pptp vpn issue
in [Debian]
|
From: Caveman on 11 Feb 2005 00:20 I am having a very strange issue with pptpd combined with mppe. My original setup was this.. remote system ---> internet -----> Debian sarge router---------> Debian unstable box with VPN I used iptables to forward the VPN to the unstable box. This has been working fine. However recently I decided to move the vpn back to the router box (debian sarge system) and this is where my problems have started. Computers on the lan can connect to the NEW (sarge system) VPN server fine. Works perfectly, just like the old one. However when someone from the internet tries to connect it fails and I see this error in sys log. --------------------- Feb 10 21:39:02 server pptpd[2766]: CTRL: Client 138.25.71.55 control connection started Feb 10 21:39:02 server pptpd[2766]: CTRL: Starting call (launching pppd, opening GRE) Feb 10 21:39:02 server pppd[2767]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Feb 10 21:39:02 server pppd[2767]: pptpd-logwtmp: $Version$ Feb 10 21:39:02 server pppd[2767]: pppd 2.4.2 started by root, uid 0 Feb 10 21:39:02 server pppd[2767]: using channel 23 Feb 10 21:39:02 server pppd[2767]: Using interface ppp0 Feb 10 21:39:02 server pppd[2767]: Connect: ppp0 <--> /dev/pts/24 Feb 10 21:39:02 server pppd[2767]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x6d8fe389> <pcomp> <accomp>] Feb 10 21:39:02 server pptpd[2766]: GRE: Bad checksum from pppd. Feb 10 21:39:02 server pptpd[2766]: GRE: xmit failed from decaps_hdlc: Operation not permitted Feb 10 21:39:02 server pptpd[2766]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) Feb 10 21:39:02 server pptpd[2766]: CTRL: Reaping child PPP[2767] Feb 10 21:39:02 server pppd[2767]: Modem hangup Feb 10 21:39:02 server pppd[2767]: Connection terminated. Feb 10 21:39:02 server pppd[2767]: Exit. Feb 10 21:39:02 server pptpd[2766]: CTRL: Client 138.25.71.55 control connection finished ------------------------- GRE: Bad checksum from pppd. seems to be where things go bad. I googled around and found you need to allow protocol 47 or gre through the firewall, which I did. However I still have the same issue. I have also tried dropping the firewall totally (iptables -F) however its still failing with the same error. I am totally lost for ideas, so any help would be great. Cheers, Caveman -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: mark on 23 Feb 2005 02:20 Caveman wrote: <SNIP> > Feb 10 21:39:02 server pppd[2767]: sent [LCP ConfReq id=0x1 <asyncmap > 0x0> <auth chap MS-v2> <magic 0x6d8fe389> <pcomp> <accomp>] > Feb 10 21:39:02 server pptpd[2766]: GRE: Bad checksum from pppd. > Feb 10 21:39:02 server pptpd[2766]: GRE: xmit failed from decaps_hdlc: > Operation not permitted > Feb 10 21:39:02 server pptpd[2766]: CTRL: PTY read or GRE write failed > (pty,gre)=(4,5) <SNIP> > GRE: Bad checksum from pppd. seems to be where things go bad. Nope, that response is normal when you try to connect to it with a windows machine. Windows has a buggy way of connecting to a PPTP server. What else is new? > > I googled around and found you need to allow protocol 47 or gre > through the firewall, which I did. However I still have the same > issue. > I have also tried dropping the firewall totally (iptables -F) however > its still failing with the same error. > > I am totally lost for ideas, so any help would be great. > > Cheers, > > Caveman > > It actually is "..GRE: xmit failed from decaps.." that is causing you troubles. I managed to save this from googles cache: http://64.233.183.104/search?q=cache:EOuw60wda_YJ:news.gw.com/comp.unix.bsd.openbsd.misc/%253C3ffc3683%240%24330%24e4fe514c%40news.xs4all.nl%253E+GRE:+xmit+failed+from+decaps_hdlc:&hl=nl The interesting part is: "You might want to disable 'keep state' on the pptp connection." Hope it helps, Mark -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
|
Pages: 1 Next: Compiling Sigmatel USB/IRDA software |