[pptp-server] VPN from Win98SE/Cable modem to pptpd/RH6.1/Internet problem

Nathan Meyers nmeyers at javalinux.net
Mon Feb 7 10:10:27 CST 2000


Samu Mielonen wrote:
> 
> I have a very basic question (?) about pptp daemon setup that I've
> been wrestling with for over a week now.

A bit of additional info would help. While connected through the VPN,
could you capture output from the following 3 commands on the Linux
side:

    /sbin/ifconfig
    /sbin/route -n
    /sbin/arp -a

You don't need to be root to run any of them.

Nathan

> 
> My apologies if this is a FAQ - I have ready through most of the
> list archives, but couldn't find (or couldn't understand) a reply
> to my question.
> 
> My setup is as follows:
> 
> Remote machine: Win98se with cable modem dedicated connection to Internet
>                 It has dynamic IP (actual non-NAT IP) through DHCP
>                 from my cable modem isp. Let's call it r.r.r.r.
> 
> Local machine: RH6.1 box with pptpd 1.0 on a workplace LAN with direct
>                connection to Internet through it's eth0 Interface
>                This box has a dedicated (non-NAT IP) l.l.l.l.
> 
> What I'm trying to achieve is to have my Win98SE connect to the RH6.1
> pptpd via the cable modem connection, establish a tunnel and route
> ALL (at least initially) IP traffic to that tunnel and then route that
> IP traffic into our workplace network and to the global Internet from
> there.
> 
> You might wonder why I want another tunneled IP access, when
> I already have a non-tunneled one through my cable modem, but lets just
> say I have  my reasons :)
> 
> Currently I can establish the connection to my pptpd (via the cable
> modem) from my Win98se box with the Dial-Up Network connection (through
> the VPN adapter). I'm able to log in to the pptp server and establish the
> connection.
> 
> All of my setups have been exactly as guided in the pptp general
> setup and the RH specific setup guide (I'm not using encryption).
> My kernel is compiled and configured to use PPP, but not firewall or
> router specific functions (i.e. in the kernel config).
> 
> The only thing I have set up differently is the:
> 
>         Use default gateway on remote network
> 
> Setting that is now ON, so that my all IP traffic goes to the
> tunnel when the tunnel is established. I have also tried
> manual routing from DOS window with the route command and
> problems are the same.
> 
> When I have established the Win98SE->PPTPD connection I can see
> from the Win98 VPN adapter dialog that packets go into the tunnel
> (bytes sent increases), but nothing comes back (no bytes received).
> 
> I don't know what I'm doing wrong and I'm a TOTAL newbie in
> regards to routing, proxy arp, etc.
> 
> I've read in many places that I should have the remote machine's
> address within the same subnet as the eth0 interface IP my local
> (pptp server) machine has.
> 
> I've tried both of the following settings in /etc/pptpd.conf
> 
> remoteip 192.168.1.234-238  # As described in the pptpd HOWTO
> localip 192.168.0.234-238   # As described in the pptpd HOWTO
> 
> remoteip l.l.l.l+1          # A free IP from my local network
> localip  l.l.l.l            # my RH6.1 box's actual dedicated IP
> 
> Neither set up works.
> 
> Here is part of a log from an example session (using the first of
> the above two remoteip/localip setups).
> 
> This below /var/log/pptpd is actually part of a debug I did
> with a client machine within our workplace LAN network along with
> the pptp server on the same network (thus now cable connection
> in this setup). The log is the same when I try the cable modem
> machine (just one ip changes).
> 
> In the below log, my Win98 box is 128.214.124.181 and the
> server is samu1 (128.214.132.154). These both are the actual
> (non-tunnel) IP addresses of the specific machines.
> 
> Feb  7 15:24:56 localhost pptpd[2829]: CTRL: Client 128.214.124.181
> control connection started
> 
> Feb  7 15:24:56 localhost pptpd[2829]: CTRL: Starting call (launching
> pppd, opening GRE)
> 
> Feb  7 15:24:56 localhost modprobe: can't locate module char-major-108
> 
> Feb  7 15:24:56 localhost pppd[2830]: pppd 2.3.10 started by root, uid 0
> 
> Feb  7 15:24:56 localhost pppd[2830]: Using interface ppp0
> 
> Feb  7 15:24:56 localhost pppd[2830]: Connect: ppp0 <--> /dev/pts/1
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfReq id=0x1 <asyncmap
> 0x0> <auth chap MD5> <magic 0x6091fb6e> <pcomp> <accomp>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfReq id=0x1 <asyncmap
> 0xa0000> <magic 0xd5a5b9> <pcomp> <accomp> <callback CBCP>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfRej id=0x1 <callback
> CBCP>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfAck id=0x1 <asyncmap
> 0x0> <auth chap MD5> <magic 0x6091fb6e> <pcomp> <accomp>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [LCP ConfReq id=0x2 <asyncmap
> 0xa0000> <magic 0xd5a5b9> <pcomp> <accomp>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [LCP ConfAck id=0x2 <asyncmap
> 0xa0000> <magic 0xd5a5b9> <pcomp> <accomp>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CHAP Challenge id=0x1
> <0546ce70f2deb27f6a4683873817d134988d77ae1e0c52e1c78c0b92e3c2a0c3cbdcb6edc7898b17f1>,
> name = "servername"]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CHAP Response id=0x1
> <bacd954f722779103df6007e0b49d645>, name = "samu"]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CHAP Success id=0x1 "Welcome
> to samu1."]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfReq id=0x1 <addr
> 192.168.0.235> <compress VJ 0f 01>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfReq id=0x1 <deflate
> 15> <deflate(old#) 15> <bsd v1 15>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: CHAP peer authentication succeeded
> for samu
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x1 <addr
> 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins
> 0.0.0.0>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfRej id=0x1 <ms-dns1
> 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfReq id=0x1 < 12 06 01
> 00 00 01> < 11 05 00 01 04>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfRej id=0x1 < 12 06 01
> 00 00 01> < 11 05 00 01 04>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfRej id=0x1 <compress
> VJ 0f 01>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfReq id=0x2 <addr
> 192.168.0.235>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfRej id=0x1 <deflate
> 15> <deflate(old#) 15> <bsd v1 15>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfReq id=0x2]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x2 <addr
> 0.0.0.0>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfNak id=0x2 <addr
> 192.168.1.235>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfReq id=0x2]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CCP ConfAck id=0x2]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfAck id=0x2 <addr
> 192.168.0.235>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP ConfAck id=0x2]
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [IPCP ConfReq id=0x3 <addr
> 192.168.1.235>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [IPCP ConfAck id=0x3 <addr
> 192.168.1.235>]
> 
> Feb  7 15:24:56 localhost pppd[2830]: Cannot determine ethernet address
> for proxy ARP
> 
> Feb  7 15:24:56 localhost pppd[2830]: local  IP address 192.168.0.235
> 
> Feb  7 15:24:56 localhost pppd[2830]: remote IP address 192.168.1.235
> 
> Feb  7 15:24:56 localhost pppd[2830]: Script /etc/ppp/ip-up started (pid
> 2832)
> 
> Feb  7 15:24:56 localhost pppd[2830]: rcvd [CCP TermReq id=0x3]
> 
> Feb  7 15:24:56 localhost pppd[2830]: CCP terminated by peer
> 
> Feb  7 15:24:56 localhost pppd[2830]: sent [CCP TermAck id=0x3]
> 
> Feb  7 15:24:56 localhost pppd[2830]: Compression disabled by peer.
> 
> Feb  7 15:24:56 localhost pppd[2830]: Script /etc/ppp/ip-up finished (pid
> 2832), status = 0x0
> 
> Feb  7 15:26:30 localhost pppd[2830]: rcvd [LCP TermReq id=0x3]
> 
> Feb  7 15:26:30 localhost pppd[2830]: LCP terminated by peer
> 
> Feb  7 15:26:30 localhost pppd[2830]: Script /etc/ppp/ip-down started (pid
> 2862)Feb  7 15:26:30 localhost pppd[2830]: sent [LCP TermAck id=0x3]
> 
> Feb  7 15:26:30 localhost pptpd[2829]: CTRL: Error with select(), quitting
> 
> Feb  7 15:26:30 localhost pptpd[2829]: CTRL: Client 128.214.124.181
> control connection finished
> 
> Feb  7 15:26:30 localhost pppd[2830]: Modem hangup
> 
> Feb  7 15:26:30 localhost pppd[2830]: Connection terminated.
> 
> Feb  7 15:26:30 localhost pppd[2830]: Connect time 1.6 minutes.
> 
> Feb  7 15:26:30 localhost pppd[2830]: Sent 378 bytes, received 4251 bytes.
> 
> Feb  7 15:26:30 localhost pppd[2830]: Waiting for 1 child processes...
> 
> Feb  7 15:26:30 localhost pppd[2830]:   script /etc/ppp/ip-down, pid 2862
> 
> Feb  7 15:26:30 localhost pppd[2830]: Script /etc/ppp/ip-down finished
> (pid 2862), status = 0x0
> 
> Feb  7 15:26:30 localhost pppd[2830]: Exit.
> 
> In the local LAN example (above) I'm able to ping all local
> 128.214.x.x addresses successfully once the tunnel is up, but any
> outside network ip address gives me "Request timed out" in DOS ping.
> 
> Likewise, if I use a web browser, I can browse our local LAN
> www-server, but any outside link does not work.
> 
> Can anybody from the above script tell me why I can't get my
> connection up in such a manner that it sends/receives ip-packets
> properly and reroutes them to our workplace LAN and the outside
> Internet via the pptpd tunnel?
> 
> If this indeed is a FAQ, I would appreciate pointers to earliers
> answers or some documents a mere layman could understand. I've
> been trying to educate myself on this matter myself, but it seems
> I've ran out of steam on my own.
> 
> Any help would be appreciated.
> 
> Best regards,
>         Samu Mielonen
> 
> PS Just for the sake of completeness, my ppp/options and pptpd.conf files:
> 
> /etc/ppp/options
> ================
> lock
> debug
> name servername
> auth
> require-chap
> proxyarp
> 
> # Please don't tell me that I don't need to use proxyarp. I have no
> # idea what that means - I don't know what else to use and HOW to use it
> 
> /etc/pptpd.conf
> ===============
> localip 192.168.0.234-238
> remoteip 192.168.1.234-238
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!




More information about the pptp-server mailing list