[pptp-server] remote win9x clients fail, clients on the LAN connect...

Chris Mitchell cmitchel at bigpond.net.au
Mon Aug 27 09:57:47 CDT 2001 

thats what i was thinking, however i have:

#Allow pptpd connections (port 1723)
/sbin/iptables -t nat -A PREROUTING -i $EXTINT -p TCP \
        --sport $PUBLICPORTS --dport 1723 -j ACCEPT
/sbin/iptables -t nat -A OUTPUT -o $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A OUTPUT -o $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A INPUT  -i $EXTINT -p 47 -j ACCEPT
/sbin/iptables -A INPUT  -i ppp+ \
        -s $LOCALNETWORK -d $LOCALNETWORK -j ACCEPT
/sbin/iptables -A OUTPUT -o ppp+ \
        -s $LOCALNETWORK -d $LOCALNETWORK -j ACCEPT
echo "PPTPD allowed"

in the firewall......am thinking this should be taking care of that...


  ----- Original Message ----- 
  From: Americo Kerr Azevedo 
  To: Chris Mitchell 
  Sent: Monday, August 27, 2001 11:21 PM
  Subject: RES: [pptp-server] remote win9x clients fail, clients on the LAN connect...


  Seems that your firewall (or firewall rules on the Linux box, if this is the dialup server) is blocking GRE (IP protocol 47) packets. You must allow GRE packet and route TCP port 1723 to the internal VPN server.
    -----Mensagem original-----
    De: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]Em nome de Chris Mitchell
    Enviada em: segunda-feira, 27 de agosto de 2001 11:30
    Para: pptp-server at lists.schulte.org
    Assunto: [pptp-server] remote win9x clients fail, clients on the LAN connect...



    Hi, 

    Have just setup poptop on a server. Machines on the LAN seem to connect and function correctly (one win2k machine, one win98se machine), however, when a remote client (win98se) tries to connect, it fails with an error I can't seem to find anywhere in this mailing list, or anywhere else, below is the output of the log...

    This is what happens when trying to connect from a remote dialup...

    Aug 27 21:49:20 vengabus pptpd[5579]: CTRL: Client 203.220.xx.xx control connection started
    Aug 27 21:49:20 vengabus pptpd[5579]: CTRL: Starting call (launching pppd, opening GRE)
    Aug 27 21:49:20 vengabus pppd[5580]: pppd 2.4.1 started by root, uid 0
    Aug 27 21:49:20 vengabus pppd[5580]: Using interface ppp1
    Aug 27 21:49:20 vengabus pppd[5580]: Connect: ppp1 <--> /dev/pts/2
    Aug 27 21:49:20 vengabus pptpd[5579]: Buffering out-of-order packet; got 1 after 4294967295
    Aug 27 21:49:21 vengabus pptpd[5579]: Packet reorder timeout waiting for 0
    Aug 27 21:49:21 vengabus pptpd[5579]: Buffering out-of-order packet; got 2 after 0
    Aug 27 21:49:21 vengabus pppd[5580]: MSCHAP-v2 peer authentication succeeded for jam
    Aug 27 21:49:21 vengabus pppd[5580]: found interface eth0 for proxy arp
    Aug 27 21:49:21 vengabus pppd[5580]: local  IP address 192.168.0.100
    Aug 27 21:49:21 vengabus pppd[5580]: remote IP address 192.168.0.102
    Aug 27 21:49:21 vengabus pppd[5580]: MPPE 40 bit, stateless compression enabled
    Aug 27 21:49:31 vengabus pptpd[5579]: Error writing GRE packet: Operation not permitted
    Aug 27 21:49:31 vengabus pptpd[5579]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
    Aug 27 21:49:31 vengabus pptpd[5579]: CTRL: Client 203.220.xx.xx control connection finished
    Aug 27 21:49:31 vengabus pppd[5580]: Modem hangup
    Aug 27 21:49:31 vengabus pppd[5580]: Connection terminated.
    Aug 27 21:49:31 vengabus pppd[5580]: Connect time 0.2 minutes.
    Aug 27 21:49:31 vengabus pppd[5580]: Sent 136 bytes, received 192 bytes.
    Aug 27 21:49:31 vengabus pppd[5580]: Exit.
    Aug 27 22:00:00 vengabus kernel: PPP MPPE compression module unregistered

    This is what occurs when connecting over the LAN...

    Aug 27 21:45:26 vengabus pptpd[5221]: CTRL: Client 192.168.0.3 control connection started
    Aug 27 21:45:26 vengabus pptpd[5221]: CTRL: Starting call (launching pppd, opening GRE)
    Aug 27 21:45:26 vengabus pppd[5222]: pppd 2.4.1 started by root, uid 0
    Aug 27 21:45:26 vengabus pppd[5222]: Using interface ppp1
    Aug 27 21:45:26 vengabus pppd[5222]: Connect: ppp1 <--> /dev/pts/2
    Aug 27 21:45:26 vengabus pptpd[5221]: Buffering out-of-order packet; got 1 after 4294967295
    Aug 27 21:45:26 vengabus pptpd[5221]: Packet reorder timeout waiting for 0
    Aug 27 21:45:26 vengabus pptpd[5221]: Buffering out-of-order packet; got 2 after 0
    Aug 27 21:45:26 vengabus pppd[5222]: MSCHAP-v2 peer authentication succeeded for jam
    Aug 27 21:45:26 vengabus pppd[5222]: found interface eth0 for proxy arp
    Aug 27 21:45:26 vengabus pppd[5222]: local  IP address 192.168.0.100
    Aug 27 21:45:26 vengabus pppd[5222]: remote IP address 192.168.0.102
    Aug 27 21:45:26 vengabus pppd[5222]: MPPE 40 bit, stateless compression enabled
    Aug 27 21:47:22 vengabus pppd[5222]: LCP terminated by peer
    Aug 27 21:47:22 vengabus pppd[5222]: Modem hangup
    Aug 27 21:47:22 vengabus pppd[5222]: Connection terminated.
    Aug 27 21:47:22 vengabus pppd[5222]: Connect time 2.0 minutes.
    Aug 27 21:47:22 vengabus pppd[5222]: Sent 556 bytes, received 640 bytes.
    Aug 27 21:47:23 vengabus pppd[5222]: Exit.

    any ideas?

    cheers,
     
    Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20010828/f1c5c50a/attachment.html>

More information about the pptp-server mailing list