[pptp-server] VPN from Win98SE/Cable modem to pptpd/RH6.1/Internet problem

Samu Mielonen samu at uta.fi
Mon Feb 7 09:41:43 CST 2000 

I have a very basic question (?) about pptp daemon setup that I've
been wrestling with for over a week now.

My apologies if this is a FAQ - I have ready through most of the
list archives, but couldn't find (or couldn't understand) a reply
to my question.

My setup is as follows:

Remote machine: Win98se with cable modem dedicated connection to Internet
		It has dynamic IP (actual non-NAT IP) through DHCP
                from my cable modem isp. Let's call it r.r.r.r.

Local machine: RH6.1 box with pptpd 1.0 on a workplace LAN with direct
               connection to Internet through it's eth0 Interface
	       This box has a dedicated (non-NAT IP) l.l.l.l.

What I'm trying to achieve is to have my Win98SE connect to the RH6.1
pptpd via the cable modem connection, establish a tunnel and route
ALL (at least initially) IP traffic to that tunnel and then route that
IP traffic into our workplace network and to the global Internet from
there. 

You might wonder why I want another tunneled IP access, when
I already have a non-tunneled one through my cable modem, but lets just
say I have  my reasons :)

Currently I can establish the connection to my pptpd (via the cable
modem) from my Win98se box with the Dial-Up Network connection (through
the VPN adapter). I'm able to log in to the pptp server and establish the
connection.

All of my setups have been exactly as guided in the pptp general
setup and the RH specific setup guide (I'm not using encryption).
My kernel is compiled and configured to use PPP, but not firewall or
router specific functions (i.e. in the kernel config).

The only thing I have set up differently is the:

	Use default gateway on remote network

Setting that is now ON, so that my all IP traffic goes to the
tunnel when the tunnel is established. I have also tried
manual routing from DOS window with the route command and
problems are the same.

When I have established the Win98SE->PPTPD connection I can see
from the Win98 VPN adapter dialog that packets go into the tunnel
(bytes sent increases), but nothing comes back (no bytes received).

I don't know what I'm doing wrong and I'm a TOTAL newbie in
regards to routing, proxy arp, etc. 

I've read in many places that I should have the remote machine's
address within the same subnet as the eth0 interface IP my local
(pptp server) machine has. 

I've tried both of the following settings in /etc/pptpd.conf

remoteip 192.168.1.234-238  # As described in the pptpd HOWTO
localip 192.168.0.234-238   # As described in the pptpd HOWTO

remoteip l.l.l.l+1          # A free IP from my local network
localip  l.l.l.l            # my RH6.1 box's actual dedicated IP

Neither set up works.

Here is part of a log from an example session (using the first of
the above two remoteip/localip setups).

This below /var/log/pptpd is actually part of a debug I did
with a client machine within our workplace LAN network along with
the pptp server on the same network (thus now cable connection
in this setup). The log is the same when I try the cable modem
machine (just one ip changes).

In the below log, my Win98 box is 128.214.124.181 and the
server is samu1 (128.214.132.154). These both are the actual
(non-tunnel) IP addresses of the specific machines.

Feb  7 15:24:56 localhost pptpd[2829]: CTRL: Client 128.214.124.181 
control connection started

Feb  7 15:24:56 localhost pptpd[2829]: CTRL: Starting call (launching 
pppd, opening GRE)

Feb  7 15:24:56 localhost modprobe: can't locate module char-major-108

Feb  7 15:24:56 localhost pppd[2830]: pppd 2.3.10 started by root, uid 0

Feb  7 15:24:56 localhost pppd[2830]: Using interface ppp0

Feb  7 15:24:56 localhost pppd[2830]: Connect: ppp0 <--> /dev/pts/1

Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <auth chap MD5> <magic 0x6091fb6e> <pcomp> <accomp>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfReq id=0x1 <asyncmap
0xa0000> <magic 0xd5a5b9> <pcomp> <accomp> <callback CBCP>]

Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfRej id=0x1 <callback
CBCP>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfAck id=0x1 <asyncmap
0x0> <auth chap MD5> <magic 0x6091fb6e> <pcomp> <accomp>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfReq id=0x2 <asyncmap
0xa0000> <magic 0xd5a5b9> <pcomp> <accomp>]

Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfAck id=0x2 <asyncmap
0xa0000> <magic 0xd5a5b9> <pcomp> <accomp>]

Feb  7 15:24:56 localhost pppd[2830]: sent [CHAP Challenge id=0x1
<0546ce70f2deb27f6a4683873817d134988d77ae1e0c52e1c78c0b92e3c2a0c3cbdcb6edc7898b17f1>,
name = "servername"]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CHAP Response id=0x1
<bacd954f722779103df6007e0b49d645>, name = "samu"]

Feb  7 15:24:56 localhost pppd[2830]: sent [CHAP Success id=0x1 "Welcome
to samu1."]

Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfReq id=0x1 <addr
192.168.0.235> <compress VJ 0f 01>]

Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfReq id=0x1 <deflate
15> <deflate(old#) 15> <bsd v1 15>]

Feb  7 15:24:56 localhost pppd[2830]: CHAP peer authentication succeeded
for samu

Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x1 <addr
0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins
0.0.0.0>]

Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfRej id=0x1 <ms-dns1
0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfReq id=0x1 < 12 06 01
00 00 01> < 11 05 00 01 04>]

Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfRej id=0x1 < 12 06 01
00 00 01> < 11 05 00 01 04>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfRej id=0x1 <compress
VJ 0f 01>]

Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfReq id=0x2 <addr
192.168.0.235>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfRej id=0x1 <deflate
15> <deflate(old#) 15> <bsd v1 15>]

Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfReq id=0x2]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x2 <addr
0.0.0.0>]

Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfNak id=0x2 <addr
192.168.1.235>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfReq id=0x2]

Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfAck id=0x2]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfAck id=0x2 <addr
192.168.0.235>]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfAck id=0x2]

Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x3 <addr
192.168.1.235>]

Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfAck id=0x3 <addr
192.168.1.235>]

Feb  7 15:24:56 localhost pppd[2830]: Cannot determine ethernet address
for proxy ARP

Feb  7 15:24:56 localhost pppd[2830]: local  IP address 192.168.0.235

Feb  7 15:24:56 localhost pppd[2830]: remote IP address 192.168.1.235

Feb  7 15:24:56 localhost pppd[2830]: Script /etc/ppp/ip-up started (pid
2832)

Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP TermReq id=0x3]

Feb  7 15:24:56 localhost pppd[2830]: CCP terminated by peer

Feb  7 15:24:56 localhost pppd[2830]: sent [CCP TermAck id=0x3]

Feb  7 15:24:56 localhost pppd[2830]: Compression disabled by peer.

Feb  7 15:24:56 localhost pppd[2830]: Script /etc/ppp/ip-up finished (pid
2832), status = 0x0

Feb  7 15:26:30 localhost pppd[2830]: rcvd [LCP TermReq id=0x3]

Feb  7 15:26:30 localhost pppd[2830]: LCP terminated by peer

Feb  7 15:26:30 localhost pppd[2830]: Script /etc/ppp/ip-down started (pid
2862)Feb  7 15:26:30 localhost pppd[2830]: sent [LCP TermAck id=0x3]

Feb  7 15:26:30 localhost pptpd[2829]: CTRL: Error with select(), quitting

Feb  7 15:26:30 localhost pptpd[2829]: CTRL: Client 128.214.124.181
control connection finished

Feb  7 15:26:30 localhost pppd[2830]: Modem hangup

Feb  7 15:26:30 localhost pppd[2830]: Connection terminated.

Feb  7 15:26:30 localhost pppd[2830]: Connect time 1.6 minutes.

Feb  7 15:26:30 localhost pppd[2830]: Sent 378 bytes, received 4251 bytes.

Feb  7 15:26:30 localhost pppd[2830]: Waiting for 1 child processes...

Feb  7 15:26:30 localhost pppd[2830]:   script /etc/ppp/ip-down, pid 2862

Feb  7 15:26:30 localhost pppd[2830]: Script /etc/ppp/ip-down finished
(pid 2862), status = 0x0

Feb  7 15:26:30 localhost pppd[2830]: Exit.

In the local LAN example (above) I'm able to ping all local
128.214.x.x addresses successfully once the tunnel is up, but any 
outside network ip address gives me "Request timed out" in DOS ping.

Likewise, if I use a web browser, I can browse our local LAN
www-server, but any outside link does not work.

Can anybody from the above script tell me why I can't get my
connection up in such a manner that it sends/receives ip-packets
properly and reroutes them to our workplace LAN and the outside
Internet via the pptpd tunnel?

If this indeed is a FAQ, I would appreciate pointers to earliers
answers or some documents a mere layman could understand. I've
been trying to educate myself on this matter myself, but it seems
I've ran out of steam on my own.

Any help would be appreciated.

Best regards,
	Samu Mielonen

PS Just for the sake of completeness, my ppp/options and pptpd.conf files:

/etc/ppp/options
================
lock
debug
name servername
auth
require-chap
proxyarp 

# Please don't tell me that I don't need to use proxyarp. I have no
# idea what that means - I don't know what else to use and HOW to use it 

/etc/pptpd.conf
===============
localip 192.168.0.234-238
remoteip 192.168.1.234-238

More information about the pptp-server mailing list