WG: forwarding GRE Message-ID: Two things are needed for forwarding of GRE, a utility called ipfwd and a kernel patch: details on: http://www.impsec.org/linux/masquerade/VPN-howto/VPN-Masquerade-3.html#ss3.4 The rest of the configuration is straightforward: Allow connection on port 1723 with ipchains, forward traffic coming in on 1723 with ipmasqadm, and then forward GRE traffic with ipfwd: ipchains -A input -p tcp -i $extint -s $anywhere -d $vpnserver 1723 -j ACCEPT ipmasqadm portfw -a -P tcp -L $extnet 1723 -R $vpnserver 1723 ipfwd --masq $vpnserver 47 & cheers, Stefan From toma at rulez.org Fri Dec 22 04:13:22 2000 From: toma at rulez.org (Tamas SZERB) Date: Fri, 22 Dec 2000 11:13:22 +0100 (CET) Subject: [pptp-server] pptpd porting under SCO Unixware 7 In-Reply-To: Message-ID: On Thu, 21 Dec 2000, Tamas SZERB wrote: As soon as possible I can publish (a couple days) the pathes to the original version of pptpd-1.0.1, but I hade to make a little modification in the unxiware kernel so I have to publish a little binary patch for the lsm code. Best regards, Tamas > The port to that operating system is almost done, any notice or > interesting will be welcomed. > > -- > VWOL > Tamas SZERB > GPG public key: http://alabama.inf.elte.hu/~toma/gpgkey-toma.asc > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! > -- VWOL Tamas SZERB GPG public key: http://alabama.inf.elte.hu/~toma/gpgkey-toma.asc From georgec2 at ix.netcom.com Fri Dec 22 08:28:45 2000 From: georgec2 at ix.netcom.com (george csahanin) Date: Fri, 22 Dec 2000 08:28:45 -0600 Subject: [pptp-server] Kernel patch for GRE References: Message-ID: <04ac01c06c23$7dab3000$0301a8c0@bdfrd1.tx.home.com> I'm trying to patch my 2.2.16 kernel for this, I've done it before to a 2.2.12 kernel and the patch flew with no chunks hurled. This one hurles five of five, and needless to say screws up the source tree. Anybody else have this problem? Anybody know of a place with precompiled modules(wishful thinking, but it's the holidays, may get lucky)? George C From bbj at hhknet.dk Fri Dec 22 09:29:50 2000 From: bbj at hhknet.dk (Bjarke Bruun) Date: Fri, 22 Dec 2000 16:29:50 +0100 Subject: [pptp-server] problems with 2000 Message-ID: <3A43736E.DA33D6A0@hhknet.dk> I have found the problem ... dhcp network behind firewall that is not configured to route GRE through :-) Thanks anyway, have now linux, 98, nt4 and 2000 connected at once, so good thoughts for pptp this x-mas :-) Merry christmas to you all -- Bjarke Bruun - E-mail: bbj at hhknet.dk http://linux.hhknet.dk __ / / (_)__ __ ____ __ / /__/ / _ \/ // /\ \/ / . . . t h e c h o i c e o f a /____/_/_//_/\_,_/ /_/\_\ G N U g e n e r a t i o n . . . From rcd at amherst.com Fri Dec 22 09:30:10 2000 From: rcd at amherst.com (Robert Dege) Date: Fri, 22 Dec 2000 10:30:10 -0500 Subject: [pptp-server] PPP options file Message-ID: <3A437382.39D77AC4@comptekamherst.com> Hey all, Well, I'm no longer getting the LCP: Timeout error. Now it goes straight to a pppd I/O error. Anybody have some insight or can point me in a direction? Is there anything that should be in my ppp/options file? I have lock & debug. Nothing more. 10:19:42 quark pptpd[1287]: CTRL: Client 12.19.228.57 control connection started 10:19:42 quark pptpd[1287]: CTRL: Starting call (launching pppd, opening GRE) 10:19:43 quark pptpd[1287]: Error reading from pppd: Input/output error 10:19:43 quark pptpd[1287]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5) 10:19:43 quark pptpd[1287]: CTRL: Client 12.19.228.57 control connection finished Thanks. -Rob From tmesick at uticacorp.com Fri Dec 22 13:21:12 2000 From: tmesick at uticacorp.com (Todd R. Mesick) Date: Fri, 22 Dec 2000 14:21:12 -0500 Subject: [pptp-server] HELP!!!! Message-ID: OK, I am very new to VPN. but here is what I want to do. I have a LAN with a linux gateway. The gateway has two ethernet cards. One is the lan side and one is the DMZ side. Neither have a "real" IP address. Only the router has the IP address. Anyway, I would like to setup a win 95/98/2000 system at a home location to connect to my windows domain at work. How do I connect to the gateway with pptp and then log onto the domain? Is this even possible? When I try it off the lan I can make a pptp connection to the gateway, but I am unable to connect to anything on the network. When I try through the internet I get error 619: the specified port is not connected. I also am trying to get encryption, but I have newer versions of the pppd and kernel then is specifed in the how-to on the mortonbay site.Is there current directions for red hat 7.0 and the newer pppd? Any help would be great. Thank you in advance. please respond to tmesick at uticacorp.com Todd Mesick From CharlesAppel at formulator.com Fri Dec 22 13:57:35 2000 From: CharlesAppel at formulator.com (Appel, Charles) Date: Fri, 22 Dec 2000 12:57:35 -0700 Subject: [pptp-server] (no subject) Message-ID: <1966F9881785D411AD4200508BDCC29F11D8FB@EMAIL> From edd at gis.ch Fri Dec 22 18:15:58 2000 From: edd at gis.ch (Eduard Kohler) Date: Sat, 23 Dec 2000 01:15:58 +0100 (Europe de l'Ouest) Subject: [pptp-server] PPTP Windows client Message-ID: <200012230010.BAA28679@mail.worldcom.ch> Hello, I configured the pptpd, the windows client and almost works ok. But I still have a "challange" with the Win9x client: After connecting the client, I do a "route" command. I can see here the entry who tells that all the traffic to 192.168.1.* goes through the 192.168.1.128 (my assigned address). This is ok to access data on the subnet 192.168.1.0 / 24, but I want to be able to access my whole LAN: 192.168.0.0 / 16. Anyone know how could I tell this to my Win9x client ?? Of course, deleting the route and adding a new one is a solution, but I want to do it automatically when I'm connecting the server. Eduard Kohler. From etienne at etolivia.com Sat Dec 23 01:02:37 2000 From: etienne at etolivia.com (Etienne Lau) Date: Fri, 22 Dec 2000 23:02:37 -0800 Subject: [pptp-server] Help IPCHAINS Message-ID: <002801c06cae$558717c0$c701a8c0@rct1.bc.wave.home.com> I have PPTP setup. However I do not have a set if IPCHAINS rules for the firewall. My setup is as follows: eth0: 192.168.1.254 this is the Internal IP eth1: 24.113.26.44 is the external IP. Any help would be appreciated. Thank you. Etienne -------------- next part -------------- An HTML attachment was scrubbed... URL: From allenp at nwlink.com Sat Dec 23 01:08:24 2000 From: allenp at nwlink.com (Paul Allen) Date: Fri, 22 Dec 2000 23:08:24 -0800 Subject: [pptp-server] PPTP on Mandrake 7.2 Message-ID: <3A444F68.9FE35F29@nwlink.com> Mandrake is using ppp-2.4.0 in their 7.2 distribution. It apparently includes PPTP, but not the MPPE encryption piece that's needed to talk to an NT PPTP server. The MPPE patch for the previous PPP version does not apply to the Mandrake sources. (It partially succeeds, but some of the rejects fail because the file being patched has changed drastically.) Is anybody working on porting the MPPE patch to the 2.4.0 version of PPP? Would I be better off just removing the Mandrake rpm's and building/patching the previous version by hand? Any suggestions will be welcomed! Thanks! Paul Allen From GeorgeV at citadelcomputer.com.au Sat Dec 23 01:11:55 2000 From: GeorgeV at citadelcomputer.com.au (George Vieira) Date: Sat, 23 Dec 2000 18:11:55 +1100 Subject: [pptp-server] PPTP Windows client Message-ID: <41476072F0CED41194D80080AD7F79D302D1BB@JUPITER> the only way I know is to do it in /etc/ppp/ip-up.local if it's a linux machine. make the script detect if it's the pptp tunnel being started or a normal dial up or whatever using the `ipparam` that pppd uses. Then just detect it and add the route into the script.. it'll work everytime as long as you use the ipparam command eg. pptp 203.x.x.x name whoever ipparam pptp noauth /etc/ppp/ip-up.local --------------------- #!/bin/bash if [ "$6" = "pptp"]; then route del -net 192.168.1.0/24 route add -net 192.168.0.0/16 fi that should do the trick.. -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Eduard Kohler Sent: Saturday, December 23, 2000 11:16 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] PPTP Windows client Hello, I configured the pptpd, the windows client and almost works ok. But I still have a "challange" with the Win9x client: After connecting the client, I do a "route" command. I can see here the entry who tells that all the traffic to 192.168.1.* goes through the 192.168.1.128 (my assigned address). This is ok to access data on the subnet 192.168.1.0 / 24, but I want to be able to access my whole LAN: 192.168.0.0 / 16. Anyone know how could I tell this to my Win9x client ?? Of course, deleting the route and adding a new one is a solution, but I want to do it automatically when I'm connecting the server. Eduard Kohler. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server List services provided by www.schulteconsulting.com! From edd at gis.ch Sat Dec 23 05:41:13 2000 From: edd at gis.ch (Eduard Kohler) Date: Sat, 23 Dec 2000 12:41:13 +0100 (Europe de l'Ouest) Subject: [pptp-server] PPTP Windows client Message-ID: <200012231141.MAA26954@mail.worldcom.ch> >the only way I know is to do it in /etc/ppp/ip-up.local if it's a linux >machine. > >make the script detect if it's the pptp tunnel being started or a normal >dial up or whatever using the `ipparam` that pppd uses. >Then just detect it and add the route into the script.. it'll work everytime >as long as you use the ipparam command eg. > >pptp 203.x.x.x name whoever ipparam pptp noauth > > >/etc/ppp/ip-up.local >--------------------- >#!/bin/bash > >if [ "$6" = "pptp"]; then > route del -net 192.168.1.0/24 > route add -net 192.168.0.0/16 >fi > >that should do the trick.. > I'm not sure to really understand this response. My server is a linux machine and my client is a windows machine. The route to add is on the client side. If I add the lines above in the ip-up script the route will be added on the server side, isn't it? Merry christmas, Eduard Kohler. From Alexey.Dementsov at oggi.spb.ru Mon Dec 25 04:17:49 2000 From: Alexey.Dementsov at oggi.spb.ru (Alexey) Date: Mon, 25 Dec 2000 13:17:49 +0300 Subject: [pptp-server] (no subject) Message-ID: <00c501c06e5b$ef4723b0$0201040a@oggi.spb.ru> Good day. I have a same dificult problem with tooling VPN based package poptop. I uses FreeBDS 3.1 operation system. Client is VPN Microsoft. Connection in the Local Aria Network was succesful. FreeBSD is connected with Internet by PPP with fixed ip adress x.x.x.x Client computer is connected whith Internet by dual-up with fixed ip-adress y.y.y.y Then I tried to connect through Internet . The messages "645 Dial-Up Networking could not complete the connection to the server. Check your configuration and try connection again." appeard after the check username password. My debug information: mail pptpd[345]: GRE: xmit failed from decaps_hdlc: Permission denied mail pptpd[345]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) mail pppd[346]: Modem hangup, connected for 1 minutes mail pppd[346]: Connection terminated, connected for 1 minutes mail pppd[348]: pppd 2.3.5 started by admin, uid 0 mail pppd[348]: Connect: ppp0 <--> /dev/ttyp1 mail pptpd[347]: GRE: xmit failed from decaps_hdlc: Permission denied mail pptpd[347]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) .......................... .......................... MGR: Couldn't create host socket pppd 2.3.5 started by admin, uid 0 Connect: ppp0 <--> /dev/ttyp1 LCP: timeout sending Config-Requests Connection terminated, connected for 1 minutes GRE: read(fd=4,buffer=804d218,len=8196) from PTY failed: status = 0 error = No CTRL: PTY read or GRE write failed (pty,gre)=(4,5) Configuration files are wrote below: /etc/rc.conf ifconfig_ed1="inet 10.4.1.1 netmask 255.255.255.0" defaultrouter="NO" network_interfaces="ed1 lo0" hostname="mail.oggi.spb.ru" keymap=ru.koi8-r keychange="61 ^[[K" scrnmap=koi8-r2cp866 font8x16=cpp866b-8x16 font8x14=cpp866-8x14 font8x8=cp866-8x8 firewall_enable = "YES" natd_enable="YES" natd_interface="tun0" natd_flags="-dynamic" ppp_enable="YES" ppp_mode="auto" ppp_nat="YES" /etc/rc.firewall fwcmd="/sbin/ipfw" $fwcmd -f flush ################################################# # Allow all for test ################################################# $fwcmd add allow all from any to any $fwcmd add pass GRE from any to an # Divert all packets through the tunnel interface. $fwcmd add divert natd all from any to any via tun0 # Allow all data from my network card and localhost. Make sure you # change your network card (mine was fxp0) before you reboot. :) $fwcmd add allow ip from any to any via lo0 $fwcmd add allow ip from any to any via ed1 #Allow all data from warehouse $fwcmd add allow all from y.y.y.y to any # Allow all connections that I initiate. $fwcmd add allow tcp from any to any out xmit tun0 setup # Once connections are made, allow them to stay open. $fwcmd add allow tcp from any to any via tun0 established # Everyone on the internet is allowed to connect to the following # services on the machine. This example shows that people may connect # to ssh and apache $fwcmd add allow tcp from any to any 25 setup $fwcmd add reset log tcp from any to any 113 in recv tun0 . $fwcmd add allow udp from any to 212.44.130.6 53 out xmit tun0 $fwcmd add allow udp from 212.44.130.6 53 to any in recv tun0 $fwcmd add 65435 allow icmp from any to any $fwcmd add 65435 deny log ip from any to any /etc/ppp/ppp.conf default: set redial 1 0 set filter dial 0 deny udp src eq 53 set filter dial 1 deny udp dst eq 53 set filter dial 2 permit 0/0 0/0 internet: set device /dev/cuaa0 set speed 115200 disable pred1 deny pred1 disable lqr deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 OK set authname name set authkey password set phone 123456 set timeout 600 set openmode active accept chap set ifaddr x.x.x.x 127.2.2.2/0 255.255.255.0 add 0 0 127.2.2.2 /etc/ppp/options debug name x.x.x.x lock require-chap auth proxyarp /etc/ppp/chap-secrets billy x.x.x.x bob * /etc/pptpd.conf speed 115200 options /etc/ppp/options debug From tmesick at uticacorp.com Wed Dec 27 08:31:32 2000 From: tmesick at uticacorp.com (Todd R. Mesick) Date: Wed, 27 Dec 2000 09:31:32 -0500 Subject: [pptp-server] error 619 Message-ID: Hello all, I am trying to get vpn running but all I get when I connect to the thing is error 619: the specified port is not connected. Any ideas?? please e-mail me at tmesick at uticacorp.com Thank you. Todd From msantos at vianetworks.pt Wed Dec 27 10:29:27 2000 From: msantos at vianetworks.pt (Manuel Santos) Date: Wed, 27 Dec 2000 16:29:27 +0000 Subject: [pptp-server] error 619 References: Message-ID: <3A4A18E7.BCC4C93B@vianetworks.pt> "Todd R. Mesick" wrote: > > Hello all, > > I am trying to get vpn running but all I get when I connect to the thing is > error 619: the specified port is not connected. Any ideas?? > > please e-mail me at tmesick at uticacorp.com > Thank you. > Todd > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! -- Manuel Santos Technical Support msantos at vianetworks.pt VIA NET.WORKS Portugal http://www.vianetworks.pt local touch global reach From david at flowinteractive.se Thu Dec 28 03:01:02 2000 From: david at flowinteractive.se (=?iso-8859-1?Q?David_R=F6hr?=) Date: Thu, 28 Dec 2000 10:01:02 +0100 (CET) Subject: [pptp-server] Help IPCHAINS In-Reply-To: <002801c06cae$558717c0$c701a8c0@rct1.bc.wave.home.com> Message-ID: On Fri, 22 Dec 2000, Etienne Lau wrote: > I have PPTP setup. However I do not have a set if IPCHAINS rules for the firewall. > > My setup is as follows: > > eth0: 192.168.1.254 this is the Internal IP > eth1: 24.113.26.44 is the external IP. RTFM? http://www.moretonbay.com/vpn/releases/PoPToP-RedHat-HOWTO.txt "under 6.0" http://www.uni-erlangen.de/docs/RRZE/dezentral/unix/linux/HOWTOS/html/VPN-Masquerade-HOWTO-3.html#ss3.1 /d -- OO david r?hr OO unix systems administrator O http://www.flowinteractive.se tel. +46 8 587 19 100 :: fax. +46 8 587 19 139 From phil at vibrationresearch.com Thu Dec 28 08:26:28 2000 From: phil at vibrationresearch.com (Philip Van Baren) Date: Thu, 28 Dec 2000 09:26:28 -0500 Subject: [pptp-server] Help IPCHAINS In-Reply-To: Message-ID: <000101c070da$2a7e8510$4500a8c0@vibrationresearch.com> > RTFM? > > http://www.moretonbay.com/vpn/releases/PoPToP-RedHat-HOWTO.txt > "under 6.0" That should be http://poptop.lineo.com/releases/PoPToP-RedHat-HOWTO.txt All of the stuff at moretonbay.com is out of date. From djm at wiz.net.au Thu Dec 28 19:16:49 2000 From: djm at wiz.net.au (David Moylan) Date: Fri, 29 Dec 2000 12:16:49 +1100 Subject: [pptp-server] encryption - doesn't work under linux?? but under w2k - please read Message-ID: <006701c07135$058dd340$1464a8c0@dmoylan> greetings, i recently took a bench-tested linux to linux pptp & pptpd into the real world and started discovering a few problems. after pulling traffic over the link, it went dead and i had to restart it. i believe that the "discarding out-of-order" patches _may_ assist in this, but i noticed a couple of very interesting things. please read this entire message to understand the scenario. thanks. first a layout picture - this is a WAN/VPN with linux servers at each location. [ head office Windows NT 4 server ] | (192.168.100.11) | | (192.168.100.10) [ head office - linux server running pptpd (currently 1.0.0) ] | (144.132.xxx.xxx live, 192.168.250.1-99 pppd) | | [ internet ] | | (144.132.xxx.xxx live, 192.168.201.10 pppd) [ remote location - linux server running pptp] | (192.168.101.10) | | (192.168.101.130) [ local LAN client ] i have multiple remote locations with site addresses 192.168.101.x, 102.x, etc. i fixed the problem (temporarily) by disabling encryption at the clients ends. everything works like a charm under load with no problems experienced. now this was the bit that intrigued me: i went home and used a windows 2000 pc to call into the VPN. like a charm it worked - at 128bit encryption. no problems. held the line open and pulled traffic. linux pptp client - encryption fails under load, w2k pptp client - works fine. i wanted to know if this problem had been addressed. i managed to find posts in november with people experiencing the same problem, and also found this posted by philip van baren on september 27th: ---8< cut --- Note that if in addition to your packet order problems you are getting dropped packets and you have encryption enabled, you will still probably see the message: Sep 27 00:03:15 gateway pppd[10544]: rcvd [Compressed data] 10 32 ae 68 c0 8e e1 92 ... in your log file after a packet gets dropped, after which the link seems to lock up. The only way I have been able to solve this problem so far is to disable encryption because pppd doesn't seem to recover from lost packets when encryption is enabled. Has anyone found a way to get pppd to recover nicely from lost packets when using encryption? (I am using this with pptpd-1.1.1 and pppd-2.3.11 and kernel 2.2.17) ---8< cut --- is this still an issue?? does this mean that i can't use PoPToP with encryption because if i ever get lost/dropped packets, pppd will not recover? perhaps this question has been answered, but i haven't found it on the list. the w2k box connected in works great - no issues at all & reports running encrypted. all wan/vpn routing works fine. i can access any machine from any machine on the wan/vpn. logging into the NT server and accessing internet/mail, etc all works fine. (i do have some specific browsing issues, but i'll exclude them from this post because they're not relevant to this discussion). head office pptpd server is running pptpd-1.0.0, pppd-2.3.11 and kernel 2.2.17. i'm now building up a pppd-2.3.11 with kernel 2.2.18 client with all the appropriate patches to see if this fixes the problem. i'll probably have to upgrade the pptpd at head office as well. feedback appreciated, please. cheers, David. From phil at vibrationresearch.com Thu Dec 28 22:39:21 2000 From: phil at vibrationresearch.com (Phil Van Baren) Date: Thu, 28 Dec 2000 23:39:21 -0500 Subject: [pptp-server] encryption - doesn't work under linux?? but under w2k - please read In-Reply-To: <006701c07135$058dd340$1464a8c0@dmoylan> Message-ID: <000001c07151$4fd4a700$56108318@mw.mediaone.net> > is this still an issue?? does this mean that i can't use PoPToP with > encryption > because if i ever get lost/dropped packets, pppd will not recover? perhaps > this > question has been answered, but i haven't found it on the list. That problem is cause by a bug in the ppp_mppe module. A while back somebody posted a fix for this, which is to patch up the ppp_mppe.c file and rebuild that module. This should fix both the linux client and the linux server, if you apply the patch to both ends. The patch is at http://www.vibres.com/pptpd/ppp_mppe_compressed_data_fix.diff You can get more details from the FAQ (http://www.vibres.com/pptpd/pptpd-FAQ.txt) or from http://poptop.lineo.com From djm at wiz.net.au Fri Dec 29 18:29:07 2000 From: djm at wiz.net.au (David Moylan) Date: Sat, 30 Dec 2000 11:29:07 +1100 Subject: [pptp-server] Encryption with pppd 2.3.11 References: <000701bff969$1c5ca860$50a05c0a@scruch> Message-ID: <000e01c071f7$86718020$1464a8c0@dmoylan> From: "Nicolas HORCHOWER" Sent: Sunday, July 30, 2000 1:27 AM Subject: [pptp-server] Encryption with pppd 2.3.11 > Is it planned to add encryption to pppd instead of patching the daemon ? i don't know about this one. > Is there a patch for the version 2.3.11 ? yes - there are patches for ppp-2.3.11. the relevant links and information can be found on this page: http://www.vibrationresearch.com/pptpd/example.html apply both the ppp-2.3.11-openssl-0.9.5-mppe.patch and the ppp_mppe_compressed_data_fix.diff patch. the ppp-2.3.11-openssl-0.9.5-mppe.patch contains the rc4* files. you might recall in earlier patches you had to get these rc4* files from another archive and copy them across manually. no longer :-) other patches worth applying: - segfault when debugging edit ppp-2.3.11/pppd/lcp.c around line 1541 and change the line which reads: LCPDEBUG((LOG_INFO, "lcp_reqci: rcvd CBCP"); to read: LCPDEBUG(("lcp_reqci: rcvd CBCP")); - chap ms bug see the post by Christian Boye at the URL: http://lists2.schulte.org/pipermail/pptp-server/2000-December/004192.html essentially there is a typo in ppp-2.3.11/pppd/chap_ms.c which requires fixing plus a very small modification to compensate for the same error. cheers, Wiz!! From djm at wiz.net.au Fri Dec 29 18:33:00 2000 From: djm at wiz.net.au (David Moylan) Date: Sat, 30 Dec 2000 11:33:00 +1100 Subject: [pptp-server] packet reordering and infinite loop - fixed in 1.1.2? Message-ID: <001801c071f8$1053f660$1464a8c0@dmoylan> greetings, two queries: 1. is it preferred that i should be running a patched pptpd-1.1.1 or a stock pptpd-1.1.2 for production use? ie: does 1.1.2 replace 1.1.1? 2. are the fixes for packet reordering and infinite loop in the pptpd-1.1.1-reorder.diff already incorporated into the 1.1.2 source? i seem to recall reading about this, but now i'm unsure. many thanks in advance, and especially for all the people who have replied to my queries in the past. you special people know who you are :-) cheers, Wiz!! From m8dejong at cistron.nl Fri Dec 29 20:09:27 2000 From: m8dejong at cistron.nl (Michel de Jong) Date: Sat, 30 Dec 2000 03:09:27 +0100 Subject: [pptp-server] Can i create this? Message-ID: <001f01c07205$89eeb7a0$0301a8c0@nl> Hi, I got a question: I like to create this situation. 63.194.25.3 (with poptop) is the linux server with windows computers behind it. 24.193.34.2 is a NT server also with windows computers behind it. I want to connect this to networks toggeter with PoPToP. Can i install one client on te WinNT machine so that all the computers can see each other? Or do i need to install clients on all the machines? Thanx in advance, Michel. The Netherlands. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: pptpex.gif Type: image/gif Size: 3377 bytes Desc: not available URL: From djm at wiz.net.au Fri Dec 29 18:58:03 2000 From: djm at wiz.net.au (David Moylan) Date: Sat, 30 Dec 2000 11:58:03 +1100 Subject: [pptp-server] ppp in kernel - built-in or module? Message-ID: <003d01c071fb$8ff2adf0$1464a8c0@dmoylan> greetings, i've been doing all my pptp work with linux by recompiling ppp as a module, rather than as a built-in component (which is my preference). i noticed in a much earlier revision of pptpd/ppp/kernel that if i didn't build it as a module, i didn't get all the appropriate compression modules - i assumed that they would be built in, but i had problems with ppp_mppe not being included (i assume due to the kernel patch of ppp not being designed for this) can i compile the kernel (2.2.18) with ppp built in? or am i being silly and should be compiling as a module? i'd like some feedback on the reasons. thanks in advance everyone cheers, Wiz!! From phil at vibrationresearch.com Sat Dec 30 08:15:20 2000 From: phil at vibrationresearch.com (Phil Van Baren) Date: Sat, 30 Dec 2000 09:15:20 -0500 Subject: [pptp-server] encryption - doesn't work under linux?? but under w2k - please read In-Reply-To: <003301c071fb$18f2f700$1464a8c0@dmoylan> Message-ID: <000001c0726a$f172b420$56108318@mw.mediaone.net> Right, it is a patch to the kernel module. The example you mention patches the kernel module in the pppd source directory before it is copied into the kernel source tree. If you have already copied the updates into the kernel source tree (i.e. run 'make kernel' in ppp directory) you should apply the patch to the ppp_mppe.c file in /usr/src/linux/... or run 'make kernel' again after applying the patch, and verify that the change gets propagated into the ppp_mppe.c file in the kernel source. > -----Original Message----- > From: David Moylan [mailto:djm at wiz.net.au] > Sent: Friday, December 29, 2000 7:55 PM > To: Phil Van Baren > Subject: Re: [pptp-server] encryption - doesn't work under linux?? but > under w2k - please read > > > hi phil, > > i noticed that you mentioned to someone else in a post that the > ppp_mppe_compressed_data_fix.diff is a _kernel_ patch and > not a _pppd_ patch. the information on the web site confirms this. > > i've been building pppd/kernel from the information on this page: > http://www.vibres.com/pptpd/example.html > > specifically the section: > > ---8< cut here 8<--- > Extract and patch ppp > cd /usr/src > tar xzf ppp-2.3.11.tar.gz > gunzip ppp-2.3.11-openssl-0.9.5-mppe.patch.gz > cd ppp-2.3.11 > patch -p1 < ../ppp-2.3.11-openssl-0.9.5-mppe.patch > cd linux > patch < ../../ppp_mppe_compressed_data_fix.diff > cd .. > ./configure > make kernel > ---8< cut here 8<--- > > this will be ok, correct? when i do the make kernel, > the ppp_mppe.c gets copied across and built? > > can i just confirm as well, the ppp_mppe module is > only used by the kernel. it's not used directly by > pppd? > > cheers, Wiz!! > > ----- Original Message ----- > From: "Phil Van Baren" > To: > Sent: Friday, December 29, 2000 3:39 PM > Subject: RE: [pptp-server] encryption - doesn't work under > linux?? but under > w2k - please read > > > > > is this still an issue?? does this mean that i can't use PoPToP with > > > encryption > > > because if i ever get lost/dropped packets, pppd will not recover? > perhaps > > > this > > > question has been answered, but i haven't found it on the list. > > > > That problem is cause by a bug in the ppp_mppe module. A while back > > somebody posted a fix for this, which is to patch up the ppp_mppe.c file > and > > rebuild that module. This should fix both the linux client and > the linux > > server, if you apply the patch to both ends. > > > > The patch is at > > http://www.vibres.com/pptpd/ppp_mppe_compressed_data_fix.diff > > > > You can get more details from the FAQ > > (http://www.vibres.com/pptpd/pptpd-FAQ.txt) or from > http://poptop.lineo.com > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > List services provided by www.schulteconsulting.com! > > > From jkreger at avidsolutionsinc.com Sat Dec 30 10:51:11 2000 From: jkreger at avidsolutionsinc.com (Justin Kreger) Date: Sat, 30 Dec 2000 11:51:11 -0500 Subject: [pptp-server] Can i create this? Message-ID: <6B8A85826C35D31193BD0090278589C81DEF88@CIC-EXCHANGE> Are you trying to say, you want to know if you can have a network, where the gateway is a NT server (perhaps with proxy server), if that network can access resources through a PPTP tunnel, to the network on the other side? I would be interested in seeing if this would work. I have a network I need to connect to the main office network using some sort of encryption. I was thinking of buying a commercial IPSec product, or going to win2k server on that network, and using an ipsec tunnel. -----Original Message----- From: Michel de Jong [mailto:m8dejong at cistron.nl] Sent: Friday, December 29, 2000 9:09 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Can i create this? Hi, I got a question: I like to create this situation. 63.194.25.3 (with poptop) is the linux server with windows computers behind it. 24.193.34.2 is a NT server also with windows computers behind it. I want to connect this to networks toggeter with PoPToP. Can i install one client on te WinNT machine so that all the computers can see each other? Or do i need to install clients on all the machines? Thanx in advance, Michel. The Netherlands. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 3377 bytes Desc: not available URL: From jvonau at home.com Sat Dec 30 12:33:10 2000 From: jvonau at home.com (Jerry Vonau) Date: Sat, 30 Dec 2000 12:33:10 -0600 Subject: [pptp-server] Can i create this? References: <6B8A85826C35D31193BD0090278589C81DEF88@CIC-EXCHANGE> Message-ID: <3A4E2A65.37264487@home.com> Hi Guys: Justin Kreger wrote: Are you trying to say, you want to know if you can have a network, where the gateway is a NT server (perhaps with proxy server), if that network can access resources through a PPTP tunnel, to the network on the other side? I would be interested in seeing if this would work.I have a network I need to connect to the main office network using some sort of encryption.I was thinking of buying a commercial IPSec product, or going to win2k server on that network, and using an ipsec tunnel. > > > I like to create this situation. 63.194.25.3 (with poptop) is the > linux server with windows computers behind it. 24.193.34.2 is a NT > server also with windows computers behind it. > > I want to connect this to networks toggeter with PoPToP. Can i install > one client on te WinNT machine so that all the computers can see each > other? > > > >> You need routing and remote access installed on the NT box, and > configure the routing for the connection. > >>(I was playing with this from NT server to PPTP-server, I could see > NT to LAN1 but not LAN2 to LAN1 > >> I didn't have the forwarding tick box checked and I couldn't > reboot the server ) > > >> on the PPTP server, I think the route to the other network and the > correct ipchains statements is all that is required > That was a few months ago, I lost interest.... > > > > Or do i need to install clients on all the machines? > >> not sure if NT will forward the PPTP connection. > > Anybody else have any thoughts on this?? Words of wisdom?? > > Jerry Vonau > From djm at wiz.net.au Sat Dec 30 17:47:33 2000 From: djm at wiz.net.au (David Moylan) Date: Sun, 31 Dec 2000 10:47:33 +1100 Subject: [pptp-server] Can i create this? References: <6B8A85826C35D31193BD0090278589C81DEF88@CIC-EXCHANGE> Message-ID: <001001c072ba$e20b2a80$1464a8c0@dmoylan> i guess while this *could* work, my suggestion would be - would it be possible to install a linux box at the 24.198.x.x end (or is that 24.193?) that was you could just have a standard pptp tunnel between the two LAN's. nice and easy. this would be my preference. routing under NT sucks at the best of times and it requires nasty registry hacks or RRAS (which i think _really_ bites. it's never caused me ANYTHING but problems) i think i'd prefer the linux box option. cheers, Wiz!! ----- Original Message ----- From: Justin Kreger To: 'Michel de Jong' ; pptp-server at lists.schulte.org Sent: Sunday, December 31, 2000 3:51 AM Subject: RE: [pptp-server] Can i create this? Are you trying to say, you want to know if you can have a network, where the gateway is a NT server (perhaps with proxy server), if that network can access resources through a PPTP tunnel, to the network on the other side? I would be interested in seeing if this would work. I have a network I need to connect to the main office network using some sort of encryption. I was thinking of buying a commercial IPSec product, or going to win2k server on that network, and using an ipsec tunnel. -----Original Message----- From: Michel de Jong [mailto:m8dejong at cistron.nl] Sent: Friday, December 29, 2000 9:09 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Can i create this? Hi, I got a question: I like to create this situation. 63.194.25.3 (with poptop) is the linux server with windows computers behind it. 24.193.34.2 is a NT server also with windows computers behind it. I want to connect this to networks toggeter with PoPToP. Can i install one client on te WinNT machine so that all the computers can see each other? Or do i need to install clients on all the machines? Thanx in advance, Michel. The Netherlands. -------------- next part -------------- An HTML attachment was scrubbed... URL: From geoff at friendlycity.net Sat Dec 30 18:03:14 2000 From: geoff at friendlycity.net (Geoff Scott) Date: Sat, 30 Dec 2000 19:03:14 -0500 Subject: [pptp-server] PPTP server setup Message-ID: <001701c072bd$1246f740$6501a8c0@blazingfast> I am just learning about virtual private networks. I have found alot of information on how to set up the client in windows 98, but I can't seem to find anything on how to set up the server in windows 98. Can anyone direct me, please? Thanks, Geoff Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: From geoff at friendlycity.net Sat Dec 30 18:49:53 2000 From: geoff at friendlycity.net (Geoff Scott) Date: Sat, 30 Dec 2000 19:49:53 -0500 Subject: [pptp-server] PPTP Mail server setup Message-ID: <003401c072c3$96ad41a0$6501a8c0@blazingfast> I am just learning about virtual private networks. I have found alot of information on how to set up the client in windows 98, but I can't seem to find anything on how to set up the server in windows 98. Can anyone direct me, please? Thanks, Geoff Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: From djm at wiz.net.au Sat Dec 30 18:45:17 2000 From: djm at wiz.net.au (David Moylan) Date: Sun, 31 Dec 2000 11:45:17 +1100 Subject: [pptp-server] PPTP server setup References: <001701c072bd$1246f740$6501a8c0@blazingfast> Message-ID: <004001c072c2$f2950c10$1464a8c0@dmoylan> geoff, as far as i am aware, only NT4 server, NT2K server and Linux (with PoPToP) have the ability to act as PPTP (VPN) servers. the windows 98 VPN capability is designed to connect to one of these platforms. i'm not aware that anyone has ported a PPTP server to the win9x platform, but if anyone *does* know, they'll be on this list. cheers, Wiz!! ----- Original Message ----- From: Geoff Scott To: PPTP Mail List Sent: Sunday, December 31, 2000 11:03 AM Subject: [pptp-server] PPTP server setup I am just learning about virtual private networks. I have found alot of information on how to set up the client in windows 98, but I can't seem to find anything on how to set up the server in windows 98. Can anyone direct me, please? Thanks, Geoff Scott -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmahmodani at lycos.com Sat Dec 30 21:21:55 2000 From: mmahmodani at lycos.com (Mahbod Mahmodani) Date: Sat, 30 Dec 2000 22:21:55 -0500 Subject: [pptp-server] linux instalation Message-ID: I am having problems installing linux onto my computer. I wish to use TurboLinux 6.0 Server edition on the primary partition of hda1 or first harddrive. I have Win98 on the second harddrive and it works fine. I have tried installing the entire batch which is 966MB. Once the machine boots up, it recognizes the hardrive boot sector but LILO doesn't boot up. No error messages or anything. I originally thought it was a hard disk geometry problem so I repartitioned the harddrive to 1GB and elliminated some files that I didn't need. Once I reinstalled I tried booting off the disk but automatically the PC rebooted over and over. I tried both of these options with loading LILO to hda (MBR) and first sector of hda1 (first partition). Nothing seems to work. My harddrive is a IDE drive not SCSI. If anyone knows how to get by this, I'd really appreciate some help. Mahbod --- THE EARTH IS BUT ONE COUNTRY AND MANKIND ITS CITIZENS. -BAHA'U'LLAH- Get FREE Email/Voicemail with 15MB at Lycos Communications at http://comm.lycos.com From djm at wiz.net.au Sat Dec 30 21:42:25 2000 From: djm at wiz.net.au (David Moylan) Date: Sun, 31 Dec 2000 14:42:25 +1100 Subject: [pptp-server] linux instalation References: Message-ID: <015c01c072db$b1608170$1464a8c0@dmoylan> how far do you get into the LILO prompt ... according to how many letters will help you diagnose the fault. i recommend that you either (a) read the LILO howto (b) go to the turbolinux site for support i'm assuming you don't have anything weird like a funny PCI IDE controller for your hard disk or similar. we're all assuming, of course, that this box is going to run PoPToP once you get it up and going, right? linux installation problems really aren't the topic of this list, so it probably would be best to join a "linux installation" list to get your initial problems worked out. cheers, Wiz!! ----- Original Message ----- From: "Mahbod Mahmodani" To: "VPN MailList" Sent: Sunday, December 31, 2000 2:21 PM Subject: [pptp-server] linux instalation > I am having problems installing linux onto my computer. I wish to use TurboLinux 6.0 Server edition on the primary partition of hda1 or first harddrive. I have Win98 on the second harddrive and it works fine. I have tried installing the entire batch which is 966MB. Once the machine boots up, it recognizes the hardrive boot sector but LILO doesn't boot up. No error messages or anything. I originally thought it was a hard disk geometry problem so I repartitioned the harddrive to 1GB and elliminated some files that I didn't need. Once I reinstalled I tried booting off the disk but automatically the PC rebooted over and over. I tried both of these options with loading LILO to hda (MBR) and first sector of hda1 (first partition). Nothing seems to work. My harddrive is a IDE drive not SCSI. > If anyone knows how to get by this, I'd really appreciate some help. > > Mahbod > --- > THE EARTH IS BUT ONE COUNTRY AND MANKIND ITS CITIZENS. -BAHA'U'LLAH- > > > Get FREE Email/Voicemail with 15MB at Lycos Communications at http://comm.lycos.com > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > List services provided by www.schulteconsulting.com! >