No subject


Sun Jul 8 18:14:56 CDT 2012


7.3.10.	The VPN link works for a while, but then stops working,
	and the /var/log/debug file shows the following:
		pppd[10544]: rcvd [Compressed data] 10 32 ae 68 c0 8e e1 92 ... 

	Solution: Patch the /usr/src/linux/drivers/net/ppp_mppe.c file with
	the patch:

	http://www.vibrationresearch.com/pptpd/ppp_mppe_compressed_data_fix.diff

	and then recompile and reinstall the ppp_mppe.o module

7.3.11. The VPN link works for a while, but then stops working,
	and the /var/log/debug file shows messages like the following:
		pppd[11170]: sent [LCP ProtRej id=0xb 51 19 ...
		pppd[11170]: rcvd [proto=0xbe1b] df 60 4e 4e ...
		pppd[11170]: Unsupported protocol 0xbe1b received
	(where the hex data and the protocol numbers may vary)

	This is probably caused by dropped packets with mppe running in
	stateful mode (i.e. mppe-stateless disabled).  In stateful mode,
	decryption of a packet requires successful decryption of the previous
	packet.  In stateless mode, a packet can always be decrypted as long
	as the sequence number is known.

	Solution: add the "mppe-stateless" option to the /etc/ppp/options.pptp
	file.


> -----Original Message-----
> From: pptp-server-admin at lists.schulte.org
> [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Michael Kranz
> Sent: Friday, January 05, 2001 8:36 AM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] Failing encrypted PPTPD connections
> 
> 
> Hi,
> 
> we're facing serious problems connecting Win2K-clients over encrypted
> PPTPD with our Linux boxes. We've seen similar entries in your
> mailing-list. As we need a solution quickly and as we probably have to
> evaluate possible alternatives, we need an answer to the following
> question:
> 
> Is it definitely so, that a lost GRE-packet over an _encrypted_ VPN
> connection makes the tunnel inoperable? Or do you know of a patch or an
> intermediate solution?
> 
> Follows the problem description in detail:
> 
> (1) The PC is a Win2K box with 128-Bit Patch, the PPTPD server is
> running SuSE 7.0, PPPD 2.3.11 and PPTPD 1.1.2.
> 
> (2) Configuration (see attached protocol): at 12:07 the direct analog
> connection is established between:
> 
> PC <--> Cisco
> 
> An automatic forwarding establishes the VPN tunnel to our firewall,
> which runs the PPTPD:
> 
> PC <--> Cisco <--> Firewall <--> Target
> 
> The connection has as IPs
> 
> 172.20.70.3    (PC)
> 172.20.0.250   (Firewall / Interface to Target)
> 172.31.254.254 (Firewall / Interface to Cisco-Transfernet)
> 172.20.0.X     (Target)
> 
> (3) The connection is working. At 12:09 the client starts a webinterface
> to mailserver (172.20.0.3); during the login process no response comes
> back, s. attachment near 12:09:47, where you'll see the out-of-order
> packets. From this time on, the tunnel is dead, despite the fact, that
> packets continue to be exchanged, until the connection is ended by the
> user at 12:32.
> 
> Many thanks in advance
> Michael
> -- 
> -- 
> ---------------------------------------------------------------
> SuSE Linux Solutions AG          Mail:    Michael.Kranz at suse.de
> Geschaeftsstelle Rhein/Ruhr      Phone:   02241 / 929 17-26
> Marie-Curie-Str. 11-17           Fax:     02241 / 314 599
> D-53757 St. Augustin        
> ---------------------------------------------------------------



More information about the pptp-server mailing list