[pptp-server] Failing encrypted PPTPD connections

Michael Kranz Michael.Kranz at suse.de
Fri Jan 5 07:35:31 CST 2001 

Hi,

we're facing serious problems connecting Win2K-clients over encrypted
PPTPD with our Linux boxes. We've seen similar entries in your
mailing-list. As we need a solution quickly and as we probably have to
evaluate possible alternatives, we need an answer to the following
question:

Is it definitely so, that a lost GRE-packet over an _encrypted_ VPN
connection makes the tunnel inoperable? Or do you know of a patch or an
intermediate solution?

Follows the problem description in detail:

(1) The PC is a Win2K box with 128-Bit Patch, the PPTPD server is
running SuSE 7.0, PPPD 2.3.11 and PPTPD 1.1.2.

(2) Configuration (see attached protocol): at 12:07 the direct analog
connection is established between:

PC <--> Cisco

An automatic forwarding establishes the VPN tunnel to our firewall,
which runs the PPTPD:

PC <--> Cisco <--> Firewall <--> Target

The connection has as IPs

172.20.70.3    (PC)
172.20.0.250   (Firewall / Interface to Target)
172.31.254.254 (Firewall / Interface to Cisco-Transfernet)
172.20.0.X     (Target)

(3) The connection is working. At 12:09 the client starts a webinterface
to mailserver (172.20.0.3); during the login process no response comes
back, s. attachment near 12:09:47, where you'll see the out-of-order
packets. From this time on, the tunnel is dead, despite the fact, that
packets continue to be exchanged, until the connection is ended by the
user at 12:32.

Many thanks in advance
Michael
-- 
-- 
---------------------------------------------------------------
SuSE Linux Solutions AG          Mail:    Michael.Kranz at suse.de
Geschaeftsstelle Rhein/Ruhr      Phone:   02241 / 929 17-26
Marie-Curie-Str. 11-17           Fax:     02241 / 314 599
D-53757 St. Augustin        
---------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: messages.1.gz
Type: application/octet-stream
Size: 11558 bytes
Desc: not available
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20010105/f85bc5f3/attachment.obj>

More information about the pptp-server mailing list