[pptp-server] PPTPD & GRE problems?!

Eirik Robertstad ERobertstad at txc.com
Tue Apr 10 09:33:41 CDT 2001 

Well that's part of the problem, they arn't to quick to respond to 
problems, and when it comes to PPTP, they don't fully suport it from 
what I see.  Most of the VPN is focused on the IPSec option insted, so I 
turned here for some general help.  There doesn't seam to be many docs 
on using PoPToP with the 2.4 kernal that I've found, or using PoPToP on 
a firewall system.  Between that and if it's behind a firewall it looks 
like it can only be used for one client (totaly useless).

Thanks again,
Eirik Robertstad

Pete Starzewski wrote:

> At 09:18 AM 4/10/01 -0400, you wrote:
> 
>> The system PoPToP is running on is a firewall, but I've tried putting 
>> in to allow ALL packets of ANY protocall just for testing.  It's 
>> running a firewall by the name of Astaro (www.astaro.com).
>> 
>> I guess then... what command should I send to IPtables to open up GRE 
>> totaly, insted of trying to do it by ANY protocall?
>> 
>> Thanks,
>> Eirik Robertstad
> 
> 
> Eirik,
> 
> Here is something I found on the astaro web site..
> 
> 
>                           Topic: PPTP
>          elfering
>          Junior Member
>          Member # 308
> 
>          Rate Member
>                           posted 01 March 2001 22:08
> 
>                         Is there a way to setup PPTP support for 
> machines inside the firewall? I don't see anything
>                         regarding the GRE protcol.
> 
>                         Posts: 1 | From: Omaha, Nebraska, USA | 
> Registered: Mar 2001  |  IP: Logged
> 
>          Gert Hansen
>          Astaro Admin
>          Member # 3
> 
>          Rate Member
>                           posted 03 March 2001 06:54
> 
>                         you can enable that protocol using the Protocol 
> Any with some drop rules in front of that.
> 
>                         fyi: you can nat or masquerade only one pptp 
> connection to the same pptp server.
> 
>                         CHeers GErt
> 
> They talk about "drop rules".  I would suggest contacting the vendor to 
> get a truly diffinative answer.  It sounds like you are on the right 
> track with the Protocol set to "Any".  Sorry I can't help you more.  I 
> may even be all wet about it being a problem with the firewall, but that 
> error in the log certainly points to something blocking the GRE packets.
> 
> Pete
> 
>> Pete Starzewski wrote:
>> 
>>> Looks like something is blocking GRE packets.  Do you possibley have 
>>> a firewall in the way?  I have even seen some posts in the archive 
>>> where ISPs were blocking GRE.  You may also want to check your 
>>> ipchains config on the poptop server.
>>> Pete
>>> 
>>> At 12:21 AM 4/10/01 -0400, you wrote:
>>> 
>>>> I just can't seam to get this working.... can anyone out there help 
>>>> me out with this please? Here is what I'm getting in my log file:
>>>> pptpd[25025]: MGR: Launching /sbin/pptpctrl to handle client
>>>> pptpd[2310]: MGR: Reaped child 25025
>>>> modprobe: modprobe: Can't locate module tty-ldisc-3
>>>> pptpd[25025]: CTRL: local address = 192.168.0.234
>>>> pptpd[25025]: CTRL: remote address = 192.168.1.234
>>>> pptpd[25025]: CTRL: Client 172.18.0.253 control connection started
>>>> pptpd[25025]: CTRL: Received PPTP Control Message (type: 1)
>>>> pptpd[25025]: CTRL: Made a START CTRL CONN RPLY packet
>>>> pptpd[25025]: CTRL: I wrote 156 bytes to the client.
>>>> pptpd[25025]: CTRL: Sent packet to client
>>>> pptpd[25025]: CTRL: Received PPTP Control Message (type: 7)
>>>> pptpd[25025]: CTRL: Set parameters to 0 maxbps, 16 window size
>>>> pptpd[25025]: CTRL: Made a OUT CALL RPLY packet
>>>> pptpd[25025]: CTRL: Starting call (launching pppd, opening GRE)
>>>> pptpd[25025]: CTRL: pty_fd = 4
>>>> pptpd[25025]: CTRL: tty_fd = 5
>>>> pptpd[25026]: CTRL (PPPD Launcher): Connection speed = 115200
>>>> pptpd[25026]: CTRL (PPPD Launcher): local address = 192.168.0.234
>>>> pptpd[25026]: CTRL (PPPD Launcher): remote address = 192.168.1.234
>>>> pptpd[25025]: CTRL: I wrote 32 bytes to the client.
>>>> pptpd[25025]: CTRL: Sent packet to client
>>>> pptpd[25025]: GRE: read(fd=4,buffer=809c180,len=8196) from PTY 
>>>> failed: status = -1 error = Input/output error
>>>> pptpd[25025]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
>>>> pptpd[25025]: CTRL: Client 172.18.0.253 control connection finished
>>>> pptpd[25025]: CTRL: Exiting now
>>>> _______________________________________________
>>>> pptp-server maillist  -  pptp-server at lists.schulte.org
>>>> http://lists.schulte.org/mailman/listinfo/pptp-server
>>>> List services provided by www.schulteconsulting.com!
>>> 
>>> 
>>> _______________________________________________
>>> pptp-server maillist  -  pptp-server at lists.schulte.org
>>> http://lists.schulte.org/mailman/listinfo/pptp-server
>>> List services provided by www.schulteconsulting.com!
>>

More information about the pptp-server mailing list