Koozali.org: home of the SME Server

VPN Connection Problem

Andrew Hooper

VPN Connection Problem
« on: April 25, 2003, 04:23:49 AM »
I have a remote e-smith server behind a DSL link, I have pinholed port 1723/TCP and 500/UDP incase there was a key exchange.
My home system has an e-smith server in place behind another DSL link (both are external DSL routers).
When i try and connect to the remote VPN i get "Verifiying Username and Password" then a dissconnection/timeout.

Any ideas as to how i can resolve this problem?

In the logs i get the following...

Apr 25 10:59:19 poo pptpd[3427]: MGR: Launching /usr/sbin/pptpctrl to handle client
Apr 25 10:59:19 poo pptpd[3427]: CTRL: local address = 192.168.1.254
Apr 25 10:59:19 poo pptpd[3427]: CTRL: remote address = 192.168.1.242
Apr 25 10:59:19 poo pptpd[3427]: CTRL: pppd speed = 460800
Apr 25 10:59:19 poo pptpd[3427]: CTRL: pppd options file = /etc/ppp/options.pptpd
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Client 210.98.246.18 control connection started
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Received PPTP Control Message (type: 1)
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Made a START CTRL CONN RPLY packet
Apr 25 10:59:19 poo pptpd[3427]: CTRL: I wrote 156 bytes to the client.
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Sent packet to client
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Received PPTP Control Message (type: 7)
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Set parameters to 1525 maxbps, 64 window size
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Made a OUT CALL RPLY packet
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Starting call (launching pppd, opening GRE)
Apr 25 10:59:19 poo pptpd[3427]: CTRL: pty_fd = 5
Apr 25 10:59:19 poo pptpd[3427]: CTRL: tty_fd = 6
Apr 25 10:59:19 poo pptpd[3427]: CTRL: I wrote 32 bytes to the client.
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Sent packet to client
Apr 25 10:59:19 poo pptpd[3428]: CTRL (PPPD Launcher): Connection speed = 460800
Apr 25 10:59:19 poo pptpd[3428]: CTRL (PPPD Launcher): local address = 192.168.1.254
Apr 25 10:59:19 poo pptpd[3428]: CTRL (PPPD Launcher): remote address = 192.168.1.242
Apr 25 10:59:19 poo pppd[3428]: pppd 2.4.2b1 started by root, uid 0
Apr 25 10:59:19 poo pppd[3428]: Using interface ppp0
Apr 25 10:59:19 poo /etc/hotplug/net.agent: assuming ppp0 is already up
Apr 25 10:59:19 poo pppd[3428]: Connect: ppp0 <--> /dev/pts/1
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Received PPTP Control Message (type: 15)
Apr 25 10:59:19 poo pptpd[3427]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Apr 25 10:59:49 poo pppd[3428]: LCP: timeout sending Config-Requests
Apr 25 10:59:49 poo pppd[3428]: Connection terminated.
Apr 25 10:59:49 poo pppd[3428]: Exit.
Apr 25 10:59:49 poo pptpd[3427]: GRE: read(fd=5,buffer=804d940,len=8196) from PTY failed: status = -1 error = Input/output error
Apr 25 10:59:49 poo pptpd[3427]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)
Apr 25 10:59:49 poo pptpd[3427]: CTRL: Client 210.98.246.18 control connection finished
Apr 25 10:59:49 poo pptpd[3427]: CTRL: Exiting now
Apr 25 10:59:49 poo pptpd[3166]: MGR: Reaped child 3427
Apr 25 10:59:49 poo /etc/hotplug/net.agent: NET unregister event not supported

Regards
Andrew

Julie Random

Re: VPN Connection Problem
« Reply #1 on: April 25, 2003, 07:09:06 AM »
PPTP requires
IP Protocol 6 (TCP) port 1723 and
IP Protocol 47 (GRE)

Check your router for the ability to Portfwd GRE packets

Bill Talcott

Re: VPN Connection Problem
« Reply #2 on: April 25, 2003, 06:02:26 PM »
Andrew Hooper wrote:
>
> Apr 25 10:59:49 poo pptpd[3427]: GRE:
> read(fd=5,buffer=804d940,len=8196) from PTY failed: status =
> -1 error = Input/output error
> Apr 25 10:59:49 poo pptpd[3427]: CTRL: PTY read or GRE write
> failed (pty,gre)=(5,6)
> Apr 25 10:59:49 poo pptpd[3427]: CTRL: Client 210.98.246.18
> control connection finished
> Apr 25 10:59:49 poo pptpd[3427]: CTRL: Exiting now
> Apr 25 10:59:49 poo pptpd[3166]: MGR: Reaped child 3427
> Apr 25 10:59:49 poo /etc/hotplug/net.agent: NET unregister
> event not supported

Yup, what Julie said. You also need to let GRE through.

Andrew Hooper

Re: VPN Connection Problem
« Reply #3 on: April 26, 2003, 02:20:37 AM »
I have checked the DSL router ind it appears it is suposed to support VPN but says nothing about GRE. I will replace it with a later model that has support for GRE and see what happens.

Thanks for your assistance.

Andrew Hooper

Grub

Re: VPN Connection Problem
« Reply #4 on: April 28, 2003, 04:42:48 AM »
Try to log your ppp connection for more info... I think you have a vpn-masq problem..with your dsl router

Andrew Hooper

Re: VPN Connection Problem
« Reply #5 on: May 03, 2003, 03:40:16 PM »
Thanks everyone for your assistance.

The problem turned out to be an ADSL router that clained to support VPN on the box but in fact did not fully support it.
I replaced it and everything is working well.

Regards
Andrew