[pptp-server] Winblows 2000 and PoPToP

[Vanja Hrustic]

Dear All,

I am losing my mind, so I have to ask for help...

I've finally setup PoPToP and wanted to test it.

pptpd is running on Linux box, 2.2.14 kernel, w/ ppp-2.3.11 and mppe
patch (taken from ftp.binarix.com, if I remember the URL correctly).
ppp_mppe module is built ok, and seems to be working just fine.

One Windows 2000 machine on local net was used for test. I've created a
VPN connection, pointed to the IP address (external interface on the
firewall) of the machine where pptpd is running, and it looks just fine
(I can see MPPE 40-bit, MSCHAP V2 and other details in connection
properties on Windows).

Now, it is all nice, but it was done 'internally'.

I've decided to disconnect the Windows box from the net, plug in the
modem, and dial to ISP. I've setup ipchains rule that accepts *any*
traffic coming from the Win2000 box (and also permits any outgoing
traffic to that box too). However, when I try to initiate a VPN
connection, I get:

"Error 651: The modem (or other connecting device) has reported an
error."

I mean, those guys at Micro$oft are really experts when it comes to
providing useful information to users. No, really... Clicking on help
bring up the window with whole story of how maybe I should just reboot
the machine, or buy another modem - OR, maybe I've input the wrong IP
address for remote VPN site - which I, of course, did not.

I can see these entries in /var/log/messages (IP addresses have been
changed - 203.1.1.1 is Win2000 box connected to ISP, 202.1.1.1 is
firewall running pptpd):

Jun  7 01:33:48 x kernel: Packet log: input ACCEPT eth1 PROTO=6
203.1.1.1:1050 202.1.1.1:1723 L=48 S=0x00 I=757 F=0x4000 T=121 SYN (#1) 
Jun  7 01:33:48 x kernel: Packet log: output ACCEPT eth1 PROTO=6
202.1.1.1:1723 203.1.1.1:1050 L=48 S=0x00 I=12019 F=0x4000 T=64 (#1) 
Jun  7 01:33:48 x kernel: Packet log: input ACCEPT eth1 PROTO=6
203.1.1.1:1050 202.1.1.1:1723 L=40 S=0x00 I=758 F=0x4000 T=121 (#1) 
Jun  7 01:33:48 x kernel: Packet log: output ACCEPT eth1 PROTO=6
202.1.1.1:1723 203.1.1.1:1050 L=40 S=0x00 I=12021 F=0x0000 T=64 (#1) 
Jun  7 01:33:48 x kernel: Packet log: input ACCEPT eth1 PROTO=6
203.1.1.1:1050 202.1.1.1:1723 L=196 S=0x00 I=759 F=0x4000 T=121 (#1) 
Jun  7 01:33:48 x kernel: Packet log: output ACCEPT eth1 PROTO=6
202.1.1.1:1723 203.1.1.1:1050 L=40 S=0x00 I=12022 F=0x0000 T=255 (#1) 
Jun  7 01:33:48 x kernel: Packet log: input ACCEPT eth1 PROTO=6
203.1.1.1:1050 202.1.1.1:1723 L=40 S=0x00 I=760 F=0x4000 T=121 (#1) 
Jun  7 01:33:48 x kernel: Packet log: output ACCEPT eth1 PROTO=6
202.1.1.1:1723 203.1.1.1:1050 L=40 S=0x00 I=12023 F=0x0000 T=255 (#1) 

This obviously means that remote Win2000 box did initiate some kind of
connection, but why does it fail? Did anybody have similar experience?

Tcpdump logs can be made available too, if someone needs them.

-- /etc/ppp/options ---------------
debug
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
proxyarp
require-chap
name crash
-----------------------------------

-- /etc/pptpd.conf ----------------
speed 115200
option /etc/ppp/options
debug

localip 192.168.1.250
remoteip 192.168.1.230-249

listen 202.1.1.1
-----------------------------------

PoPToP is version 1.0.0

Nothing gets written in /var/log/pptpd.log or /var/log/messages (except
ipchains ACCEPT messages which I wanted to log).

Also, while I was rebooting that Win2000 machine few times, once I've
managed to get a message saying something like "You need to get a new
certificate, please visit your CA, bla, bla, bla..." after I've
initiated a connection to the PoPToP server. Unfortunatelly, it has
happened only once, all the other errors are only "ERROR 651".

Is there any logfile on Win2000 box where I could find more information
about failure of VPN connections? I've looked for all *.log files on
that box, but nothing contains any logs related to this (or I couldn't
see them).

Any help is more than appreciated.

Regards,

Vanja Hrustic
The Relay Group
http://relaygroup.com
Technology Ahead of Time