[pptp-server] Dial-up problems
Kenneth E. Lussier
klussier at mclinux.com
Tue Jul 11 08:23:34 CDT 2000
This may be a firewall issue. Since you're using ip masq, you may need
to change the default masq timeout (which is 10 minutes, I believe). Try
adding a line like this to your ipchains script:
ipchains -M -S 36000 0 0
This will increase the masq table lifetime to 10 hours
(36000sec=600min=10hr).
FYI,
Kenny
--
Kenny Lussier
Systems Administrator
Mission Critical Linux
***********************************************************
Life is a lesson, you learn it at the end
Reality has become increasingly less accurate
***********************************************************
Phil Verghese wrote:
>
> I've been searching through the archives but haven't found any help for the
> problem I'm having. When I connect to the PPTP server via an ethernet
> Internet connection, I have no problems and the connection will stay up.
> When I connect via dial-up I can't keep a connection for more than about 10
> minutes (usually it's only about 2 minutes). After x minutes, I get no
> response over PPTP, and I get no errors logged on the client or server side.
> Before the PPTP link gets unresponsive, everything works fine: ping, telnet,
> browsing the Network Neighborhood, etc.
>
> Any help or even hints would be greatly appreciated. I saw something in the
> archives about trying smaller MTU sizes, and I've been experimenting with
> that to no avail. Thanks in advance.
>
> Phil
>
> Here's my configuration:
>
> Server
> ------
> Linux 2.2.16
> ppp-2.3.10, with openssl-norc4-mppe and mppe_stateless patches applied
> pptpd-1.0.0-1
> /proc/sys/net/ipv4/ip_forward is 1
>
> Firewall
> --------
> Linux 2.2.16
> ipmasqadm & ipfwd installed to masquerade and route VPN traffic to server
> No rejected packets reported in the logs, so I'm fairly confident there's no
> problems here
>
> Clients
> ------
> Windows 98SE
> Already did the uninstall/reinstall VPN workaround
> Note: I've tried this with multiple clients all configured the same, and
> they all have the same behavior.
>
> /etc/ppp/options
> ----------------
> lock
> debug
> auth
> # Refuse normal CHAP authentication (it's insecure)
> -chap
> # Refuse MS CHAP-v1 authentication (it's insecure)
> -chapms
> proxyarp
> # Require MS CHAP-v2 authentication (it's secure if strong passwords are
> used)
> +chapms-v2
> # Support 40-bit encryption
> mppe-40
> # Support 128-bit encryption
> mppe-128
> mppe-stateless
> # Added these to see if they will help with keeping the dialup PPTP
> connection up
> mru 552
> mtu 1104
>
> /etc/pptpd.conf
> ---------------
> debug
> localip 192.168.1.100-149
> remoteip 192.168.1.150-199
>
> Before I include the logs, let me tell you what I did. On the Windows
> client, I established a dial-up connection through my ISP, then started the
> VPN dial-up adapter. The link came up and from a DOS box, I pinged the
> server (192.168.1.1) 1000 times by running:
> ping -n 1000 192.168.1.1
>
> The client was able to ping the server for about 6 minutes with no problems.
> During this time, the server could also ping the client (192.168.1.150).
> Then all of a sudden I started to get "Request timed out" messages and the
> server could no longer ping the client either.
>
> At that time, I disconnected the VPN dial-up adapter on the client side and
> the client and server shutdown gracefully.
>
> snips from /var/log/messages from a session where the problem happened
> ----------------------------------------------------------------------
> Jul 10 17:48:08 ridgerun-lx pptpd[7824]: CTRL: Client 206.206.37.117 control
> connection started
> Jul 10 17:48:09 ridgerun-lx pptpd[7824]: CTRL: Starting call (launching
> pppd, opening GRE)
> Jul 10 17:48:09 ridgerun-lx pppd[7825]: pppd 2.3.10 started by philv, uid 0
> Jul 10 17:48:09 ridgerun-lx pppd[7825]: Using interface ppp0
> Jul 10 17:48:09 ridgerun-lx pppd[7825]: Connect: ppp0 <--> /dev/pts/1
> Jul 10 17:48:09 ridgerun-lx pppd[7825]: MSCHAP-v2 peer authentication
> succeeded for philv
> Jul 10 17:48:10 ridgerun-lx pppd[7825]: found interface eth0 for proxy arp
> Jul 10 17:48:10 ridgerun-lx pppd[7825]: local IP address 192.168.1.100
> Jul 10 17:48:10 ridgerun-lx pppd[7825]: remote IP address 192.168.1.150
> Jul 10 17:48:10 ridgerun-lx pppd[7825]: MPPE 40 bit, stateless compression
> enabled
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: LCP terminated by peer
> Jul 10 17:54:52 ridgerun-lx pptpd[7824]: CTRL: Error with select(), quitting
> Jul 10 17:54:52 ridgerun-lx pptpd[7824]: CTRL: Client 206.206.37.117 control
> connection finished
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: Modem hangup
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: Connection terminated.
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: Connect time 6.8 minutes.
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: Sent 33651 bytes, received 34992
> bytes.
> Jul 10 17:54:52 ridgerun-lx pppd[7825]: Exit.
>
> ppplog.txt from the Windows client machine
> ------------------------------------------
> 07-10-2000 17:48:08.28 - Microsoft Dial Up Adapter log opened.
> 07-10-2000 17:48:08.28 - Server type is PPP (Point to Point Protocol).
> 07-10-2000 17:48:08.28 - FSA : Adding Control Protocol 80fd (CCP) to control
> protocol chain.
> 07-10-2000 17:48:08.28 - FSA : Protocol not bound - skipping control
> protocol 803f (NBFCP).
> 07-10-2000 17:48:08.28 - FSA : Adding Control Protocol 8021 (IPCP) to
> control protocol chain.
> 07-10-2000 17:48:08.28 - FSA : Protocol not bound - skipping control
> protocol 802b (IPXCP).
> 07-10-2000 17:48:08.28 - FSA : Adding Control Protocol c029 (CallbackCP) to
> control protocol chain.
> 07-10-2000 17:48:08.28 - FSA : Encrypted Password required.
> 07-10-2000 17:48:08.28 - FSA : Encrypted Password required.
> 07-10-2000 17:48:08.28 - FSA : Adding Control Protocol c223 (CHAP) to
> control protocol chain.
> 07-10-2000 17:48:08.28 - FSA : Adding Control Protocol c021 (LCP) to control
> protocol chain.
> 07-10-2000 17:48:08.28 - LCP : Layer started.
> 07-10-2000 17:48:08.28 - PPP : Transmitting Control Packet of length: 16
> 07-10-2000 17:48:08.28 - Data 0000: c0 21 01 01 00 0e 05 06 | .!......
> 07-10-2000 17:48:08.28 - Data 0008: 00 04 bd 18 07 02 08 02 | ...�....
> 07-10-2000 17:48:08.45 - PPP : Received Control Packet of length: 31
> 07-10-2000 17:48:08.45 - Data 0000: c0 21 01 01 00 1d 01 04 | .!...�..
> 07-10-2000 17:48:08.45 - Data 0008: 02 28 02 06 00 00 00 00 | .(......
> 07-10-2000 17:48:08.45 - Data 0010: 03 05 c2 23 81 05 06 74 | ...#...t
> 07-10-2000 17:48:08.45 - Data 0018: d8 14 22 07 02 08 02 00 | ..".....
> 07-10-2000 17:48:08.45 - LCP : Received and accepted MRU of 552.
> 07-10-2000 17:48:08.45 - LCP : Received and accepted ACCM of 0.
> 07-10-2000 17:48:08.45 - LCP : Received and accepted authentication protocol
> c223 (CHAP).
> 07-10-2000 17:48:08.45 - LCP : Received and accepted magic number 74d81422.
> 07-10-2000 17:48:08.45 - LCP : Received and accepted protocol field
> compression option.
> 07-10-2000 17:48:08.45 - LCP : Received and accepted address+control field
> compression option.
> 07-10-2000 17:48:08.45 - PPP : Transmitting Control Packet of length: 31
> 07-10-2000 17:48:08.45 - Data 0000: c0 21 02 01 00 1d 01 04 | .!...�..
> 07-10-2000 17:48:08.45 - Data 0008: 02 28 02 06 00 00 00 00 | .(......
> 07-10-2000 17:48:08.45 - Data 0010: 03 05 c2 23 81 05 06 74 | ...#...t
> 07-10-2000 17:48:08.45 - Data 0018: d8 14 22 07 02 08 02 00 | ..".....
> 07-10-2000 17:48:08.45 - PPP : Received Control Packet of length: 16
> 07-10-2000 17:48:08.45 - Data 0000: c0 21 02 01 00 0e 05 06 | .!......
> 07-10-2000 17:48:08.45 - Data 0008: 00 04 bd 18 07 02 08 02 | ...�....
> 07-10-2000 17:48:08.45 - LCP : Layer up.
> 07-10-2000 17:48:08.45 - CHAP : Layer started.
> 07-10-2000 17:48:08.64 - PPP : Received Control Packet of length: 47
> 07-10-2000 17:48:08.64 - Data 0000: c2 23 01 01 00 2d 10 c8 | .#...-..
> 07-10-2000 17:48:08.64 - Data 0008: e5 22 16 0e 1c 47 37 44 | ."�.�G7D
> 07-10-2000 17:48:08.64 - Data 0010: 6c 66 21 56 ab 9b 35 72 | lf!V..5r
> 07-10-2000 17:48:08.64 - Data 0018: 69 64 67 65 72 75 6e 2d | idgerun-
> 07-10-2000 17:48:08.64 - Data 0020: 6c 78 2e 72 69 64 67 65 | lx.ridge
> 07-10-2000 17:48:08.64 - Data 0028: 72 75 6e 2e 63 78 6d 00 | run.cxm.
> 07-10-2000 17:48:08.64 - PPP : Transmitting Control Packet of length: 61
> 07-10-2000 17:48:08.64 - Data 0000: c2 23 02 01 00 3b 31 c3 | .#...;1.
> 07-10-2000 17:48:08.64 - Data 0008: 52 ed 5c 25 6b aa bb 80 | R.\%k...
> 07-10-2000 17:48:08.64 - Data 0010: 1c 98 39 99 f6 bb e9 00 | �.9.....
> 07-10-2000 17:48:08.64 - Data 0018: 00 00 00 00 00 00 00 a2 | ........
> 07-10-2000 17:48:08.64 - Data 0020: b8 c0 97 d0 2b b5 9c 24 | ....+..$
> 07-10-2000 17:48:08.64 - Data 0028: 4b 52 61 48 61 09 ee fc | KRaHa...
> 07-10-2000 17:48:08.64 - Data 0030: 71 16 36 87 dd a1 11 04 | q�6.....
> 07-10-2000 17:48:08.64 - Data 0038: 70 68 69 6c 76 00 00 00 | philv...
> 07-10-2000 17:48:08.86 - PPP : Received Control Packet of length: 48
> 07-10-2000 17:48:08.86 - Data 0000: c2 23 03 01 00 2e 53 3d | .#....S=
> 07-10-2000 17:48:08.86 - Data 0008: 41 33 44 44 46 45 37 33 | A3DDFE73
> 07-10-2000 17:48:08.86 - Data 0010: 46 43 34 31 39 34 39 41 | FC41949A
> 07-10-2000 17:48:08.86 - Data 0018: 35 38 42 36 31 32 31 31 | 58B61211
> 07-10-2000 17:48:08.86 - Data 0020: 34 33 33 34 44 42 43 32 | 4334DBC2
> 07-10-2000 17:48:08.86 - Data 0028: 46 46 45 35 42 34 36 38 | FFE5B468
> 07-10-2000 17:48:08.86 - CHAP : Login was successful.
> 07-10-2000 17:48:08.86 - CHAP : Layer up.
> 07-10-2000 17:48:08.86 - IPCP : Layer started.
> 07-10-2000 17:48:08.86 - IPCP : IP address is 0.
> 07-10-2000 17:48:08.86 - CCP : Layer started.
> 07-10-2000 17:48:08.86 - PPP : Transmitting Control Packet of length: 36
> 07-10-2000 17:48:08.86 - Data 0000: 80 21 01 01 00 22 03 06 | .!..."..
> 07-10-2000 17:48:08.86 - Data 0008: 00 00 00 00 81 06 00 00 | ........
> 07-10-2000 17:48:08.86 - Data 0010: 00 00 82 06 00 00 00 00 | ........
> 07-10-2000 17:48:08.86 - Data 0018: 83 06 00 00 00 00 84 06 | ........
> 07-10-2000 17:48:08.86 - Data 0020: 00 00 00 00 00 00 00 00 | ........
> 07-10-2000 17:48:08.86 - PPP : Transmitting Control Packet of length: 17
> 07-10-2000 17:48:08.86 - Data 0000: 80 fd 01 01 00 0f 12 06 | ........
> 07-10-2000 17:48:08.86 - Data 0008: 01 00 00 31 11 05 00 01 | ...1....
> 07-10-2000 17:48:08.86 - Data 0010: 04 00 00 00 00 00 00 00 | ........
> 07-10-2000 17:48:08.86 - PPP : Received Control Packet of length: 18
> 07-10-2000 17:48:08.86 - Data 0000: 80 21 01 01 00 10 03 06 | .!......
> 07-10-2000 17:48:08.86 - Data 0008: c0 a8 01 64 02 06 00 2d | ...d...-
> 07-10-2000 17:48:08.86 - Data 0010: 0f 01 00 00 00 00 00 00 | ........
> 07-10-2000 17:48:08.86 - IPCP : Received and accepted IP address of
> c0a80164.
> 07-10-2000 17:48:08.86 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:08.86 - Data 0000: 80 21 04 01 00 0a 02 06 | .!......
> 07-10-2000 17:48:08.86 - Data 0008: 00 2d 0f 01 00 00 00 00 | .-......
> 07-10-2000 17:48:08.87 - PPP : Received Control Packet of length: 23
> 07-10-2000 17:48:08.87 - Data 0000: 80 fd 01 01 00 15 1a 04 | .....��.
> 07-10-2000 17:48:08.87 - Data 0008: 78 00 18 04 78 00 12 06 | x.�.x...
> 07-10-2000 17:48:08.87 - Data 0010: 01 00 00 60 15 03 2f 00 | ...`�./.
> 07-10-2000 17:48:08.87 - PPP : Transmitting Control Packet of length: 17
> 07-10-2000 17:48:08.87 - Data 0000: 80 fd 04 01 00 0f 1a 04 | ......�.
> 07-10-2000 17:48:08.87 - Data 0008: 78 00 18 04 78 00 15 03 | x.�.x.�.
> 07-10-2000 17:48:08.87 - Data 0010: 2f 00 00 00 00 00 00 00 | /.......
> 07-10-2000 17:48:09.03 - PPP : Received Control Packet of length: 30
> 07-10-2000 17:48:09.03 - Data 0000: 80 21 04 01 00 1c 81 06 | .!...�..
> 07-10-2000 17:48:09.03 - Data 0008: 00 00 00 00 82 06 00 00 | ........
> 07-10-2000 17:48:09.03 - Data 0010: 00 00 83 06 00 00 00 00 | ........
> 07-10-2000 17:48:09.03 - Data 0018: 84 06 00 00 00 00 00 00 | ........
> 07-10-2000 17:48:09.03 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.03 - Data 0000: 80 21 01 02 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.03 - Data 0008: 00 00 00 00 00 00 00 00 | ........
> 07-10-2000 17:48:09.04 - PPP : Received Control Packet of length: 11
> 07-10-2000 17:48:09.04 - Data 0000: 80 fd 04 01 00 09 11 05 | ........
> 07-10-2000 17:48:09.04 - Data 0008: 00 01 04 00 00 00 00 00 | ........
> 07-10-2000 17:48:09.04 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.04 - Data 0000: 80 fd 01 02 00 0a 12 06 | ........
> 07-10-2000 17:48:09.04 - Data 0008: 01 00 00 31 00 00 00 00 | ...1....
> 07-10-2000 17:48:09.07 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.07 - Data 0000: 80 21 01 02 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.07 - Data 0008: c0 a8 01 64 00 00 00 00 | ...d....
> 07-10-2000 17:48:09.07 - IPCP : Received and accepted IP address of
> c0a80164.
> 07-10-2000 17:48:09.07 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.07 - Data 0000: 80 21 02 02 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.07 - Data 0008: c0 a8 01 64 00 00 00 00 | ...d....
> 07-10-2000 17:48:09.07 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.07 - Data 0000: 80 fd 01 02 00 0a 12 06 | ........
> 07-10-2000 17:48:09.07 - Data 0008: 01 00 00 60 00 00 00 00 | ...`....
> 07-10-2000 17:48:09.07 - CCP : NAK unrecognized compression value 40.
> 07-10-2000 17:48:09.07 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.07 - Data 0000: 80 fd 03 02 00 0a 12 06 | ........
> 07-10-2000 17:48:09.07 - Data 0008: 01 00 00 20 00 00 00 00 | ... ....
> 07-10-2000 17:48:09.21 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.21 - Data 0000: 80 21 03 02 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.21 - Data 0008: c0 a8 01 96 00 00 00 00 | ........
> 07-10-2000 17:48:09.21 - IPCP : Changing IP address from 0 to c0a80196.
> 07-10-2000 17:48:09.21 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.21 - Data 0000: 80 21 01 03 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.21 - Data 0008: c0 a8 01 96 00 00 00 00 | ........
> 07-10-2000 17:48:09.22 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.22 - Data 0000: 80 fd 03 02 00 0a 12 06 | ........
> 07-10-2000 17:48:09.22 - Data 0008: 01 00 00 60 00 00 00 00 | ...`....
> 07-10-2000 17:48:09.22 - CCP : NAK unrecognized compression value 40.
> 07-10-2000 17:48:09.22 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.22 - Data 0000: 80 fd 01 03 00 0a 12 06 | ........
> 07-10-2000 17:48:09.22 - Data 0008: 01 00 00 20 00 00 00 00 | ... ....
> 07-10-2000 17:48:09.30 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.30 - Data 0000: 80 fd 01 03 00 0a 12 06 | ........
> 07-10-2000 17:48:09.30 - Data 0008: 01 00 00 20 00 00 00 00 | ... ....
> 07-10-2000 17:48:09.30 - CCP : Received and accepted compression value
> 1000020.
> 07-10-2000 17:48:09.30 - PPP : Transmitting Control Packet of length: 12
> 07-10-2000 17:48:09.30 - Data 0000: 80 fd 02 03 00 0a 12 06 | ........
> 07-10-2000 17:48:09.30 - Data 0008: 01 00 00 20 00 00 00 00 | ... ....
> 07-10-2000 17:48:09.37 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.37 - Data 0000: 80 21 02 03 00 0a 03 06 | .!......
> 07-10-2000 17:48:09.37 - Data 0008: c0 a8 01 96 00 00 00 00 | ........
> 07-10-2000 17:48:09.37 - IPCP : Layer up.
> 07-10-2000 17:48:09.39 - PPP : Received Control Packet of length: 12
> 07-10-2000 17:48:09.39 - Data 0000: 80 fd 02 03 00 0a 12 06 | ........
> 07-10-2000 17:48:09.39 - Data 0008: 01 00 00 20 00 00 00 00 | ... ....
> 07-10-2000 17:48:09.39 - CCP : Layer up.
> 07-10-2000 17:48:09.39 - FSA : Last control protocol is up.
> 07-10-2000 17:54:51.53 - Remote access driver is shutting down.
> 07-10-2000 17:54:51.53 - CRC Errors 0
> 07-10-2000 17:54:51.53 - Timeout Errors 0
> 07-10-2000 17:54:51.53 - Alignment Errors 0
> 07-10-2000 17:54:51.53 - Overrun Errors 0
> 07-10-2000 17:54:51.53 - Framing Errors 0
> 07-10-2000 17:54:51.53 - Buffer Overrun Errors 0
> 07-10-2000 17:54:51.53 - Incomplete Packets 0
> 07-10-2000 17:54:51.53 - Bytes Received 28438
> 07-10-2000 17:54:51.53 - Bytes Transmittted 29327
> 07-10-2000 17:54:51.53 - Frames Received 409
> 07-10-2000 17:54:51.53 - Frames Transmitted 441
> 07-10-2000 17:54:51.53 - LCP : Layer down.
> 07-10-2000 17:54:51.53 - CHAP : Layer down.
> 07-10-2000 17:54:51.53 - IPCP : Layer down.
> 07-10-2000 17:54:51.53 - CCP : Layer down.
> 07-10-2000 17:54:51.53 - PPP : Transmitting Control Packet of length: 6
> 07-10-2000 17:54:51.53 - Data 0000: c0 21 05 02 00 04 00 00 | .!......
> 07-10-2000 17:54:51.70 - PPP : Received Control Packet of length: 6
> 07-10-2000 17:54:51.70 - Data 0000: c0 21 06 02 00 04 00 00 | .!......
> 07-10-2000 17:54:51.70 - LCP : Received terminate acknowledgement.
> 07-10-2000 17:54:51.70 - LCP : Layer finished.
> 07-10-2000 17:54:51.70 - Microsoft Dial Up Adapter log closed.
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
More information about the pptp-server
mailing list