[pptp-server] MPPE issue--packets stop flowing with 2nd client or re-establishing PPP

Jim Roland jroland at roland.net
Tue Sep 25 11:04:53 CDT 2001 

No I'm not.  The box is receiving these in and not Masquerading.  All works
if I don't use the MPPE module.  Multiple clients work just fine without the
MPPE module.

----- Original Message -----
From: "Josh Howlett" <Josh.Howlett at bristol.ac.uk>
To: "Jim Roland" <jroland at roland.net>
Cc: "Linux PPTP" <pptp-server at lists.schulte.org>
Sent: Tuesday, September 25, 2001 2:21 AM
Subject: Re: [pptp-server] MPPE issue--packets stop flowing with 2nd client
or re-establishing PPP


> Are you trying to have multiple clients over a masq'd connection?  If
> so, it won't work.
>
> josh.
>
> On Tue, 25 Sep 2001, Jim Roland wrote:
>
> >
> > Perhaps you have seen this without me having to spam up email with
sending 2
> > samples of debug and messages logs.  No errors come up except discussion
> > about pptpd buffering and reordering packets.  This was normal at
working
> > and non-working moments.
> >
> > I am running the following:
> > RedHat 7.1
> > kernel 2.4.2-2
> > ppp-2.4.0 (via source code)
> > pptpd-1.0.1 (upgraded to 1.1.2 to eliminate "GRE: Discarded out of order
> > packet" errors)
> > linux-2.4.0-openssl-0.9.6-mppe.patch.gz (patches to kernel)
> > ppp-2.4.0-openssl-0.9.6-mppe.patch.gz (patches to pppd)
> > [Linux PPTP server]
> > [Windows 2000 client]
> >
> >
> > I am having 2 strange problems:
> > 1) Single client only:  All works fine if ppp_mppe module is NOT already
> > loaded into memory when I establish a VPN connection.
> >     * I leave a window pinging an IP on the inside of the VPN and watch
the
> > /var/log/messages log on the VPN box for errors.
> >     * If I disconnect the VPN connection, re-establish a few seconds or
> > minutes later (before a cronjob for rmmod runs removing ppp_mppe),
packets
> > stop pinging the instant the "MPPE 128 bit, stateless compression
enabled"
> > message comes up on.
> >     * Packets do flow ping during the time between IP address assignment
and
> > the "MPPE 128-bit..." entry in the log.  As soon as the MPPE message
comes
> > up, packets stop flowing (no ping, no communication at all).
> >     Workaround:  If I put in a line such as "/sbin/rmmod -ar ppp_mppe"
in
> > the /etc/ppp/ip-down script, all works fine for a SINGLE CLIENT only...
> >         This workaround unregisters the MPPE module when PPPd exits.
When I
> > reestablish a connection again, the module is reloaded into memory and
all
> > works like it should.
> >
> > 2) Multiple clients:  I am presently unable to make a 2nd client work
with
> > the above programs and patches (packet flow confirmed by infinite
pinging
> > window to an IP on the inside of the VPN).
> >     * I connect client #1.  MPPE registers, a few notes in the messages
log
> > about PPTPd buffering out of order packets, and all flows fine.
> >     * I connect client #2.  Packets flow as soon as the IP address is
> > assigned, but immediately stop after "MPPE  128-bit" message comes up.
> >     * Even though client #2 stops communicating, client #1 keeps running
> > fine.
> >
> >
> > ** Other issue:  For whatever reason, the MPPE-40 option ("mppe-40") in
> > /etc/ppp/options, if the 40-bit is enabled, no packets flow at all
anywhere.
> > As soon as I only allow mppe-128 and mppe-stateless to work (only those
two
> > enabled), packets work as noted above.
> >
> > ** I have already tried running pptpd with a single local IP and
multiple
> > local IPs in /etc/pptpd.conf (remote IPs are always multiple) and there
is
> > no change.
> >
> > ** I downloaded the generic ppp_mppe_compressed_data_fix.diff and tried
to
> > apply to the ppp_mppe.c file (in ppp-2.4.0 and it's patches noted above,
the
> > .c file is located in /usr/src/linux-2.4.2/drivers/net/ppp_mppe.c)...The
> > patch will not apply at all (hunks not found).
> >
> >
> > Please help!!  I have got to make this work for multiple simultaneous
> > clients.
> >
> > Regards,
> > Jim Roland, RHCE
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> >
> >
>
> ---------------------------------------
> Josh Howlett, Network Supervisor,
> Networking & Digital Communications,
> Information Systems & Computing,
> University of Bristol, U.K.
> 0117 928 7850 | josh.howlett at bris.ac.uk
> ---------------------------------------
>

More information about the pptp-server mailing list