[pptp-server] Linux PoPToP 2.4 with LAN Internet connection.

Andrew Lyon Administrator at josims.com
Thu Mar 7 02:38:16 CST 2002 

Indeed NAT'ed clients wont work normally, perhaps you could encapsulate GRE
within a UDP tunnel ? That's what I do to pass IPSEC through NAT.

Andy

-----Original Message-----
From: truin at enterprise.truin.com [mailto:truin at enterprise.truin.com] 
Sent: 07 March 2002 06:32
To: John Stephens
Cc: PPTP List (E-mail)
Subject: RE: [pptp-server] Linux PoPToP 2.4 with LAN Internet connection.


Oh yes, NAT and GRE are nasty enemies, from what I've found. :(  

If anyone has any ideas on how to get a VPN client on a NAT'd IP (behind 
linux 2.4.7-10 and ipchains 1.3.10) to a PoPToP server out on the 'net, 
suggestions or URL's for reference would be appreciated.

-=Truin=-
aka Jason Johnon

On Thu, 7 Mar 2002, John Stephens wrote:

> Havn't got it working yet but found out why it isn't.
> GRE dosn't like NAT 
> http://nsupport.elronsoftware.com/support/fwweb.nsf/c9629841688f080705
> 25656b
> 0044511b/172d0da90a220ced85256840007cc235?OpenDocument
> Thanks for the responses
> 
> John Stephens
> 
> > 
> > John Stephens wrote:
> > > 
> > > I am not trying to get to an NT RRAS Server.  The Win2K is
> > the client and
> > > Linux is Running POPToP Server with all the authentication
> > done there.  As I
> > > said I can connect to it accross the local network but when
> > I go via the
> > > internet I get halfway through the connection but the
> > tunnel isn't created.
> > > I think it is a routing problem as I am using only one
> > interface eth0. The
> > > linux logs seem to indicate that there is something coming
> > in from the
> > > address that my ISP gave me when I dialed in (the 203
> > address) but then it
> > > seems to lose track after the 192 address is given out to
> > create the tunnel.
> > > The server localhost ip is the 172 address.
> > > Any further thoughs
> 
> > > >
> > > >I have looked at all the how to's and been through the
> > archives but I must
> > > >have missed something.
> > > >I am trying to connect from win2k dial up to an ISP via a
> > VPN to a Linux
> > > >PoPToP 2.4 on an intranet
> > > >I can get it to work across the intranet so I presume the
> > security and
> > > >logon
> > > >settings are correct.
> > > >
> > > >This is the set up.
> > > >
> > > >Linux box Running PoPToP 2.4 with gateway pointing to
> > Firewall Router which
> > > >then passes it on to an internal address to our ISP's
> > Linux firewall which
> > > >does NAT and passes it on to the outside world.
> > > >TCP 1723 and GRE are allowed  to pass on both routers. The 
> > > >Firewall Routers logs indicate both are passing
> > through it and it seems
> > > >from the linux log to be getting 70% through verification and 
> > > >authentication before deciding that it does not want to continue.
> > > >
> > > >The Win2K side gives me a 619 error  Specified port is not
> > connected. and
> > > >the helpful advice of try restarting.  Normal Windows Solution.
> > > >
> > > >Linux log
> > > >
> > > >Mar  6 16:04:14 slinux pptpd[832]: MGR: Launching
> > /usr/sbin/pptpctrl to
> > > >handle client
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: local address =
> > 172.16.0.50
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: remote address =
> > 192.168.0.1
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: pppd speed = 115200 Mar  
> > > >6 16:04:14 slinux pptpd[832]: CTRL: pppd options file = 
> > > >/etc/ppp/options Mar  6 16:04:14 slinux pptpd[832]: CTRL: Client
> > 203.96.149.75 control
> > > >connection started
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP
> > Control Message
> > > >(type: 1)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Made a START CTRL
> > CONN RPLY packet
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: I wrote 156 bytes
> > to the client.
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Sent packet to client 
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP
> > Control Message
> > > >(type: 7)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: 0 min_bps, 1525
> > max_bps, 32 window
> > > >size
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Made a OUT CALL
> > RPLY packet
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Starting call
> > (launching pppd,
> > > >opening GRE)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: pty_fd = 5
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: tty_fd = 6
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: I wrote 32 bytes
> > to the client.
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher):
> > Connection speed =
> > > >115200
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher):
> > local address =
> > > >172.16.0.50
> > > >Mar  6 16:04:14 slinux pptpd[833]: CTRL (PPPD Launcher):
> > remote address =
> > > >192.168.0.1
> > > >Mar  6 16:04:14 slinux pppd[833]: pppd 2.4.0 started by root, uid 
> > > >0 Mar  6 16:04:14 slinux pppd[833]: using channel 3 Mar  6 
> > > >16:04:14 slinux pppd[833]: Using interface ppp0 Mar  6 16:04:14 
> > > >slinux pppd[833]: Connect: ppp0 <--> /dev/pts/1 Mar  6 16:04:14 
> > > >slinux pppd[833]: sent [LCP ConfReq id=0x1
> > <asyncmap 0x0>
> > > ><auth chap MD5> <magic 0x252b63f> <pcomp> <accomp>]
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Sent packet to client 
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Received PPTP
> > Control Message
> > > >(type: 15)
> > > >Mar  6 16:04:14 slinux pptpd[832]: CTRL: Got a SET LINK
> > INFO packet with
> > > >standard ACCMs
> > > >Mar  6 16:04:17 slinux pppd[833]: sent [LCP ConfReq id=0x1
> > <asyncmap 0x0>
> > > ><auth chap MD5> <magic 0x252b63f> <pcomp> <accomp>]
> > > >Mar  6 16:04:41 slinux last message repeated 8 times
> > > >Mar  6 16:04:44 slinux pppd[833]: LCP: timeout sending
> > Config-Requests
> > > >Mar  6 16:04:44 slinux pppd[833]: Connection terminated. Mar  6 
> > > >16:04:44 slinux pppd[833]: Couldn't release PPP
> > unit: Inappropriate
> > > >ioctl for device
> > > >Mar  6 16:04:44 slinux pppd[833]: Exit.
> > > >Mar  6 16:04:44 slinux pptpd[832]: Error reading from
> > pppd: Input/output
> > > >error
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: GRE read or PTY
> > write failed
> > > >(gre,pty)=(6,5)
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: Client
> > 203.96.149.75 control
> > > >connection finished
> > > >Mar  6 16:04:44 slinux pptpd[832]: CTRL: Exiting now
> > > >Mar  6 16:04:44 slinux pptpd[249]: MGR: Reaped child 832
> > > >
> > > >The 203.96.149.75 address is the one given to the Win2K PC
> > dialing in to
> > > >the
> > > >Internet.
> > > >
> > > >As there is no modem ISDN etc connection is there
> > something that I have
> > > >missed with the PPP setup
> > > >
> > > >I'm relatively new to Linux so more detail than less would
> > be helpful.
> > > >
> > > >Thanks John
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >_______________________________________________
> > > >pptp-server maillist  -  pptp-server at lists.schulte.org 
> > > >http://lists.schulte.org/mailman/listinfo/pptp-server
> > > >--- To unsubscribe, go to the url just above this line. --
> > > 
> > > _________________________________________________________________
> > > Get your FREE download of MSN Explorer at
> > http://explorer.msn.com/intl.asp.
> > > 
> > _______________________________________________
> > > pptp-server maillist  -  pptp-server at lists.schulte.org 
> > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > --- To unsubscribe, go to the url just above this line. --
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org 
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> > 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org 
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
> 

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --

Registered Office:  J.O. Sims Ltd, Pudding Lane, Pinchbeck, Spalding, Lincs.
PE11 3TJ 
Company reg No: 2084187 Vat reg No: GB 437 4621 47  
Tel: +44 (0) 1775 842100 Fax: +44 (0) 1775 842101  Web: www.josims.com
Email: enquiries at josims.com 
The information contained in this e-mail is confidential and is intended for
the  addressee only. The contents of this e-mail must not be disclosed or
copied without the sender's consent. If you are not the intended recipient
of the message, please notify the sender immediately, and delete the
message. The statements and opinions expressed in this message are those of
the author and do not necessarily reflect those of the company. No
commitment may be inferred from the contents unless  explicitly stated.  The
company does not take any responsibility for the personal views of the
author. This message has been scanned for viruses before sending, but the
company does not accept any responsibility for infection and recommends that
you scan any attachments.

More information about the pptp-server mailing list