[pptp-server] NAT?

pptplist at mail.doris.cc pptplist at mail.doris.cc
Tue Mar 27 17:50:06 CST 2001 

The NAT is a Cisco Aironet Access Point.

On Tue, 27 Mar 2001, Marc Charbonneau wrote:

> Your NAT doesn't seem to handle the GRE protocol correctly.
>
> What is you NAT ? if it's a Linux-box, you have to apply a patch to your
> kernel for it to handle-it correctly.
>
> HTH
> ----- Original Message -----
> From: <pptplist at mail.doris.cc>
> To: <pptp-server at lists.schulte.org>
> Sent: Tuesday, March 27, 2001 10:10 AM
> Subject: [pptp-server] NAT?
>
>
> > I am running pptp on a linux box and connecting with a win2000 client over
> > the internet and having problems with NAT.
> >
> > Here is what I have in my options file.
> >
> > lock
> > auth
> > debug
> > proxyarp
> > require-chap
> > +chap
> > +chapms
> > +chapms-v2
> > mppe-40
> > mppe-128
> > mppe-stateless
> > name pptpd
> >
> > When my Windows 2000 Client connects from a static IP address everything
> > works fine.  When my Windows 2000 client tries to connect from a NAT'd
> > connection, I get a error 619, specified port is not connected.
> >
> > Here is what I see in my log files.
> >
> > Mar 27 10:02:01 mail pptpd[4027]: CTRL: Client xxx.xxx.xxx.xxx control
> connection started
> > Mar 27 10:02:01 mail pptpd[4027]: CTRL: Starting call (launching pppd,
> opening GRE)
> > Mar 27 10:02:01 mail kernel: CSLIP: code copyright 1989 Regents of the
> > University of California
> > Mar 27 10:02:01 mail kernel: PPP: version 2.3.7 (demand dialling)
> > Mar 27 10:02:01 mail kernel: PPP line discipline registered.
> > Mar 27 10:02:01 mail kernel: registered device ppp0
> > Mar 27 10:02:01 mail pppd[4028]: pppd 2.3.11 started by root, uid 0
> > Mar 27 10:02:01 mail pppd[4028]: Using interface ppp0
> > Mar 27 10:02:01 mail pppd[4028]: Connect: ppp0 <--> /dev/pts/3
> > Mar 27 10:02:01 mail pptpd[4027]: GRE: Discarding duplicate packet
> > Mar 27 10:02:31 mail pppd[4028]: LCP: timeout sending Config-Requests
> > Mar 27 10:02:31 mail pppd[4028]: Connection terminated.
> > Mar 27 10:02:31 mail pppd[4028]: Exit.
> > Mar 27 10:02:31 mail pptpd[4027]: GRE: read(fd=5,buffer=804d8c0,len=8196)
> > from PTY failed: status = -1 error = Input/output error
> > Mar 27 10:02:31 mail pptpd[4027]: CTRL: PTY read or GRE write failed
> (pty,gre)=(5,6)
> > Mar 27 10:02:31 mail pptpd[4027]: CTRL: Client xxx.xxx.xxx.xxx control
> connection finished
> >
> > I have the following set up in my ipchains table
> >
> > ipchains -A forward -i eth0 -s 192.168.100.0/24 -d 192.168.100.0/24 -j
> MASQ
> > ipchains -A output -s 192.168.100.0/24 -d 192.168.100.0/24 -j ACCEPT
> > ipchains -A input -s 192.168.100.0/24 -d 192.168.100.0/24 -j ACCEPT
> >
> > I have this set up in pptp.conf
> >
> > localip 192.168.100.210-214
> > remoteip 192.168.100.215-218
> >
> >
> > Everything seems to work when the client has a static IP, just not when
> > NAT'd.  Any ideas?  I know I am missing something somewhere.
> >
> > Thanks,
> >
> > Dustin Doris
> >
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>

More information about the pptp-server mailing list