From Oswald.Knoppers at contrastmediagroep.nl Fri Feb 1 04:49:17 2002 From: Oswald.Knoppers at contrastmediagroep.nl (Oswald Knoppers) Date: Fri, 01 Feb 2002 11:49:17 +0100 Subject: [pptp-server] Routing problem. Message-ID: <3C5A72AD.66F79E3B@contrastmediagroep.nl> Hi, Thanks for the suggestions so far. Here is some more information. Office network 192.168.1.0/24. Firewall 192.168.1.253 and one system with 192.168.1.2. On the pptp link the firewall gets 192.168.3.1 and the home firewall 192.168.3.11. The home network is 192.168.4.0/24 the home firewall eth0 interface is 192.168.4.254 and one system over there is at 192.168.4.2 After establishing the tunnel i have the following routing setup on the office firewall: Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.3.11 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0 ppp0 192.168.2.0 192.168.1.251 255.255.255.0 UG 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 192.168.1.251 255.255.255.0 UG 0 0 0 eth0 194.159.73.0 0.0.0.0 255.255.255.0 U 0 0 0 ippp0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ippp0 And on the home firewall: Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.3.1 0.0.0.0 255.255.255.255 UH 40 0 0 ppp0 192.168.4.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 ppp0 193.172.249.0 0.0.0.0 255.255.255.0 U 40 0 0 ippp0 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo 0.0.0.0 0.0.0.0 0.0.0.0 U 40 0 0 ippp0 0.0.0.0 193.172.249.21 0.0.0.0 UG 40 0 0 ippp0 On the 192.168.1.2 server in the office i can ping both 192.168.3.11 and 192.168.4.254 interfaces of the home firewall but i cannot ping 192.168.4.2. It looks to me that this might be related to the firewall setup at the home firewall. This system is running a 2.4.8-26mdk kernel (Mandrake V8.1). I have installed the Bastille firewall utility on this system and it uses iptables. Unfortunately i am not very experienced with this and i am not sure what to check. This firewall does work for access to the internet from the home systems (through the ippp0 isdn interface) without any problems. Also i haven't installed tcpdump on the home firewall but i can do that if needed. Thanks in advance, Oswald From barjunk at attglobal.net Fri Feb 1 10:35:38 2002 From: barjunk at attglobal.net (Michael Barsalou) Date: Fri, 1 Feb 2002 07:35:38 -0900 Subject: [pptp-server] performance tweaks Message-ID: <3C5A454A.23680.534454A@localhost> What is the current thinking about performance problems. We are getting lots of out-of-order packets. I looked through the archives and couldn't find any definitive solution or things to try and fix this problem. Here are the things that I believe will help: Setting the mru/mtu to 1450 in the pptpd.conf file removing the speed setting in the pptpd.conf file. Anything else? Mike Michael Barsalou barjunk at attglobal.net From charlieb at e-smith.com Fri Feb 1 10:52:06 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Fri, 1 Feb 2002 11:52:06 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <3C5A454A.23680.534454A@localhost> Message-ID: On Fri, 1 Feb 2002, Michael Barsalou wrote: > What is the current thinking about performance problems. We are > getting lots of out-of-order packets. > > I looked through the archives and couldn't find any definitive > solution or things to try and fix this problem. The protocol is broken. It doesn't handle gracefully missing or out of order packets. PoPToP 1.1.2 is a big improvement as it makes an effort to reshuffle out of order packets. PoPToP does not cause out of order packets. They are an unavoidable consequence of multiple routing and congestion on the Internet. > Here are the things that I believe will help: > > Setting the mru/mtu to 1450 in the pptpd.conf file > removing the speed setting in the pptpd.conf file. How would those things help? As far as I can tell the speed setting is ignored. > Anything else? Only ever using PoPToP 1.1.2 is the most important thing that can be done. Applying my patch and using stateful encryption may help, but at some reduction in security. I don't know whether the patch will help or not, but it does affect the response of the MPPE encryptor to missing or out of order packets. The current PoPToP implementation is not compliant with the published protocol - but only for stateful encryption, which is little used. -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From barjunk at attglobal.net Fri Feb 1 11:09:40 2002 From: barjunk at attglobal.net (Michael Barsalou) Date: Fri, 1 Feb 2002 08:09:40 -0900 Subject: [pptp-server] performance tweaks In-Reply-To: References: <3C5A454A.23680.534454A@localhost> Message-ID: <3C5A4D44.571.5536E60@localhost> Thanks Charlie! What I think you just said was: Use poptop 1.1.2 (which we are) Out of order packets are caused by internet congestion Your patch may help (how do I get it?) MTU/MRU's have no real impact with regard to out-of-order packets Is this right? Mike Date sent: Fri, 1 Feb 2002 11:52:06 -0500 (EST) From: Charlie Brady To: Copies to: Subject: Re: [pptp-server] performance tweaks > > On Fri, 1 Feb 2002, Michael Barsalou wrote: > > > What is the current thinking about performance problems. We are > > getting lots of out-of-order packets. > > > > I looked through the archives and couldn't find any definitive > > solution or things to try and fix this problem. > > The protocol is broken. It doesn't handle gracefully missing or out of > order packets. PoPToP 1.1.2 is a big improvement as it makes an effort > to reshuffle out of order packets. > > PoPToP does not cause out of order packets. They are an unavoidable > consequence of multiple routing and congestion on the Internet. > > > Here are the things that I believe will help: > > > > Setting the mru/mtu to 1450 in the pptpd.conf file > > removing the speed setting in the pptpd.conf file. > > How would those things help? As far as I can tell the speed setting is > ignored. > > > Anything else? > > Only ever using PoPToP 1.1.2 is the most important thing that can be > done. > > Applying my patch and using stateful encryption may help, but at some > reduction in security. I don't know whether the patch will help or > not, but it does affect the response of the MPPE encryptor to missing > or out of order packets. The current PoPToP implementation is not > compliant with the published protocol - but only for stateful > encryption, which is little used. > > -- > Charlie Brady charlieb at e-smith.com > Lead Product Developer > Network Server Solutions Group http://www.e-smith.com/ > Mitel Networks Corporation http://www.mitel.com/ > Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 > > Michael Barsalou barjunk at attglobal.net From charlieb at e-smith.com Fri Feb 1 11:28:06 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Fri, 1 Feb 2002 12:28:06 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <3C5A4D44.571.5536E60@localhost> Message-ID: On Fri, 1 Feb 2002, Michael Barsalou wrote: > What I think you just said was: > > Use poptop 1.1.2 (which we are) > Out of order packets are caused by internet congestion > Your patch may help (how do I get it?) It's been posted a couple of times, so you'll find it in the archives. But I'd wait until someone else offers an opinion. > MTU/MRU's have no real impact with regard to out-of-order packets No, I don't know what effect MTU/MRU might have. I believe that the "speed" parameter has no effect. -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From root at mhess.qn.net Fri Feb 1 11:36:54 2002 From: root at mhess.qn.net (root) Date: Fri, 1 Feb 2002 12:36:54 -0500 (EST) Subject: [pptp-server] Radius Message-ID: Can poptop be setup to use Radius...that is running on the same server as poptop.... if so, how hard is this? Micahel From akohlsmith at benshaw.com Fri Feb 1 12:26:21 2002 From: akohlsmith at benshaw.com (Andrew Kohlsmith) Date: Fri, 1 Feb 2002 13:26:21 -0500 Subject: [pptp-server] performance tweaks In-Reply-To: References: Message-ID: <200202011326.21856.akohlsmith@benshaw.com> > Only ever using PoPToP 1.1.2 is the most important thing that can be done. I have been able to oops the kernel with PoPToP 1.1.2. The oops seems to happen within pppd_ctrl but I will get you more information next time 'round. Regards, Andrew From saikat at yahoo.com Fri Feb 1 13:13:40 2002 From: saikat at yahoo.com (Saikat Ghosh) Date: Fri, 1 Feb 2002 11:13:40 -0800 (PST) Subject: [pptp-server] mppe patch for 2.4.17 kernel Message-ID: <20020201191340.24894.qmail@web11607.mail.yahoo.com> Hi, I saw linux-2.4.16-openssl-0.9.6b-mppe.patch on binarix.com, is there a similar patch for 2.4.17? TIA, saikat ===== Saikat Ghosh San Jose, CA 95125 USA __________________________________________________ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com From luismi at adpsoft.com Fri Feb 1 13:18:02 2002 From: luismi at adpsoft.com (LuisMi) Date: Fri, 1 Feb 2002 20:18:02 +0100 (CET) Subject: [pptp-server] mppe patch for 2.4.17 kernel In-Reply-To: <20020201191340.24894.qmail@web11607.mail.yahoo.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can use the same patch without any problems :-) - -- +---------------------- | Luis Miguel Cruz. | | Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | ----------------------+ On Fri, 1 Feb 2002, Saikat Ghosh wrote: > Hi, > I saw linux-2.4.16-openssl-0.9.6b-mppe.patch > on binarix.com, is there a similar patch for > 2.4.17? > > TIA, > saikat > > ===== > Saikat Ghosh > San Jose, CA 95125 > USA > > __________________________________________________ > Do You Yahoo!? > Great stuff seeking new owners in Yahoo! Auctions! > http://auctions.yahoo.com > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjxa6e0ACgkQvQHLTzrFJlfnGQCgmENnAnyPOS1qcfpZ9P6VxWEy Lp4An3WXe+UCk5pvV7oAYczkSzRcEtbg =FbEj -----END PGP SIGNATURE----- From charlieb at e-smith.com Fri Feb 1 13:56:58 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Fri, 1 Feb 2002 14:56:58 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <200202011326.21856.akohlsmith@benshaw.com> Message-ID: On Fri, 1 Feb 2002, Andrew Kohlsmith wrote: > > Only ever using PoPToP 1.1.2 is the most important thing that can be done. > > I have been able to oops the kernel with PoPToP 1.1.2. The oops seems > to happen within pppd_ctrl but I will get you more information next > time 'round. That would be a kernel issue, not a PoPToP one (although PoPToP might also have a problem). -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From lists at earthling.2y.net Fri Feb 1 14:59:15 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Fri, 1 Feb 2002 15:59:15 -0500 (EST) Subject: [pptp-server] Routing problem. In-Reply-To: <3C5A72AD.66F79E3B@contrastmediagroep.nl> Message-ID: iptables -L also, tcpdump as a diagnostic utility is invaluable, it is the most important tool to a netadmin when diagnosing a network problem. On Fri, 1 Feb 2002, Oswald Knoppers wrote: > Hi, > > Thanks for the suggestions so far. Here is some more information. > > Office network 192.168.1.0/24. Firewall 192.168.1.253 and one system > with 192.168.1.2. On the pptp link the firewall gets 192.168.3.1 and the > home firewall 192.168.3.11. The home network is 192.168.4.0/24 the home > firewall eth0 interface is 192.168.4.254 and one system over there is at > 192.168.4.2 > > After establishing the tunnel i have the following routing setup on the > office firewall: > > Kernel IP routing table > Destination Gateway Genmask Flags MSS Window irtt > Iface > 192.168.3.11 0.0.0.0 255.255.255.255 UH 0 0 0 > ppp0 > 192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0 > ppp0 > 192.168.2.0 192.168.1.251 255.255.255.0 UG 0 0 0 > eth0 > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 > eth0 > 192.168.0.0 192.168.1.251 255.255.255.0 UG 0 0 0 > eth0 > 194.159.73.0 0.0.0.0 255.255.255.0 U 0 0 0 > ippp0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 > lo > 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 > ippp0 > > And on the home firewall: > > Kernel IP routing table > Destination Gateway Genmask Flags MSS Window irtt > Iface > 192.168.3.1 0.0.0.0 255.255.255.255 UH 40 0 0 > ppp0 > 192.168.4.0 0.0.0.0 255.255.255.0 U 40 0 0 > eth0 > 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 > ppp0 > 193.172.249.0 0.0.0.0 255.255.255.0 U 40 0 0 > ippp0 > 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 > lo > 0.0.0.0 0.0.0.0 0.0.0.0 U 40 0 0 > ippp0 > 0.0.0.0 193.172.249.21 0.0.0.0 UG 40 0 0 > ippp0 > > On the 192.168.1.2 server in the office i can ping both 192.168.3.11 and > 192.168.4.254 interfaces of the home firewall but i cannot ping > 192.168.4.2. > > It looks to me that this might be related to the firewall setup at the > home firewall. This system is running a 2.4.8-26mdk kernel (Mandrake > V8.1). I have installed the Bastille firewall utility on this system and > it uses iptables. Unfortunately i am not very experienced with this and > i am not sure what to check. This firewall does work for access to the > internet from the home systems (through the ippp0 isdn interface) > without any problems. > > Also i haven't installed tcpdump on the home firewall but i can do that > if needed. > > Thanks in advance, > > Oswald > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From berzerke at swbell.net Fri Feb 1 17:12:51 2002 From: berzerke at swbell.net (robert) Date: Fri, 01 Feb 2002 17:12:51 -0600 Subject: [pptp-server] performance tweaks In-Reply-To: References: Message-ID: <0GQV000CSN443V@mta4.rcsntx.swbell.net> Let me jump in and say at one company was able to get a big speed jump by turning off the anti-virus software's scanning of remote files. I didn't measure the jump, but it was very noticable. On Friday 01 February 2002 11:28 am, Charlie Brady wrote: > On Fri, 1 Feb 2002, Michael Barsalou wrote: > > What I think you just said was: > > > > Use poptop 1.1.2 (which we are) > > Out of order packets are caused by internet congestion > > Your patch may help (how do I get it?) > > It's been posted a couple of times, so you'll find it in the archives. But > I'd wait until someone else offers an opinion. > > > MTU/MRU's have no real impact with regard to out-of-order packets > > No, I don't know what effect MTU/MRU might have. > > I believe that the "speed" parameter has no effect. From charlieb at e-smith.com Fri Feb 1 17:15:25 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Fri, 1 Feb 2002 18:15:25 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <0GQV000CSN443V@mta4.rcsntx.swbell.net> Message-ID: On Fri, 1 Feb 2002, robert wrote: > Let me jump in and say at one company was able to get a big speed jump by > turning off the anti-virus software's scanning of remote files. I didn't > measure the jump, but it was very noticable. That'd do it. (Duh!) :-) -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From vivek_s7 at yahoo.com Sat Feb 2 01:25:45 2002 From: vivek_s7 at yahoo.com (Vivek) Date: Sat, 2 Feb 2002 12:55:45 +0530 Subject: [pptp-server] MAX_CONNECTIONS Message-ID: <001801c1abba$d85ec200$4602010a@satyam.net.in> The sample pptpd.conf filementions about MAX_CONNECTIONS. What is the default value of MAX_CONNECTIONS and where is it set ? Can this value be modified ? Thanks in advance Vivek If you give more IP addresses than MAX_CONNECTIONS, it will # start at the beginning of the list and go until it gets # MAX_CONNECTIONS IPs. Others will be ignored. -------------- next part -------------- An HTML attachment was scrubbed... URL: From osiris at urbanna.net Sat Feb 2 09:08:47 2002 From: osiris at urbanna.net (osiris at urbanna.net) Date: Sat, 2 Feb 2002 10:08:47 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <0GQV000CSN443V@mta4.rcsntx.swbell.net> Message-ID: Robert; On Fri, 1 Feb 2002, robert wrote: > Let me jump in and say at one company was able to get a big speed jump by > turning off the anti-virus software's scanning of remote files. I didn't > measure the jump, but it was very noticable. NOW THERE'S A GREAT IDEA.... Jeezzeee.... From berzerke at swbell.net Sat Feb 2 12:17:05 2002 From: berzerke at swbell.net (robert) Date: Sat, 02 Feb 2002 12:17:05 -0600 Subject: [pptp-server] performance tweaks In-Reply-To: References: Message-ID: <0GQX00KLZ4324G@mta4.rcsntx.swbell.net> On Saturday 02 February 2002 09:08 am, osiris at urbanna.net wrote: > Robert; > > On Fri, 1 Feb 2002, robert wrote: > > Let me jump in and say at one company was able to get a big speed jump by > > turning off the anti-virus software's scanning of remote files. I didn't > > measure the jump, but it was very noticable. > > NOW THERE'S A GREAT IDEA.... Jeezzeee.... If that's sarcasm, it's not a bad idea. The remote user was the one turning off remote scanning. The server has it's own (more up-to-date defs) scanner. She doesn't scan the server and the server doesn't scan her. If she uploads something, then it is scanned. It actually works quite well. She actually did get one, and it never made it past the server. (Aside: She refused to admit it was her though, until the virus dropped it's payload and trashed her system. It also overwrote her CMOS.) From ope557 at yahoo.com Sun Feb 3 02:14:31 2002 From: ope557 at yahoo.com (ope ope) Date: Sun, 3 Feb 2002 00:14:31 -0800 (PST) Subject: [pptp-server] Able to connect but nothing after that Message-ID: <20020203081431.48172.qmail@web20609.mail.yahoo.com> I have just set up PPTP on a RedHat 7.0 server. Everything was going very well up until I was able to actually connect to the VPN. Basically I can log in to the VPN, no problem, but I can't see any or reach any machines on the network after that. If I log into the VPN I get a Server IP address and a Client IP address, as I should. However, I can't ping the Server side ip address or any other machine within the network. If I try to ping I get a 'Destination port unreachable'. Basically I can't see any computers inside the network or do anything other than connect. I have set up ipchains to ACCEPT traffic on port 1723 and protocol 47 using: ipchains -A input -p TCP -d 0.0.0.0/0 1723 -j ACCEPT ipchains -A input -p 47 -j ACCEPT ipchains -A output -p TCP -s 0.0.0.0/0 1723 -j ACCEPT ipchains -A output -p 47 -j ACCEPT I have also set up forwarding to the VPN connect machines using: ipchains -A forward -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT I also made sure that these rules were set up early in the scripts so that other ipchains rules would not cancel these out. I would think that this is sufficient but apparently not. I have obviously misconfigured something but can't figure out what. Can anyone point me in the right direction? __________________________________________________ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com From jogi99 at gmx.de Sun Feb 3 04:28:21 2002 From: jogi99 at gmx.de (Joachim Knoth) Date: Sun, 3 Feb 2002 11:28:21 +0100 Subject: [pptp-server] (no subject) Message-ID: confirm 539499 From akohlsmith at benshaw.com Sun Feb 3 07:46:01 2002 From: akohlsmith at benshaw.com (Andrew Kohlsmith) Date: Sun, 3 Feb 2002 08:46:01 -0500 Subject: [pptp-server] performance tweaks In-Reply-To: References: Message-ID: <200202030846.01182.akohlsmith@benshaw.com> > > I have been able to oops the kernel with PoPToP 1.1.2. The oops seems > > to happen within pppd_ctrl but I will get you more information next > > time 'round. > That would be a kernel issue, not a PoPToP one (although PoPToP might > also have a problem). Yeah but remember to get MPPE there is a kernel patch. I am wondering if it isn't in there. Regards, Andrew From charlieb at e-smith.com Sun Feb 3 12:11:54 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Sun, 3 Feb 2002 13:11:54 -0500 (EST) Subject: [pptp-server] performance tweaks In-Reply-To: <200202030846.01182.akohlsmith@benshaw.com> Message-ID: On Sun, 3 Feb 2002, Andrew Kohlsmith wrote: > > > > I have been able to oops the kernel with PoPToP 1.1.2. The oops seems > > > to happen within pppd_ctrl but I will get you more information next > > > time 'round. > > > That would be a kernel issue, not a PoPToP one (although PoPToP might > > also have a problem). > > Yeah but remember to get MPPE there is a kernel patch. I am wondering if it > isn't in there. MPPE is part of the kernel. So yes, it could be a problem with mppe. I haven't seen any kernel oopsen with it, but I'm sure it's possible. -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From lit00084 at planet.nl Mon Feb 4 04:25:33 2002 From: lit00084 at planet.nl (lit00084 at planet.nl) Date: Mon, 4 Feb 2002 04:25:33 -0600 (CST) Subject: [pptp-server] Routing problem Message-ID: <4257122.1012818329626.JavaMail.root@apps19.wxs.nl> All, I have trouble with reaching my internal network. When i logon with my windows 2000 client i get connected. I recieve an ip address in the range 192.168.1.0/24 when i try to ping a server in my local network i get time out messages but i can ping the other end of my poptop server which stands on 192.168.10.251 also i'm not registered at my wins server. When i logon to the poptop server in my local network using the lan i get registerd at the wins. but i cant ping the address that i recieve from an other workstation or server. this is my configuration pptpd.conf speed 115200 debug remoteip 192.168.1.225-250 localip 192.168.10.225-251 options #/etc/ppp/options debug auth name poptop require-chap proxyarp ms-wins 192.168.10.1 # Secrets for authentication using CHAP # client server secret IP addresses john poptop ---- * can any help with this where did i go wrong? Rgds, John From honor at axtronics.com.tw Mon Feb 4 05:10:54 2002 From: honor at axtronics.com.tw (honor) Date: Mon, 4 Feb 2002 19:10:54 +0800 Subject: [pptp-server] How to reduce memory size? Message-ID: <002501c1ad6c$9d858110$0507a8c0@honor1> When i establish a pptp tunnel ,the memory is decrement about 1 MB. pptp => 312KB binary(16K) pppd => 800 KB binary(500K) How to reduce the memory size? -------------- next part -------------- An HTML attachment was scrubbed... URL: From muralivemuri at multitech.co.in Mon Feb 4 05:29:16 2002 From: muralivemuri at multitech.co.in (Murali K. Vemuri) Date: Mon, 04 Feb 2002 16:59:16 +0530 Subject: [pptp-server] Routing problem References: <4257122.1012818329626.JavaMail.root@apps19.wxs.nl> Message-ID: <3C5E708C.7A778A73@multitech.co.in> hey! check : cat /proc/sys/net/ipv4/ip_forward on the server. it should return you 1 by any chance it returns 0 echo 1>/proc/sys/net/ipv4/ip_forward should solve the problem. cheers murali lit00084 at planet.nl wrote: > All, > > I have trouble with reaching my internal network. > > When i logon with my windows 2000 client i get connected. I recieve an ip address in the range 192.168.1.0/24 when i try to ping a server in my local network i get time out messages but i can ping the other end of my poptop server which stands on 192.168.10.251 also i'm not registered at my wins server. When i logon to the poptop server in my local network using the lan i get registerd at the wins. but i cant ping the address that i recieve from an other workstation or server. > > this is my configuration > > pptpd.conf > > speed 115200 > debug > remoteip 192.168.1.225-250 > localip 192.168.10.225-251 > > options > > #/etc/ppp/options > debug > auth > name poptop > require-chap > proxyarp > ms-wins 192.168.10.1 > > # Secrets for authentication using CHAP > # client server secret IP addresses > > john poptop ---- * > > can any help with this where did i go wrong? > > Rgds, > > John -- regards & thanks for your time, Murali Krishna Vemuri -------------- next part -------------- An HTML attachment was scrubbed... URL: From berzerke at swbell.net Mon Feb 4 10:39:16 2002 From: berzerke at swbell.net (robert) Date: Mon, 04 Feb 2002 10:39:16 -0600 Subject: [pptp-server] Routing problem In-Reply-To: <4257122.1012818329626.JavaMail.root@apps19.wxs.nl> References: <4257122.1012818329626.JavaMail.root@apps19.wxs.nl> Message-ID: <0GR0003KXOVRJR@mta4.rcsntx.swbell.net> Also, be sure the localip and remoteip are in the same network. You only need one localip BTW. On Monday 04 February 2002 04:25 am, you wrote: > All, > > I have trouble with reaching my internal network. > > When i logon with my windows 2000 client i get connected. I recieve an ip > address in the range 192.168.1.0/24 when i try to ping a server in my local > network i get time out messages but i can ping the other end of my poptop > server which stands on 192.168.10.251 also i'm not registered at my wins > server. When i logon to the poptop server in my local network using the lan > i get registerd at the wins. but i cant ping the address that i recieve > from an other workstation or server. > > this is my configuration > > pptpd.conf > > speed 115200 > debug > remoteip 192.168.1.225-250 > localip 192.168.10.225-251 > > options > > #/etc/ppp/options > debug > auth > name poptop > require-chap > proxyarp > ms-wins 192.168.10.1 > > # Secrets for authentication using CHAP > # client server secret IP addresses > > john poptop ---- * > > can any help with this where did i go wrong? > > Rgds, > > John From Oswald.Knoppers at contrastmediagroep.nl Tue Feb 5 07:54:22 2002 From: Oswald.Knoppers at contrastmediagroep.nl (Oswald Knoppers) Date: Tue, 05 Feb 2002 14:54:22 +0100 Subject: [pptp-server] Routing problem. References: Message-ID: <3C5FE40E.10EC3391@contrastmediagroep.nl> lists at earthling.2y.net wrote: > > iptables -L > > also, tcpdump as a diagnostic utility is invaluable, it is the most > important tool to a netadmin when diagnosing a network problem. > I have now verified that this problem is related to the firewall setup. Unfortunally the output op iptables -L doesn't tell me much. Does anybody have an example script for setting up this kind of firewall? My basic needs are: From halljay at socket.net Tue Feb 5 08:35:47 2002 From: halljay at socket.net (halljay at socket.net) Date: Tue, 5 Feb 2002 14:35:47 GMT Subject: [pptp-server] ip-masq-vpn Message-ID: <101291974702@mc1.socket.net> I thought I was ready to jump into this last night, but I after thinking about my siuation, I decided I should probably ask a question first. I am currently running RH 6.2 with the 2.2.18 kernel. I have applied the ip- masq-vpn patches so users can connect to a VPN outside of the local network through the masqueraded connection using. The connection to my ISP is made using pppd. Will the patches applied to the kernel affect the ip-masq-vpn patches I have already applied? If so, where can I find instructions concerning how to make the two sets of patches work together? Thanks in advance for your assistance. Jay From fbouvart at herald-com.fr Tue Feb 5 10:09:56 2002 From: fbouvart at herald-com.fr (Fabrice Bouvart) Date: Tue, 5 Feb 2002 17:09:56 +0100 Subject: [pptp-server] PoPToP server to test on a lan Message-ID: <29702C2A1209D611B78D00B0D0F9B953068115@MAIL_SERVER> Hi everybody ! In order tu use a PoPToP server for distant user, I am currently trying to setup a test one on the lan. I compileded and every thing just gone fine the problem is that I followed the config file and i am not even able to reach the server using the Windows 2000 VPN client I set Encryption optionnal & PPtP I am not having anything written /var/log/pptp.log Here is what I put in the syslog.conf deamon.*,local2.* /var/log/pptp/log Could anyone help me ? Fabrice _____________________________________________________________________ Checked by MessageLabs (OUT) -------------- next part -------------- An HTML attachment was scrubbed... URL: From fbouvart at herald-com.fr Tue Feb 5 10:57:57 2002 From: fbouvart at herald-com.fr (Fabrice Bouvart) Date: Tue, 5 Feb 2002 17:57:57 +0100 Subject: [pptp-server] PoPToP server to test on a lan Message-ID: <29702C2A1209D611B78D00B0D0F9B95306811D@MAIL_SERVER> SO I can't see anything in /var/log/pptp.log (thanx ralph, this was a typo error) Here is what I have with a tail -f /var/log/message CTRL: Client 10.237.120.33 control connection started CTRL: Starting call (lauching pppd, opening GRE) Pppd 2.4.1 started by root, uid 0 Using interface ppp0 Connect: ppp0 <--> /dev/pts3 GRE: Discarding duplicate packet CTRL: Ignored a SET LINK INFO packet with a real ACCMs ! CHAP peer authentication succeeded for billy IPCP: timeout sending Config-Requests Connection terminated Connect time 0.6 minutes. Sent 310 bytes, received 0 bytes. Exit; GRE: read(fd=4,buffer=80d8c0,len=8196) from PTY failed: status = -1 error = Input/Output error CTRL: PTY read or GRE write failed (pty,gre)=(4,5) CTRL: Client 10.237.120.33 control connection finished The version installer is 1.0.1-1 The user is declared in the chap-secrets file Fabrice -----Message d'origine----- De : Ralf Spenneberg [mailto:ralf at spenneberg.de] Envoy? : mardi 5 f?vrier 2002 17:37 ? : Fabrice Bouvart Objet : Re: [pptp-server] PoPToP server to test on a lan Quoting Fabrice Bouvart : > Hi everybody ! > > In order tu use a PoPToP server for distant user, I am currently > trying to setup a test one on the lan. > > I compileded and every thing just gone fine > the problem is that I followed the config file and i am not even able > to reach the server using the Windows 2000 VPN client I set Encryption > optionnal & PPtP > > I am not having anything written /var/log/pptp.log > > Here is what I put in the syslog.conf > deamon.*,local2.* /var/log/pptp/log Might be a typo. But is this a slash^ ? Ralf > > Could anyone help me ? > > Fabrice > > > _____________________________________________________________________ > Checked by MessageLabs (OUT) _____________________________________________________________________ Checked by MessageLabs (IN) _____________________________________________________________________ Checked by MessageLabs (OUT) From luismi at adpsoft.com Tue Feb 5 13:37:46 2002 From: luismi at adpsoft.com (LuisMi) Date: Tue, 5 Feb 2002 20:37:46 +0100 (CET) Subject: [pptp-server] What is this? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am upgrading my pptp to 1.1.2. I have some dudes... I do ./configure and I read... [...] =============================================================================== Configuration chosen: PPPd IP allocation: No. PPPd: Standard. LIBWRAP security: No. Mode: IP tunneling server (PAC). =============================================================================== [...] What is that? How can I use libwrap security? Is there any other modes for pptp or only 'IP tunneling server (PAC).'? Thanks - -- +---------------------- | Luis Miguel Cruz. | | Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | ----------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjxgNI0ACgkQvQHLTzrFJleyHwCdFeJWMAegY+S+DBm/JY0ZhNRV zoAAoJ8QIIIOHTynUCdAvuXwoX8QgxTr =J53Q -----END PGP SIGNATURE----- From lists at earthling.2y.net Tue Feb 5 18:54:38 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Tue, 5 Feb 2002 19:54:38 -0500 (EST) Subject: [pptp-server] Routing problem. In-Reply-To: <3C5FE40E.10EC3391@contrastmediagroep.nl> Message-ID: /sbin/iptables -t nat -A POSTROUTING -o ippp0 -j SNAT --to $IP or /sbin/iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE On Tue, 5 Feb 2002, Oswald Knoppers wrote: > lists at earthling.2y.net wrote: > > > > iptables -L > > > > also, tcpdump as a diagnostic utility is invaluable, it is the most > > important tool to a netadmin when diagnosing a network problem. > > > I have now verified that this problem is related to the firewall setup. > Unfortunally the output op iptables -L doesn't tell me much. > > Does anybody have an example script for setting up this kind of > firewall? > > My basic needs are: > > >From eth0 to ippp0 -> do NAT > >From ppp0 to eth0 (and the other way around) -> just route the traffic > > And block any unsolicited traffic on ippp0. > > Thanks, > > Oswald > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From lists at earthling.2y.net Tue Feb 5 18:55:03 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Tue, 5 Feb 2002 19:55:03 -0500 (EST) Subject: [pptp-server] Routing problem. In-Reply-To: <3C5FE40E.10EC3391@contrastmediagroep.nl> Message-ID: btw, you can directly send me your current rules, I might be able to tell you whats wrong with them as they stand now. -JustinOn Tue, 5 Feb 2002, Oswald Knoppers wrote: > lists at earthling.2y.net wrote: > > > > iptables -L > > > > also, tcpdump as a diagnostic utility is invaluable, it is the most > > important tool to a netadmin when diagnosing a network problem. > > > I have now verified that this problem is related to the firewall setup. > Unfortunally the output op iptables -L doesn't tell me much. > > Does anybody have an example script for setting up this kind of > firewall? > > My basic needs are: > > >From eth0 to ippp0 -> do NAT > >From ppp0 to eth0 (and the other way around) -> just route the traffic > > And block any unsolicited traffic on ippp0. > > Thanks, > > Oswald > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From lists at earthling.2y.net Tue Feb 5 18:56:33 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Tue, 5 Feb 2002 19:56:33 -0500 (EST) Subject: [pptp-server] What is this? In-Reply-To: Message-ID: If your running portsentry, its not a bad idea to use libwrap. Libwrap causes good old tcp programs to check /etc/hosts.deny before allowing connections. As far as I know, there is only the single mode. -justin On Tue, 5 Feb 2002, LuisMi wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I am upgrading my pptp to 1.1.2. > I have some dudes... > > I do ./configure and I read... > [...] > =============================================================================== > Configuration chosen: > PPPd IP allocation: No. > PPPd: Standard. > LIBWRAP security: No. > Mode: IP tunneling server (PAC). > =============================================================================== > [...] > > What is that? > How can I use libwrap security? > Is there any other modes for pptp or only 'IP tunneling server (PAC).'? > > Thanks > > > > - -- > +---------------------- > | Luis Miguel Cruz. > | | > Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | > ----------------------+ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iEYEARECAAYFAjxgNI0ACgkQvQHLTzrFJleyHwCdFeJWMAegY+S+DBm/JY0ZhNRV > zoAAoJ8QIIIOHTynUCdAvuXwoX8QgxTr > =J53Q > -----END PGP SIGNATURE----- > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From luismi at adpsoft.com Wed Feb 6 03:55:08 2002 From: luismi at adpsoft.com (LuisMi) Date: Wed, 6 Feb 2002 10:55:08 +0100 (CET) Subject: [pptp-server] What is this? In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yes, use portsentry is a very good idea. I know how tcp wrappers run but I don't know how to compile pptp to use libwrap, as you can see ./configure tells me that libwrap security is not used :-( How can I configure pptp to use libwrap? - -- +---------------------- | Luis Miguel Cruz. | | Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | ----------------------+ On Tue, 5 Feb 2002 lists at earthling.2y.net wrote: > If your running portsentry, its not a bad idea to use libwrap. Libwrap > causes good old tcp programs to check /etc/hosts.deny before allowing > connections. > > As far as I know, there is only the single mode. > -justin > > On Tue, 5 Feb 2002, LuisMi wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > I am upgrading my pptp to 1.1.2. > > I have some dudes... > > > > I do ./configure and I read... > > [...] > > =============================================================================== > > Configuration chosen: > > PPPd IP allocation: No. > > PPPd: Standard. > > LIBWRAP security: No. > > Mode: IP tunneling server (PAC). > > =============================================================================== > > [...] > > > > What is that? > > How can I use libwrap security? > > Is there any other modes for pptp or only 'IP tunneling server (PAC).'? > > > > Thanks > > > > > > > > - -- > > +---------------------- > > | Luis Miguel Cruz. > > | | > > Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | > > ----------------------+ > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.6 (GNU/Linux) > > Comment: For info see http://www.gnupg.org > > > > iEYEARECAAYFAjxgNI0ACgkQvQHLTzrFJleyHwCdFeJWMAegY+S+DBm/JY0ZhNRV > > zoAAoJ8QIIIOHTynUCdAvuXwoX8QgxTr > > =J53Q > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjxg/X0ACgkQvQHLTzrFJleMPgCfdsrAywFAfdwlT0waaD3Dx1Ta N4UAn3Q1DZabycvXB7vRBkPl/NsEgqY/ =aNZM -----END PGP SIGNATURE----- From luismi at adpsoft.com Wed Feb 6 04:08:47 2002 From: luismi at adpsoft.com (LuisMi) Date: Wed, 6 Feb 2002 11:08:47 +0100 (CET) Subject: [pptp-server] What is this? In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I discover how to use libwrap :-) ./configure --with-libwrap then you can see... =============================================================================== Configuration chosen: PPPd IP allocation: No. PPPd: Standard. LIBWRAP security: Yes. Mode: IP tunneling server (PAC). =============================================================================== - -- +---------------------- | Luis Miguel Cruz. | | Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | ----------------------+ On Wed, 6 Feb 2002, LuisMi wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Yes, use portsentry is a very good idea. > I know how tcp wrappers run but I don't know how to compile pptp to use > libwrap, as you can see ./configure tells me that libwrap security is not > used :-( > > How can I configure pptp to use libwrap? > > - -- > +---------------------- > | Luis Miguel Cruz. > | | > Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | > ----------------------+ > > On Tue, 5 Feb 2002 lists at earthling.2y.net wrote: > > > If your running portsentry, its not a bad idea to use libwrap. Libwrap > > causes good old tcp programs to check /etc/hosts.deny before allowing > > connections. > > > > As far as I know, there is only the single mode. > > -justin > > > > On Tue, 5 Feb 2002, LuisMi wrote: > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > I am upgrading my pptp to 1.1.2. > > > I have some dudes... > > > > > > I do ./configure and I read... > > > [...] > > > =============================================================================== > > > Configuration chosen: > > > PPPd IP allocation: No. > > > PPPd: Standard. > > > LIBWRAP security: No. > > > Mode: IP tunneling server (PAC). > > > =============================================================================== > > > [...] > > > > > > What is that? > > > How can I use libwrap security? > > > Is there any other modes for pptp or only 'IP tunneling server (PAC).'? > > > > > > Thanks > > > > > > > > > > > > - -- > > > +---------------------- > > > | Luis Miguel Cruz. > > > | | > > > Public Key: http://www.flcnet.es/tbe/luismi/nadie/luismi_adp.asc | > > > ----------------------+ > > > -----BEGIN PGP SIGNATURE----- > > > Version: GnuPG v1.0.6 (GNU/Linux) > > > Comment: For info see http://www.gnupg.org > > > > > > iEYEARECAAYFAjxgNI0ACgkQvQHLTzrFJleyHwCdFeJWMAegY+S+DBm/JY0ZhNRV > > > zoAAoJ8QIIIOHTynUCdAvuXwoX8QgxTr > > > =J53Q > > > -----END PGP SIGNATURE----- > > > > > > _______________________________________________ > > > pptp-server maillist - pptp-server at lists.schulte.org > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > --- To unsubscribe, go to the url just above this line. -- > > > > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iEYEARECAAYFAjxg/X0ACgkQvQHLTzrFJleMPgCfdsrAywFAfdwlT0waaD3Dx1Ta > N4UAn3Q1DZabycvXB7vRBkPl/NsEgqY/ > =aNZM > -----END PGP SIGNATURE----- > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjxhALIACgkQvQHLTzrFJldungCfSbxT9uvaPIDYRR4dfz9UsrRF GIoAmwVnyAPHcXPDtFTX1U6n+g+ptRfP =hI0d -----END PGP SIGNATURE----- From vlad at ccf.tuiasi.ro Wed Feb 6 18:18:58 2002 From: vlad at ccf.tuiasi.ro (Vlad Adomnicai) Date: Thu, 7 Feb 2002 02:18:58 +0200 Subject: [pptp-server] Win2k PPTP route Message-ID: Hi. I'am trying to use PPTPD for playing games on TCP (IPX) on a network that has several routers. I have some problems with some games (Comanche4, BlackIsle4). On TCP these games search for the server by sending UDP broadcast packets. I have a network card in my computer with IP 192.168.212.2 and when i log in to VPN, i have 10.0.0.2. The problem is that the packets that the games send althoug are traveling through the VPN (because of the new gateway) have the source ip 192.168.212.2. And it seams to bother the games because we can't see each other. when i issue a route print on win2k, there is a route 255.255.255.255 mask 255.255.255.255 but with gateway 192.168.212.2, and i can't do anything with that route, i cant delete it and i can't changeit, and i can't add anotherone with gateway 10.0.0.2. Does anyone knows how to make the source of the packeges be 10.0.0.2? or tell me how to get those broadcasting packets accros 2 routers on the other side of the network? (on the other side of the network there is a router with 3 netcards, one linking it with the router from me, and the other two having hubs attached, so i would like the broadcast to go to both networks) Any help of any kind is appreciated. Vlad Adomnicai. From lists at earthling.2y.net Wed Feb 6 18:29:01 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Wed, 6 Feb 2002 19:29:01 -0500 (EST) Subject: [pptp-server] Win2k PPTP route In-Reply-To: Message-ID: Could you draw a map or something? Where is the "game server" at? on the other end of the vpn? If I understand what you have said correctly so far, they get to the other end of the vpn connection and have the wrong source? Also, could you send the list what your route tables on win2k look like. On Thu, 7 Feb 2002, Vlad Adomnicai wrote: > > Hi. I'am trying to use PPTPD for playing games on TCP (IPX) on a network > that has several routers. I have some problems with some games (Comanche4, > BlackIsle4). > On TCP these games search for the server by sending UDP broadcast packets. > I have a network card in my computer with IP 192.168.212.2 and when i log > in to VPN, i have 10.0.0.2. The problem is that the packets that the games > send althoug are traveling through the VPN (because of the new gateway) have > the source ip 192.168.212.2. And it seams to bother the games because we > can't see each other. > when i issue a route print on win2k, there is a route 255.255.255.255 mask > 255.255.255.255 but with gateway 192.168.212.2, and i can't do anything with > that route, i cant delete it and i can't changeit, and i can't add > anotherone with gateway 10.0.0.2. > Does anyone knows how to make the source of the packeges be 10.0.0.2? or > tell me how to get those broadcasting packets accros 2 routers on the other > side of the network? (on the other side of the network there is a router > with 3 netcards, one linking it with the router from me, and the other two > having hubs attached, so i would like the broadcast to go to both networks) > > Any help of any kind is appreciated. > Vlad Adomnicai. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From maltman at onestepbeyond.com Wed Feb 6 19:07:14 2002 From: maltman at onestepbeyond.com (Mark) Date: Wed, 6 Feb 2002 20:07:14 -0500 Subject: [pptp-server] Flash Website Builder Message-ID: <200202070107.g1717Ek15473@host101.osbnet.com> An HTML attachment was scrubbed... URL: From mjo at pbj.dk Thu Feb 7 07:35:06 2002 From: mjo at pbj.dk (Mikael Johnsen) Date: Thu, 7 Feb 2002 14:35:06 +0100 Subject: [pptp-server] URGENT Message-ID: <1DA605F7E2EAD411B7A9009027DDD2C3223CD7@PBJ-EXCHG> I have a problem with my Linux Firewall/VPN When I am sitting behind the firewall I can't connect to another firewall/VPN using ms vpn client HELP Med venlig hilsen / Best regards Mikael Johnsen Systemadministrator / System Administrator PBJ Consult A/S Roholmsvej 10G DK-2620 Albertslund Phone: +45 43 62 74 00, Fax: +45 43 62 74 24 Email: mjo at pbj.dk, Homepage: www.pbj.dk -------------- next part -------------- An HTML attachment was scrubbed... URL: From john at brewtown.net Thu Feb 7 08:21:10 2002 From: john at brewtown.net (John Stetter) Date: Thu, 7 Feb 2002 08:21:10 -0600 Subject: [pptp-server] URGENT References: <1DA605F7E2EAD411B7A9009027DDD2C3223CD7@PBJ-EXCHG> Message-ID: <001a01c1afe2$b0dcbad0$7301000a@bwmmortgage.com> Meddelelse If you gave us a little more information, it would be much easier for us to assist you. What kind of connectivity problems are you having? What's your config? Version?? ----- Original Message ----- From: Mikael Johnsen To: pptp-server at lists.schulte.org Sent: Thursday, February 07, 2002 7:35 AM Subject: [pptp-server] URGENT I have a problem with my Linux Firewall/VPN When I am sitting behind the firewall I can't connect to another firewall/VPN using ms vpn client HELP Med venlig hilsen / Best regards Mikael Johnsen Systemadministrator / System Administrator PBJ Consult A/S Roholmsvej 10G DK-2620 Albertslund Phone: +45 43 62 74 00, Fax: +45 43 62 74 24 Email: mjo at pbj.dk, Homepage: www.pbj.dk -------------- next part -------------- An HTML attachment was scrubbed... URL: From len at ghy.com Thu Feb 7 08:22:29 2002 From: len at ghy.com (Len Goldenstein) Date: Thu, 7 Feb 2002 08:22:29 -0600 Subject: [pptp-server] URGENT In-Reply-To: <001a01c1afe2$b0dcbad0$7301000a@bwmmortgage.com> Message-ID: This may have the information you need. http://www.impsec.org/linux/masquerade/ip_masq_vpn.html ---------------------------------------- Len Goldenstein Network Services Geo. H. Young & Co. Ltd. 809 - 167 Lombard Ave. Winnipeg, MB R3B 3H8 Phone: (204) 947-6851 Fax: (204) 947-3306 len at ghy.com http://www.ghy.com -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of John Stetter Sent: Thursday, February 07, 2002 8:21 AM To: pptp-server at lists.schulte.org Subject: Re: [pptp-server] URGENT If you gave us a little more information, it would be much easier for us to assist you. What kind of connectivity problems are you having? What's your config? Version?? ----- Original Message ----- From: Mikael Johnsen To: pptp-server at lists.schulte.org Sent: Thursday, February 07, 2002 7:35 AM Subject: [pptp-server] URGENT I have a problem with my Linux Firewall/VPN When I am sitting behind the firewall I can't connect to another firewall/VPN using ms vpn client HELP Med venlig hilsen / Best regards Mikael Johnsen Systemadministrator / System Administrator PBJ Consult A/S Roholmsvej 10G DK-2620 Albertslund Phone: +45 43 62 74 00, Fax: +45 43 62 74 24 Email: mjo at pbj.dk, Homepage: www.pbj.dk From muralivemuri at multitech.co.in Fri Feb 8 03:03:23 2002 From: muralivemuri at multitech.co.in (Murali K. Vemuri) Date: Fri, 08 Feb 2002 14:33:23 +0530 Subject: [pptp-server] active user Message-ID: <3C63945B.5F4E1C1D@multitech.co.in> hi there, i have a pptp server successfully running on my box. also, i am able to see the logs. the question that bothers me is that.. is there any way in which i can find the active users at any given point of time, without using the /var/log/pptpd.log ? -- regards & thanks for your time, Murali Krishna Vemuri --All blue, I write with a Blue Pencil on a Blue Sky. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Benny.Geys at ordina-denkart.com Fri Feb 8 03:16:29 2002 From: Benny.Geys at ordina-denkart.com (Benny.Geys at ordina-denkart.com) Date: Fri, 8 Feb 2002 10:16:29 +0100 Subject: [pptp-server] active user Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My PPTP server gives users the same IP address each time they login (configured in /etc/ppp/chap-secrets), so I can check who is currently logged in by running the '/sbin/ifconfig' or 'route' command. Benny - -----Original Message----- From: muralivemuri at multitech.co.in [mailto:muralivemuri at multitech.co.in] Sent: vrijdag 8 februari 2002 10:03 To: pptp-server at lists.schulte.org Subject: [pptp-server] active user hi there, i have a pptp server successfully running on my box. also, i am able to see the logs. the question that bothers me is that.. is there any way in which i can find the active users at any given point of time, without using the /var/log/pptpd.log ? - -- regards & thanks for your time, Murali Krishna Vemuri - --All blue, I write with a Blue Pencil on a Blue Sky. -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 Comment: DEAR IRS, Please cancel my subscription. iQA/AwUBPGOXFAPrgn4F1j+REQKaFACgoGEdM7UhnuCZURJ2hdl+OkhriycAnRfs VAMgKLw+J75UStUsLW9UCIcT =5BER -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: WINMAIL.DAT Type: application/ms-tnef Size: 2077 bytes Desc: not available URL: From muralivemuri at multitech.co.in Fri Feb 8 03:41:33 2002 From: muralivemuri at multitech.co.in (Murali K. Vemuri) Date: Fri, 08 Feb 2002 15:11:33 +0530 Subject: [pptp-server] active user References: Message-ID: <3C639D4D.A1BE3EA0@multitech.co.in> for me the problem is like this: my chap-secrets file looks like this: murali * murali * vemuri * vemuri * so, as such i am not specifying the ip address explicitly for any particular user. so, in this case, can something be done? regds murali Benny.Geys at ordina-denkart.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > My PPTP server gives users the same IP address each time they login > (configured in /etc/ppp/chap-secrets), so I can check who is > currently logged in by running the '/sbin/ifconfig' or 'route' > command. > > Benny > - -----Original Message----- > From: muralivemuri at multitech.co.in > [mailto:muralivemuri at multitech.co.in] > Sent: vrijdag 8 februari 2002 10:03 > To: pptp-server at lists.schulte.org > Subject: [pptp-server] active user > > > hi there, > > i have a pptp server successfully running on my box. > also, i am able to see the logs. > the question that bothers me is that.. is there any way in which i > can find the active users at any given point of time, > without using the /var/log/pptpd.log ? > > - -- > regards & thanks for your time, > Murali Krishna Vemuri > - --All blue, I write with a Blue Pencil on a Blue Sky. > > > -----BEGIN PGP SIGNATURE----- > Version: PGP 7.0.4 > Comment: DEAR IRS, Please cancel my subscription. > > iQA/AwUBPGOXFAPrgn4F1j+REQKaFACgoGEdM7UhnuCZURJ2hdl+OkhriycAnRfs > VAMgKLw+J75UStUsLW9UCIcT > =5BER > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------ > Name: WINMAIL.DAT > WINMAIL.DAT Type: application/ms-tnef > Encoding: base64 -- regards & thanks for your time, Murali Krishna Vemuri --All blue, I write with a Blue Pencil on a Blue Sky. -------------- next part -------------- An HTML attachment was scrubbed... URL: From david_luyer at pacific.net.au Fri Feb 8 04:20:58 2002 From: david_luyer at pacific.net.au (David Luyer) Date: 08 Feb 2002 21:20:58 +1100 Subject: [pptp-server] active user In-Reply-To: <3C639D4D.A1BE3EA0@multitech.co.in> References: <3C639D4D.A1BE3EA0@multitech.co.in> Message-ID: <1013163658.31034.2.camel@typhaon> On Fri, 2002-02-08 at 20:41, Murali K. Vemuri wrote: > for me the problem is like this: > my chap-secrets file looks like this: > > murali * murali * > vemuri * vemuri * > > so, as such i am not specifying the ip address explicitly for any particular > user. > so, in this case, can something be done? It's then a pppd problem not a pptpd problem. You'd be best to modify pppd to somehow display the usernames of logged in users in it's process listing. > regds > murali > > Benny.Geys at ordina-denkart.com wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > My PPTP server gives users the same IP address each time they login > > (configured in /etc/ppp/chap-secrets), so I can check who is > > currently logged in by running the '/sbin/ifconfig' or 'route' > > command. > > > > Benny > > - -----Original Message----- > > From: muralivemuri at multitech.co.in > > [mailto:muralivemuri at multitech.co.in] > > Sent: vrijdag 8 februari 2002 10:03 > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] active user > > > > > > hi there, > > > > i have a pptp server successfully running on my box. > > also, i am able to see the logs. > > the question that bothers me is that.. is there any way in which i > > can find the active users at any given point of time, > > without using the /var/log/pptpd.log ? > > > > - -- > > regards & thanks for your time, > > Murali Krishna Vemuri > > - --All blue, I write with a Blue Pencil on a Blue Sky. > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: PGP 7.0.4 > > Comment: DEAR IRS, Please cancel my subscription. > > > > iQA/AwUBPGOXFAPrgn4F1j+REQKaFACgoGEdM7UhnuCZURJ2hdl+OkhriycAnRfs > > VAMgKLw+J75UStUsLW9UCIcT > > =5BER > > -----END PGP SIGNATURE----- > > > > ------------------------------------------------------------------------ > > Name: WINMAIL.DAT > > WINMAIL.DAT Type: application/ms-tnef > > Encoding: base64 > > -- > regards & thanks for your time, > Murali Krishna Vemuri > --All blue, I write with a Blue Pencil on a Blue Sky. > > -- David Luyer Phone: +61 3 9674 7525 Network Development Manager P A C I F I C Fax: +61 3 9699 8693 Pacific Internet (Australia) I N T E R N E T Mobile: +61 4 1111 BYTE http://www.pacific.net.au/ NASDAQ: PCNTF From pptp-server at szczepanek.de Fri Feb 8 06:27:00 2002 From: pptp-server at szczepanek.de (Torge Szczepanek) Date: Fri, 8 Feb 2002 13:27:00 +0100 Subject: [pptp-server] active user References: <3C639D4D.A1BE3EA0@multitech.co.in> Message-ID: <002601c1b09b$e87c8a60$02ffa8c0@cygnus> Hi! I modified my /etc/ppp/ip-up script, to write Logins and Logouts to /var/log/vpn.login and I create files in /etc/ppp/onlinedb to see, which users are online. Something like this: echo `date` LOGIN $PEERNAME dev $1 IP $5 >> /var/log/vpn.login and touch /etc/ppp/onlinedb/$PEERNAME In /etc/ppp/ip-down rm -f /etc/ppp/onlinedb/$PEERNAME echo `date` LOGOUT $PEERNAME >> /var/log/vpn.login Torge Szczepanek ----- Original Message ----- From: Murali K. Vemuri To: Benny.Geys at ordina-denkart.com Cc: pptp-server at lists.schulte.org Sent: Friday, February 08, 2002 10:41 AM Subject: Re: [pptp-server] active user for me the problem is like this: my chap-secrets file looks like this: murali * murali * vemuri * vemuri * From fitzsimj at yahoo.com Mon Feb 11 19:52:35 2002 From: fitzsimj at yahoo.com (Jeff Fitzsimons) Date: Mon, 11 Feb 2002 18:52:35 -0700 Subject: [pptp-server] name-resolution doesn't work across VPN Message-ID: <056801c1b367$f25ba420$8400a8c0@JFP3800> Hi all, This is the first installment of my multi-part whinefest. :-) I've been banging my head over this for over a week. My VPN client is a Win2k box. Its only network connection talks to a dedicated NIC in the server (ie the VPN is NOT established over the Internet). It connects to the Linux pptpd server fine. At that point the client can ping happily away to raw IP addresses both inside and outside the local network. However, any time I try to ping a machine name (i.e. NOT an IP address) that's not in the lmhosts file, it fails with an "unknown host". At the moment I have my remoteip and localip (pptpd.conf) set to a 192.168.7.x subnet with MASQ and forwarding explicitly set. I've also tried having them set to the same 192.168.0.x subnet that the local network uses, and it didn't change the behavior. The Linux box is also a WINS server and ms-wins is set appropriately in the pptpd.conf file. I don't think WINS comes into play here though. All the clients on the local network (192.168.0.x) are masq'd and working fine. I'm running pptpd (1.0.1-1) and ipchains (1.3.10-7) on a RedHat Linux (kernel 2.4.2-2) box. Incidentally, in case you're wondering WHY I want to resolve DNS names across the VPN, it's because I'm using it to restrict access from an 802.11b wireless hub. So, the only way to get on the network & see the Internet from an 802.11b machine is to have a valid VPN account. I realize it's not normal to want to resolve domain names over a VPN, but I think it's a key to some other problems I'm having... Any help would be _greatly_ appreciated! Jeff _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com From charlieb at e-smith.com Mon Feb 11 19:57:50 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Mon, 11 Feb 2002 20:57:50 -0500 (EST) Subject: [pptp-server] name-resolution doesn't work across VPN In-Reply-To: <056801c1b367$f25ba420$8400a8c0@JFP3800> Message-ID: On Mon, 11 Feb 2002, Jeff Fitzsimons wrote: > This is the first installment of my multi-part whinefest. :-) They're *never* popular. > My VPN client is a Win2k box. Its only network connection talks to a > dedicated NIC in the server (ie the VPN is NOT established over the > Internet). It connects to the Linux pptpd server fine. At that point the > client can ping happily away to raw IP addresses both inside and outside the > local network. However, any time I try to ping a machine name (i.e. NOT an > IP address) that's not in the lmhosts file, it fails with an "unknown host". That sounds very much like a name resolution issue on the Win2k box. Which doesn't have a lot to do with pptod, does it? > The Linux box is also a WINS server and ms-wins is set appropriately in the > pptpd.conf file. I don't think WINS comes into play here though. What about DNS settings? > I'm running pptpd (1.0.1-1) and ipchains (1.3.10-7) on a RedHat Linux > (kernel 2.4.2-2) box. I'd advise you to use the so-called unstable pptpd. -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From markb at deeptech.com.au Tue Feb 12 02:44:37 2002 From: markb at deeptech.com.au (Mark Burring) Date: Tue, 12 Feb 2002 16:44:37 +0800 Subject: [pptp-server] Error 778: Unable to verify the identity of the server Message-ID: A lot of my clients have been getting this error repeatedly: Error 778: Unable to verify the identity of the server Eventually it works. Just by staring at the logs it looks like a GRE problem Options: lock debug proxyarp +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless auth require-chap +chap ms-dns 192.168.100.20 ms-wins 192.168.100.20 Config: debug option /etc/ppp/options.pptp localip 192.168.100.181-190 remoteip 192.168.100.191-200 logs: Feb 12 16:31:03 gateway pppd[29779]: MSCHAP-v2 peer authentication succeeded for xxxxxx Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x4c6f Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway pptpd[29760]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway pppd[29779]: LCP terminated by peer (C^Yg^T^@ Message-ID: <3C68D715.59EA41F@multitech.co.in> why don't you try with one ip address rather than a range at the local ip. just give a try. cheers murali Mark Burring wrote: > A lot of my clients have been getting this error repeatedly: Error 778: > Unable to verify the identity of the server > > Eventually it works. Just by staring at the logs it looks like a GRE > problem > > Options: > lock > debug > proxyarp > +chap > +chapms > +chapms-v2 > mppe-40 > mppe-128 > mppe-stateless > auth > require-chap > +chap > ms-dns 192.168.100.20 > ms-wins 192.168.100.20 > > Config: > debug > option /etc/ppp/options.pptp > localip 192.168.100.181-190 > remoteip 192.168.100.191-200 > > logs: > Feb 12 16:31:03 gateway pppd[29779]: MSCHAP-v2 peer authentication > succeeded for xxxxxx > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x4c6f > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported > protocol 0x47 > Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:06 gateway pptpd[29760]: CTRL: Ignored a SET LINK INFO > packet with real ACCMs! > Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> > xxx.xxx.xxx.xxx CID=0 no masq table, discarding > Feb 12 16:31:06 gateway pppd[29779]: LCP terminated by peer > (C^Yg^T^@ Feb 12 16:31:06 gateway pptpd[29760]: CTRL: Error with select(), > quitting > Feb 12 16:31:06 gateway pptpd[29760]: CTRL: Client xxx.xxx.xxx.xxx > control connection finished > Feb 12 16:31:06 gateway pppd[29779]: Modem hangup > Feb 12 16:31:06 gateway pppd[29779]: Connection terminated. > Feb 12 16:31:06 gateway pppd[29779]: Connect time 0.2 minutes. > Feb 12 16:31:06 gateway pppd[29779]: Sent 2454 bytes, received 930 > bytes. > Feb 12 16:31:06 gateway pppd[29779]: Exit. > > Regards > Mark Burring > Systems Engineer (Internet) > Deeptech - Intelligent Networking > Deepcare - Caring For Your IT Investment > Email:markb at deeptech.com.au > Web: www.deeptech.com.au ;www.deepcareonline.com > Phone: 1300 361 954 Fax: +61 8 9201 2312 > Postal: PO BOX 1324, West Perth WA 6872 > After hours Support: 1300 361 954 > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- regards & thanks for your time, Murali Krishna Vemuri --All blue, I write with a Blue Pencil on a Blue Sky. -------------- next part -------------- An HTML attachment was scrubbed... URL: From markb at deeptech.com.au Tue Feb 12 02:56:22 2002 From: markb at deeptech.com.au (Mark Burring) Date: Tue, 12 Feb 2002 16:56:22 +0800 Subject: [pptp-server] Error 778: Unable to verify the identity of the server Message-ID: Well there are several users that wish to use it at the same time. The reason I used a range of the local IP's is because its in the Redhat PopTop howto. Previous experience with PPPD does tell me that doing this way is bad but giving out local ip's smooth's things over with the M$ PDC's -----Original Message----- From: Murali K. Vemuri [mailto:muralivemuri at multitech.co.in] Sent: Tuesday, February 12, 2002 4:49 PM To: Mark Burring Cc: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Error 778: Unable to verify the identity of the server why don't you try with one ip address rather than a range at the local ip. just give a try. cheers murali Mark Burring wrote: A lot of my clients have been getting this error repeatedly: Error 778: Unable to verify the identity of the server Eventually it works. Just by staring at the logs it looks like a GRE problem Options: lock debug proxyarp +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless auth require-chap +chap ms-dns 192.168.100.20 ms-wins 192.168.100.20 Config: debug option /etc/ppp/options.pptp localip? 192.168.100.181-190 remoteip 192.168.100.191-200 logs: Feb 12 16:31:03 gateway pppd[29779]: MSCHAP-v2 peer authentication succeeded for xxxxxx Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x4c6f Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:03 gateway pppd[29779]: Protocol-Reject for unsupported protocol 0x47 Feb 12 16:31:03 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway pptpd[29760]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 12 16:31:06 gateway kernel: ip_demasq_gre(): xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx CID=0 no masq table, discarding Feb 12 16:31:06 gateway pppd[29779]: LCP terminated by peer (C^Yg^T^@ Message-ID: <018901c1b42d$99de3850$8400a8c0@JFP3800> From: "Charlie Brady" > > This is the first installment of my multi-part whinefest. :-) > > They're *never* popular. Good to see the old sense of humor is in proper working order, eh? ;-) > That sounds very much like a name resolution issue on the Win2k box. Which > doesn't have a lot to do with pptod, does it? > I'd advise you to use the so-called unstable pptpd. Excellent suggestion. As it turns out, upgrading to the latest (1.1.2) solved my problem! As an added benefit, it also solved _all_ my other problems! Specifically, I was able to 'browse' (ie use smbclient) from the server-side, but not from the client side. Now it's instantly working in both directions! Yippee! :-) Jeff _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com From alex at costarica.com Tue Feb 12 19:54:09 2002 From: alex at costarica.com (Alex Solorzano) Date: Tue, 12 Feb 2002 17:54:09 -0800 Subject: [pptp-server] Installing PPTPD on Linux RedHat7.2 with Kernel 2.4.7-10 Message-ID: Hi! Could anyone tell me where I can find the instructions to install PPTPD-1.0.1 on a Linux RedHat 7.2 with Kernel 2.4.7-10? Thank you, Alex E-mail: alex at costarica.com www.costarica.com, The Costa Rica of the Web! From lists at earthling.2y.net Tue Feb 12 22:00:39 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Tue, 12 Feb 2002 23:00:39 -0500 (EST) Subject: [pptp-server] Installing PPTPD on Linux RedHat7.2 with Kernel 2.4.7-10 In-Reply-To: Message-ID: Search out the pptpd howto for linux 2.4. BTW, use the development version of pptpd. On Tue, 12 Feb 2002, Alex Solorzano wrote: > Hi! > > Could anyone tell me where I can find the instructions to install > PPTPD-1.0.1 on a Linux RedHat 7.2 with Kernel 2.4.7-10? > > Thank you, > > Alex > E-mail: alex at costarica.com > www.costarica.com, The Costa Rica of the Web! > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From barjunk at attglobal.net Wed Feb 13 10:23:16 2002 From: barjunk at attglobal.net (Michael Barsalou) Date: Wed, 13 Feb 2002 07:23:16 -0900 Subject: [pptp-server] Windows VPN problem Message-ID: <3C6A1464.21621.5528895@localhost> I don't now if you have to have a subscription to see this article but take a look at this. http://www.winnetmag.com/articles/index.cfm?articleid=24101 Basically it says that the MTU may get set wrong on a Windows VPN server if "If you have a VPN server that assigns a client address on the same subnet as the VPN server, a bug in this algorithm can prevent VPN clients from accessing resources on other SP2 systems on the VPN server?s subnet" Mike Michael Barsalou barjunk at attglobal.net From tommy at orndorff.com Wed Feb 13 16:30:39 2002 From: tommy at orndorff.com (Tommy Orndorff) Date: Wed, 13 Feb 2002 17:30:39 -0500 Subject: [pptp-server] Help with config and ipchain rulesets... Message-ID: <200202132230.g1DMUee01451@contra.ttpharma.com> I am having some issues with my poptop/pppd connections, and I was hoping someone could give me a hand checking ipchains rules, etc. I'm running PoPToP v1.1.2 and pppd version 2.4.0 on kernel version 2.4.16. Connections to the VPN work fine 100% of the time with encryption enabled. Here is my ppp options file: lock debug proxyarp +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless auth require-chap +chap ms-wins 192.168.1.1 My pptpd.conf file contains these lines: option /etc/ppp/options debug localip 192.168.1.102-120 remoteip 192.168.1.102-120 listen 192.168.1.101 My ip chains rules contain the following rules (and ipchains only uses these rules): echo 1 > /proc/sys/net/ipv4/ip_forward ipchains -P forward DENY ipchains -A forward -i eth0 -j MASQ ipchains -N ppp-out ipchains -A output -i eth0 -j ppp-out ipchains -A ppp-out -p 47 -j ACCEPT ipchains -N ppp-in ipchains -A input -i eth0 -j ppp-in ipchains -A ppp-in -p TCP -y -d 0.0.0.0/0 pptp -j ACCEPT -l ipchains -A ppp-in -p TCP -d 0.0.0.0/0 pptp -j ACCEPT ipchains -A ppp-in -p 47 -j ACCEPT ipchains -A ppp-in -p TCP -y -j DENY ipchains -A ppp-in -p UDP -j DENY ipchains -A forward -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT My gateway IP for the LAN that the VPN resides on is 192.168.1.254. I have users set with IP's given out of the range. After connecting, no packets are received back to the client (ie. when browsing any www page there is no response). Anyone see anything wrong or have any suggestions? Hopefully I've included enough information. Tommy Orndorff From cbutler at ceramatec.com Wed Feb 13 16:53:45 2002 From: cbutler at ceramatec.com (Butler, Chad) Date: Wed, 13 Feb 2002 15:53:45 -0700 Subject: [pptp-server] Debian Message-ID: I'm trying to get PoPToP running on Debian 2.2.17. I can get Windows 2000 to connect unencrypted, but I can't get the encryption working. I've followed the instructions for the mppe patch for 2.2 kernels, but Debian seems to be a little different. Has anyone had success setting this up with Debian? If so, could you point me to the sources I need, or give me some pointers? Thanks, Chad Butler From vorlon at netexpress.net Wed Feb 13 17:05:03 2002 From: vorlon at netexpress.net (Steve Langasek) Date: Wed, 13 Feb 2002 17:05:03 -0600 Subject: [pptp-server] Debian In-Reply-To: References: Message-ID: <20020213230503.GA15386@netexpress.net> Hello Chad, On Wed, Feb 13, 2002 at 03:53:45PM -0700, Butler, Chad wrote: > I'm trying to get PoPToP running on Debian 2.2.17. I can get Windows 2000 > to connect unencrypted, but I can't get the encryption working. I've > followed the instructions for the mppe patch for 2.2 kernels, but Debian > seems to be a little different. Has anyone had success setting this up with > Debian? If so, could you point me to the sources I need, or give me some > pointers? I haven't had any problems getting the MPPE kernel support to work under Debian. In fact, Debian ships a 'kernel-patch-mppe' package that has worked quite well for me. We're currently using this with a 2.4.16 kernel, but the package description suggests that it's been tested successfully with Linux 2.2.19 as well. Regards, Steve Langasek postmodern programmer From torndorff at ttpharma.com Wed Feb 13 17:48:29 2002 From: torndorff at ttpharma.com (Tommy Orndorff) Date: Wed, 13 Feb 2002 18:48:29 -0500 Subject: [pptp-server] More info. on topology, etc. Message-ID: <200202132348.g1DNmU801613@contra.ttpharma.com> The VPN connection is connected within the LAN. The firewall has the pptp port forwarded to the IP of the VPN (192.168.1.101). The firewall does support GRE and I did have the VPN connection working for approx. 5 minutes, at which point I became very excited and decided to edit something. After that I could not get it to work again ;( All the sample ipchains/iptables rules that I have seen are for pptpd's running on a linux-based firewall. That is not an option where I am located, therefore this is the next best thing (and was an executive decision). Hope this helps out some. Thanks again. -Tommy From stef at lorinet.org Wed Feb 13 23:38:56 2002 From: stef at lorinet.org (=?iso-8859-1?Q?St=E9phane_BRIZARD?=) Date: Thu, 14 Feb 2002 06:38:56 +0100 Subject: [pptp-server] (no subject) Message-ID: <000e01c1b519$e5769bd0$1201a8c0@bipro> From Jeremy at wapnetmedia.com Thu Feb 14 00:06:09 2002 From: Jeremy at wapnetmedia.com (Jeremy Nelson) Date: Thu, 14 Feb 2002 17:06:09 +1100 Subject: [pptp-server] Debian Message-ID: <156F204986B420419762497B3B6739A2013418@luci.wapnetmedia.com> Hi Chad I am not running Debian or even 2.2 kernel and I am far from an expert on pptpd or linux but I had problems connecting with encryption on w2k. I installed the High Encryption pack for w2k and then was able to connect. The error I was receiving before the pack was installed is as follows; Feb 14 16:53:18 lina pptpd[1481]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 14 16:53:24 lina pppd[1482]: LCP terminated by peer (d^P^CM-)^@ Hi, i'm trying to connect linux box to pptpd on another linux box with 128-bit encryption enabled. What's happening is when i run pptp on client node it terminates with error: ERROR! Connection timed out. on server side log file consists the following: Feb 14 15:39:39 gimli pptpd[15199]: MGR: Launching /usr/local/sbin/pptpctrl to handle client Feb 14 15:39:39 gimli pptpd[15199]: CTRL: Client xxx.xxx.xxx.xxx control connection started Feb 14 15:39:39 gimli pptpd[15199]: CTRL: Received PPTP Control Message (type: 1) Feb 14 15:39:39 gimli pptpd[15199]: CTRL: Made a START CTRL CONN RPLY packet Feb 14 15:39:39 gimli pptpd[15199]: CTRL: I wrote 156 bytes to the client. Feb 14 15:39:39 gimli pptpd[15199]: CTRL: Sent packet to client Feb 14 15:39:40 gimli pptpd[15199]: CTRL: Received PPTP Control Message (type: 7) Feb 14 15:39:40 gimli pptpd[15199]: CTRL: 0 min_bps, 152 max_bps, 32 window size Feb 14 15:39:40 gimli pptpd[15199]: CTRL: Made a OUT CALL RPLY packet Feb 14 15:39:40 gimli pptpd[15199]: CTRL: Starting call (launching pppd, opening GRE) Feb 14 15:39:40 gimli pptpd[15199]: CTRL: pty_fd = 4 Feb 14 15:39:40 gimli pptpd[15199]: CTRL: tty_fd = 5 Feb 14 15:39:40 gimli pptpd[15200]: CTRL (PPPD Launcher): Connection speed = 115200 Feb 14 15:39:40 gimli pppd[15200]: pppd 2.4.0 started by root, uid 0 Feb 14 15:39:40 gimli pptpd[15199]: CTRL: I wrote 32 bytes to the client. Feb 14 15:39:40 gimli pptpd[15199]: CTRL: Sent packet to client Feb 14 15:39:40 gimli pppd[15200]: using channel 54 Feb 14 15:39:40 gimli pppd[15200]: Using interface ppp0 Feb 14 15:39:40 gimli pppd[15200]: Connect: ppp0 <--> /dev/pts/0 Feb 14 15:39:40 gimli pppd[15200]: sent [LCP ConfReq id=0x1 ] Feb 14 15:39:40 gimli pptpd[15199]: GRE: Bad checksum from pppd Feb 14 15:39:42 gimli pppd[15200]: rcvd [LCP ConfReq id=0x1 ] Feb 14 15:39:42 gimli pppd[15200]: sent [LCP ConfAck id=0x1 ] Feb 14 15:39:43 gimli pppd[15200]: sent [LCP ConfReq id=0x1 ] Feb 14 15:39:43 gimli pppd[15200]: rcvd [LCP ConfAck id=0x1 ] Feb 14 15:39:43 gimli pppd[15200]: sent [CHAP Challenge id=0x1 , name = "domino"] Feb 14 15:39:43 gimli pppd[15200]: rcvd [CHAP Challenge id=0x1 <1745df9f80f695451698a08b97e1eac9>, name = "domino"] Feb 14 15:39:43 gimli pppd[15200]: sent [CHAP Response id=0x1 , name = "domino"] Feb 14 15:39:43 gimli pppd[15200]: rcvd [CHAP Response id=0x1 , name = "domino"] Feb 14 15:39:46 gimli pppd[15200]: sent [CHAP Challenge id=0x2 , name = "domino"] Feb 14 15:39:46 gimli pppd[15200]: sent [CHAP Response id=0x1 , name = "domino"] Feb 14 15:39:46 gimli pppd[15200]: rcvd [CHAP Challenge id=0x2 , name = "domino"] and so on on client node in pptp.log is the following: Feb 14 17:05:21 balrog pptp[20096]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection established. Feb 14 17:05:22 balrog pptp[20096]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call established (call ID 0, peer's call ID 0). Feb 14 17:05:22 balrog pppd[20100]: pppd 2.4.0 started by root, uid 0 Feb 14 17:05:22 balrog pppd[20100]: Using interface ppp1 Feb 14 17:05:22 balrog pppd[20100]: Connect: ppp1 <--> /dev/pts/2 Feb 14 17:05:52 balrog pptpd[15513]: CTRL: Received PPTP Control Message (type: 5) Feb 14 17:05:52 balrog pptpd[15513]: CTRL: Made a ECHO RPLY packet Feb 14 17:05:52 balrog pptpd[15513]: CTRL: I wrote 20 bytes to the client. Feb 14 17:05:52 balrog pptpd[15513]: CTRL: Sent packet to client both ends have chap-secrets file something like: guest * guestpwd * domino * domino * No errors except timeout were produced. Does anybody experienced something similar? Best regards, igor. From nairnr at nairnconsult.hn.org Thu Feb 14 11:15:28 2002 From: nairnr at nairnconsult.hn.org (Richard Nairn) Date: Thu, 14 Feb 2002 10:15:28 -0700 Subject: [pptp-server] PPTP and RedHat 7.2 Message-ID: <20020214101528.D1253@Orion.home.org> Hi, I have a few machines with RH 7.2 installed on them. Whenever I try and connect to them with pptp, I get a Gre: protocol not available error. Feb 14 10:12:20 gateway pptpd[3806]: CTRL: Starting call (launching pppd, opening GRE) Feb 14 10:12:20 gateway pppd[3807]: pppd 2.4.1 started by root, uid 0 Feb 14 10:12:20 gateway pppd[3807]: Using interface ppp0 Feb 14 10:12:20 gateway pppd[3807]: Connect: ppp0 <--> /dev/pts/1 Feb 14 10:12:20 gateway pptpd[3806]: GRE: read(fd=5,buffer=bfffd6f0,len=8260) from network failed: status = -1 error = Protocol not available Feb 14 10:12:20 gateway pptpd[3806]: CTRL: GRE read or PTY write failed (gre,pty)=(5,4) Feb 14 10:12:20 gateway pptpd[3806]: CTRL: Client 209.91.117.27 control connection finished Feb 14 10:12:20 gateway pppd[3807]: Modem hangup Feb 14 10:12:20 gateway pppd[3807]: Connection terminated. Feb 14 10:12:20 gateway pppd[3807]: Exit. The machine is the firewall, and is not blocking any of the ports or protocols. I am running kernel-2.4.9-13mppe, and ppp-2.4.1-2mppe. Any help would be appreciated, as this is getting urgent. -- | Richard Nairn Specializing in Linux | Nairn Consulting Web / Database Solutions | Calgary, AB | nairnr at nairnconsult.hn.org From nairnr at nairnconsult.hn.org Fri Feb 15 10:33:33 2002 From: nairnr at nairnconsult.hn.org (Richard Nairn) Date: Fri, 15 Feb 2002 09:33:33 -0700 Subject: [pptp-server] PPTP and RedHat 7.2 In-Reply-To: <1013769403.9660.23.camel@richard>; from r.devroede@linvision.com on Fri, Feb 15, 2002 at 11:36:43AM +0100 References: <20020214101528.D1253@Orion.home.org> <1013769403.9660.23.camel@richard> Message-ID: <20020215093333.A6476@Orion.home.org> I have the following installed, and still no dice. pptpd-1.1.2-1 kernel-2.4.9-13mppe ppp-2.4.1-3mppe Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 control connection started Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Starting call (launching pppd, opening GRE) Feb 15 09:28:09 gateway pppd[5359]: pppd 2.4.1 started by root, uid 0 Feb 15 09:28:09 gateway pppd[5359]: Using interface ppp0 Feb 15 09:28:09 gateway pppd[5359]: Connect: ppp0 <--> /dev/pts/1 Feb 15 09:28:09 gateway pptpd[5358]: GRE: read error: Protocol not available Feb 15 09:28:09 gateway pptpd[5358]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 control connection finished Feb 15 09:28:09 gateway pppd[5359]: Modem hangup Feb 15 09:28:09 gateway pppd[5359]: Connection terminated. Feb 15 09:28:09 gateway pppd[5359]: Exit. On Fri, Feb 15, 2002 at 11:36:43AM +0100, R. de Vroede wrote: > You need to get ppp-2.4.1-3mppe from http://mirror.binarix.com/ppp-mppe/ > I was doing to many things at the same time again when writing the > specfile for -2mppe. ver 3 fixes some errors. As soon as Mike Barsalou > places the pptpd-1.1.2 RPM I build on the PoPToP-site I suggest you get > that too. > In the mean time you can get it at > http://fenix.getmyip.com/~fenix/pptpd-1.1.2-1.i386.rpm > > Just to be sure: > iptables -A INPUT -i [ext-if] -p tcp -m tcp --dport 1723 -j ACCEPT > iptables -A INPUT -i [ext-if] -p 47 -j ACCEPT > > To give VPN users proper access to the network, you could make > ip-up.local and ip-down.local scripts: > ip-up.local: > #!/bin/sh > echo "$(date): ip-up 1:$1 2:$2 3:$3 4:$4 5:$5 6:$6" >> > /var/log/messages > iptables -I FORWARD -i $1 -j ACCEPT > iptables -I FORWARD -i $1 -d ! [int-network] -j DROP > > ip-down.local: > #!/bin/sh > echo "$(date): ip-down 1:$1 2:$2 3:$3 4:$4 5:$5 6:$6" >> > /var/log/messages > iptables -D FORWARD -i $1 -j ACCEPT > iptables -D FORWARD -i $1 -d ! [int-network] -j DROP > > This should be enough to get pptp up and running. > > Regards, > Richard de Vroede > > > > Hi, > > > > I have a few machines with RH 7.2 installed on them. Whenever I try and > > connect to them with pptp, I get a Gre: protocol not available error. > > > > Feb 14 10:12:20 gateway pptpd[3806]: CTRL: Starting call (launching pppd, > > opening GRE) > > Feb 14 10:12:20 gateway pppd[3807]: pppd 2.4.1 started by root, uid 0 > > Feb 14 10:12:20 gateway pppd[3807]: Using interface ppp0 > > Feb 14 10:12:20 gateway pppd[3807]: Connect: ppp0 <--> /dev/pts/1 > > Feb 14 10:12:20 gateway pptpd[3806]: GRE: > > read(fd=5,buffer=bfffd6f0,len=8260) from network failed: status = -1 error > > = Protocol not available > > Feb 14 10:12:20 gateway pptpd[3806]: CTRL: GRE read or PTY write failed > > (gre,pty)=(5,4) > > Feb 14 10:12:20 gateway pptpd[3806]: CTRL: Client 209.91.117.27 control > > connection finished > > Feb 14 10:12:20 gateway pppd[3807]: Modem hangup > > Feb 14 10:12:20 gateway pppd[3807]: Connection terminated. > > Feb 14 10:12:20 gateway pppd[3807]: Exit. > > > > > > The machine is the firewall, and is not blocking any of the ports or > > protocols. I am running kernel-2.4.9-13mppe, and ppp-2.4.1-2mppe. Any help > > would be appreciated, as this is getting urgent. > > > > -- > > | Richard Nairn Specializing in Linux > > | Nairn Consulting Web / Database Solutions > > | Calgary, AB > > | nairnr at nairnconsult.hn.org > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > -- > Richard de Vroede > (r.devroede at linvision.com) > ------------------------------------------------ > Linvision BV Provides Linux Solutions > Elektronicaweg 16D > 2628 XG Delft > T: +31157502310 info at linvision.com > F: +31157502319 http://devel.linvision.com > ------------------------------------------------ ---end quoted text--- -- | Richard Nairn Specializing in Linux | Nairn Consulting Web / Database Solutions | Calgary, AB | nairnr at nairnconsult.hn.org From maurice at pcamobile.com Sat Feb 16 05:39:40 2002 From: maurice at pcamobile.com (Maurice Tijs) Date: Sat, 16 Feb 2002 12:39:40 +0100 Subject: [pptp-server] 'sent [LCP ConfReq id=0x1...' followed by 'Modem hangup.' Message-ID: Hello there, I'm (as almost everyone here) in the proces of setting up a vpn. My setup is very simple actualy, I have a masquerading firewall that runs pptpd. So there's no need for masquerading pptpd packets, as they are destened for the firewall itself... (...I think, or am I wrong here?) This firewall runs RedHat 7.1, the dev. version of PoPToP, and 2.4.0 of pppd. Oh yeah, the client is a Win98 laptop. I followed the poptop tutorial, and I stopped at the line "your vpn should now be working without encryption" to test this. That didn't work. So I started fiddling with the configurations, in short: no luck. At the client side I get the error 645. The FAQ said to update DUN, so I tried. I downloaded many files from M$'s site, and they all refused to install because they think my client's system isn't the right version... Are the updates already installed or is the installer confused? I also tried windowsupdate.microsoft.com, but that also didn't work (complained about missing files or something, but I didn't feel like investigating this problem first...) When I take a look at my pptp.log I see: Feb 16 11:11:30 localhost pppd[3313]: pppd 2.4.0 started by root, uid 0 Feb 16 11:11:30 localhost pppd[3313]: using channel 51 Feb 16 11:11:30 localhost pppd[3313]: Using interface ppp1 Feb 16 11:11:30 localhost pppd[3313]: Connect: ppp1 <--> /dev/pts/1 Feb 16 11:11:30 localhost pppd[3313]: sent [LCP ConfReq id=0x1 ] Feb 16 11:11:30 localhost pppd[3313]: Modem hangup Feb 16 11:11:30 localhost pppd[3313]: Connection terminated. Feb 16 11:11:30 localhost pppd[3313]: Exit. I think it's the fifth line that shouldn't be there (or shouldn't be followed directly by a modem hang-up. What am I doing wrong here? Is there something trivial I'm not looking at? What options should I select on the client-side (for example IP-headercompression, should this be on?) I know it's not the firewall that causes my problems, I've set it up to let through (input and output) all the packages for testing purpose. I would be very glad with a response. If you need any further info to debug this problem, I'll be grateful (ofcourse) to supply this. Thanks in advance, Greetz -- Jurrie jurr at tref.nl -------------- next part -------------- An HTML attachment was scrubbed... URL: From magnus at vonkoeller.de Sun Feb 17 10:01:29 2002 From: magnus at vonkoeller.de (Magnus von Koeller) Date: Sun, 17 Feb 2002 17:01:29 +0100 Subject: [pptp-server] Success with Kernel 2.4.17 Message-ID: <200202171657.49200@vonkoeller.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I can confirm the reports on this list that Kernels > 2.4.10 on a Linux PPTP server (specifically, I tried the vanilla Linux Kernel 2.4.17 with the MPPE patch for the 2.4.16 kernel applied) do work also with linux pptp clients if the client loads the module "ip_gre" or compiles that code into the kernel. As my problems have been resolved, I'm off this list - thanks for the help. - -- - -M - --- Magnus von Koeller --- email: magnus at vonkoeller.de address: Georg-Westermann-Allee 76 38104 Braunschweig Germany phone: +49-531-2094886 mobile: +49-179-4562940 web: http://www.vonkoeller.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8b9PbUIvM6e6BgFARAqTQAJsF82CbjdgBJrsjsMVIsWUqjS6f2gCgqEg2 JkYPwNSbCciAmy61wRecSwY= =L1Wz -----END PGP SIGNATURE----- From magnus at vonkoeller.de Sun Feb 17 10:07:01 2002 From: magnus at vonkoeller.de (Magnus von Koeller) Date: Sun, 17 Feb 2002 17:07:01 +0100 Subject: [pptp-server] Success with Kernel 2.4.17 In-Reply-To: <200202171657.49200@vonkoeller.de> References: <200202171657.49200@vonkoeller.de> Message-ID: <200202171706.22457@vonkoeller.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 17 February 2002 17:01, you wrote: > I can confirm the reports on this list that Kernels > 2.4.10 on a > Linux PPTP server (specifically, I tried the vanilla Linux Kernel > 2.4.17 with the MPPE patch for the 2.4.16 kernel applied) do work > also with linux pptp clients if the client loads the module > "ip_gre" or compiles that code into the kernel. BTW, maybe someone should put this into some publicly available FAQ! - -- - -M - --- Magnus von Koeller --- email: magnus at vonkoeller.de address: Georg-Westermann-Allee 76 38104 Braunschweig Germany phone: +49-531-2094886 mobile: +49-179-4562940 web: http://www.vonkoeller.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8b9UnUIvM6e6BgFARAjUsAKCG/Nd5Al+a6SztEnHknRBoyc1jSACglYZL WNHHimIpxPTSiFxSwvPQvJM= =KO11 -----END PGP SIGNATURE----- From r.devroede at linvision.com Mon Feb 18 04:04:52 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 18 Feb 2002 11:04:52 +0100 Subject: [pptp-server] PPTP and RedHat 7.2 In-Reply-To: <20020215093333.A6476@Orion.home.org> References: <20020214101528.D1253@Orion.home.org> <1013769403.9660.23.camel@richard> <20020215093333.A6476@Orion.home.org> Message-ID: <1014026692.1357.2.camel@richard> Ok. Type "locate gre.o".. What does it say? Type "cat /etc/modules.conf".. What does it say? Regards, Richard de Vroede > I have the following installed, and still no dice. > > pptpd-1.1.2-1 > kernel-2.4.9-13mppe > ppp-2.4.1-3mppe > > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 control > connection started > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Starting call (launching pppd, > opening GRE) > Feb 15 09:28:09 gateway pppd[5359]: pppd 2.4.1 started by root, uid 0 > Feb 15 09:28:09 gateway pppd[5359]: Using interface ppp0 > Feb 15 09:28:09 gateway pppd[5359]: Connect: ppp0 <--> /dev/pts/1 > Feb 15 09:28:09 gateway pptpd[5358]: GRE: read error: Protocol not > available -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From charlieb at e-smith.com Mon Feb 18 11:28:30 2002 From: charlieb at e-smith.com (Charlie Brady) Date: Mon, 18 Feb 2002 12:28:30 -0500 (EST) Subject: [pptp-server] Success with Kernel 2.4.17 In-Reply-To: <200202171657.49200@vonkoeller.de> Message-ID: On Sun, 17 Feb 2002, Magnus von Koeller wrote: > I can confirm the reports on this list that Kernels > 2.4.10 on a > Linux PPTP server (specifically, I tried the vanilla Linux Kernel > 2.4.17 with the MPPE patch for the 2.4.16 kernel applied) do work > also with linux pptp clients if the client loads the module "ip_gre" > or compiles that code into the kernel. I have a hunch that adding: alias net-pf-47 ip_gre to /etc/modules.conf will cause the ip_gre module to be loaded on demand by kerneld. -- Charlie Brady charlieb at e-smith.com Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 From fredrik.ohrstrom at seamless.se Mon Feb 18 16:31:28 2002 From: fredrik.ohrstrom at seamless.se (Fredrik =?ISO-8859-1?Q?=D6hrstr=F6m?=) Date: Mon, 18 Feb 2002 23:31:28 +0100 Subject: [pptp-server] Please help. Cannot get PPTP working with Windows2000. Message-ID: <3C7180C0.8090004@seamless.se> I fail to configure PPTP on a linux server for use with a Windows2000 client. They reside on the same physical lan. 192.168.1.11 is the server 192.168.1.193 the client. RedHat 7.2 vs W2K. Apparently the logging in works ok. I can telnet to port 1723 from the windows box, I do not know how to check the GRE packets, but they ought to arrive since the authentication worked? What have I missed? Thanks! Fredrik Feb 18 18:16:36 develop2 pptpd[373]: CTRL: Client 192.168.1.194 control connection started Feb 18 18:16:36 develop2 pptpd[373]: CTRL: Starting call (launching pppd, opening GRE) Feb 18 18:16:36 develop2 pppd[374]: pppd 2.4.1 started by admin, uid 0 Feb 18 18:16:36 develop2 pppd[374]: Using interface ppp0 Feb 18 18:16:36 develop2 pppd[374]: Connect: ppp0 <--> /dev/pts/1 Feb 18 18:16:37 develop2 pptpd[373]: GRE: Discarding duplicate packet Feb 18 18:16:38 develop2 pptpd[373]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 18 18:16:38 develop2 pppd[374]: CHAP peer authentication succeeded for billy Feb 18 18:17:09 develop2 pppd[374]: IPCP: timeout sending Config-Requests Feb 18 18:17:09 develop2 pppd[374]: Connection terminated. Feb 18 18:17:09 develop2 pppd[374]: Connect time 0.6 minutes. Feb 18 18:17:09 develop2 pppd[374]: Sent 310 bytes, received 0 bytes. Feb 18 18:17:09 develop2 pptpd[373]: CTRL: Error with select(), quitting Feb 18 18:17:09 develop2 pptpd[373]: CTRL: Client 192.168.1.194 control connection finished Feb 18 18:17:09 develop2 pppd[374]: Exit. From truin at enterprise.truin.com Mon Feb 18 16:42:35 2002 From: truin at enterprise.truin.com (truin at enterprise.truin.com) Date: Mon, 18 Feb 2002 15:42:35 -0700 (MST) Subject: [pptp-server] Please help. Cannot get PPTP working with Windows2000. In-Reply-To: <3C7180C0.8090004@seamless.se> Message-ID: Check your setup on the W2k client side - turn of LCP Extensions, make sure it's set for PPTP server, etc. There's a setup how-to linked from the PoPToP site on the FAQ/HOWTO page. -=Truin=- On Mon, 18 Feb 2002, Fredrik ?hrstr?m wrote: > I fail to configure PPTP on a linux server for use with a > Windows2000 client. They reside on the same physical lan. > 192.168.1.11 is the server 192.168.1.193 the client. > RedHat 7.2 vs W2K. Apparently the logging in works ok. > I can telnet to port 1723 from the windows box, I do not know > how to check the GRE packets, but they ought to arrive since > the authentication worked? > > What have I missed? > Thanks! > > Fredrik > > > Feb 18 18:16:36 develop2 pptpd[373]: CTRL: Client 192.168.1.194 control > connection started > Feb 18 18:16:36 develop2 pptpd[373]: CTRL: Starting call (launching > pppd, opening GRE) > Feb 18 18:16:36 develop2 pppd[374]: pppd 2.4.1 started by admin, uid 0 > Feb 18 18:16:36 develop2 pppd[374]: Using interface ppp0 > Feb 18 18:16:36 develop2 pppd[374]: Connect: ppp0 <--> /dev/pts/1 > Feb 18 18:16:37 develop2 pptpd[373]: GRE: Discarding duplicate packet > Feb 18 18:16:38 develop2 pptpd[373]: CTRL: Ignored a SET LINK INFO > packet with real ACCMs! > Feb 18 18:16:38 develop2 pppd[374]: CHAP peer authentication succeeded > for billy > Feb 18 18:17:09 develop2 pppd[374]: IPCP: timeout sending Config-Requests > Feb 18 18:17:09 develop2 pppd[374]: Connection terminated. > Feb 18 18:17:09 develop2 pppd[374]: Connect time 0.6 minutes. > Feb 18 18:17:09 develop2 pppd[374]: Sent 310 bytes, received 0 bytes. > Feb 18 18:17:09 develop2 pptpd[373]: CTRL: Error with select(), quitting > Feb 18 18:17:09 develop2 pptpd[373]: CTRL: Client 192.168.1.194 control > connection finished > Feb 18 18:17:09 develop2 pppd[374]: Exit. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From xaz at sion.com Mon Feb 18 17:13:00 2002 From: xaz at sion.com (Xaz) Date: Mon, 18 Feb 2002 20:13:00 -0300 Subject: [pptp-server] Help!!! Message-ID: <008701c1b8d1$cf3a3aa0$0100a8c0@ARPANET.NET> Hi, i need help, somebody can tell me what signify this. Thank. linux pptp[1447]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection established. linux pptp[1447]: log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call established (call ID 0, peer's call ID 0). linux pppd[1449]: pppd 2.4.0 started by root, uid 0 linux pppd[1449]: using channel 4 linux pppd[1449]: Using interface ppp0 linux pppd[1449]: Connect: ppp0 <--> /dev/pts/3 linux pppd[1449]: sent [LCP ConfReq id=0x1 ] linux pppd[1449]: sent [LCP ConfReq id=0x1 ] linux pppd[1449]: rcvd [LCP ConfReq id=0xd7 ] linux pppd[1449]: sent [LCP ConfRej id=0xd7 ] linux pppd[1449]: rcvd [LCP ConfRej id=0x1 ] linux pppd[1449]: sent [LCP ConfReq id=0x2 ] linux pppd[1449]: rcvd [LCP ConfReq id=0xd8 ] linux pppd[1449]: sent [LCP ConfRej id=0xd8 ] linux pppd[1449]: rcvd [LCP ConfAck id=0x2 ] linux pppd[1449]: rcvd [LCP ConfReq id=0xd9 ] linux pppd[1449]: sent [LCP ConfAck id=0xd9 ] linux pppd[1449]: sent [IPCP ConfReq id=0x1 ] linux pppd[1449]: sent [CCP ConfReq id=0x1 ] linux pppd[1449]: rcvd [IPCP TermAck id=0x1] linux pppd[1449]: rcvd [LCP TermReq id=0xda] linux pppd[1449]: LCP terminated by peer linux pppd[1449]: sent [LCP TermAck id=0xda] linux pppd[1449]: Connection terminated. linux pppd[1449]: Exit. linux pptp[1447]: log[callmgr_main:pptp_callmgr.c:240]: Closing connection linux pptp[1447]: log[pptp_conn_close:pptp_ctrl.c:285]: Closing PPTP connection linux pptp[1447]: log[call_callback:pptp_callmgr.c:88]: Closing connection From neale at lowendale.com.au Mon Feb 18 19:27:40 2002 From: neale at lowendale.com.au (Neale Banks) Date: Tue, 19 Feb 2002 12:27:40 +1100 (EST) Subject: [pptp-server] Help!!! In-Reply-To: <008701c1b8d1$cf3a3aa0$0100a8c0@ARPANET.NET> Message-ID: On Mon, 18 Feb 2002, Xaz wrote: > Hi, i need help, somebody can tell me what signify this. Thank. OK, I'l have a go... [...] > linux pppd[1449]: rcvd [LCP ConfReq id=0xd7 > ] We *receive* a request to authenticate with PAP > linux pppd[1449]: sent [LCP ConfRej id=0xd7 ] We *send* a rejection for the request to authenticate with PAP. [...] > linux pppd[1449]: rcvd [LCP ConfReq id=0xd8 > ] We *receive* a request to authenticate with CHAP > linux pppd[1449]: sent [LCP ConfRej id=0xd8 ] We *send* a rejection for the request to authenticate with CHAP. [...] > linux pppd[1449]: sent [IPCP ConfReq id=0x1 01>] We send a request to set up IP [...] > linux pppd[1449]: rcvd [IPCP TermAck id=0x1] We receive a message terminating IP > linux pppd[1449]: rcvd [LCP TermReq id=0xda] > linux pppd[1449]: LCP terminated by peer > linux pppd[1449]: sent [LCP TermAck id=0xda] > linux pppd[1449]: Connection terminated. [...] "Connection terminated" is a nice summary here. I'd start by looking harder at which side is supposed to be authenticating the other. HTH, Neale. From neale at lowendale.com.au Mon Feb 18 19:55:54 2002 From: neale at lowendale.com.au (Neale Banks) Date: Tue, 19 Feb 2002 12:55:54 +1100 (EST) Subject: [pptp-server] Help!!! In-Reply-To: <010601c1b8e3$c1ccdc80$0100a8c0@ARPANET.NET> Message-ID: On Mon, 18 Feb 2002, Xaz wrote: > Hi, thank for the help, i understand what happend but > when connect with Win2k the protocol that use is > PPTP with PAP, why rejection the auth in linux? Most likely due to something in your PPP options. It might help a lot if your posted your configuration to the list, told about what you have or have not patched and what is your distribution and kernel version etc. Neale. From lutz.koop at trivit.de Tue Feb 19 12:37:10 2002 From: lutz.koop at trivit.de (Koop, Lutz) Date: Tue, 19 Feb 2002 19:37:10 +0100 Subject: [pptp-server] Bintec X1200 and Linux-Server Message-ID: Hi, i try to connect a Bintec X1200 ISDN-router via internet with a linux server. HOME (X1200) ----INTERNET---> Linux server I have kernel 2.4.17, pptpd 1.1.2 and pppd 2.4.1. When i try a ping from home to the server i get this in the logfile: Feb 19 19:00:27 fw-02 pptpd[699]: MGR: Launching /usr/local/sbin/pptpctrl to handle client Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: local address = 192.168.3.254 Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: remote address = 192.168.9.2 Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Client 62.158.132.171 control connection started Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Received PPTP Control Message (type: 1) Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Made a START CTRL CONN RPLY packet Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: I wrote 156 bytes to the client. Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Sent packet to client Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Received PPTP Control Message (type: 7) Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: 0 min_bps, 0 max_bps, 32 window size Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Made a OUT CALL RPLY packet Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Starting call (launching pppd, opening GRE) Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: pty_fd = 4 Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: tty_fd = 5 Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: I wrote 32 bytes to the client. Feb 19 19:00:27 fw-02 pptpd[700]: CTRL (PPPD Launcher): Connection speed = 115200 Feb 19 19:00:27 fw-02 pptpd[700]: CTRL (PPPD Launcher): local address = 192.168.3.254 Feb 19 19:00:27 fw-02 pptpd[700]: CTRL (PPPD Launcher): remote address = 192.168.9.2 Feb 19 19:00:27 fw-02 pptpd[699]: CTRL: Sent packet to client Feb 19 19:00:27 fw-02 pppd[700]: pppd 2.4.1 started by root, uid 0 Feb 19 19:00:27 fw-02 pppd[700]: using channel 2 Feb 19 19:00:27 fw-02 pppd[700]: Using interface ppp0 Feb 19 19:00:27 fw-02 pppd[700]: Connect: ppp0 <--> /dev/pts/2 Feb 19 19:00:27 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:27 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x1 ] Feb 19 19:00:27 fw-02 pppd[700]: sent [LCP ConfAck id=0x1 ] Feb 19 19:00:30 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x2 ] Feb 19 19:00:30 fw-02 pppd[700]: sent [LCP ConfAck id=0x2 ] Feb 19 19:00:31 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:34 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x3 ] Feb 19 19:00:34 fw-02 pppd[700]: sent [LCP ConfAck id=0x3 ] Feb 19 19:00:34 fw-02 pppd[700]: sent [LCP ConfAck id=0x3 ] Feb 19 19:00:35 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:37 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x4 ] Feb 19 19:00:37 fw-02 pppd[700]: sent [LCP ConfAck id=0x4 ] Feb 19 19:00:39 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:40 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x5 ] Feb 19 19:00:40 fw-02 pppd[700]: sent [LCP ConfAck id=0x5 ] Feb 19 19:00:43 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x6 ] Feb 19 19:00:43 fw-02 pppd[700]: sent [LCP ConfAck id=0x6 ] Feb 19 19:00:43 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:46 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x7 ] Feb 19 19:00:46 fw-02 pppd[700]: sent [LCP ConfAck id=0x7 ] Feb 19 19:00:47 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:49 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x8 ] Feb 19 19:00:49 fw-02 pppd[700]: sent [LCP ConfAck id=0x8 ] Feb 19 19:00:51 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:52 fw-02 pppd[700]: rcvd [LCP ConfReq id=0x9 ] Feb 19 19:00:52 fw-02 pppd[700]: sent [LCP ConfAck id=0x9 ] Feb 19 19:00:55 fw-02 pppd[700]: sent [LCP ConfReq id=0x1 Feb 19 19:00:56 fw-02 pppd[700]: rcvd [LCP ConfReq id=0xa ] Feb 19 19:00:56 fw-02 pppd[700]: sent [LCP ConfAck id=0xa ] Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Received PPTP Control Message (type: 12) Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Made a CALL DISCONNECT RPLY packet Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Received CALL CLR request (closing call) Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: I wrote 148 bytes to the client. Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Sent packet to client Feb 19 19:00:58 fw-02 pppd[700]: Modem hangup Feb 19 19:00:58 fw-02 pppd[700]: Connection terminated. Feb 19 19:00:58 fw-02 pppd[700]: Exit. Feb 19 19:00:58 fw-02 pptpd[699]: GRE: read error: Bad file descriptor Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Client 62.158.132.171 control connection finished Feb 19 19:00:58 fw-02 pptpd[699]: CTRL: Exiting now Feb 19 19:00:58 fw-02 pptpd[614]: MGR: Reaped child 699 i don't get a ping-answer. any ideas ? Lutz From tommy at orndorff.com Tue Feb 19 14:06:25 2002 From: tommy at orndorff.com (Tommy Orndorff) Date: Tue, 19 Feb 2002 15:06:25 -0500 Subject: [pptp-server] Please help. Cannot get PPTP working with Windows2000. Message-ID: <200202192006.g1JK6Qm04342@mercury.lan> I found this out the hard way; when connecting 2 nodes on the same physical LAN (your Win2k client and your RedHat server), you must manually modify the routing table that is built-in on the Windows 2000 client. You can use the following commands to view different options, etc. from a command-line prompt on the Windows computer (after connected to the VPN server): route /? [displays help] route print [prints routing table] route add [adds routes; check syntax from print /?] route delete route change Try doing the following, substituting for the LOCAL IP given to the Windows client after connected (the ppp adapter's IP address, not the local IP of the server... this is also the default gateway listed at the bottom of print route) and with the ip of a test machine to connect to on your LAN (possibly the vpn server itself): route add mask 255.255.255.255 metric 1 This will add a route to (possibly 192.168.1.1), using the netmask of 255.255.255.255 (single IP, not range of) through (local ip handed out to the Windows ppp adapter) with a metric of 1 (ie. would take priority over a rule with metric 1). This is a bit of a pain due to Windows only adding a default route for 0.0.0.0/0 (all traffic except thoughs already defined) to the routing table. This all may be a bit confusing; if you need any help contact me ;) Tommy Orndorff I.T. Intern (everyone has to start somewhere) From rlditto at bright.net Tue Feb 19 15:10:25 2002 From: rlditto at bright.net (rlditto&assoc) Date: Tue, 19 Feb 2002 16:10:25 -0500 Subject: [pptp-server] winxp multilink Message-ID: <001201c1b989$da882c60$1000a8c0@iserve> hello, i've gotten winxp to work but when i check under properties for the connection while it's active it tells me that ppp multilink is inactive and i do have multilink in my poptop options file. does anyone know or have some suggestions for this? thank-you joe ditto -------------- next part -------------- An HTML attachment was scrubbed... URL: From ekolb at randbreceivables.com Tue Feb 19 16:31:40 2002 From: ekolb at randbreceivables.com (Erich Kolb) Date: Tue, 19 Feb 2002 16:31:40 -0600 Subject: [pptp-server] !!PLEASE HELP!! Emergency Message-ID: I have been trying to get poptop going for almost a week now, and I am going crazy over this. Attempting to connect w/MS Win2k pro My System: RH 7.2 ppp-2.4.1-2 Linux 2.4.9-21 #1 Thu Jan 17 14:16:30 EST 2002 i686 unknown pptpd-1.0.0-5 (from rpm's) Conf files: /etc/pptpd.conf speed 115200 localip 10.0.0.25-29 remoteip 192.168.1.235-239 /etc/ppp/options lock debug name servername auth require-chap proxyarp IPTABLES Output Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination I think thats everything related so far, here is the log output: Feb 19 16:23:19 vpn pptpd[1294]: MGR: Manager process started Feb 19 16:23:32 vpn pptpd[1296]: CTRL: Client 66.9.176.154 control connection started Feb 19 16:23:32 vpn pptpd[1296]: CTRL: Starting call (launching pppd, opening GRE) Feb 19 16:23:32 vpn pppd[1297]: pppd 2.4.1 started by root, uid 0 Feb 19 16:23:32 vpn pppd[1297]: using channel 7 Feb 19 16:23:32 vpn pppd[1297]: Using interface ppp0 Feb 19 16:23:32 vpn pppd[1297]: Connect: ppp0 <--> /dev/pts/1 Feb 19 16:23:32 vpn pppd[1297]: sent [LCP ConfReq id=0x1 ] Feb 19 16:23:32 vpn pptpd[1296]: GRE: Discarding duplicate packet Feb 19 16:23:32 vpn pppd[1297]: rcvd [LCP ConfAck id=0x1 ] Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP ConfReq id=0x1 ] Feb 19 16:23:34 vpn pppd[1297]: sent [LCP ConfRej id=0x1 ] Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP ConfReq id=0x2 ] Feb 19 16:23:34 vpn pppd[1297]: sent [LCP ConfAck id=0x2 ] Feb 19 16:23:34 vpn pppd[1297]: sent [CHAP Challenge id=0x1 <8903df5a0f19084bd56c920a8e5d7a3a79a868bc>, name = "servername"] Feb 19 16:23:34 vpn pptpd[1296]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP code=0xc id=0x3 65 36 75 12 4d 53 52 41 53 56 35 2e 30 30] Feb 19 16:23:34 vpn pppd[1297]: sent [LCP CodeRej id=0x2 0c 03 00 12 65 36 75 12 4d 53 52 41 53 56 35 2e 30 30] Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP code=0xc id=0x4 65 36 75 12 4d 53 52 41 53 2d 31 2d 57 2d 45 4b 4f 4c 42] Feb 19 16:23:34 vpn pppd[1297]: sent [LCP CodeRej id=0x3 0c 04 00 17 65 36 75 12 4d 53 52 41 53 2d 31 2d 57 2d 45 4b 4f 4c 42] Feb 19 16:23:34 vpn pppd[1297]: rcvd [CHAP Response id=0x1 <2a083ada1e1051b377ed99acb3ee94f5>, name = "ekolb"] Feb 19 16:23:34 vpn pppd[1297]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access Feb 19 16:23:34 vpn pppd[1297]: sent [CHAP Success id=0x1 "Welcome to vpn.randbreceivables.com."] Feb 19 16:23:34 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:34 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:34 vpn pppd[1297]: CHAP peer authentication succeeded for ekolb Feb 19 16:23:37 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:37 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:40 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:40 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:43 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:43 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:46 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:46 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:49 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:49 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:52 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:52 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:55 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:55 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:23:58 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:23:58 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:24:01 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 ] Feb 19 16:24:01 vpn pppd[1297]: sent [CCP ConfReq id=0x1 ] Feb 19 16:24:04 vpn pppd[1297]: IPCP: timeout sending Config-Requests Feb 19 16:24:04 vpn pppd[1297]: sent [LCP TermReq id=0x4 "No network protocols running"] Feb 19 16:24:04 vpn pppd[1297]: rcvd [LCP TermAck id=0x4 "No network protocols running"] Feb 19 16:24:04 vpn pppd[1297]: Connection terminated. Feb 19 16:24:04 vpn pppd[1297]: Connect time 0.6 minutes. Feb 19 16:24:04 vpn pppd[1297]: Sent 310 bytes, received 0 bytes. Feb 19 16:24:04 vpn pppd[1297]: Exit. Feb 19 16:24:04 vpn pptpd[1296]: GRE: read(fd=4,buffer=804d900,len=8196) from PTY failed: status = -1 error = Input/output error Feb 19 16:24:04 vpn pptpd[1296]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) Feb 19 16:24:04 vpn pptpd[1296]: CTRL: Client 66.9.176.154 control connection finished It appears that I have authenticated (although I dont like the fact that I have to turn off encryption), and from what I have gathered from the mail-list archives, its trying to assign an ip address. However I have also had tons of the GRE errors with different configurations. This is starting to drive me nuts. Does anyone have a solution? From lists at earthling.2y.net Tue Feb 19 19:29:58 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Tue, 19 Feb 2002 20:29:58 -0500 (EST) Subject: [pptp-server] winxp multilink In-Reply-To: <001201c1b989$da882c60$1000a8c0@iserve> Message-ID: You don't need multilink. multilink is more or less the bonding of multiple ppp interfaces into one logical interface. On Tue, 19 Feb 2002, rlditto&assoc wrote: > hello, i've gotten winxp to work but when i check under properties for the connection while it's active it tells me that ppp multilink is inactive and i do have multilink in my poptop options file. does anyone know or have some suggestions for this? > > thank-you > > joe ditto > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From batten at lve.cc Tue Feb 19 20:49:36 2002 From: batten at lve.cc (Dean Batten) Date: Tue, 19 Feb 2002 21:49:36 -0500 Subject: [pptp-server] PPTP and RedHat 7.2 In-Reply-To: <1014026692.1357.2.camel@richard>; from r.devroede@linvision.com on Mon, Feb 18, 2002 at 11:04:52AM +0100 References: <20020214101528.D1253@Orion.home.org> <1013769403.9660.23.camel@richard> <20020215093333.A6476@Orion.home.org> <1014026692.1357.2.camel@richard> Message-ID: <20020219214936.A19077@monster.batten.cc> I have the same symptoms. lsmod lists ip_gre.o. Any other thoughts? On Mon, Feb 18, 2002 at 11:04:52AM +0100, R. de Vroede wrote: > > Ok. Type "locate gre.o".. What does it say? > Type "cat /etc/modules.conf".. What does it say? > > > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 control > > connection started > > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Starting call (launching pppd, > > opening GRE) > > Feb 15 09:28:09 gateway pppd[5359]: pppd 2.4.1 started by root, uid 0 > > Feb 15 09:28:09 gateway pppd[5359]: Using interface ppp0 > > Feb 15 09:28:09 gateway pppd[5359]: Connect: ppp0 <--> /dev/pts/1 > > Feb 15 09:28:09 gateway pptpd[5358]: GRE: read error: Protocol not > > available -- Dean Batten Lehigh Valley Engineering T 610-866-3820 batten at lve.cc 3400 Bath Pike, Suite 410 F 610-866-3830 Bethlehem, PA 18017 W www.lve.cc From neale at lowendale.com.au Tue Feb 19 21:34:56 2002 From: neale at lowendale.com.au (Neale Banks) Date: Wed, 20 Feb 2002 14:34:56 +1100 (EST) Subject: [pptp-server] PPTP and RedHat 7.2 In-Reply-To: <20020219214936.A19077@monster.batten.cc> Message-ID: On Tue, 19 Feb 2002, Dean Batten wrote: > I have the same symptoms. lsmod lists ip_gre.o. Any other thoughts? Can PPTP and ip_gre co-exist? What happens if you "rmmod ip_gre" and try again? HTH, Neale. From muralivemuri at multitech.co.in Tue Feb 19 21:10:33 2002 From: muralivemuri at multitech.co.in (Murali K. Vemuri) Date: Wed, 20 Feb 2002 08:40:33 +0530 Subject: [pptp-server] !!PLEASE HELP!! Emergency References: Message-ID: <3C7313A9.930EEA17@multitech.co.in> you gonna get problems there mate! i have two quick checkup points: 1 use only one IP address for local ip. 2. 'localip' and 'remoteip' should be of the same subnet. e.g., if you want the remote ip address to be like 192.168.1.235-239, put something like 192.168.1.x in the local ip. and this should work. cheers murali Erich Kolb wrote: > I have been trying to get poptop going for almost a week now, and I am going > crazy over this. > > Attempting to connect w/MS Win2k pro > > My System: > RH 7.2 > ppp-2.4.1-2 > Linux 2.4.9-21 #1 Thu Jan 17 14:16:30 EST 2002 i686 unknown > pptpd-1.0.0-5 (from rpm's) > > Conf files: > /etc/pptpd.conf > speed 115200 > localip 10.0.0.25-29 > remoteip 192.168.1.235-239 > /etc/ppp/options > lock > debug > name servername > auth > require-chap > proxyarp > > IPTABLES Output > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > I think thats everything related so far, here is the log output: > > Feb 19 16:23:19 vpn pptpd[1294]: MGR: Manager process started > Feb 19 16:23:32 vpn pptpd[1296]: CTRL: Client 66.9.176.154 control > connection started > Feb 19 16:23:32 vpn pptpd[1296]: CTRL: Starting call (launching pppd, > opening GRE) > Feb 19 16:23:32 vpn pppd[1297]: pppd 2.4.1 started by root, uid 0 > Feb 19 16:23:32 vpn pppd[1297]: using channel 7 > Feb 19 16:23:32 vpn pppd[1297]: Using interface ppp0 > Feb 19 16:23:32 vpn pppd[1297]: Connect: ppp0 <--> /dev/pts/1 > Feb 19 16:23:32 vpn pppd[1297]: sent [LCP ConfReq id=0x1 > ] > Feb 19 16:23:32 vpn pptpd[1296]: GRE: Discarding duplicate packet > Feb 19 16:23:32 vpn pppd[1297]: rcvd [LCP ConfAck id=0x1 > ] > Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP ConfReq id=0x1 > [local:98.da.b6.7f.cb.88.42.02.9f.d6.be.1a.cc.35.7a.dc.00.00.00.09]>] > Feb 19 16:23:34 vpn pppd[1297]: sent [LCP ConfRej id=0x1 ] > Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP ConfReq id=0x2 > [local:98.da.b6.7f.cb.88.42.02.9f.d6.be.1a.cc.35.7a.dc.00.00.00.09]>] > Feb 19 16:23:34 vpn pppd[1297]: sent [LCP ConfAck id=0x2 > [local:98.da.b6.7f.cb.88.42.02.9f.d6.be.1a.cc.35.7a.dc.00.00.00.09]>] > Feb 19 16:23:34 vpn pppd[1297]: sent [CHAP Challenge id=0x1 > <8903df5a0f19084bd56c920a8e5d7a3a79a868bc>, name = "servername"] > Feb 19 16:23:34 vpn pptpd[1296]: CTRL: Ignored a SET LINK INFO packet with > real ACCMs! > Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP code=0xc id=0x3 65 36 75 12 4d 53 > 52 41 53 56 35 2e 30 30] > Feb 19 16:23:34 vpn pppd[1297]: sent [LCP CodeRej id=0x2 0c 03 00 12 65 36 > 75 12 4d 53 52 41 53 56 35 2e 30 30] > Feb 19 16:23:34 vpn pppd[1297]: rcvd [LCP code=0xc id=0x4 65 36 75 12 4d 53 > 52 41 53 2d 31 2d 57 2d 45 4b 4f 4c 42] > Feb 19 16:23:34 vpn pppd[1297]: sent [LCP CodeRej id=0x3 0c 04 00 17 65 36 > 75 12 4d 53 52 41 53 2d 31 2d 57 2d 45 4b 4f 4c 42] > Feb 19 16:23:34 vpn pppd[1297]: rcvd [CHAP Response id=0x1 > <2a083ada1e1051b377ed99acb3ee94f5>, name = "ekolb"] > Feb 19 16:23:34 vpn pppd[1297]: Warning - secret file /etc/ppp/chap-secrets > has world and/or group access > Feb 19 16:23:34 vpn pppd[1297]: sent [CHAP Success id=0x1 "Welcome to > vpn.randbreceivables.com."] > Feb 19 16:23:34 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:34 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:34 vpn pppd[1297]: CHAP peer authentication succeeded for ekolb > Feb 19 16:23:37 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:37 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:40 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:40 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:43 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:43 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:46 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:46 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:49 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:49 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:52 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:52 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:55 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:55 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:23:58 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:23:58 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:24:01 vpn pppd[1297]: sent [IPCP ConfReq id=0x1 > ] > Feb 19 16:24:01 vpn pppd[1297]: sent [CCP ConfReq id=0x1 > ] > Feb 19 16:24:04 vpn pppd[1297]: IPCP: timeout sending Config-Requests > Feb 19 16:24:04 vpn pppd[1297]: sent [LCP TermReq id=0x4 "No network > protocols running"] > Feb 19 16:24:04 vpn pppd[1297]: rcvd [LCP TermAck id=0x4 "No network > protocols running"] > Feb 19 16:24:04 vpn pppd[1297]: Connection terminated. > Feb 19 16:24:04 vpn pppd[1297]: Connect time 0.6 minutes. > Feb 19 16:24:04 vpn pppd[1297]: Sent 310 bytes, received 0 bytes. > Feb 19 16:24:04 vpn pppd[1297]: Exit. > Feb 19 16:24:04 vpn pptpd[1296]: GRE: read(fd=4,buffer=804d900,len=8196) > from PTY failed: status = -1 error = Input/output error > Feb 19 16:24:04 vpn pptpd[1296]: CTRL: PTY read or GRE write failed > (pty,gre)=(4,5) > Feb 19 16:24:04 vpn pptpd[1296]: CTRL: Client 66.9.176.154 control > connection finished > > It appears that I have authenticated (although I dont like the fact that I > have to turn off encryption), and from what I have gathered from the > mail-list archives, its trying to assign an ip address. However I have also > had tons of the GRE errors with different configurations. This is starting > to drive me nuts. Does anyone have a solution? > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- regards & thanks for your time, Murali Krishna Vemuri --All blue, I write with a Blue Pencil on a Blue Sky. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Administrator at josims.com Wed Feb 20 02:23:35 2002 From: Administrator at josims.com (Andrew Lyon) Date: Wed, 20 Feb 2002 08:23:35 -0000 Subject: [pptp-server] PPTP and RedHat 7.2 Message-ID: So do I, loading ip_gre doesn't seem to fix the problem. Andy -----Original Message----- From: Dean Batten [mailto:batten at lve.cc] Sent: 20 February 2002 02:50 To: R. de Vroede; pptp-server at lists.schulte.org Subject: Re: [pptp-server] PPTP and RedHat 7.2 I have the same symptoms. lsmod lists ip_gre.o. Any other thoughts? On Mon, Feb 18, 2002 at 11:04:52AM +0100, R. de Vroede wrote: > > Ok. Type "locate gre.o".. What does it say? > Type "cat /etc/modules.conf".. What does it say? > > > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 > > control connection started Feb 15 09:28:09 gateway pptpd[5358]: > > CTRL: Starting call (launching pppd, opening GRE) > > Feb 15 09:28:09 gateway pppd[5359]: pppd 2.4.1 started by root, uid 0 > > Feb 15 09:28:09 gateway pppd[5359]: Using interface ppp0 > > Feb 15 09:28:09 gateway pppd[5359]: Connect: ppp0 <--> /dev/pts/1 > > Feb 15 09:28:09 gateway pptpd[5358]: GRE: read error: Protocol not > > available -- Dean Batten Lehigh Valley Engineering T 610-866-3820 batten at lve.cc 3400 Bath Pike, Suite 410 F 610-866-3830 Bethlehem, PA 18017 W www.lve.cc _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- Registered Office: J.O. Sims Ltd, Pudding Lane, Pinchbeck, Spalding, Lincs. PE11 3TJ Company reg No: 2084187 Vat reg No: GB 437 4621 47 Tel: +44 (0) 1775 842100 Fax: +44 (0) 1775 842101 Web: www.josims.com Email: enquiries at josims.com The information contained in this e-mail is confidential and is intended for the addressee only. The contents of this e-mail must not be disclosed or copied without the sender's consent. If you are not the intended recipient of the message, please notify the sender immediately, and delete the message. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the company. No commitment may be inferred from the contents unless explicitly stated. The company does not take any responsibility for the personal views of the author. This message has been scanned for viruses before sending, but the company does not accept any responsibility for infection and recommends that you scan any attachments. From schierz at cst-it.dyndns.org Wed Feb 20 05:22:21 2002 From: schierz at cst-it.dyndns.org (Denny Schierz) Date: Wed, 20 Feb 2002 12:22:21 +0100 Subject: [pptp-server] can connect then cant' connect Message-ID: <11410912301.20020220122221@cst-it.dyndns.org> Guten Tag pptp-server, my problem is, that i can't connect to the pptp server at every time. First, i connected successful to one server, then i want to connect to an another pptp Server, but it doesn't work. The Client is Win2k SP2. Windows tells me (during the Password change) the he can't connect to the port (error 619). Then i trying to connect to the first pptp, but the same Problem, Windows can't connect. here the debug output: Feb 20 12:12:10 server pptpd[17804]: MGR: Launching /usr/local/sbin/pptpctrl to handle client Feb 20 12:12:10 server pptpd[17804]: CTRL: local address = 192.168.50.201 Feb 20 12:12:10 server pptpd[17804]: CTRL: remote address = 192.168.50.216 Feb 20 12:12:10 server pptpd[17804]: CTRL: pppd options file = /etc/ppp/pptp.options Feb 20 12:12:10 server pptpd[17804]: CTRL: Received PPTP Control Message (type: 1) Feb 20 12:12:10 server pptpd[17804]: CTRL: Made a START CTRL CONN RPLY packet Feb 20 12:12:10 server pptpd[17804]: CTRL: I wrote 156 bytes to the client. Feb 20 12:12:10 server pptpd[17804]: CTRL: Sent packet to client Feb 20 12:12:12 server pptpd[17804]: CTRL: Received PPTP Control Message (type: 7) Feb 20 12:12:12 server pptpd[17804]: CTRL: 0 min_bps, 1525 max_bps, 32 window size Feb 20 12:12:12 server pptpd[17804]: CTRL: Made a OUT CALL RPLY packet Feb 20 12:12:12 server pptpd[17804]: CTRL: pty_fd = 5 Feb 20 12:12:12 server pptpd[17804]: CTRL: tty_fd = 6 Feb 20 12:12:12 server pptpd[3344]: CTRL (PPPD Launcher): Connection speed = 115200 Feb 20 12:12:12 server pptpd[3344]: CTRL (PPPD Launcher): local address = 192.168.50.201 Feb 20 12:12:12 server pptpd[3344]: CTRL (PPPD Launcher): remote address = 192.168.50.216 Feb 20 12:12:12 server pptpd[17804]: CTRL: I wrote 32 bytes to the client. Feb 20 12:12:12 server pptpd[17804]: CTRL: Sent packet to client Feb 20 12:12:12 server pptpd[17804]: CTRL: Received PPTP Control Message (type: 15) Feb 20 12:12:12 server pptpd[17804]: CTRL: Got a SET LINK INFO packet with standard ACCMs that's all :-( -- Mit freundlichen Gr?ssen Denny Schierz mailto:schierz at cst-it.dyndns.org From r.devroede at linvision.com Wed Feb 20 09:16:43 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 20 Feb 2002 16:16:43 +0100 Subject: [pptp-server] new RH 7.2 RPM's Message-ID: <1014218203.2686.122.camel@richard> I have made the following RPMs for RedHat 7.2: * kernel-2.4.9-21mppe * ppp-2.4.1-3mppe * pptpd-1.1.2-2 You can download them at http://devel.linvision.com/ Let me know if something breaks ;-) -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From martin at mh57.net Wed Feb 20 10:29:04 2002 From: martin at mh57.net (Martin Hermanowski) Date: Wed, 20 Feb 2002 17:29:04 +0100 Subject: [pptp-server] PPTP and RedHat 7.2 In-Reply-To: References: Message-ID: <20020220162904.GD31790@mh57.net> I get this message whenever I try to re-establish a pptp link an the previous gre-connection still exists in /proc/net/ip_conntrack. I had trouble with non-working gre the time after I closed my connection, and I found out that just the moment it left /proc/net/ip_conntrack the new connection would start. It does not happen with Win-machines, so I think that I do not end the gre-Traffic correctly. What is the best way to stop a running pptp-Session? kill -HUP `pidof pppd` seems to be wrong :-/ HAND&RUMH On Wed, Feb 20, 2002 at 08:23:35AM -0000, Andrew Lyon wrote: > So do I, loading ip_gre doesn't seem to fix the problem. > > Andy > > -----Original Message----- > From: Dean Batten [mailto:batten at lve.cc] > Sent: 20 February 2002 02:50 > To: R. de Vroede; pptp-server at lists.schulte.org > Subject: Re: [pptp-server] PPTP and RedHat 7.2 > > > I have the same symptoms. lsmod lists ip_gre.o. Any other thoughts? > > On Mon, Feb 18, 2002 at 11:04:52AM +0100, R. de Vroede wrote: > > > > Ok. Type "locate gre.o".. What does it say? > > Type "cat /etc/modules.conf".. What does it say? > > > > > Feb 15 09:28:09 gateway pptpd[5358]: CTRL: Client 207.148.164.66 > > > control connection started Feb 15 09:28:09 gateway pptpd[5358]: > > > CTRL: Starting call (launching pppd, opening GRE) > > > Feb 15 09:28:09 gateway pppd[5359]: pppd 2.4.1 started by root, uid 0 > > > Feb 15 09:28:09 gateway pppd[5359]: Using interface ppp0 > > > Feb 15 09:28:09 gateway pppd[5359]: Connect: ppp0 <--> /dev/pts/1 > > > Feb 15 09:28:09 gateway pptpd[5358]: GRE: read error: Protocol not > > > available > > -- > Dean Batten Lehigh Valley Engineering T 610-866-3820 > batten at lve.cc 3400 Bath Pike, Suite 410 F 610-866-3830 > Bethlehem, PA 18017 W www.lve.cc > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > > Registered Office: J.O. Sims Ltd, Pudding Lane, Pinchbeck, Spalding, Lincs. > PE11 3TJ > Company reg No: 2084187 Vat reg No: GB 437 4621 47 > Tel: +44 (0) 1775 842100 Fax: +44 (0) 1775 842101 Web: www.josims.com > Email: enquiries at josims.com > The information contained in this e-mail is confidential and is intended for > the addressee only. The contents of this e-mail must not be disclosed or > copied without the sender's consent. If you are not the intended recipient > of the message, please notify the sender immediately, and delete the > message. The statements and opinions expressed in this message are those of > the author and do not necessarily reflect those of the company. No > commitment may be inferred from the contents unless explicitly stated. The > company does not take any responsibility for the personal views of the > author. This message has been scanned for viruses before sending, but the > company does not accept any responsibility for infection and recommends that > you scan any attachments. > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- PGP/GPG encrypted mail preferred, see header ,-- | Nur tote Fische schwimmen mit dem Strom `-- From jurr at tref.nl Wed Feb 20 15:12:34 2002 From: jurr at tref.nl (Jurrie Overgoor) Date: Wed, 20 Feb 2002 22:12:34 +0100 Subject: [pptp-server] Connect from lan, not from dial-up Message-ID: <004201c1ba53$51d12f00$0b9379c3@p266> Hello there, I've got a very strange problem, and I haven't seen this anywhere in the mailing list yet. I've set up poptop with RedHat 7.1. The vpn client is a Win98 system. VPN Client --> INTERNET --> VPN PoPToP Server (also firewall) --> NT server I'd like the client to connect to the NT server, so I've set up WINS at the NT server, and modified my config file (added ms-wins 192.168.10.1). All is well here... I did a test, I took a pc from the internal lan, and did not logon to the nt server. I set up a vpn dial-in connection, and dialed to the internet ip of the vpn server (the firewall). After some time, I get a login box (from the NT server), I log in and I get my shares etc. (the bootup bat file runs). So that is great! Now for the strange part: I took the SAME client, plugged in a modem, dialed in on my internet account (using my modem, not the internet connection from the lan that the client normally has...). Internet works, I can surf etc. Now I tiedy the vpn connection again (I installed a second 'external adapter (# VPN support)'). The tunnel is set up, I get the login box, I type my login name and password, and I get an error: "Login name / password is not correct, or the server refused the connection"... HUH?!? Everything is the same, I only used a modem to connect to the internet instead of the lan gateway... What could be wrong? Greetz -- Jurrie jurr at tref.nl -------------- next part -------------- An HTML attachment was scrubbed... URL: From margol at beamartyr.net Thu Feb 21 12:49:39 2002 From: margol at beamartyr.net (Issac Goldstand) Date: Thu, 21 Feb 2002 20:49:39 +0200 Subject: [pptp-server] CHAP authenticates ok... now what? Message-ID: <000001c1bb09$0997d610$1c0aa8c0@deepthought> I successfully install pptpd on my RedHat 7.2 machine... I added an account to chap-secrets, and set pptpctrl to work from xinetd without a problem. From my Win2K box, I configured the VPN. I get a seuccessful authentication, and then it just stops. Isn't it supposed to, well... DO something to complete the connection after authentication??? Can someone help me figure out what's going on? Thanks, Issac Windows says "Error 734: The PPP link control protocol was terminated" The following came from /var/log/pptp.log: Feb 21 20:44:42 epoch pppd[2991]: pppd 2.4.1 started by root, uid 0 Feb 21 20:44:42 epoch pppd[2991]: Using interface ppp0 Feb 21 20:44:42 epoch pppd[2991]: Connect: ppp0 <--> /dev/pts/2 Feb 21 20:44:44 epoch pppd[2991]: CHAP peer authentication succeeded for issac Feb 21 20:45:14 epoch pppd[2991]: IPCP: timeout sending Config-Requests Feb 21 20:45:15 epoch pppd[2991]: Modem hangup Feb 21 20:45:15 epoch pppd[2991]: Connection terminated. Feb 21 20:45:15 epoch pppd[2991]: Connect time 0.6 minutes. Feb 21 20:45:15 epoch pppd[2991]: Sent 310 bytes, received 0 bytes. Feb 21 20:45:15 epoch pppd[2991]: Exit. And the following is the same sesion in /var/log/messages: Feb 21 20:44:41 epoch pptpd[2990]: CTRL: Client 212.179.222.7 control connection started Feb 21 20:44:42 epoch pptpd[2990]: CTRL: Starting call (launching pppd, opening GRE) Feb 21 20:44:42 epoch pppd[2991]: pppd 2.4.1 started by root, uid 0 Feb 21 20:44:42 epoch pppd[2991]: Using interface ppp0 Feb 21 20:44:42 epoch pppd[2991]: Connect: ppp0 <--> /dev/pts/2 Feb 21 20:44:42 epoch pptpd[2990]: Buffering out-of-order packet; got 1 after 4294967295 Feb 21 20:44:44 epoch pptpd[2990]: Packet reorder timeout waiting for 0 Feb 21 20:44:44 epoch pptpd[2990]: Buffering out-of-order packet; got 2 after 0 Feb 21 20:44:44 epoch pppd[2991]: CHAP peer authentication succeeded for issac Feb 21 20:44:44 epoch pptpd[2990]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 21 20:45:14 epoch pppd[2991]: IPCP: timeout sending Config-Requests Feb 21 20:45:15 epoch pppd[2991]: Modem hangup Feb 21 20:45:15 epoch pppd[2991]: Connection terminated. Feb 21 20:45:15 epoch pppd[2991]: Connect time 0.6 minutes. Feb 21 20:45:15 epoch pppd[2991]: Sent 310 bytes, received 0 bytes. Feb 21 20:45:15 epoch pppd[2991]: Exit. Feb 21 20:45:15 epoch pptpd[2990]: GRE: read error: Bad file descriptor Feb 21 20:45:15 epoch pptpd[2990]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 21 20:45:15 epoch pptpd[2990]: CTRL: Client 212.179.222.7 control connection finished -------------- next part -------------- An HTML attachment was scrubbed... URL: From robert at mrsquirrel.com Thu Feb 21 13:06:17 2002 From: robert at mrsquirrel.com (Robert Schwartz) Date: Thu, 21 Feb 2002 11:06:17 -0800 Subject: [pptp-server] Issues with OpenBSD 3 Message-ID: <00c701c1bb0a$d7377ed0$14f4450a@mrsquirrel.com> Hello list, I have an issue that I'm deeply interested in solving. I implemented a new development firewall for to move into production, and there's just one piece that's causing me headaches. I'm running OpenBSD 3.0 on a firewall with 3 interfaces. The last issue is PoPToP. I've compiled the latest source with --bsdppp and with -ipalloc. I've set up the server as per the documentation I've found scattered about the net. I've rebuilt the kernel without GRE (and I removed some non-firewall junk like X and such from the kernel). I've added the following 1 lines to my startup scripts: /etc/inetd.conf ppploop stream tcp nowait root /usr/sbin/ppp ppp -direct loop-in /etc/services # ppploop 6671/tcp # loopback ppp daemon I can connect with a client computer, exchange authentication, receive the IP addressing information, and get registered on the remote network. Sniffing the interface with the client shows a ton of encapsulated GRE traffic. When I ping (telnet, etc) from the PPTP client, nothing happens. I see arp-requests on the internal interface when I run tcpdump, and I see the traffic when I run tcpdump on tun0. I do not see arp-replies on the internal network or on the tunnel though. At this point I believe that proxy arp in ppp isn't working right. Any ideas as to why I would be able to log in, pass an arp-whohas request to the local interface, but not be able to get traffic back? I've spent a few days tweaking all the files and settings and I'm no farther then I was the first night after my successful authentication. I haven't implemented encrypted passwords yet (one must walk before one flies), and I am using the allow all rule in PF for these tests. Here is my conf: /etc/pptpd.conf option /etc/ppp/ppp.conf debug localip 10.x.y.1 remoteip 10.x.y.222-223 pidfile /var/run/pptpd.pid speed 115200 option /etc/ppp/ppp.conf /etc/ppp/ppp.conf loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login # Server (local) IP address, Range for Clients, and Netmask set ifaddr 10.x.y.1 10.x.y.222-10.x.y.223 255.255.255.255 enable proxy set server /tmp/loop "" 0177 loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct pptp: load loop enable chap disable pap # Authenticate against /etc/passwd ##enable passwdauth enable proxy accept dns # DNS Servers to assign client set dns 10.x.y.10 # NetBIOS/WINS Servers to assign client set nbns 10.x.y.10 set device !/etc/ppp/secure /etc/ppp/options lock auth #usehostname /etc/ppp/secure #!/bin/sh exec /usr/sbin/ppp -direct loop-in and /etc/ppp/ppp.secret username1 password1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From allan at data-house.com Thu Feb 21 14:28:06 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 14:28:06 -0600 Subject: [pptp-server] Duplicate name error Message-ID: <62E1E735F75DD4118A280000F81B372A233192@dhdbc.data-house.com> Hello list. Hopefully someone can help me with my problem. I am trying to setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but then there is an error on the client end and then the client can no longer connect to the pptp server. The error is: A duplicate name exists on the network. TCP/IP CP: reported error 52 If anyone has any ideas it would be a lifesaver. Thanks From allan at data-house.com Thu Feb 21 14:37:36 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 14:37:36 -0600 Subject: [pptp-server] Duplicate name error Message-ID: <62E1E735F75DD4118A280000F81B372A233193@dhdbc.data-house.com> I just have a crossover cable between the two systems. Does computer names have anything to do with making the tunnel. I didn't think so, so I am not sure why I am getting this error. Any more ideas would be appreciated. Allan -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:29 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error Are you sure that there are no other machines on the network with that computer name? -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:28 PM To: Pptp (E-mail) Subject: [pptp-server] Duplicate name error Hello list. Hopefully someone can help me with my problem. I am trying to setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but then there is an error on the client end and then the client can no longer connect to the pptp server. The error is: A duplicate name exists on the network. TCP/IP CP: reported error 52 If anyone has any ideas it would be a lifesaver. Thanks _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From allan at data-house.com Thu Feb 21 14:53:27 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 14:53:27 -0600 Subject: [pptp-server] Duplicate name error Message-ID: <62E1E735F75DD4118A280000F81B372A233194@dhdbc.data-house.com> I agree. One machine is named Jay and the other is VIP1. They are connected through a crossover cable. There should be no name conflicts as far as I can tell. Is there any config files that would help to check things out for me. Thanks for helping. -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:50 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error The tunnel doesnt have anything to do with it, but TCPIP does. You cant have 2 machines with the same name on the same network. -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:38 PM To: Pptp (E-mail) Subject: RE: [pptp-server] Duplicate name error I just have a crossover cable between the two systems. Does computer names have anything to do with making the tunnel. I didn't think so, so I am not sure why I am getting this error. Any more ideas would be appreciated. Allan -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:29 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error Are you sure that there are no other machines on the network with that computer name? -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:28 PM To: Pptp (E-mail) Subject: [pptp-server] Duplicate name error Hello list. Hopefully someone can help me with my problem. I am trying to setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but then there is an error on the client end and then the client can no longer connect to the pptp server. The error is: A duplicate name exists on the network. TCP/IP CP: reported error 52 If anyone has any ideas it would be a lifesaver. Thanks _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From allan at data-house.com Thu Feb 21 15:12:26 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 15:12:26 -0600 Subject: [pptp-server] Duplicate Name Error Message-ID: <62E1E735F75DD4118A280000F81B372A233196@dhdbc.data-house.com> I only have pptpd on one machine. The other is a 2000 client the is using the microsoft info. In my /etc/ppp/options file I have: lock debug auth +chap proxyarp Let me know if you have any ideas. Thanks -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:57 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error Interesting. Did you check the /etc/ppp/options file? Is it possible that pptpd is the same on both machines? -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:53 PM To: Pptp (E-mail) Subject: RE: [pptp-server] Duplicate name error I agree. One machine is named Jay and the other is VIP1. They are connected through a crossover cable. There should be no name conflicts as far as I can tell. Is there any config files that would help to check things out for me. Thanks for helping. -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:50 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error The tunnel doesnt have anything to do with it, but TCPIP does. You cant have 2 machines with the same name on the same network. -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:38 PM To: Pptp (E-mail) Subject: RE: [pptp-server] Duplicate name error I just have a crossover cable between the two systems. Does computer names have anything to do with making the tunnel. I didn't think so, so I am not sure why I am getting this error. Any more ideas would be appreciated. Allan -----Original Message----- From: Erich Kolb [mailto:ekolb at randbreceivables.com] Sent: Thursday, February 21, 2002 2:29 PM To: Wilson, Allan Subject: RE: [pptp-server] Duplicate name error Are you sure that there are no other machines on the network with that computer name? -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan Sent: Thursday, February 21, 2002 2:28 PM To: Pptp (E-mail) Subject: [pptp-server] Duplicate name error Hello list. Hopefully someone can help me with my problem. I am trying to setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but then there is an error on the client end and then the client can no longer connect to the pptp server. The error is: A duplicate name exists on the network. TCP/IP CP: reported error 52 If anyone has any ideas it would be a lifesaver. Thanks _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From catinhat at kc.net Thu Feb 21 15:50:43 2002 From: catinhat at kc.net (catinhat) Date: Thu, 21 Feb 2002 15:50:43 -0600 Subject: [pptp-server] Duplicate Name Error References: <62E1E735F75DD4118A280000F81B372A233196@dhdbc.data-house.com> Message-ID: <003201c1bb21$d0ab80e0$415ff2d1@kc.rr.com> In your pptp.config do you have a range of addresses specified? What do you have listed there for internal and remote? ----- Original Message ----- From: "Wilson, Allan" To: "Pptp (E-mail)" Sent: Thursday, February 21, 2002 3:12 PM Subject: [pptp-server] Duplicate Name Error > I only have pptpd on one machine. The other is a 2000 client the is using > the microsoft info. In my /etc/ppp/options file I have: > > lock > debug > auth > +chap > proxyarp > > Let me know if you have any ideas. Thanks From allan at data-house.com Thu Feb 21 15:58:26 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 15:58:26 -0600 Subject: [pptp-server] Duplicate Name Error Message-ID: <62E1E735F75DD4118A280000F81B372A233197@dhdbc.data-house.com> LOL. I have localip 192.198.100.138 remoteip 192.198.100.37 I have another question also. in my /etc/ppp/options file do I need the line name servername Thanks for all your help guys. -----Original Message----- From: catinhat [mailto:catinhat at kc.net] Sent: Thursday, February 21, 2002 3:55 PM To: Wilson, Allan Subject: Re: [pptp-server] Duplicate Name Error Sorry that would be pptpd.config ... darn typo. ----- Original Message ----- From: "Wilson, Allan" To: "Pptp (E-mail)" Sent: Thursday, February 21, 2002 3:12 PM Subject: [pptp-server] Duplicate Name Error > I only have pptpd on one machine. The other is a 2000 client the is using > the microsoft info. In my /etc/ppp/options file I have: > > lock > debug > auth > +chap > proxyarp > > Let me know if you have any ideas. Thanks > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:57 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > Interesting. Did you check the /etc/ppp/options file? Is it possible that > pptpd is the same on both machines? > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:53 PM > To: Pptp (E-mail) > Subject: RE: [pptp-server] Duplicate name error > > > I agree. One machine is named Jay and the other is VIP1. They are connected > through a crossover cable. There should be no name conflicts as far as I can > tell. Is there any config files that would help to check things out for me. > Thanks for helping. > > > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:50 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > The tunnel doesnt have anything to do with it, but TCPIP does. You cant > have 2 machines with the same name on the same network. > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:38 PM > To: Pptp (E-mail) > Subject: RE: [pptp-server] Duplicate name error > > > I just have a crossover cable between the two systems. Does computer names > have anything to do with making the tunnel. I didn't think so, so I am not > sure why I am getting this error. Any more ideas would be appreciated. > > Allan > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:29 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > Are you sure that there are no other machines on the network with that > computer name? > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:28 PM > To: Pptp (E-mail) > Subject: [pptp-server] Duplicate name error > > > Hello list. Hopefully someone can help me with my problem. I am trying to > setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but > then there is an error on the client end and then the client can no longer > connect to the pptp server. The error is: > > A duplicate name exists on the network. > > TCP/IP CP: reported error 52 > > If anyone has any ideas it would be a lifesaver. > > Thanks > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From allan at data-house.com Thu Feb 21 16:24:10 2002 From: allan at data-house.com (Wilson, Allan) Date: Thu, 21 Feb 2002 16:24:10 -0600 Subject: [pptp-server] Duplicate Name Error Message-ID: <62E1E735F75DD4118A280000F81B372A233198@dhdbc.data-house.com> The IP on the VPN is set to automatically assign ip address. The error message pops up when the box pops up on the window that says Registering Your Computer On The Network. Do you think it is a 2000 problem? I think it is something little but I need this to work so I can try to get encription over the tunnel. Thanks -----Original Message----- From: catinhat [mailto:catinhat at kc.net] Sent: Thursday, February 21, 2002 4:18 PM To: Wilson, Allan Subject: Re: [pptp-server] Duplicate Name Error From skmail at mcewen.wcnet.org Thu Feb 21 20:07:10 2002 From: skmail at mcewen.wcnet.org (skmail at mcewen.wcnet.org) Date: Thu, 21 Feb 2002 21:07:10 -0500 (EST) Subject: [pptp-server] encryption patch to recent ppp? Message-ID: Anyone know if there is an encryption patch to a more recent version of ppp than whats on the web page? Trying to set this up on RH 7.1. With ppp 2.4.0 pptp works, with 2.4.1 it doesn't. These are the redhat ppp RPM's. Anyone have any clue why? I can change from 2.4.0 to 2.4.1 and back again, it allways works on 2.4.0, never on 2.4.1. Confirmed on multiple systems. Thanks! From rsa at acl.edu.au Thu Feb 21 21:44:34 2002 From: rsa at acl.edu.au (Ramzi S. Abdallah) Date: Fri, 22 Feb 2002 14:44:34 +1100 Subject: [pptp-server] PPTP installation Message-ID: Hi, What pakages and versions do I need to install pptpd-1.0.1 with MSCHAPv2/MPPE support for ppp. I am using RedHat 7.2 with kernel 2.4.9-21 and pppd 2.3.11 Thanks Ramzi From r.devroede at linvision.com Fri Feb 22 04:31:28 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 22 Feb 2002 11:31:28 +0100 Subject: [pptp-server] encryption patch to recent ppp? In-Reply-To: References: Message-ID: <1014373888.1693.2.camel@richard> Go to: http://devel.linvision.com/ The RPM's are compiled for RedHat 7.2, but should work on 7.x Regards, Richard de Vroede > Anyone know if there is an encryption patch to a more recent version of > ppp than whats on the web page? > > Trying to set this up on RH 7.1. With ppp 2.4.0 pptp works, with 2.4.1 it > doesn't. These are the redhat ppp RPM's. Anyone have any clue why? I > can change from 2.4.0 to 2.4.1 and back again, it allways works on 2.4.0, > never on 2.4.1. Confirmed on multiple systems. > > Thanks! > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Fri Feb 22 06:56:44 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 22 Feb 2002 13:56:44 +0100 Subject: [pptp-server] ProxyArp Message-ID: <1014382604.1693.53.camel@richard> I just fixed a connection problem with PPTP clients reaching the internal network. To make it work, the options file for pptp has to contain an entry "proxyarp". It is important that you execute: 'echo "1" > /proc/sys/net/ipv4/conf/all/proxy_arp'. RedHat users can then add 'net.ipv4.conf.all.proxy_arp = 1' to /etc/sysctl.conf to make it work after rebooting. Others have to add the 'echo "1"...' line to some rc script (say rc.local). Hope this helps some people. -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From allan at data-house.com Fri Feb 22 08:23:53 2002 From: allan at data-house.com (K. Allan Wilson) Date: Fri, 22 Feb 2002 08:23:53 -0600 Subject: [pptp-server] RedHat 7.0 Example Message-ID: <3C765479.8010003@data-house.com> Does someone have the steps for installing on RH 7.0 including what versions of what work. All I can find is for 6.2 and I am having problems. The config for your /etc/ppp/options and /etc/pptp.conf file would also be helpful. Thanks for the help K. Allan Wilson From allan at data-house.com Fri Feb 22 09:29:48 2002 From: allan at data-house.com (K. Allan Wilson) Date: Fri, 22 Feb 2002 09:29:48 -0600 Subject: [pptp-server] Thanks for the help Message-ID: <3C7663EC.9080706@data-house.com> Thanks R. de Vroede. I downloaded the rpms for 7.0 kernel and I got it to connect with no problems. I need to enable chap encription now and I am also getting a can't locate module ppp-compress-18 in the /var/log/messages file. If anyone has a pointer to get this working and add the encryption I would appreciate the help. Thanks for all the help. K. Allan Wilson From r.devroede at linvision.com Fri Feb 22 11:31:05 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 22 Feb 2002 18:31:05 +0100 Subject: [pptp-server] Thanks for the help In-Reply-To: <3C7663EC.9080706@data-house.com> References: <3C7663EC.9080706@data-house.com> Message-ID: <1014399065.1693.58.camel@richard> No problem. ppp-compress-18 is the ppp_mppe module. check your modules.conf for these entries: alias ppp ppp_generic alias char-major-108 off # This will be different for 2.3.x kernels alias ppp-compress-18 ppp_mppe alias ppp-compress-21 bsd_comp alias ppp-compress-24 ppp_deflate alias ppp-compress-26 ppp_deflate which RPM's did you get? Regards, Richard de Vroede > Thanks R. de Vroede. I downloaded the rpms for 7.0 kernel and I got it > to connect with no problems. I need to enable chap encription now and I > am also getting a can't locate module ppp-compress-18 in the > /var/log/messages file. If anyone has a pointer to get this working and > add the encryption I would appreciate the help. Thanks for all the help. > > K. Allan Wilson > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Fri Feb 22 12:07:26 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 22 Feb 2002 19:07:26 +0100 Subject: [pptp-server] Thanks for the help In-Reply-To: <1014399065.1693.58.camel@richard> References: <3C7663EC.9080706@data-house.com> <1014399065.1693.58.camel@richard> Message-ID: <1014401247.1693.60.camel@richard> Don't forget to put a 'modprobe ppp' in a startup file. Will fix that in the next RPM release of pptpd. On Fri, 2002-02-22 at 18:31, R. de Vroede wrote: > No problem. > ppp-compress-18 is the ppp_mppe module. > check your modules.conf for these entries: > alias ppp ppp_generic > alias char-major-108 off # This will be different for 2.3.x kernels > alias ppp-compress-18 ppp_mppe > alias ppp-compress-21 bsd_comp > alias ppp-compress-24 ppp_deflate > alias ppp-compress-26 ppp_deflate > > which RPM's did you get? > > Regards, > Richard de Vroede > > > Thanks R. de Vroede. I downloaded the rpms for 7.0 kernel and I got it > > to connect with no problems. I need to enable chap encription now and I > > am also getting a can't locate module ppp-compress-18 in the > > /var/log/messages file. If anyone has a pointer to get this working and > > add the encryption I would appreciate the help. Thanks for all the help. > > > > K. Allan Wilson > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > -- > Richard de Vroede > (r.devroede at linvision.com) > ------------------------------------------------ > Linvision BV Provides Linux Solutions > Elektronicaweg 16D > 2628 XG Delft > T: +31157502310 info at linvision.com > F: +31157502319 http://devel.linvision.com > ------------------------------------------------ > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From fredrik.ohrstrom at seamless.se Fri Feb 22 11:42:23 2002 From: fredrik.ohrstrom at seamless.se (Fredrik =?ISO-8859-1?Q?=D6hrstr=F6m?=) Date: Fri, 22 Feb 2002 18:42:23 +0100 Subject: [pptp-server] It works locally now. But now masquerading is needed.... References: Message-ID: <3C7682FF.105@seamless.se> After turning off LCP-extensions it works. Thanks! However now I need to configure pptp through our masquerading firewall. Have anyone heard of an iptables pptp masquerading module? Or any kind of path of a 2.4 kernel? The latest patches I have found so far seems to apply to 2.2 kernels and older. Fredrik From coert.klaver at planet.nl Fri Feb 22 10:57:08 2002 From: coert.klaver at planet.nl (Coert Klaver) Date: Fri, 22 Feb 2002 17:57:08 +0100 Subject: [pptp-server] Cant get PPTP to work over ADSL on RH7.2 Message-ID: <01C1BBD3.D2A8B590.coert.klaver@planet.nl> Hello I'm struggling a few days already to get my ADSL connection working on my linux box. The connection itself, the modem and the account are OK, it works fine from under NT. I have the following stuff: - Linux RH 7.2, (2.4.7-10 kernel) - ppp-2.4.1-2 - pptpd-1.0.0.5 My options file looks like (as suggested by another ISP than mine, using the same ADSL provider, mxstream ): ------------------------------------------------------------------------ -------- debug idle 0 noauth user xxxxxx at adsl-comfort defaultroute usepeerdns nodetach lcp-echo-interval 10 lcp-echo-failure 3 ------------------------------------------------------------------------ -------- my pap-sectrets looks like: ------------------------------------------------------------------------ -------- # Secrets for authentication using PAP # client server secret IP addresses xxxxxxxx at adsl-comfort * yyyyyy * ------------------------------------------------------------------------ -------- The pptpd starts OK, I can see the pptpd logfile and it reports a propper start of the pptpd. On my linux box, eth0 is the NIC on the inside and has 192.168.0.1, eth1 is the NIC on the ADSL modem side and has 10.0.0.150. The modem has 10.0.0.138. I can ping eth1, I can ping the modem. If I ping a external ip addres , e.g. 194.109.9.99, I can see the LAN light on the ADSL modem flashing, so routing on my box should be OK, the ping is routed to the ADSL modem. The TX nor RX light doesn't come up, appearently the connection over ADSL is not comming up. Can somebody hive a hint as to what to check next Thanks for any suggestion Coert Klaver coert.klaver at planet.nl From Steve at SteveCowles.com Fri Feb 22 14:00:38 2002 From: Steve at SteveCowles.com (Cowles, Steve) Date: Fri, 22 Feb 2002 14:00:38 -0600 Subject: [pptp-server] It works locally now. But now masquerading is n eeded.... Message-ID: <90769AF04F76D41186C700A0C90AFC3EEA4E@defiant.infohiiway.com> > -----Original Message----- > From: Fredrik ?hrstr?m [mailto:fredrik.ohrstrom at seamless.se] > Sent: Friday, February 22, 2002 11:42 AM > Cc: pptp-server at lists.schulte.org > Subject: [pptp-server] It works locally now. But now masquerading is > needed.... > > > After turning off LCP-extensions it works. Thanks! > > However now I need to configure pptp through our > masquerading firewall. Have anyone heard of an iptables > pptp masquerading module? > > Or any kind of path of a 2.4 kernel? The latest patches > I have found so far seems to apply to 2.2 kernels and > older. > > Fredrik The 2.4.x kernels do not need any patches for pptp masquerading unless you are trying to masq more than one concurrent connection to the same ip address. If that's the case, then checkout: http://www.impsec.org/linux/masquerade/ip_masq_vpn.html Specifically the 2.4.x section Steve Cowles From allan at data-house.com Fri Feb 22 14:13:24 2002 From: allan at data-house.com (K. Allan Wilson) Date: Fri, 22 Feb 2002 14:13:24 -0600 Subject: [pptp-server] Thanks for the help References: <3C7663EC.9080706@data-house.com> <1014399065.1693.58.camel@richard> <1014401247.1693.60.camel@richard> Message-ID: <3C76A664.3030700@data-house.com> I am using ppp-2.4.1-3mppe and pptpd-1.1.2-2 with Redhat 7.0. I installed the rpms and then used the default config. I tried to execute modprobe ppp but I got the following error Can't locate module ppp. I have all the lines you listed in my modules.conf file but one extra line in the bottom that is alias net-pf-47 ip_gre. What exactly is that line for. I think I am begining to understand what is going on a little. Allan R. de Vroede wrote: >Don't forget to put a 'modprobe ppp' in a startup file. Will fix that in >the next RPM release of pptpd. > >On Fri, 2002-02-22 at 18:31, R. de Vroede wrote: > >>No problem. >>ppp-compress-18 is the ppp_mppe module. >>check your modules.conf for these entries: >>alias ppp ppp_generic >>alias char-major-108 off # This will be different for 2.3.x kernels >>alias ppp-compress-18 ppp_mppe >>alias ppp-compress-21 bsd_comp >>alias ppp-compress-24 ppp_deflate >>alias ppp-compress-26 ppp_deflate >> >>which RPM's did you get? >> >>Regards, >>Richard de Vroede >> >>>Thanks R. de Vroede. I downloaded the rpms for 7.0 kernel and I got it >>>to connect with no problems. I need to enable chap encription now and I >>>am also getting a can't locate module ppp-compress-18 in the >>>/var/log/messages file. If anyone has a pointer to get this working and >>>add the encryption I would appreciate the help. Thanks for all the help. >>> >>>K. Allan Wilson >>> >>>_______________________________________________ >>>pptp-server maillist - pptp-server at lists.schulte.org >>>http://lists.schulte.org/mailman/listinfo/pptp-server >>>--- To unsubscribe, go to the url just above this line. -- >>> >>-- >>Richard de Vroede >>(r.devroede at linvision.com) >>------------------------------------------------ >>Linvision BV Provides Linux Solutions >>Elektronicaweg 16D >>2628 XG Delft >>T: +31157502310 info at linvision.com >>F: +31157502319 http://devel.linvision.com >>------------------------------------------------ >> >>_______________________________________________ >>pptp-server maillist - pptp-server at lists.schulte.org >>http://lists.schulte.org/mailman/listinfo/pptp-server >>--- To unsubscribe, go to the url just above this line. -- >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From acastro at igalia.com Fri Feb 22 14:26:11 2002 From: acastro at igalia.com (Alejandro =?iso-8859-1?Q?Garc=EDa?= Castro) Date: Fri, 22 Feb 2002 21:26:11 +0100 Subject: [pptp-server] Source modification to allow forward broadcast? Message-ID: <20020222202611.GA13011@obelix.igalia.com> Hi, Is it posible to change the PopTop code in order to allow the broadcast packets to go trough the server? Thanks in advance. From samdu at ronintech.com Fri Feb 22 14:52:09 2002 From: samdu at ronintech.com (Sam Dunham) Date: Fri, 22 Feb 2002 15:52:09 -0500 Subject: [pptp-server] Verifying username and password... Message-ID: <20020222210125.PAKA3606.imf05bis.bellsouth.net@there> Redhat 7.1 on Server, through a watchguard SOHO firewall. Windows 2000 workstation behind Mandrake 8.1 server/firewall. I can make a connection, but the connection dialogue hangs on Verifying username and password. Any ideas? Thanks, -Sam From mikes at hartwellcorp.com Fri Feb 22 15:09:12 2002 From: mikes at hartwellcorp.com (Michael St. Laurent) Date: Fri, 22 Feb 2002 13:09:12 -0800 Subject: [pptp-server] Verifying username and password... Message-ID: <91A5926EFF44D3118B1200104B7276EB0108511A@hart-exchange.hartwellcorp.com> What do you find the the logfile on the server end? It may be that you are passing port 1723 but not the GRE protocol through the firewall. -------------------- Michael St. Laurent Hartwell Corporation > -----Original Message----- > From: Sam Dunham [mailto:samdu at ronintech.com] > Sent: Friday, February 22, 2002 12:52 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Verifying username and password... > > > Redhat 7.1 on Server, through a watchguard SOHO firewall. > Windows 2000 > workstation behind Mandrake 8.1 server/firewall. I can make a > connection, but > the connection dialogue hangs on Verifying username and > password. Any ideas? > > Thanks, > -Sam > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From fitzsimj at yahoo.com Fri Feb 22 15:19:47 2002 From: fitzsimj at yahoo.com (Jeff Fitzsimons) Date: Fri, 22 Feb 2002 14:19:47 -0700 Subject: [pptp-server] OT: pptpd monitor app? Message-ID: <0a1a01c1bbe6$a8c46540$a52efea9@JFP3800> I'd like to be able to quickly see what connections into pptpd are active, what IP they come in from, bandwidth, etc. Is there a utility to display such information? X-Windows or command-line, I'd be happy as long as it's quicker than doing an ifconfig and sifting through pptpd.log! :-) Jeff _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com From george at amsimanagement.com Fri Feb 22 04:56:57 2002 From: george at amsimanagement.com (George Pearson) Date: Fri, 22 Feb 2002 04:56:57 -0600 Subject: [pptp-server] Could not determine local IP address failure Message-ID: <3C7623F9.9030805@amsimanagement.com> Problem: Connecting with pptp-1.0.1 on my laptop with RedHat7.2 from WindowsXP client. Does not connect to a newly loaded RedHat7.2 with "Identical" setup: it connectes then immediately disconnects. Log reads "Could not determine local ip address". I have looked in the archives and found similar messages regarding failing connections, but have not found a similar "misconfig" in the options file (maybe I'm not looking in the right place.) Begin with network setup: I have a test bed with 192.168.254.x linked to 192.168.253.x network. I set up the servers (Laptop/New box) on the 192.168.253.100 and the clients on the 192.168.254.x side. The Laptop and New box share the same ip and I move a patch cable inbetween the two. Again the Laptop works fine and has an identical pptpd.conf/chap-secrets/options.pptp files. I have included the pptpd-failed.log from the New box and the pptpd-success.log from the Laptop. I also sent a copy of the pptpd.conf/chap-secrets/options.pptp files. Kernel Config: I have the latest 2.4.17 kernel on both machines and patched it with the 2.4.16-openssl-0.9.6b-mppe.patch: It generates the ppp-mppe.o files when ppp configured for modules. Any enlightment on this error would be greatly appreciated. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: pptpd-failed.log URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: pptpd-sucess.log URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: pptpd.conf URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: chap-secrets URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: options.pptp URL: From lists at earthling.2y.net Fri Feb 22 19:27:36 2002 From: lists at earthling.2y.net (lists at earthling.2y.net) Date: Fri, 22 Feb 2002 20:27:36 -0500 (EST) Subject: [pptp-server] Source modification to allow forward broadcast? In-Reply-To: <20020222202611.GA13011@obelix.igalia.com> Message-ID: To make any change like that work, you would need to modify the tcp/ip stack, and that would change the system behaviour in unexpected ways. You would have to make the stack handle broadcasts as normal packets, and be able to route them. On Fri, 22 Feb 2002, Alejandro Garc?a Castro wrote: > > Hi, > > Is it posible to change the PopTop code in order to allow the broadcast > packets to go trough the server? > > Thanks in advance. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > -- Justin Kreger, MCP MCSE CCNA jkreger at earthling.2y.net jwkreger at uncg.edu justin at wss.net From lonnie at outstep.com Fri Feb 22 19:04:00 2002 From: lonnie at outstep.com (Lonnie Cumberland) Date: Fri, 22 Feb 2002 20:04:00 -0500 (EST) Subject: [pptp-server] New to PPTP Message-ID: <3096.192.168.1.12.1014426240.squirrel@192.168.1.2> Hello All, I am new to PPTP and am trying to get things installed over the weekend. I have installed the RPM on my Linux box and am now trying to figure out how to configure it as well as to configure a Windows ME machine that has a direct connection via a T1 line. Where do I fond this MS VPN driver that I am supposed to be using? Any help would be greatly appreciated. Best Regards, Lonnie -- Lonnie Cumberland OutStep Technologies Incorporated EMAIL: Lonnie at OutStep.com : Lonnie_Cumberland at yahoo.com The Basis Express Virtual Office & Data Backup and Recovery Services URL: http://www.basis-express.com "The Virtual Office without boundries!!!" From spinout at yakbox.shacknet.nu Fri Feb 22 20:42:23 2002 From: spinout at yakbox.shacknet.nu (spinout) Date: Sat, 23 Feb 2002 10:42:23 +0800 Subject: [pptp-server] Duplicate Name Error In-Reply-To: <62E1E735F75DD4118A280000F81B372A233196@dhdbc.data-house.com> References: <62E1E735F75DD4118A280000F81B372A233196@dhdbc.data-house.com> Message-ID: <200202230242.g1N2g6e25836@yakbox.shacknet.nu> Hi guys, This error is likely due to the netbios name binding to multiple interfaces on the same machine. If seen the same error occur on NT4 machines if you install two nics, this causes the workstation service to fail with the same error. Cheers Craig On Fri, 22 Feb 2002 05:12, Wilson, Allan wrote: > I only have pptpd on one machine. The other is a 2000 client the is using > the microsoft info. In my /etc/ppp/options file I have: > > lock > debug > auth > +chap > proxyarp > > Let me know if you have any ideas. Thanks > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:57 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > Interesting. Did you check the /etc/ppp/options file? Is it possible that > pptpd is the same on both machines? > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:53 PM > To: Pptp (E-mail) > Subject: RE: [pptp-server] Duplicate name error > > > I agree. One machine is named Jay and the other is VIP1. They are connected > through a crossover cable. There should be no name conflicts as far as I > can tell. Is there any config files that would help to check things out for > me. Thanks for helping. > > > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:50 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > The tunnel doesnt have anything to do with it, but TCPIP does. You cant > have 2 machines with the same name on the same network. > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:38 PM > To: Pptp (E-mail) > Subject: RE: [pptp-server] Duplicate name error > > > I just have a crossover cable between the two systems. Does computer names > have anything to do with making the tunnel. I didn't think so, so I am not > sure why I am getting this error. Any more ideas would be appreciated. > > Allan > > -----Original Message----- > From: Erich Kolb [mailto:ekolb at randbreceivables.com] > Sent: Thursday, February 21, 2002 2:29 PM > To: Wilson, Allan > Subject: RE: [pptp-server] Duplicate name error > > > Are you sure that there are no other machines on the network with that > computer name? > > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Wilson, Allan > Sent: Thursday, February 21, 2002 2:28 PM > To: Pptp (E-mail) > Subject: [pptp-server] Duplicate name error > > > Hello list. Hopefully someone can help me with my problem. I am trying to > setup pptp on a Redhat 7.2 box. The user gets authenticated with CHAP but > then there is an error on the client end and then the client can no longer > connect to the pptp server. The error is: > > A duplicate name exists on the network. > > TCP/IP CP: reported error 52 > > If anyone has any ideas it would be a lifesaver. > > Thanks > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From alex at ra.zapad.msk.ru Sat Feb 23 03:37:49 2002 From: alex at ra.zapad.msk.ru (Alexander V Alekseev) Date: Sat, 23 Feb 2002 12:37:49 +0300 (MSK) Subject: [pptp-server] pppd hangs.. Help, pls. Message-ID: Hello! I have pptpd server with linux-2.4.9, pppd-2.4.1+mppe (though only MSCHAP-v2 is really used. No data encryption), pptpd 1.1.2 . So I get two issues: 1) Windows clients (different versions, win95,98,2000,XP,ME) connect, and work ok. This can be for a long time (a week or so, about a hundred connects/disconnects). But suddenly we see in logs: Feb 23 09:45:18 pptpd[8037]: CTRL: Client 10.0.5.7 control connection started Feb 23 09:45:18 pptpd[8037]: CTRL: Starting call (launching pppd, opening GRE) Feb 23 09:45:18 pppd[8038]: pppd 2.4.1 started by root, uid 0 Feb 23 09:45:18 pppd[8038]: tdb_store key failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store key failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: Using interface ppp0 Feb 23 09:45:18 pppd[8038]: tdb_store key failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: Connect: ppp0 <--> /dev/pts/0 Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pptpd[8037]: Buffering out-of-order packet; got 1 after 4294967295 Feb 23 09:45:18 pptpd[8037]: Packet reorder timeout waiting for 0 Feb 23 09:45:18 pptpd[8037]: Buffering out-of-order packet; got 2 after 0 Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: MSCHAP-v2 peer authentication succeeded for pp20104 Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store key failed: Success Feb 23 09:45:18 pppd[8038]: tdb_store failed: Success Feb 23 09:45:18 pppd[8038]: local IP address 10.0.0.100 Feb 23 09:45:18 pppd[8038]: remote IP address XXX.247.183.104 Feb 23 09:45:39 pppd[8038]: LCP terminated by peer Feb 23 09:45:39 pppd[8038]: tdb_store failed: Success Feb 23 09:45:39 pppd[8038]: Modem hangup Feb 23 09:45:39 pppd[8038]: Connection terminated. Feb 23 09:45:39 pppd[8038]: Connect time 0.4 minutes. Feb 23 09:45:39 pppd[8038]: Sent 5122 bytes, received 7427 bytes. Feb 23 09:45:39 pppd[8038]: tdb_store failed: Success Feb 23 09:45:39 pppd[8038]: Exit. Feb 23 09:45:44 pptpd[8037]: GRE: read error: Bad file descriptor Feb 23 09:45:44 pptpd[8037]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 23 09:45:44 pptpd[8037]: CTRL: Client 10.0.5.7 control connection finished But if we see in ps aefx output pppd[8038] hangs. AAnd just after that we see: Feb 23 10:06:59 pptpd[8041]: CTRL: Client 10.0.5.7 control connection started Feb 23 10:06:59 pptpd[8041]: CTRL: Starting call (launching pppd, opening GRE) Feb 23 10:07:29 pptpd[8041]: Buffering out-of-order packet; got 1 after 4294967295 Feb 23 10:07:34 pptpd[8041]: GRE: read error: Bad file descriptor Feb 23 10:07:34 pptpd[8041]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 23 10:07:34 pptpd[8041]: CTRL: Client 10.0.5.7 control connection finished Feb 23 10:07:44 pptpd[8043]: CTRL: Client 10.0.5.7 control connection started Feb 23 10:07:44 pptpd[8043]: CTRL: Starting call (launching pppd, opening GRE) Feb 23 10:08:14 pptpd[8043]: Buffering out-of-order packet; got 1 after 4294967295 Feb 23 10:08:19 pptpd[8043]: GRE: read error: Bad file descriptor Feb 23 10:08:19 pptpd[8043]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 23 10:08:19 pptpd[8043]: CTRL: Client 10.0.5.7 control connection finished Feb 23 10:10:35 pptpd[8045]: CTRL: Client 10.0.5.7 control connection started Feb 23 10:10:35 pptpd[8045]: CTRL: Starting call (launching pppd, opening GRE) Feb 23 10:10:41 pptpd[8045]: Buffering out-of-order packet; got 1 after 4294967295 Feb 23 10:10:46 pptpd[8045]: GRE: read error: Bad file descriptor Feb 23 10:10:46 pptpd[8045]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 23 10:10:46 pptpd[8045]: CTRL: Client 10.0.5.7 control connection finished Feb 23 10:17:30 pptpd[8047]: CTRL: Client 10.0.5.7 control connection started Feb 23 10:17:30 pptpd[8047]: CTRL: Starting call (launching pppd, opening GRE) Feb 23 10:18:00 pptpd[8047]: Buffering out-of-order packet; got 1 after 4294967295 Feb 23 10:18:05 pptpd[8047]: GRE: read error: Bad file descriptor Feb 23 10:18:05 pptpd[8047]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 23 10:18:05 pptpd[8047]: CTRL: Client 10.0.5.7 control connection finished ... And so on (Each time one more pppd is added...). So, we see something like: 28512 ? R 138:17 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 28683 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 28685 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 28812 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 28814 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 28816 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 29443 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 30570 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 30572 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 30699 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 30701 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 31453 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 31455 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 31457 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 31959 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 31961 ? S 0:00 /usr/sbin/pppd local file /etc/ppp/options.pptp 921600 If we kill the first pppd, the second starts eating all cpu. And so on. We have to kill all those pppd, to let anyone connect... Can anyone help? 2) Sometimes pppd hangs on connect immediately. Windows client says: "Verifying username and password", waits, than says Error 650. In logs something like: Feb 22 19:50:38 pptpd[6472]: CTRL: Client 10.0.48.3 control connection started Feb 22 19:50:38 pptpd[6472]: CTRL: Starting call (launching pppd, opening GRE) Feb 22 19:50:38 pppd[6473]: pppd 2.4.1 started by root, uid 0 Feb 22 19:51:08 pptpd[6472]: Buffering out-of-order packet; got 1 after 4294967295 Feb 22 19:51:13 pptpd[6472]: GRE: read error: Bad file descriptor Feb 22 19:51:13 pptpd[6472]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 22 19:51:13 pptpd[6472]: CTRL: Client 10.0.48.3 control connection finished And then we see everything just like in case 1) . Any ideas? Bye. Alex. -- Alexander V Alekseev, AVA37-RIPN RA Telecom NOC +7 095 231-27-23 From alex at ra.zapad.msk.ru Sat Feb 23 03:48:33 2002 From: alex at ra.zapad.msk.ru (Alexander V Alekseev) Date: Sat, 23 Feb 2002 12:48:33 +0300 (MSK) Subject: [pptp-server] pppd hangs. Another issue. Message-ID: Hello! A very starange thing. All software just as in my previous mail. For example we have network interface (ethernet) configured like: eth1 IP=10.0.1.1 netmask=255.255.255.0 broadcast=10.0.1.255 In that case pppd hangs immediately by all means! But if interface is configured like: eth1 IP=10.0.1.1 netmask=255.255.255.0 broadcast=10.255.255.255 Everything works! (But problems in my prev. mail persist). Why ? I consider the second counfiguration is wrong. Bye. Alex. -- Alexander V Alekseev, AVA37-RIPN RA Telecom NOC +7 095 231-27-23 From fred at avati.com.br Sat Feb 23 11:52:46 2002 From: fred at avati.com.br (Frederico Augusto) Date: Sat, 23 Feb 2002 09:52:46 -0800 Subject: [pptp-server] NT Login Message-ID: <001901c1bc92$e703d640$c800a8c0@brain> Hi, i am ney to the list , and have already read something here about nt scripts. I'm having a problem running a logon script . I have no problem authenticating users on the PDC, but the user script ( only a BAT file connecting to the server shares. ) only runs sometimes. The interesting part is that after connecting to my domain , i can run the sript from the station perfectly. The only problem is to run it automatically after logon. Does anyone seen that ? Fred -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at colliniconsulting.it Sun Feb 24 03:54:40 2002 From: lists at colliniconsulting.it (Francesco) Date: Sun, 24 Feb 2002 10:54:40 +0100 Subject: [pptp-server] newbie Message-ID: Hello! Since yesterday afternoon i have been using PopTop as pptp server on a linux 2.2.19 redhat 6.2 box. I would like to ask you a few question: is ppp-2.3.11 (plus ms-chap2 patches) the latest version to use with kernel 2.2.19 which has got the related ms-chap2 patches? i had some problems with kernel 2.2.20; in fact, the ./kinstall.sh script did not overwrite the ppp-kernel-sources because they were out of date. Do you know of some patches for the 2.2.20 to make poptop works under it? Thank you in advance for your interest, best regards! Francesco Collini (from Italy) From jvonau at shaw.ca Sun Feb 24 10:03:42 2002 From: jvonau at shaw.ca (Jerry Vonau) Date: Sun, 24 Feb 2002 10:03:42 -0600 Subject: [pptp-server] Archives References: Message-ID: <3C790EDE.B050A33D@shaw.ca> Hi All: Hey, anybody know what happened to the search feature at the archives? There are a bunch of posts that can be used as reference material for new users, but without being able to search for them, how do you find them? The hard way? Is it going to be replaced? Is there an another one around that can be used? Thanks for listening... Jerry Vonau PS. If you have me in your address book, my email address changed..... From r.devroede at linvision.com Mon Feb 25 04:42:38 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 25 Feb 2002 11:42:38 +0100 Subject: [pptp-server] Cant get PPTP to work over ADSL on RH7.2 In-Reply-To: <01C1BBD3.D2A8B590.coert.klaver@planet.nl> References: <01C1BBD3.D2A8B590.coert.klaver@planet.nl> Message-ID: <1014630142.1753.9.camel@richard> Hi Coert, pptpd is not what you're looking for, it's the server. You need a client. Go to http://sourceforge.net/project/showfiles.php?group_id=33063&release_id=48161 and get the client. For the newest version of ppp-mppe, go to http://devel.linvision.com Regards, Richard de Vroede > Hello > > I'm struggling a few days already to get my ADSL connection working on my > linux box. The connection itself, the modem and the account are OK, it > works fine from under NT. I have the following stuff: > - Linux RH 7.2, (2.4.7-10 kernel) > - ppp-2.4.1-2 > - pptpd-1.0.0.5 > > > The pptpd starts OK, I can see the pptpd logfile and it reports a propper > start of the pptpd. > On my linux box, eth0 is the NIC on the inside and has 192.168.0.1, eth1 is > the NIC on the ADSL modem side and has 10.0.0.150. The modem has > 10.0.0.138. I can ping eth1, I can ping the modem. If I ping a external ip > addres , e.g. 194.109.9.99, I can see the LAN light on the ADSL modem > flashing, so routing on my box should be OK, the ping is routed to the ADSL > modem. The TX nor RX light doesn't come up, appearently the connection over > ADSL is not comming up. > Can somebody hive a hint as to what to check next > Thanks for any suggestion > > Coert Klaver > > coert.klaver at planet.nl -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Mon Feb 25 04:42:38 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 25 Feb 2002 11:42:38 +0100 Subject: [pptp-server] Thanks for the help In-Reply-To: <3C76A664.3030700@data-house.com> References: <3C7663EC.9080706@data-house.com> <1014399065.1693.58.camel@richard> <1014401247.1693.60.camel@richard> <3C76A664.3030700@data-house.com> Message-ID: <1014631294.1740.29.camel@richard> > I am using ppp-2.4.1-3mppe and pptpd-1.1.2-2 with Redhat 7.0. I > installed the rpms and then used the default config. I tried to execute > modprobe ppp but I got the following error Can't locate module ppp. Hmm. Have you installed the kernel RPM? I > have all the lines you listed in my modules.conf file but one extra line > in the bottom that is alias net-pf-47 ip_gre. What exactly is that line > for. I think I am begining to understand what is going on a little. I added that because that was a probable anwer to a question on this list, but I'm not so very sure it helps any. It's just to be sure. Regards, Richard -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Mon Feb 25 04:42:39 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 25 Feb 2002 11:42:39 +0100 Subject: [pptp-server] NT Login In-Reply-To: <001901c1bc92$e703d640$c800a8c0@brain> References: <001901c1bc92$e703d640$c800a8c0@brain> Message-ID: <1014631759.1753.35.camel@richard> To make a workstation start a netlogon script, you have to do a domain login. > Hi, > i am ney to the list , and have already read something here about nt scripts. I'm having a problem running a logon script . I have no problem authenticating users on the PDC, but the user script ( only a BAT file connecting to the server shares. ) only runs sometimes. The interesting part is that after connecting to my domain , i can run the sript from the station perfectly. The only problem is to run it automatically after logon. Does anyone seen that ? > > Fred -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Mon Feb 25 04:42:38 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 25 Feb 2002 11:42:38 +0100 Subject: [pptp-server] It works locally now. But now masquerading is needed.... In-Reply-To: <3C7682FF.105@seamless.se> References: <3C7682FF.105@seamless.se> Message-ID: <1014631047.1753.24.camel@richard> > However now I need to configure pptp through our > masquerading firewall. Have anyone heard of an iptables > pptp masquerading module? You don't need pptp masquerading module. Just use NAT. > Or any kind of path of a 2.4 kernel? The latest patches > I have found so far seems to apply to 2.2 kernels and > older. Go to http://mirror.binarix.com/ppp-mppe/ -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Mon Feb 25 04:42:37 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 25 Feb 2002 11:42:37 +0100 Subject: [pptp-server] Could not determine local IP address failure In-Reply-To: <3C7623F9.9030805@amsimanagement.com> References: <3C7623F9.9030805@amsimanagement.com> Message-ID: <1014629730.1753.3.camel@richard> Hi George, You just have to modify your pptpd.conf: localip 192.168.253.230 Just the number of the single machine. Routing will solve communication to the other 192.168.253 machines. -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From steevieg at hushmail.com Mon Feb 25 06:01:35 2002 From: steevieg at hushmail.com (steevieg at hushmail.com) Date: Mon, 25 Feb 2002 04:01:35 -0800 Subject: [pptp-server] URGENT tip request - problem browsing the net from a dialup Win2k client, and latest Kernel/patches. Message-ID: <200202251201.g1PC1ZL39375@mailserver4.hushmail.com> Hi all, i've setted up pptpd v.1.0.1 on a debian server that must provide vpn connection from dialup-home-pc. After an endless nightmare, i can finaly connect with encryption, i ping all pc, i can browse them running a \\internal_ip, etc, but my boss wants to browse the local network from the "network places" too as it was a normal internal connection. Beyond the dns, i've setted the wins server too in the options of the tcp/vpn connection of the client, and I can see both of them in the ipconfig /all. I've also set the ms-dns and ms-wins in /etc/ppp/pptpd-options but nothing changes. 1) What do i have to to do to browse the net from there as it was a normal internal connection? The situation is: Kernel 2.2.19 ppp-2.3.8 ppp-2.3.8-mppe-others-norc4_TH7.diff.gz patch applied SSLeay-0.6.6b.tar.gz PoPToP v1.0.1 ipchains 1.3.9 ps: no firwall rules are applied at the moment. 2) I had troubles with kernel 2.4.17, anyone knows which is the latest kernel/patches that are usable to make a stable vpn server? 3) I'm testing the home client from an external isdn connection; it's terribly luggysh, my boss told me that from an analogic 33.6 connection it was faster. Is there any trick/option to set/unset to make it faster? Hush provide the worlds most secure, easy to use online applications - which solution is right for you? HushMail Secure Email http://www.hushmail.com/ HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ Hush Business - security for your Business http://www.hush.com/ Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/ From allan at data-house.com Mon Feb 25 08:55:45 2002 From: allan at data-house.com (K. Allan Wilson) Date: Mon, 25 Feb 2002 08:55:45 -0600 Subject: [pptp-server] Thanks for the help References: <3C7663EC.9080706@data-house.com> <1014399065.1693.58.camel@richard> <1014401247.1693.60.camel@richard> <3C76A664.3030700@data-house.com> <1014631294.1740.29.camel@richard> Message-ID: <3C7A5071.30805@data-house.com> I have not installed the kernel rpms. That is the culprit then. What exactly is the kernel modules. Is that to upgrade the kernel? What is the order that I need to install them. Thanks for the help. Allan R. de Vroede wrote: >>I am using ppp-2.4.1-3mppe and pptpd-1.1.2-2 with Redhat 7.0. I >>installed the rpms and then used the default config. I tried to execute >>modprobe ppp but I got the following error Can't locate module ppp. >> >Hmm. Have you installed the kernel RPM? > >I > >>have all the lines you listed in my modules.conf file but one extra line >>in the bottom that is alias net-pf-47 ip_gre. What exactly is that line >>for. I think I am begining to understand what is going on a little. >> >I added that because that was a probable anwer to a question on this >list, but I'm not so very sure it helps any. It's just to be sure. > >Regards, >Richard > From markus.noch at bsk-info.de Mon Feb 25 09:52:31 2002 From: markus.noch at bsk-info.de (Markus Noch) Date: Mon, 25 Feb 2002 16:52:31 +0100 Subject: [pptp-server] (no subject) Message-ID: <20020225165231.24e7e76a.markus.noch@bsk-info.de> Hi all, i have a problem during connecting between a Win2K Notebook and a Linux pptpd Server. During connecting i get the following messages in the syslog: Feb 25 16:03:03 mail pptpd[1086]: CTRL: Received PPTP Control Message (type: 15) Feb 25 16:03:03 mail pptpd[1086]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=47 62.180.148.144:65535 212.21.170.196:65535 L=60 S=0x00 I=8454 F=0x000 0 T=115 (#22) Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP ConfAck id=0x3 ] Feb 25 16:03:03 mail pppd[1087]: sent [LCP EchoReq id=0x0 magic=0x53b00270] Feb 25 16:03:03 mail pppd[1087]: cbcp_lowerup Feb 25 16:03:03 mail pppd[1087]: want: 2 Feb 25 16:03:03 mail pppd[1087]: peer refused to authenticate: terminating link Feb 25 16:03:03 mail pppd[1087]: cbcp_lowerdown Feb 25 16:03:03 mail pppd[1087]: sent [LCP TermReq id=0x4 "peer refused to authenticate"] Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=47 62.180.148.144:65535 212.21.170.196:65535 L=52 S=0x00 I=8455 F=0x000 0 T=115 (#22) Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=47 62.180.148.144:65535 212.21.170.196:65535 L=57 S=0x00 I=8456 F=0x000 0 T=115 (#22) Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP code=0xc id=0x2 5f 7f 4c 82 4d 53 52 41 53 56 35 2e 30 30] Feb 25 16:03:03 mail pppd[1087]: sent [LCP CodeRej id=0x5 0c 02 00 12 5f 7f 4c 82 4d 53 52 41 53 56 35 2e 30 30] Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP code=0xc id=0x3 5f 7f 4c 82 4d 53 52 41 53 2d 31 2d 54 45 53 54 56 50 4e] Feb 25 16:03:03 mail pppd[1087]: sent [LCP CodeRej id=0x6 0c 03 00 17 5f 7f 4c 82 4d 53 52 41 53 2d 31 2d 54 45 53 54 56 50 4e] Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=47 62.180.148.144:65535 212.21.170.196:65535 L=46 S=0x00 I=8457 F=0x000 0 T=115 (#22) Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP EchoRep id=0x0 magic=0x5f7f4c82] Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=6 62.180.148.144:1666 212.21.170.196:1723 L=64 S=0x00 I=8458 F=0x4000 T =115 (#33) Feb 25 16:03:03 mail pptpd[1086]: CTRL: Received PPTP Control Message (type: 15) Feb 25 16:03:03 mail pptpd[1086]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Feb 25 16:03:03 mail kernel: Packet log: input ACCEPT eth1 PROTO=47 62.180.148.144:65535 212.21.170.196:65535 L=72 S=0x00 I=8459 F=0x000 0 T=115 (#22) Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP TermAck id=0x4 "peer refused to authenticate"] Feb 25 16:03:03 mail pppd[1087]: Connection terminated. Feb 25 16:03:03 mail pppd[1087]: Exit. Feb 25 16:03:03 mail pptpd[1086]: Error reading from pppd: Input/output error Feb 25 16:03:03 mail pptpd[1086]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5) Feb 25 16:03:03 mail pptpd[1086]: CTRL: Client 62.180.148.144 control connection finished Feb 25 16:03:03 mail pptpd[1086]: CTRL: Exiting now The proto 47, and port 1723 are accepted as you can see in the syslog output. What is: Feb 25 16:03:03 mail pppd[1087]: rcvd [LCP TermAck id=0x4 "peer refused to authenticate"] ? Are there authentification problems with Win2k ? Greetz an thanx in advance, -- ----------------------------------------------------- Markus Noch bsk IT Systemhaus GmbH .-. Tel.: +49 6241 / 94650-21 /v\ Klosterstrasse 23 // \\ 67547 Worms /( )\ ^^-^^ _ _ _ _ ___ ____ | |__ ___| | __ | \ | |/ _ \ / ___| | '_ \/ __| |/ /____| \| | | | | | | |_) \__ \ <_____| |\ | |_| | |___ |_.__/|___/_|\_\ |_| \_|\___/ \____| Network-Operation-Centre POP Worms noc at bsk-info.de ---Home is where ever those login prompts shine !---- From christopher at schulte.org Mon Feb 25 10:09:24 2002 From: christopher at schulte.org (Christopher Schulte) Date: Mon, 25 Feb 2002 10:09:24 -0600 Subject: [pptp-server] Archives In-Reply-To: <3C790EDE.B050A33D@shaw.ca> References: Message-ID: <5.1.0.14.0.20020225100644.01bb0cb0@pop3s.schulte.org> At 10:03 AM 2/24/2002 -0600, you wrote: >Hi All: > >Hey, anybody know what happened to the >search feature at the archives? The list software was moved to a different server in prep for some network changes.... the search feature will return as soon as I have some time to recreate it!! I wasn't sure if anyone was using it, but as such I will try to get it in place sooner than I originally planned. From marcel_hauser at gmx.ch Mon Feb 25 10:19:52 2002 From: marcel_hauser at gmx.ch (Hauser Marcel) Date: Mon, 25 Feb 2002 08:19:52 -0800 Subject: [pptp-server] Accessing pptp over a Network behind a Firewall In-Reply-To: <200202251201.g1PC1ZL39375@mailserver4.hushmail.com> Message-ID: <002101c1be18$413528e0$650a0a0a@matrix.net> Hi All Hope this is not in any FAQ I din't read :) .... I'am new to this list... and I've currently successfully installed pptp + ppp on my Firewall which is based on RH 7.2. Let me outline the Problem: My Firewall is in a private network (172.16.224.0), which is my ISP's Cable Modem Network. I have an external IP Address lets say 20.20.20.20 which is mapped to 172.16.224.30. At my Firewall I'am allowing port 1723 and Protocol 47 as explained in many FAQ's and HOWTO's. If I put a winXP Notebook into the 172.16.224.0 Network, and try to establish a vpn connection to 172.16.224.30 everthing is working just fine ! BUT !! I can't connect from everywhere else on the internet. I know it looks like a firewall issue... but that thing doing NAT at my ISP isn't a firewall... it just does nat (allowing every kind of traffic) !! The places where I try to connect to my firewall do have firewall's aswell... but I know for sure, that they are allowing everything from inside to outside !! I know that IPSEC will not work in NAT Situations... but pptp isn't using IPSEC.... what could be the problem here ?? In the logfiles I get Sent [LCP ConfReq id=0x1 Last message repeated 9 times LCP: timeout sending Config-Requests Connection terminated ! Any help would be very appreciated :) Thanks in advance Cheers Marcel From schierz at cst-it.dyndns.org Mon Feb 25 10:45:18 2002 From: schierz at cst-it.dyndns.org (Denny Schierz) Date: Mon, 25 Feb 2002 17:45:18 +0100 Subject: [pptp-server] some errors in LOG Message-ID: <130315080.20020225174518@cst-it.dyndns.org> Hello pptp-server List, i don't know, what this errors mean in my syslog: Feb 25 17:30:38 server pptpd[16049]: MGR: Launching /usr/local/sbin/pptpctrl to handle client Feb 25 17:30:38 server pptpd[16049]: CTRL: pppd options file = /etc/ppp/pptp.options Feb 25 17:30:38 server pptpd[16049]: CTRL: Client 195.145.9.30 control connection started Feb 25 17:30:38 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 1) Feb 25 17:30:38 server pptpd[16049]: CTRL: Made a START CTRL CONN RPLY packet Feb 25 17:30:38 server pptpd[16049]: CTRL: I wrote 156 bytes to the client. Feb 25 17:30:38 server pptpd[16049]: CTRL: Sent packet to client Feb 25 17:30:41 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 7) Feb 25 17:30:41 server pptpd[16049]: CTRL: Set parameters to 1525 maxbps, 64 window size Feb 25 17:30:41 server pptpd[16049]: CTRL: Made a OUT CALL RPLY packet Feb 25 17:30:41 server pptpd[16049]: CTRL: Starting call (launching pppd, opening GRE) Feb 25 17:30:41 server pptpd[16049]: CTRL: pty_fd = 5 Feb 25 17:30:41 server pptpd[16049]: CTRL: tty_fd = 6 Feb 25 17:30:41 server pptpd[1141]: CTRL (PPPD Launcher): Connection speed = 115200 Feb 25 17:30:41 server pptpd[16049]: CTRL: I wrote 32 bytes to the client. Feb 25 17:30:41 server pptpd[16049]: CTRL: Sent packet to client Feb 25 17:30:41 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 15) Feb 25 17:30:41 server pptpd[16049]: CTRL: Got a SET LINK INFO packet with standard ACCMs Feb 25 17:30:41 server pppd[1141]: pppd 2.4.1b2 started by root, uid 0 Feb 25 17:30:41 server pppd[1141]: Using interface ppp1 Feb 25 17:30:41 server pppd[1141]: Connect: ppp1 <--> /dev/pts/5 Feb 25 17:31:11 server pptpd[16049]: GRE: read(fd=5,buffer=804daa0,len=8196) from PTY failed: status = -1 error = Input/ Feb 25 17:31:11 server pptpd[16049]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) Feb 25 17:31:11 server pppd[1141]: LCP: timeout sending Config-Requests Feb 25 17:31:11 server pppd[1141]: Connection terminated. Feb 25 17:31:11 server pppd[1141]: Exit. Feb 25 17:31:11 server pptpd[2644]: MGR: Reaped child 16049 Feb 25 17:31:11 server pptpd[16049]: CTRL: Client 195.145.9.30 control connection finished Feb 25 17:31:11 server pptpd[16049]: CTRL: Exiting now I want to connect from my local network over a Router (Debian Woody) to a PPTP Server (Potato). Win2k as client, the problem is, that only one Client can connect fom our Lan to the Server. Windows reports a error 619, can't connected to the Port. When i'm waiting ca. 30min then i can connect fom an another Client (after the first Client disconnected) (sometimes, nobody can connecting). My PPTP.conf looks like this: option /etc/ppp/pptp.options localip 192.168.50.200-210 remoteip 192.168.50.215-240 and pptp.options: name * lock mtu 1490 mru 1490 noauth proxyarp +chap +chapms-v2 #mppe-40 mppe-128 mppe-stateless ipcp-accept-local ipcp-accept-remote lcp-echo-failure 3 lcp-echo-interval 5 deflate 0 i have pptp version 1.01 and tested 1.1.2 Restart PPTPD doesn't help. :-( -- with greetings Denny Schierz mailto:schierz at cst-it.dyndns.org From Steve at SteveCowles.com Mon Feb 25 10:46:38 2002 From: Steve at SteveCowles.com (Cowles, Steve) Date: Mon, 25 Feb 2002 10:46:38 -0600 Subject: [pptp-server] URGENT tip request - problem browsing the net f rom a dialup Win2k client, and latest Kernel/patches. Message-ID: <90769AF04F76D41186C700A0C90AFC3EEA4F@defiant.infohiiway.com> > -----Original Message----- > From: steevieg at hushmail.com [mailto:steevieg at hushmail.com] > Sent: Monday, February 25, 2002 6:02 AM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] URGENT tip request - problem browsing the net > from a dialup Win2k client, and latest Kernel/patches. > > > > Hi all, > > i've setted up pptpd v.1.0.1 on a debian server that must > provide vpn connection from dialup-home-pc. > After an endless nightmare, i can finaly connect with > encryption, i ping all pc, i can browse them running a > \\internal_ip, etc, but my boss wants to browse the local > network from the "network places" too as it was a normal > internal connection. > > Beyond the dns, i've setted the wins server too in the > options of the tcp/vpn connection of the client, and I can > see both of them in the ipconfig /all. > I've also set the ms-dns and ms-wins in > /etc/ppp/pptpd-options but nothing changes. Is there a WINS server actually running at the IP address you set in your options file??? > > 1) What do i have to to do to browse the net from there as it > was a normal internal connection? If you have a functional WINS server on your LAN... 1) Are all MS clients on your LAN (not just your pptp clients) configured to register with that WINS server? 2) Are the PPTP clients configured to register with same workgroup/domain names as those on the LAN? > > The situation is: > Kernel 2.2.19 > ppp-2.3.8 > ppp-2.3.8-mppe-others-norc4_TH7.diff.gz patch applied > SSLeay-0.6.6b.tar.gz > PoPToP v1.0.1 > ipchains 1.3.9 > > ps: no firwall rules are applied at the moment. > > > 2) I had troubles with kernel 2.4.17, anyone knows which is > the latest kernel/patches that are usable to make a stable vpn server? > > > 3) I'm testing the home client from an external isdn > connection; it's terribly luggysh, my boss told me that from > an analogic 33.6 connection it was faster. > Is there any trick/option to set/unset to make it faster? You might try to decrease the MTU of your PPTP connection by specifying the following in your options file. mtu 1492 mru 1492 or maybe even 1460. tcpdump should show if gre/ppp packets are being fragmented. Steve Cowles From marcel_hauser at gmx.ch Mon Feb 25 10:46:02 2002 From: marcel_hauser at gmx.ch (Hauser Marcel) Date: Mon, 25 Feb 2002 08:46:02 -0800 Subject: [pptp-server] Accessing pptp over a Network behind a Firewall In-Reply-To: Message-ID: <002401c1be1b$ebd58d00$650a0a0a@matrix.net> Hehe Iptables -a output -p 47 -m state --state new -d 172.16.224.30 ..... and so on !! Yes ! I'am allowing it :) ... otherwise the connection from the 172.16.224.0 Network wouln't work :) Cheers Marcel -----Original Message----- From: Herv? Guehl [mailto:herve.guehl at dedigate.com] Sent: Monday, February 25, 2002 08:42 To: Hauser Marcel Subject: RE: [pptp-server] Accessing pptp over a Network behind a Firewall Hi .. check if U allow protocol (not port) 47 .. more known as gre :o) Herv? > -----Original Message----- > From: Hauser Marcel [mailto:marcel_hauser at gmx.ch] > Sent: lundi 25 f?vrier 2002 17:20 > To: pptp-server at lists.schulte.org > Subject: [pptp-server] Accessing pptp over a Network behind a Firewall > > > Hi All > > Hope this is not in any FAQ I din't read :) .... > > I'am new to this list... and I've currently successfully installed pptp > + ppp on my Firewall which is based on RH 7.2. > > Let me outline the Problem: > My Firewall is in a private network (172.16.224.0), which is my ISP's > Cable Modem Network. I have an external IP Address lets say 20.20.20.20 > which is mapped to 172.16.224.30. At my Firewall I'am allowing port 1723 > and Protocol 47 as explained in many FAQ's and HOWTO's. > If I put a winXP Notebook into the 172.16.224.0 Network, and try to > establish a vpn connection to 172.16.224.30 everthing is working just > fine ! > BUT !! I can't connect from everywhere else on the internet. > I know it looks like a firewall issue... but that thing doing NAT at my > ISP isn't a firewall... it just does nat (allowing every kind of > traffic) !! > The places where I try to connect to my firewall do have firewall's > aswell... but I know for sure, that they are allowing everything from > inside to outside !! > > I know that IPSEC will not work in NAT Situations... but pptp isn't > using IPSEC.... what could be the problem here ?? > > In the logfiles I get > > Sent [LCP ConfReq id=0x1 0x4328jfaal> > Last message repeated 9 times > LCP: timeout sending Config-Requests > Connection terminated ! > > Any help would be very appreciated :) > > Thanks in advance > > Cheers Marcel > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From marcel_hauser at gmx.ch Mon Feb 25 10:47:36 2002 From: marcel_hauser at gmx.ch (Hauser Marcel) Date: Mon, 25 Feb 2002 08:47:36 -0800 Subject: [pptp-server] Accessing pptp over a Network behind a Firewall In-Reply-To: <20020225163415.GC855@rz.uni-karlsruhe.de> Message-ID: <002501c1be1c$24470380$650a0a0a@matrix.net> >> BUT !! I can't connect from everywhere else on the internet. >> I know it looks like a firewall issue... but that thing doing NAT at my >> ISP isn't a firewall... it just does nat (allowing every kind of >> traffic) !! >I think the problem is GRE (IP Protocoll 47), that isn't normally natted. >There are tools, that perform a kind of ping using gre-packets. I don't >have an url, but using google, you should find a tool. Otherwise mail your >provider and ask, wether other ip-protocolls are natted. So the actual data transfer is based on GRE, right ? (Because I can authenticate successfully I guess) What is that "LCP ConfReq" anyway (which doesn't get answered by the client) ? Cheers Marcel From GDUODU at dot.state.tx.us Mon Feb 25 13:33:15 2002 From: GDUODU at dot.state.tx.us (Godfried Duodu) Date: Mon, 25 Feb 2002 13:33:15 -0600 Subject: [pptp-server] Cable modem and pptp Message-ID: I have a cable modem connection and would like to know if it can be used to setup pptp to connect to my office workstation. All the docs that I seen so far talks about dialup connections. A pointer to any docs or url will be appreciated. Thanks. From lonnie at outstep.com Mon Feb 25 15:21:47 2002 From: lonnie at outstep.com (Lonnie Cumberland) Date: Mon, 25 Feb 2002 16:21:47 -0500 (EST) Subject: [pptp-server] newbie questions Message-ID: <1147.192.168.1.12.1014672107.squirrel@192.168.1.2> Hello All, I have recently installed the pptp 1.0.1 stable version on my Linux server and am trying to connect my Windows 2000 client to it. The basic goal is to be able to connect to my server with the VPN and then use Samba which is already running. Actually I have a masquerading firewall running right now with the Win2000 and Linux Redhat 7.2 server with Samba running and I can make connections from the client with no problems. I will next be connecting to the server via pptp and then try and use the Samba server. My final step will be to connect to my Samba server from another machine that is not behind my firewall. Right now, I am getting the message on my windows side of "Disconnected: Error 619: the specified port is not connected" does someone know what this means and how I can fix it? All help would be greatly appreciated, Lonnie -- Lonnie Cumberland OutStep Technologies Incorporated EMAIL: Lonnie at OutStep.com : Lonnie_Cumberland at yahoo.com The Basis Express Virtual Office & Data Backup and Recovery Services URL: http://www.basis-express.com "The Virtual Office without boundries!!!" From Benny.Geys at ordina-denkart.com Tue Feb 26 03:05:41 2002 From: Benny.Geys at ordina-denkart.com (Benny.Geys at ordina-denkart.com) Date: Tue, 26 Feb 2002 10:05:41 +0100 Subject: [pptp-server] Cable modem and pptp Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AFAIK this poses no problems. I use both ADSL and cable connections to connect to out PPTP server. You need a working internet connection, whether it is a cable or dial-up connection doesn't really matter. Bye Benny - -----Original Message----- From: GDUODU at dot.state.tx.us [mailto:GDUODU at dot.state.tx.us] Sent: maandag 25 februari 2002 20:33 To: pptp-server at lists.schulte.org Subject: [pptp-server] Cable modem and pptp I have a cable modem connection and would like to know if it can be used to setup pptp to connect to my office workstation. All the docs that I seen so far talks about dialup connections. A pointer to any docs or url will be appreciated. Thanks. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server - --- To unsubscribe, go to the url just above this line. -- -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 Comment: DEAR IRS, Please cancel my subscription. iQA/AwUBPHtPuAPrgn4F1j+REQIrZACfaFSgTCQTnAUFzTketvr+GSHWEmQAn18H JpzellV6JFq+90YpsWyH9shF =DLzi -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: WINMAIL.DAT Type: application/ms-tnef Size: 1673 bytes Desc: not available URL: From r.devroede at linvision.com Tue Feb 26 04:49:49 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 26 Feb 2002 11:49:49 +0100 Subject: [pptp-server] Thanks for the help In-Reply-To: <3C7A5071.30805@data-house.com> References: <3C7663EC.9080706@data-house.com> <1014399065.1693.58.camel@richard> <1014401247.1693.60.camel@richard> <3C76A664.3030700@data-house.com> <1014631294.1740.29.camel@richard> <3C7A5071.30805@data-house.com> Message-ID: <1014720589.1862.1.camel@richard> It is a kernel patched for mppe. You need the kernel-2.4.9-21mppe and kernel-headers. The kernel-source and kernel-doc are optional. > I have not installed the kernel rpms. That is the culprit then. What > exactly is the kernel modules. Is that to upgrade the kernel? What is > the order that I need to install them. Thanks for the help. > > Allan > > R. de Vroede wrote: > > >>I am using ppp-2.4.1-3mppe and pptpd-1.1.2-2 with Redhat 7.0. I > >>installed the rpms and then used the default config. I tried to execute > >>modprobe ppp but I got the following error Can't locate module ppp. > >> > >Hmm. Have you installed the kernel RPM? > > > >I > > > >>have all the lines you listed in my modules.conf file but one extra line > >>in the bottom that is alias net-pf-47 ip_gre. What exactly is that line > >>for. I think I am begining to understand what is going on a little. > >> > >I added that because that was a probable anwer to a question on this > >list, but I'm not so very sure it helps any. It's just to be sure. > > > >Regards, > >Richard > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Tue Feb 26 05:08:51 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 26 Feb 2002 12:08:51 +0100 Subject: [pptp-server] some errors in LOG In-Reply-To: <130315080.20020225174518@cst-it.dyndns.org> References: <130315080.20020225174518@cst-it.dyndns.org> Message-ID: <1014721731.1862.3.camel@richard> Change this: localip 192.168.50.200-210 to: 192.168.50.200 Regards, Richard de Vroede > Hello pptp-server List, > > i don't know, what this errors mean in my syslog: > > Feb 25 17:30:38 server pptpd[16049]: MGR: Launching /usr/local/sbin/pptpctrl to handle client > Feb 25 17:30:38 server pptpd[16049]: CTRL: pppd options file = /etc/ppp/pptp.options > Feb 25 17:30:38 server pptpd[16049]: CTRL: Client 195.145.9.30 control connection started > Feb 25 17:30:38 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 1) > Feb 25 17:30:38 server pptpd[16049]: CTRL: Made a START CTRL CONN RPLY packet > Feb 25 17:30:38 server pptpd[16049]: CTRL: I wrote 156 bytes to the client. > Feb 25 17:30:38 server pptpd[16049]: CTRL: Sent packet to client > Feb 25 17:30:41 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 7) > Feb 25 17:30:41 server pptpd[16049]: CTRL: Set parameters to 1525 maxbps, 64 window size > Feb 25 17:30:41 server pptpd[16049]: CTRL: Made a OUT CALL RPLY packet > Feb 25 17:30:41 server pptpd[16049]: CTRL: Starting call (launching pppd, opening GRE) > Feb 25 17:30:41 server pptpd[16049]: CTRL: pty_fd = 5 > Feb 25 17:30:41 server pptpd[16049]: CTRL: tty_fd = 6 > Feb 25 17:30:41 server pptpd[1141]: CTRL (PPPD Launcher): Connection speed = 115200 > Feb 25 17:30:41 server pptpd[16049]: CTRL: I wrote 32 bytes to the client. > Feb 25 17:30:41 server pptpd[16049]: CTRL: Sent packet to client > Feb 25 17:30:41 server pptpd[16049]: CTRL: Received PPTP Control Message (type: 15) > Feb 25 17:30:41 server pptpd[16049]: CTRL: Got a SET LINK INFO packet with standard ACCMs > Feb 25 17:30:41 server pppd[1141]: pppd 2.4.1b2 started by root, uid 0 > Feb 25 17:30:41 server pppd[1141]: Using interface ppp1 > Feb 25 17:30:41 server pppd[1141]: Connect: ppp1 <--> /dev/pts/5 > Feb 25 17:31:11 server pptpd[16049]: GRE: read(fd=5,buffer=804daa0,len=8196) from PTY failed: status = -1 error = Input/ > Feb 25 17:31:11 server pptpd[16049]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) > Feb 25 17:31:11 server pppd[1141]: LCP: timeout sending Config-Requests > Feb 25 17:31:11 server pppd[1141]: Connection terminated. > Feb 25 17:31:11 server pppd[1141]: Exit. > Feb 25 17:31:11 server pptpd[2644]: MGR: Reaped child 16049 > Feb 25 17:31:11 server pptpd[16049]: CTRL: Client 195.145.9.30 control connection finished > Feb 25 17:31:11 server pptpd[16049]: CTRL: Exiting now > > > I want to connect from my local network over a Router (Debian Woody) > to a PPTP Server (Potato). Win2k as client, the problem is, that only one > Client can connect fom our Lan to the Server. Windows reports a error > 619, can't connected to the Port. When i'm waiting ca. 30min then i > can connect fom an another Client (after the first Client > disconnected) (sometimes, nobody can connecting). > My PPTP.conf looks like this: > > option /etc/ppp/pptp.options > localip 192.168.50.200-210 > remoteip 192.168.50.215-240 > > and pptp.options: > > name * > lock > mtu 1490 > mru 1490 > noauth > proxyarp > +chap > +chapms-v2 > #mppe-40 > mppe-128 > mppe-stateless > ipcp-accept-local > ipcp-accept-remote > lcp-echo-failure 3 > lcp-echo-interval 5 > deflate 0 > > i have pptp version 1.01 and tested 1.1.2 > > Restart PPTPD doesn't help. > > :-( > > > -- > with greetings > Denny Schierz mailto:schierz at cst-it.dyndns.org > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From r.devroede at linvision.com Tue Feb 26 05:12:48 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 26 Feb 2002 12:12:48 +0100 Subject: [pptp-server] Cable modem and pptp In-Reply-To: References: Message-ID: <1014721968.1862.7.camel@richard> RedHat: http://devvel.linvision.com Others: http://mirror.binarix.com/ppp-mppe/README > I have a cable modem connection and would like to know if it can be > used to setup pptp to connect to my office workstation. All the docs > that I seen so far talks about dialup connections. A pointer to any > docs or url will be appreciated. > Thanks. -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From steevieg at hushmail.com Tue Feb 26 11:15:41 2002 From: steevieg at hushmail.com (steevieg at hushmail.com) Date: Tue, 26 Feb 2002 09:15:41 -0800 Subject: [pptp-server] Re: Win2k client, and latest Kernel/patches Message-ID: <200202261715.g1QHFfH86601@mailserver2.hushmail.com> Hi all, (thanks for the tips steve :) - i don't have to look anymore for the problem of the browsing, thanx anyway) Anyone knows why after 5 min of inactivity once connected, i can still see the vpn and isdn connction from the client and the server but i can't reach anymore any pc? (the pc are reachable whe i connect) Hush provide the worlds most secure, easy to use online applications - which solution is right for you? HushMail Secure Email http://www.hushmail.com/ HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ Hush Business - security for your Business http://www.hush.com/ Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/ From Dan at omnexcontrols.com Tue Feb 26 17:22:00 2002 From: Dan at omnexcontrols.com (Dan de Haan) Date: Tue, 26 Feb 2002 15:22:00 -0800 Subject: [pptp-server] Can connect with 98, but not XP BUT XP worked yesterday. Message-ID: <258B90A9EA33D3118C08005004CF129F386568@OMNEX1> I recently set up a pptp server, version 1.1.2. When I set it up, I could connect to the VPN server with both Windopws 98SE and windows XP. Today I treid to connect with WinXP (what I have at work) and it didn't work, just hung for a while at verifying username & password. I then tried my 98 machine and it could connect. Nothing was change between when it was working yesterday and when it is not working today. This is what it logged when I coucln't connect Feb 26 15:20:06 gateway pppd[2008]: pppd 2.4.1 started by root, uid 0 Feb 26 15:20:06 gateway pppd[2008]: using channel 25 Feb 26 15:20:06 gateway pppd[2008]: Using interface ppp0 Feb 26 15:20:06 gateway pppd[2008]: Connect: ppp0 <--> /dev/pts/2 Feb 26 15:20:06 gateway pppd[2008]: sent [LCP ConfReq id=0x1 ] Feb 26 15:20:44 gateway last message repeated 9 times Feb 26 15:20:45 gateway pppd[1878]: LCP: timeout sending Config-Requests Feb 26 15:20:45 gateway pppd[1878]: Connection terminated. Feb 26 15:20:45 gateway pppd[1878]: Exit. my /etc/ppp/option.pppd is as follows: name pptpd auth require-chap proxyarp -chap -chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless #ms-wins your.server.here #ms-dns your.server.here ms-wins 192.168.10.100 ms-dns 192.168.10.100 System is a P-166 with kernel 2.4.17 Any Ideas? -Dan From beeby at transfar.com Thu Feb 28 02:46:41 2002 From: beeby at transfar.com (beeby) Date: Thu, 28 Feb 2002 16:46:41 +0800 Subject: [pptp-server] PPPD seems do nothing Message-ID: <002c01c1c034$71f81280$4f806dca@transfar.com> I have a RH 7.1 server, ppp 2.4.1+mppe patch, pptpd 1.1.2 When I connect it with a win98 client, then I got the follow Who can tell me how to resolve it? Feb 28 16:33:02 firewall pptpd[25253]: CTRL: Starting call (launching pppd, opening GRE) Feb 28 16:33:02 firewall pppd[25254]: pppd 2.4.1 started by root, uid 0 Feb 28 16:33:02 firewall pppd[25254]: Using interface ppp0 Feb 28 16:33:02 firewall pppd[25254]: Connect: ppp0 <--> /dev/pts/2 Feb 28 16:33:32 firewall pppd[25254]: Modem hangup Feb 28 16:33:32 firewall pppd[25254]: Connection terminated. Feb 28 16:33:32 firewall pppd[25254]: Exit. Feb 28 16:33:37 firewall pptpd[25253]: GRE: read error: Bad file descriptor Feb 28 16:33:37 firewall pptpd[25253]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) Feb 28 16:33:37 firewall pptpd[25253]: CTRL: Client 202.109.128.79 control connection finished From beeby at transfar.com Thu Feb 28 19:33:17 2002 From: beeby at transfar.com (Beeby) Date: Fri, 01 Mar 2002 09:33:17 +0800 Subject: [pptp-server] PPPD seems do nothing References: <002c01c1c034$71f81280$4f806dca@transfar.com> <002001c1c092$a90638c0$dd1c79c3@p266> Message-ID: <001101c1c0c1$204e7b80$4f806dca@lxy> Hi, Jurrie, I'm so glad to get your words. The DUN 1.4 had been installed for my win98se, there are some ACLs exist in my router in front of my server. with the ACLs, the client can access the port 1723 only, is it enough? Need I open more port for it? thanks for your kind. Beeby ----- Original Message ----- From: "Jurrie Overgoor" To: "beeby" Sent: Friday, March 01, 2002 4:01 AM Subject: Re: [pptp-server] PPPD seems do nothing > Did you update your Win98 client? > > Greetz -- Jurrie > jurr at tref.nl > ----- Oorspronkelijk bericht ----- > Van: beeby > Aan: > Verzonden: donderdag 28 februari 2002 9:46 > Onderwerp: [pptp-server] PPPD seems do nothing > > > > I have a RH 7.1 server, ppp 2.4.1+mppe patch, pptpd 1.1.2 > > When I connect it with a win98 client, then I got the follow > > Who can tell me how to resolve it? > > > > Feb 28 16:33:02 firewall pptpd[25253]: CTRL: Starting call (launching > pppd, opening GRE) > > Feb 28 16:33:02 firewall pppd[25254]: pppd 2.4.1 started by root, uid 0 > > Feb 28 16:33:02 firewall pppd[25254]: Using interface ppp0 > > Feb 28 16:33:02 firewall pppd[25254]: Connect: ppp0 <--> /dev/pts/2 > > Feb 28 16:33:32 firewall pppd[25254]: Modem hangup > > Feb 28 16:33:32 firewall pppd[25254]: Connection terminated. > > Feb 28 16:33:32 firewall pppd[25254]: Exit. > > Feb 28 16:33:37 firewall pptpd[25253]: GRE: read error: Bad file > descriptor > > Feb 28 16:33:37 firewall pptpd[25253]: CTRL: PTY read or GRE write failed > (pty,gre)=(-1,-1) > > Feb 28 16:33:37 firewall pptpd[25253]: CTRL: Client 202.109.128.79 control > connection finished > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- >