[pptp-server] more questions about the win2k "619 error" & "742 error"

robert berzerke at swbell.net
Tue Mar 27 00:03:20 CST 2001 

At least some answers are below:

On Monday 26 March 2001 14:47, angelbracket wrote:
> Hello,
>
>     I have some problems with my windows 2000 client (high encryption
> pack/128bit) to connect on pptpd. I went the archive and I think that my
> probles may lay with the kernel and modules [ I'm new to kernel operations
> etc, there will be "stupid" questions, but if you want to explain some
> questions in this posting, pls :) ]
>
>     Included below is the problem, mysetup, the problems I encoutered and
> tried solutions, my questions and a log from my system.
>
>     I would really appreciate if someone could help me with this problem. I
> feel I'm close in finishing this setup on my box, but there are some gaps
> that need to be cleared up in my working knowledge of linux...
>
>     Sincerely,
>     Stijn H.
>
>
>     This is the problem :
>             - username en password are verified
>             - windows tries to "register the pc to the remote network"
>             - then I get the "619 error = specified port is not connected"
>                         [ note: something odd: when I keep the redial
> option active, I get sometimes the 742 error, or "the remote computer does
> not support the required data encryption type]
>
>     For the setup I used :
>             - the pptpd how to on
> http://home.swbell.net/berzerke/2.4_Kernel_PPTPD-HOWTO.txt - kernel 2.4.2
>             - rh 7.0

Be careful doing kernel compiles with rh7.0!  The default compiler is not 
supported for doing kernel compiles.  I used gcc 2.95.3 just fine.  I believe 
rh included a second gcc just for doing kernel compiles called kgcc.

>             - patches: linux-2.4.0-openssl-0.9.6-mppe.patch.gz,
> ppp-2.4.0-openssl-0.9.6-mppe.patch.gz - ppp-2.4.0.tar.gz
>             - pptpd 1.1.2
>             - local lan, win2k & linux
>             - only one eth card (don't have a second available on this
> moment)
>
>             I followed the manual, and as far as I noted, everything went
> fine. I used the config file on http://home.swbell.net with modified cpu
> etc to compile my patched kernel.
>
>     Solutions I tried:
>             - I got an error on ppp, I applied the solution from the how
> to:
>
>                     mknod /dev/ppp c 108 0
>                     chmod 600 /dev/ppp
>
>                     -> the problem was solved
>
>             - then I tried to connect with the win2k client and got the 619
> error; I found in the mailinglist history the same problem with the same
> log mssg and with the solutions concerning applying ipchains rules for the
> GRE etc:
>
>                     - I tried to apply some iptables lines with the info I
> found on http://home.swbell.net/berzerke for binding those GRE and specific
> ports that pptp needed:
>                          I got : (for any iptable line)
>                          e.g.:
>                                 [root at upuaut log]# /sbin/iptables -P INPUT
> DROP iptables v1.1.1: can't initialize iptables table `filter': iptables
> who? (do you need to insmod?) Perhaps iptables or your kernel needs to be
> upgraded. so I did an insmod on iptables:

This means the modules for iptables aren't loaded.

>                                 [root at upuaut log]# insmod iptables
>                                 insmod: iptables: no module by that name
> found

The ipchains modules and the iptables modules are not compatible.  You *MUST* 
unload the ipchains modules before you can load any of the iptables modules.  
Do a lsmod to see what modules are loaded.  BTW, an updated iptables script 
is on the site.  This script has been tested on a pptpd server, but not a 
masqueraded one or on a client.  (Damn addiction to sleep...)

>
>                          and tried some ipchains rules:
>                          e.g. :[root at upuaut log]# /sbin/ipchains -A input
> -p 47 -j ACCEPT I got:  ipchains: Protocol not available
>
>                                  [ note : I compiled the 2.4.2 kernel with
> "network packet filtering (replaces ipchains)" .., but why does it connect
> &                                                     with the config
> script mentionned in the how to file, but what's the problem if the client
> authenticates but can't bind a port ?]
>
>                                 Questions :
>
>                                 - how do I know that all the modules are
> working ? - why does ipchais does not know that certain protocol ? - how to
> implement GRE with iptables ? what's wrong with it ? - why does my iptable
> mod fail and how can I solve this ? - (ev.) could someone post here me his
> kernel script how to compile everything correct with the 2.4.2 kernel ? -
> (ev.) could someone help me with the iptables rules needed ?
>
>
>
> paste of /var/log/messages
>
> Mar 26 19:56:07 upuaut pppd[905]: pppd 2.4.0 started by root, uid 0
> Mar 26 19:56:07 upuaut pppd[905]: Using interface ppp0
> Mar 26 19:56:07 upuaut pppd[905]: Connect: ppp0 <--> /dev/pts/2
> Mar 26 19:56:09 upuaut pptpd[904]: CTRL: Ignored a SET LINK INFO packet
> with real ACCMs! Mar 26 19:56:09 upuaut modprobe: modprobe: Can't locate
> module ppp-compress-18 Mar 26 19:56:09 upuaut modprobe: modprobe: Can't
> locate module ppp-compress-18

This "can't locate module ppp-compress-18" probably means that you didn't 
update your modules.conf.  This could be causing alot of your problems.

Mar 26 19:56:09 upuaut pppd[905]: MSCHAP-v2
> peer authentication succeeded for test Mar 26 19:56:09 upuaut modprobe:
> modprobe: Can't locate module ppp-compress-18 Mar 26 19:56:09 upuaut
> pppd[905]: found interface eth0 for proxy arp Mar 26 19:56:09 upuaut
> pppd[905]: local  IP address 192.168.0.70
> Mar 26 19:56:09 upuaut pppd[905]: remote IP address 192.168.0.80
> Mar 26 19:56:15 upuaut pptpd[904]: CTRL: Ignored a SET LINK INFO packet
> with real ACCMs! Mar 26 19:56:15 upuaut pppd[905]: LCP terminated by peer
> (=^T,M-}^@<M-Mt^@^@^BM-f) Mar 26 19:56:18 upuaut pppd[905]: Connection
> terminated.
> Mar 26 19:56:18 upuaut pppd[905]: Connect time 0.2 minutes.
> Mar 26 19:56:18 upuaut pppd[905]: Sent 143 bytes, received 1505 bytes.
> Mar 26 19:56:18 upuaut pppd[905]: Exit.
> Mar 26 19:56:18 upuaut pptpd[904]: Error reading from pppd: Input/output
> error Mar 26 19:56:18 upuaut pptpd[904]: CTRL: GRE read or PTY write failed
> (gre,pty)=(5,4) Mar 26 19:56:18 upuaut pptpd[904]: CTRL: Client
> 192.168.0.54 control connection finished Mar 26 19:57:18 upuaut pptpd[928]:
> CTRL: Client 192.168.0.54 control connection started Mar 26 19:57:18 upuaut
> pptpd[928]: CTRL: Starting call (launching pppd, opening GRE) Mar 26
> 19:57:18 upuaut pppd[929]: pppd 2.4.0 started by root, uid 0 Mar 26
> 19:57:18 upuaut pppd[929]: Using interface ppp0
<snip>

More information about the pptp-server mailing list