[pptp-server] Problems with multi-pptpd sessions trought NAT - GRE error
Igor Maciel Macaubas
macaubas at br.inter.net
Mon Jul 15 15:15:22 CDT 2002
Hi all,
I bought a DLink 604I, wich is a cable/xdsl router with "VPN (PPTP/IPsec) multi-session support".
I'm doing some tests with it, and I can't make two connections work at the same time with it.
Bellow is my network structure:
----------------------
| |
| 192.168.1.100 | -----------|
| | |
---------------------- |
Computer 1 | ----------------------------- |------------------ | |-----------------|
|---->| LAN: 192.168.1.1 | | | |192.100.254.6 |
| WAN: 192.100.254.14 | ----------> | 192.100.254.6 | ---------> |-----------------|
---------------------- |-----> | | |-------------------| BOX 1
| | | ------------------------------ VPNServer
| 192.168.1.101 |---------| DLink
| |
----------------------
Computer 2
The objective of this session is get a valid address to the network 192.168.254.0 and access another server wich is located at 192.168.254.251
The dlink hardware has a 4-port fast switch built-in. We have two networks - 192.168.1.0 and 192.100.254.0.
Without a tunnel, I can go from the Computer 1, pass trought the DLink and get to the BOX 1 server, using DLink's native NAT.
Then I try to open a tunnel from Computer 1 to the VPNServer, passing trought the DLink hardware - and I get connected without problems.
And I can reach the BOX 1, and access the webserver wich runs there.
After that, I keep the Computer 1 connected, and go to Computer 2.
Try to connect, and connect well.
But after that, I can't access the network 192.100.254.0. It seems like I've never connected.
At my VPN Server log files, I have tons of this message:
Jul 15 16:32:01 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:02 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:02 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:02 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:02 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:03 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:03 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:03 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:03 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:04 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:04 vpn pptpd[31528]: GRE: Discarding out of order packet
Jul 15 16:32:05 vpn pptpd[31359]: GRE: Discarding out of order packet
Jul 15 16:32:05 vpn pptpd[31528]: GRE: Discarding out of order packet
And I did another test:
Connected Computer 1, and starting the download a heavy file (redhat 7.3 iso) from BOX 1.
When I try to connect from Computer 2, I can't. I get an error message 'the remote port is not connected' and tons of the "GRE: Discarding out of order packet" messages at my log files.
I read at http://www.linuxsecurity.com/resource_files/network_security/2.4_Kernel_PPTPD-HOWTO.txt about this problem, and I tryied to downsize the mru/mtu number in /etc/ppp/options file, but It didn't work.
Bellow is the configuration of my server:
Pentium III 1Ghz
256MB of RAM
RedHat 7.2
Kernel 2.4.18 (original, no mppe pach applied).
PPPd 2.4.2b1
PPTPd 1.0.1 / 1.1.3 (tested with both versions).
The config files:
/etc/ppp/options:
lock
debug
auth
require-pap
refuse-chap
proxyarp
plugin radius.so
/etc/pptpd.conf
speed 115200
debug
localip 192.100.254.6
remoteip 192.100.254.70-74
RADIUS auth working fine.
Connection working fine.
I'd like to know if the problem is with the PPTPd server (any problem with GRE or something like this was reported?), or if the problem is with my dlink router - wich says that support multiple sessions but in reallity it doesn't support.
Anyone can help me?
Regards,
Igor
--
macaubas at br.inter.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20020715/e0f5ccac/attachment.html>
More information about the pptp-server
mailing list