[pptp-server] Strange problem ...

Jim Roland jroland at roland.net
Thu Oct 18 01:01:38 CDT 2001 

If you're using MPPE, it has a bug in it that prevents a secondary (single)
connection, or multiple simultaneous connections.

For a single user, you have to unload the ppp_mppe module before the 2nd
connection.  If you're using the kmod loader, then the module will auto-load
itself the next connection.  But for it to work at all, MPPE has to be
unloaded before it's used.

I have been unsuccessful trying to locate the author of ppp_mppe to alert to
this problem.  I've tried contacting the PPTPd author, no reply; Tim Hockin
(noted in the source code) says he hasn't maintained it for over a year and
turned it back to PPTPd authors; the original author in Hungary(? I think,
also seen in the source code) gives no reply as well.  VERY FRUSTRATING
BECAUSE IT'S A GOOD MODULE AND WORKS WELL, JUST IF YOU WORK ON IT A LOT TO
KEEP IT WORKING.

Anyway, I managed to make it work for a single user by creating a script in
/etc/ppp called "ipdown.local" and have the following commands (check your
ipdown script to make sure it calls ipdown.local and be sure to "chmod +x
ipdown.local"):

#!/bin/sh
/sbin/rmmod ppp_mppe

That's all I had to do (2 line script).  But, remember...it still doesn't
work for multiple connections.


AUTHOR:  IF YOU'RE MONITORING THIS LIST, PLEASE CONTACT ME DIRECT.  I have a
need to deploy PPTPd both for my day job and for 2 other people, all needing
multiple connections.

Regards,
Jim Roland, RHCE


----- Original Message -----
From: "Marek Butas" <MarekButas at seznam.cz>
To: "PPTP List" <pptp-server at lists.schulte.org>
Sent: Wednesday, October 17, 2001 8:21 AM
Subject: [pptp-server] Strange problem ...


>
> Hi,
>
> I have one problem. Yesterday one of the home users experienced
> strange behavior. First he got on server and was there for about 30
> minutes. No problems, authentification OK.
> Then he diconnected himself and tried to connect again. And then he
> could not get inside! He tried ti several times, but no luck. In the
> morning I looked in the logs and found that he connected himself for
> those 30 minutes, but also that he could not get in afterwords.
>
> Here is a part of the log. In the FAQ, they say, that this is problem
> on the firewall (iptables), but I checked, it is still the same (no
> reboots, no restarting) and in the logs I can see that pptp packets
> went through it. I'm logging GRE packets, establishing new connection
>
> Oct 16 22:46:15 indus pptpd[13832]: MGR: Launching /usr/sbin/pptpctrl
> to handle client
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: local address = 10.0.1.2
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: remote address = 10.0.1.21
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: Client 10.0.1.1 control
> connection started
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: Received PPTP Control
> Message (type: 1)
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: Made a START CTRL CONN RPLY
> packet
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: I wrote 156 bytes to the
> client.
> Oct 16 22:46:15 indus pptpd[13832]: CTRL: Sent packet to client
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: Received PPTP Control
> Message (type: 7)
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: Set parameters to 1525
> maxbps, 64 window size
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: Made a OUT CALL RPLY packet
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: Starting call (launching
> pppd, opening GRE)
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: pty_fd = 4
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: tty_fd = 5
> Oct 16 22:46:16 indus pptpd[13833]: CTRL (PPPD Launcher): Connection
> speed = 115200
> Oct 16 22:46:16 indus pptpd[13833]: CTRL (PPPD Launcher): local
> address = 10.0.1.2
> Oct 16 22:46:16 indus pptpd[13833]: CTRL (PPPD Launcher): remote
> address = 10.0.1.21
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: I wrote 32 bytes to the
> client.
> Oct 16 22:46:16 indus pptpd[13832]: CTRL: Sent packet to client
> Oct 16 22:46:16 indus pppd[13833]: pppd 2.4.0 started by root, uid 0
> Oct 16 22:46:16 indus pppd[13833]: using channel 5
> Oct 16 22:46:16 indus pppd[13833]: Using interface ppp0
> Oct 16 22:46:16 indus pppd[13833]: Connect: ppp0 <--> /dev/pts/1
> Oct 16 22:46:16 indus pppd[13833]: sent [LCP ConfReq id=0x1 <asyncmap
> 0x0> <auth chap 81> <magic 0x63353e5c> <pcomp> <accomp>]
> Oct 16 22:46:43 indus last message repeated 9 times
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Received PPTP Control
> Message (type: 12)
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Made a CALL DISCONNECT RPLY
> packet
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Received CALL CLR request
> (closing call)
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: I wrote 148 bytes to the
> client.
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Sent packet to client
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Error with select(),
> quitting
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Client 10.0.1.1 control
> connection finished
> Oct 16 22:46:46 indus pptpd[13832]: CTRL: Exiting now
> Oct 16 22:46:46 indus pptpd[692]: MGR: Reaped child 13832
> Oct 16 22:46:46 indus pppd[13833]: Modem hangup
> client.
>
> Regards
> MArek Butas
>
> ______________________________________________________________________
> Nejenom anglicko-cesky slovnik: http://slovnik.seznam.cz
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
>

More information about the pptp-server mailing list