[pptp-server] linux pptp -> win2000 connection problems
Steve Sarette
steve at sarette.com
Sun Oct 29 17:37:06 CST 2000
I posted a while back that I can connect into my work's Win2000-based
pptp vpn, but that tcp activity has a frustrating way of hanging with no
errors posted to my log files. I still haven't resolved this problem
but I think I might know what is causing it. Can anyone confirm the
following?
From section 7.3.7 (proxy arp problem) in
http://www.vibrationresearch.com/pptpd/pptpd-FAQ.txt :
"For routing to work (i.e. to have the local/remote ip addresses NOT
on the same network as the 'protected' network and interconnect the
VPN network and the 'protected' network using routing tables),
the computers on the protected network need to have the linux box
as a gateway"
So here's the setup I'm dealing with (on RedHat 6.2, ppp 2.3.10 with
ppp-2.3.10-openssl-0.9.5-mppe.patch and
ppp_mppe_compressed_data_fix.diff, and pptp-linux-1.0.2). I connect to
the Win2000 vpn using:
pptp <remote vpn ip address> call work
and /etc/ppp/peers/work contains:
lock
debug
noauth
name <mylogin name>
+chap
+chapms-v2
mppe-40
mppe-128
mppe-stateless
proxyarp
noauth
After successfully authenticating to pptp I see this in /var/log/messages:
local IP address xxx.xx.9.230
remote IP address xxx.xx.10.254
Even tho xxx.xx are the same, these really aren't on the same subnet are
they? Further, most of the remote IPs that I'm trying to connect to are
of the form:
xxx.xx.0.yyy
which is yet a different subnet, yes?
If I'm correct and these are really all different subnets, then proxyarp
can't possibly work in this setup, yes? Please confirm this or tell me
if I'm all wet. :) At the moment, trying to enable proxyarp results in
not being able to ping the remote network at all. And this is after
setting:
echo 1 > sys/net/ipv4/conf/default/proxy_arp
echo 1 > /proc/sys/net/ipv4/ip_forward
and re-establishing the pptp session.
Now, this:
route add -net xxx.xx.0.0 gw xxx.xx.10.254 netmask 255.255.0.0 ppp0
allows me to route my traffic to the remote hosts. I can ping the
remote hosts but most other tcp traffic silently hangs (as I've stated
before). Is this the symptom that I should expect because the
"protected network" does not have "the linux box as a gateway?"
Sorry for the long post, but I'm really scratching my head over this one.
BTW, I'm making a BIG assumption here that people can and have connected
a linux based pptp client to a stock Win2000 pptp vpn. Can someone
please confirm that this will in fact work (because they've done it)?
Thanks in advance for your help. And I'd appreciate any ideas on what I
could try next (short of purchasing a Win2000 box *shudder*).
- Steve
More information about the pptp-server
mailing list