[pptp-server] Error with select(), quitting

Philip Van Baren phil at vibrationresearch.com
Tue Oct 17 18:11:27 CDT 2000 

Kelly,

Win98SE is supposed to have the latest VPN updates included, so there is no
update for it (other than to add 128-bit support).  It may help to
uninstall, reboot, and re-install the VPN and dial-up networking components.
However, I know that just installing the 128-bit update has suddenly made
things work in at least 1 case.  Microsoft still lists the 128-bit update as
"unavailable, check back later."


It is possible that there is another firewall somewhere between you dialup
and your pptpd machine which is blocking the GRE protocol.

One test you can try is to run the command:
   tcpdump -i eth0 -n proto 47 or port 1723
on your pptpd server machine, and then try to establish a VPN connection.
When establishing a connection you should see traffic on both port 1723 and
protocol 47, going in both directions.

When I connect, I get traffic something like this:

[root at gateway ~]# tcpdump -i eth0 -n proto 47 or port 1723
Kernel filter, protocol ALL, datagram packet socket
tcpdump: listening on eth0
18:42:01.371248 < 64.108.y.z.45050 > 209.71.w.x.pptp: S
2145011901:2145011901(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
18:42:01.371597 > 209.71.w.x.pptp > 64.108.y.z.45050: S
4293565151:4293565151(0) ack 2145011902 win 32120 <mss 1460,nop,nop,sackOK>
(DF)
18:42:01.594096 < 64.108.y.z.45050 > 209.71.w.x.pptp: P 1:157(156) ack 1 win
64240 (DF)
18:42:01.594358 > 209.71.w.x.pptp > 64.108.y.z.45050: . 1:1(0) ack 157 win
32120 (DF)
18:42:01.596187 < 64.108.y.z.45050 > 209.71.w.x.pptp: . 1:1(0) ack 1 win
64240 (DF)
18:42:01.596364 > 209.71.w.x.pptp > 64.108.y.z.45050: . 1:1(0) ack 157 win
32120 (DF)
18:42:01.634069 > 209.71.w.x.pptp > 64.108.y.z.45050: P 1:157(156) ack 157
win 32120 (DF)
18:42:01.849658 < 64.108.y.z.45050 > 209.71.w.x.pptp: P 157:325(168) ack 157
win 64084 (DF)
18:42:01.860141 > 209.71.w.x.pptp > 64.108.y.z.45050: . 157:157(0) ack 325
win 32120 (DF)
18:42:01.907318 > 209.71.w.x.pptp > 64.108.y.z.45050: P 157:189(32) ack 325
win 32120 (DF)
18:42:01.922411 > gre-proto-0x880B (gre encap)
18:42:02.138530 < 64.108.y.z.45050 > 209.71.w.x.pptp: P 325:349(24) ack 189
win 64052 (DF)
18:42:02.145355 < gre-proto-0x880B (gre encap)
18:42:02.147218 > [|gre] (gre encap)
18:42:02.148382 > gre-proto-0x880B (gre encap)
18:42:02.150086 > 209.71.w.x.pptp > 64.108.y.z.45050: . 189:189(0) ack 349
win 32120 (DF)
18:42:02.156506 < gre-proto-0x880B (gre encap)
18:42:02.157378 > [|gre] (gre encap)
18:42:02.158388 > gre-proto-0x880B (gre encap)
18:42:02.403927 < gre-proto-0x880B (gre encap)
18:42:02.405025 > [|gre] (gre encap)
18:42:02.406031 > gre-proto-0x880B (gre encap)
18:42:02.417565 < gre-proto-0x880B (gre encap)
18:42:02.418479 > [|gre] (gre encap)
18:42:02.419690 > gre-proto-0x880B (gre encap)
18:42:02.655998 < 64.108.y.z.45050 > 209.71.w.x.pptp: P 349:373(24) ack 189
win 64052 (DF)
18:42:02.659465 < gre-proto-0x880B (gre encap)
18:42:02.668534 < gre-proto-0x880B (gre encap)
18:42:02.670083 > 209.71.w.x.pptp > 64.108.y.z.45050: . 189:189(0) ack 373
win 32120 (DF)
18:42:02.670241 > [|gre] (gre encap)
18:42:02.671568 > gre-proto-0x880B (gre encap)
.....


> -----Original Message-----
> From: pptp-server-admin at lists.schulte.org
> [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Kelly Black
> Sent: Tuesday, October 17, 2000 6:04 PM
> To: pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] Error with select(), quitting
>
>
> Phil,
>
> The only problem is, the box is outside of the firewall, and I
> can SSH into the box.  Ugh... What the heck am I doing?  Thought
> I had it cooking when I could connect via lan to the box, but now
> the dial up wont go.  Is a patch for the Windows DUN stuff (Win98
> 2nd release) in existance?
>
> Kelly
>
> On Tue, Oct 17, 2000 at 05:53:46PM -0400, Philip Van Baren wrote:
> > Kelly,
> >
> > I would say your fingers are pointing at a firewall problem.
> >
> > Make sure protocol 6, port 1723 can get through your firewall in both
> > directions (the fact that the control connection works
> indicates this is ok)
> > and also that protocol 47 can pass your firewall in both directions (the
> > fact that pppd doesn't seem to be getting any traffic indicates
> that this is
> > NOT working).
> >
> > Phil
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>

More information about the pptp-server mailing list