Topic: SME 8.0 VPN connection problem

[alext]

I have just successfully upgraded an SME 7.6 server to SME 8.0 and am having problems with VPN connections.
The server is in Server/gateway mode and is running well.
When I connected yesterday via VPN the connection was successful but trying the same connection today fails with a time-out 619 error.

Looking at the message log for today I get the following:

Jan  7 09:41:34 foisvr pptpd[3270]: CTRL: Client 144.85.190.4 control connection started
Jan  7 09:41:34 foisvr pptpd[3270]: CTRL: Starting call (launching pppd, opening GRE)
Jan  7 09:41:34 foisvr pppd[3271]: Plugin radius.so loaded.
Jan  7 09:41:34 foisvr pppd[3271]: RADIUS plugin initialized.
Jan  7 09:41:34 foisvr pppd[3271]: pppd 2.4.4 started by root, uid 0
Jan  7 09:41:34 foisvr pppd[3271]: Using interface ppp0
Jan  7 09:41:34 foisvr pppd[3271]: Connect: ppp0 <--> /dev/pts/0
Jan  7 09:42:04 foisvr pppd[3271]: LCP: timeout sending Config-Requests
Jan  7 09:42:11 foisvr pppd[3271]: Modem hangup
Jan  7 09:42:11 foisvr pptpd[3270]: CTRL: Reaping child PPP[3271]
Jan  7 09:42:11 foisvr pppd[3271]: Connection terminated.
Jan  7 09:42:11 foisvr pppd[3271]: Exit.

The successful connection yesterday was:

Jan  6 23:57:45 foisvr pptpd[519]: CTRL: Client 144.85.190.4 control connection started
Jan  6 23:57:45 foisvr pptpd[519]: CTRL: Starting call (launching pppd, opening GRE)
Jan  6 23:57:45 foisvr pppd[520]: Plugin radius.so loaded.
Jan  6 23:57:45 foisvr pppd[520]: RADIUS plugin initialized.
Jan  6 23:57:45 foisvr pppd[520]: pppd 2.4.4 started by root, uid 0
Jan  6 23:57:45 foisvr pppd[520]: Using interface ppp0
Jan  6 23:57:45 foisvr pppd[520]: Connect: ppp0 <--> /dev/pts/0
Jan  6 23:57:48 foisvr pptpd[519]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Jan  6 23:57:48 foisvr pppd[520]: MPPE 128-bit stateless compression enabled
Jan  6 23:57:49 foisvr pppd[520]: found interface eth0 for proxy arp
Jan  6 23:57:49 foisvr pppd[520]: local  IP address 192.168.223.1
Jan  6 23:57:49 foisvr pppd[520]: remote IP address 192.168.223.79

My client is standard MS VPN on XP service pack 3.

Have I mis-configured somewhere?

[Stefano]

did you change anything?

looks like a GRE protocol problem..

[alext]

No, didn't change anything.
Just shut down my client XP workstation, left my router running (as usual).
The server and server router, (remote location),  both remain running (normal state).

Went to bed then this morning powered up my XP workstation and tried again to connect and got a failure.

[janet]

alext

Ask your ISPs at both ends, maybe they have changed something that does not support VPN correctly, see
http://wiki.contribs.org/VPN_practical_tips
There is also advanced troubleshooting techniques there.

[CharlieBrady]

looks like a GRE protocol problem..

Correct - GRE packets are not making it through from client to server or from server to client.

[alext]

Many thanks to all of you.
I will contact the ISP and see what they have to say.

As a matter of fact, both server and my remote workstation use the same ISP and both are using the same ISP provided routers, (Thomson TG784).

Thanks again

[CharlieBrady]

As a matter of fact, both server and my remote workstation use the same ISP and both are using the same ISP provided routers, (Thomson TG784).

Google for 'Thomson TG784 pptp' and you'll find some issues reported.

Here's a possible hint:

http://support.wimanx.com/Support/KB.asp?A=ViewArticle&ID=172

Since you say it worked previously, I would try power cycling the routers (client end first) before trying anything else.

If you are trying to create multiple connections to your server from behind one router on the client end, that's very unlikely to work.

[alext]

Many thanks Charlie for the link.

I disabled the acceleration parameter on my router but have to wait for my next visit to the server to disable the parameter on the server.

The VPN connection has been very unreliable and intermittant over the last couple of years when running sme 7.x and that artilcle reaffirmed my thoughts that I may have been seeing some sort of race condition when connecting.

No, I am not making multiple connections from behind my client router but there may be concurrent VPN connections from other clients. I assume the server side can handle this.

Thanks again,
Alex

[CharlieBrady]

The VPN connection has been very unreliable and intermittant over the last couple of years when running sme 7.x and that artilcle reaffirmed my thoughts that I may have been seeing some sort of race condition when connecting.

Connections where both client and server are sitting behind NAT routers are likely to be very temperamental. SME server works better when it is its own router.