[pptp-server] Linux PoPToP 2.4 with LAN Internet connection.

truin at enterprise.truin.com truin at enterprise.truin.com
Thu Mar 7 00:32:13 CST 2002 

Oh yes, NAT and GRE are nasty enemies, from what I've found. :(  

If anyone has any ideas on how to get a VPN client on a NAT'd IP (behind 
linux 2.4.7-10 and ipchains 1.3.10) to a PoPToP server out on the 'net, 
suggestions or URL's for reference would be appreciated.

-=Truin=-
aka Jason Johnon

On Thu, 7 Mar 2002, John Stephens wrote:

> Havn't got it working yet but found out why it isn't.
> GRE dosn't like NAT
> http://nsupport.elronsoftware.com/support/fwweb.nsf/c9629841688f08070525656b
> 0044511b/172d0da90a220ced85256840007cc235?OpenDocument
> Thanks for the responses
> 
> John Stephens
> 
> > 
> > John Stephens wrote:
> > > 
> > > I am not trying to get to an NT RRAS Server.  The Win2K is 
> > the client and
> > > Linux is Running POPToP Server with all the authentication 
> > done there.  As I
> > > said I can connect to it accross the local network but when 
> > I go via the
> > > internet I get halfway through the connection but the 
> > tunnel isn't created.
> > > I think it is a routing problem as I am using only one 
> > interface eth0. The
> > > linux logs seem to indicate that there is something coming 
> > in from the
> > > address that my ISP gave me when I dialed in (the 203 
> > address) but then it
> > > seems to lose track after the 192 address is given out to 
> > create the tunnel.
> > > The server localhost ip is the 172 address.
> > > Any further thoughs
> 
> > > >
> > > >I have looked at all the how to's and been through the 
> > archives but I must
> > > >have missed something.
> > > >I am trying to connect from win2k dial up to an ISP via a 
> > VPN to a Linux
> > > >PoPToP 2.4 on an intranet
> > > >I can get it to work across the intranet so I presume the 
> > security and
> > > >logon
> > > >settings are correct.
> > > >
> > > >This is the set up.
> > > >
> > > >Linux box Running PoPToP 2.4 with gateway pointing to 
> > Firewall Router which
> > > >then passes it on to an internal address to our ISP's 
> > Linux firewall which
> > > >does NAT and passes it on to the outside world.
> > > >TCP 1723 and GRE are allowed  to pass on both routers.
> > > >The Firewall Routers logs indicate both are passing 
> > through it and it seems
> > > >from the linux log to be getting 70% through verification and
> > > >authentication
> > > >before deciding that it does not want to continue.
> > > >
> > > >The Win2K side gives me a 619 error  Specified port is not 
> > connected. and
> > > >the helpful advice of try restarting.  Normal Windows Solution.
> > > >
> > > >Linux log
> > > >
> > > >Mar  6 16:04:14 slinux pptpd[832]: MGR: Launching 
> > /usr/sbin/pptpctrl to
> > > >handle client
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: local address = 
> > 172.16.0.50
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: remote address = 
> > 192.168.0.1
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: pppd speed = 115200
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: pppd options file =
> > > >/etc/ppp/options
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Client 
> > 203.96.149.75 control
> > > >connection started
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP 
> > Control Message
> > > >(type: 1)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Made a START CTRL 
> > CONN RPLY packet
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: I wrote 156 bytes 
> > to the client.
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Sent packet to client
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP 
> > Control Message
> > > >(type: 7)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: 0 min_bps, 1525 
> > max_bps, 32 window
> > > >size
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Made a OUT CALL 
> > RPLY packet
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Starting call 
> > (launching pppd,
> > > >opening GRE)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: pty_fd = 5
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: tty_fd = 6
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: I wrote 32 bytes 
> > to the client.
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher): 
> > Connection speed =
> > > >115200
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher): 
> > local address =
> > > >172.16.0.50
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher): 
> > remote address =
> > > >192.168.0.1
> > > >Mar  6 16:04:14 slinux pppd[833]: pppd 2.4.0 started by root, uid 0
> > > >Mar  6 16:04:14 slinux pppd[833]: using channel 3
> > > >Mar  6 16:04:14 slinux pppd[833]: Using interface ppp0
> > > >Mar  6 16:04:14 slinux pppd[833]: Connect: ppp0 <--> /dev/pts/1
> > > >Mar  6 16:04:14 slinux pppd[833]: sent [LCP ConfReq id=0x1 
> > <asyncmap 0x0>
> > > ><auth chap MD5> <magic 0x252b63f> <pcomp> <accomp>]
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Sent packet to client
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP 
> > Control Message
> > > >(type: 15)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Got a SET LINK 
> > INFO packet with
> > > >standard ACCMs
> > > >Mar  6 16:04:17 slinux pppd[833]: sent [LCP ConfReq id=0x1 
> > <asyncmap 0x0>
> > > ><auth chap MD5> <magic 0x252b63f> <pcomp> <accomp>]
> > > >Mar  6 16:04:41 slinux last message repeated 8 times
> > > >Mar  6 16:04:44 slinux pppd[833]: LCP: timeout sending 
> > Config-Requests
> > > >Mar  6 16:04:44 slinux pppd[833]: Connection terminated.
> > > >Mar  6 16:04:44 slinux pppd[833]: Couldn't release PPP 
> > unit: Inappropriate
> > > >ioctl for device
> > > >Mar  6 16:04:44 slinux pppd[833]: Exit.
> > > >Mar  6 16:04:44 slinux pptpd[832]: Error reading from 
> > pppd: Input/output
> > > >error
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: GRE read or PTY 
> > write failed
> > > >(gre,pty)=(6,5)
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: Client 
> > 203.96.149.75 control
> > > >connection finished
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: Exiting now
> > > >Mar  6 16:04:44 slinux pptpd[249]: MGR: Reaped child 832
> > > >
> > > >The 203.96.149.75 address is the one given to the Win2K PC 
> > dialing in to
> > > >the
> > > >Internet.
> > > >
> > > >As there is no modem ISDN etc connection is there 
> > something that I have
> > > >missed with the PPP setup
> > > >
> > > >I'm relatively new to Linux so more detail than less would 
> > be helpful.
> > > >
> > > >Thanks John
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >_______________________________________________
> > > >pptp-server maillist  -  pptp-server at lists.schulte.org
> > > >http://lists.schulte.org/mailman/listinfo/pptp-server
> > > >--- To unsubscribe, go to the url just above this line. --
> > > 
> > > _________________________________________________________________
> > > Get your FREE download of MSN Explorer at 
> > http://explorer.msn.com/intl.asp.
> > > 
> > _______________________________________________
> > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > --- To unsubscribe, go to the url just above this line. --
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> > 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
>

More information about the pptp-server mailing list