[pptp-server] Weird connection problem

Andrew McRory amacc at iron-bridge.net
Mon Mar 13 08:56:46 CST 2000 

Hello,

I have setup several PoPToP servers and until we tried to put one on a
cable modem have had great success! I have been through the configuration
time and time again but am stuck so I'm asking for help...

We have a server on a cable modem with 2 ethernet cards. eth1 is connected
directly to the cable modem and for illustrative purposes we'll say it's
assigned a static IP of 192.168.3.100. the cable modem is behind two
routers/firewalls and the cable company has assigned an external IP of
192.168.1.100 (forget this is not a valid INternet address - it's just an
example).

192.168.1.100 is translated to the actual cable modem IP 192.168.3.100 so
all connections from the internet make it to the destination. I can SSH
into ther server and can telnet to port 1723 just fine. The problem starts
when we try to initiate a connection from the Windows 98 machine we get an
"error 629 you have been disconnected from the machine you dialed...". My
Windows machine will connect to other PoPToP servers but not this one.

At first GRE was not getting through their firewall. They allowed GRE
through and now my traceroutes get up to the eth1 interface and fail(?)

=========================================================================
traceroute -G some.machine.dom
...
16  some.machine.dom (192.168.1.100)  78.001 ms  78.636 ms  77.562 ms
17  some.machine.dom (192.168.1.100)  94.262 ms  102.853 ms  124.614 ms
18  some.machine.dom (192.168.1.100)  104.934 ms !P  123.807 ms !P 109.413ms !P
=========================================================================

The traceroute man page explains !P is protocol unreachable. Hop 16 is
the cable modem providers internet side firewall. Hop 17 is an internal
router and hop 18 is eth1...

I've run tcpdump on the eth1 but am not real sure what it is saying:

=========================================================================
tcpdump: listening on eth1
09:04:08.768530 me.62367 > 192.168.3.100.1723: S 159332:159332(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)
09:04:08.768636 192.168.3.100.1723 > me.62367: S 2999017208:29990 17208(0) ack 159333 win 32120 <mss 1460,nop,nop,sackOK> (DF)
09:04:08.874649 me.62367 > 192.168.3.100.1723: . ack 1 win 8760 (DF)
09:04:08.875933 me.62367 > 192.168.3.100.1723: P 1:157(156) ack 1 win 8760 (DF)
09:04:08.876054 192.168.3.100.1723 > me.62367: . ack 157 win 3196 4 (DF)
09:04:08.881557 192.168.3.100.1723 > me.62367: R 1:1(0) ack 157 win 32120 (DF)
=========================================================================

I've removed all firewalling on the Linux server double and triple checled
the config files. 

Here is my /etc/pptp.conf file

=========================================================================
# default connection speed
speed 115200
# options for pppd
option /etc/pptpd.options
# Debug or no debug
debug
# This machines IP Address
localip 192.168.100.5
# Assigned IP Addresses
remoteip 192.168.100.211-219
# For IPX Only
ipxnets 00001000-00001FFF
# Listen on the interface
listen 192.168.3.100
# Where to keep the pid file (don't set)
#pidfile /var/run/pptpd.pid
=========================================================================

192.168.100. is the internal network I'm trying to connect to...

here is my /etc/pptp.options

=========================================================================
lock
auth
login
proxyarp
name pptpd
require-pap
require-chap
require-chapms
require-chapms-v2
mppe-40
mppe-128
mppe-stateless
=========================================================================

The cable guys have replaced the original Toshiba modem with a Cisco
modem, just in case. eth1 is an Intel 10/100+ PCI if that matters. I can
connect to other PPTP servers with the Windows 98 machine I'm using so I
can't believe it's the client. This configuration is very similar to
several running and working PoPToP servers.

Any help is greatly appreciated!!


WBR,

Andrew McRory / CTO                                  amacc at iron-bridge.net
Iron Bridge Communications                             www.iron-bridge.net
Caldera OpenLinux Contrib RPMS             ftp.iron-bridge.net/pub/Caldera

More information about the pptp-server mailing list