Problems with PPTP and remote Windows VPN Server.

Problems with PPTP and remote Windows VPN Server.

Post by Alep » Sun, 22 Aug 2004 03:05:42



First, excuse me for my poor english.

I have a Internet connection with a cable modem, connected to my PC by
ethernet. My PC is "always" connected to internet and I have access to the
full web page of my ISP. But for connect to other web pages I have to
establish a VPN with PPTP (and I pay to my ISP for this time).

The problem is that I can't view any web page except my ISP web page, but
the tunnel appeears ok.
In the list we can see the output of pptpconfig in debug mode and the data
of programs and packages I used.

Any help will be apreciated. Thanks
Aleph.

pptpconfig: debug information dump begins
WARNING: security sensitive information follows
pptpconfig 1.2 2004/06/19 08:57:15
# pppd --version
pppd version 2.4.1
# uname -a
Linux linux 2.4.21-99-default #1 Wed Sep 24 13:30:51 UTC 2003 i686 i686 i386
GNU/Linux
# grep mppe /proc/modules
ppp_mppe               22184   0 (autoclean)
ppp_generic            19484   0 (autoclean) [ppp_mppe ppp_async]
# modinfo ppp_mppe
filename:    /lib/modules/2.4.21-99-default/kernel/drivers/net/ppp_mppe.o
description: <none>
author:      <none>
license:     "Dual BSD/GPL"
Array
(
    [name] => prepago.config
    [server] => [Servidor PPTP Euskaltel]
    [domain] => (hidden by pptpconfig)
    [username] => [Usuario]
    [password] => (hidden by pptpconfig)
    [pppd-options] =>
    [pptp-options] =>
    [resolv] => 195.55.8.132 195.55.8.133
    [dns-options] =>
    [routing] => routing_client_to_lan
    [usepeerdns] =>
    [require-mppe] =>
    [nomppe-40] =>
    [nomppe-128] =>
    [refuse-eap] =>
    [mppe-stateful] =>
    [autostart] =>
    [iconify] =>
    [persist] =>
    [debug] => 1
    [client-to-lan] =>
)
# route -n (before pppd)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0
pptpconfig: debug information dump ends, starting pppd
pppd options in effect:
debug  # (from /etc/ppp/peers/prepago.config)
updetach  # (from command line)
idle 600  # (from /etc/ppp/options)
logfd 1  # (from command line)
linkname prepago.config  # (from /etc/ppp/peers/prepago.config)
dump  # (from /etc/ppp/peers/prepago.config)
active-filter xxx # [don't know how to print value]  # (from
/etc/ppp/filters)
noauth  # (from /etc/ppp/options.pptp)
name [Usuario]  # (from /etc/ppp/peers/prepago.config)
remotename [Usuario]  # (from /etc/ppp/peers/prepago.config)
  # (from /etc/ppp/options.pptp)
pty pptp [Servidor PPTP Euskaltel] --nolaunchpppd   # (from
/etc/ppp/peers/prepago.config)
crtscts  # (from /etc/ppp/options)
  # (from /etc/ppp/options)
asyncmap 0  # (from /etc/ppp/options)
mru 1000  # (from /etc/ppp/options.pptp)
mtu 1000  # (from /etc/ppp/options.pptp)
lcp-echo-failure 10  # (from /etc/ppp/options.pptp)
lcp-echo-interval 10  # (from /etc/ppp/options.pptp)
lcp-restart 2  # (from /etc/ppp/options)
lcp-max-configure 60  # (from /etc/ppp/options)
ipparam prepago.config  # (from /etc/ppp/peers/prepago.config)
noipdefault  # (from /etc/ppp/options)
nobsdcomp  # (from /etc/ppp/options.pptp)
nodeflate  # (from /etc/ppp/options.pptp)
mppe-40  # (from /etc/ppp/options.pptp)
mppe-128  # (from /etc/ppp/options.pptp)
mppe-stateless  # (from /etc/ppp/options.pptp)
noipx  # (from /etc/ppp/options)
using channel 17
Using interface ppp0pptpconfig: monitoring interface ppp0

Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0xce639121>
<pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <auth chap MD5> <magic 0x9520ca4e>]
sent [LCP ConfAck id=0x1 <auth chap MD5> <magic 0x9520ca4e>]
rcvd [LCP ConfNak id=0x1 <mru 1500>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xce639121> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0xce639121> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xce639121]
cbcp_lowerup
want: 2
rcvd [CHAP Challenge id=0x1 <2144494exxxxxxc0d763cccc>, name = "aLterado"]
sent [CHAP Response id=0x1 <224ff5cxxxx4fa08c334e662>, name = "[Usuario]"]
rcvd [LCP EchoRep id=0x0 magic=0x9520ca4e]
rcvd [CHAP Success id=0x1 ""]
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress VJ 0f 01>]
sent [CCP ConfReq id=0x1]
rcvd [IPCP ConfReq id=0x1 <addr 195.239.128.19>]
sent [IPCP ConfAck id=0x1 <addr 195.239.128.19>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 04]
rcvd [IPCP ConfNak id=0x2 <addr 82.130.171.199>]
sent [IPCP ConfReq id=0x3 <addr 82.130.171.199>]
rcvd [IPCP ConfAck id=0x3 <addr 82.130.171.199>]
local  IP address 82.130.171.199
remote IP address 195.239.128.19
# route -n (after pppd exit)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
195.239.128.19  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0
pptpconfig: pppd process exit status 0 (started)
ip route add 195.55.31.21 via 195.239.174.1 dev eth0  src 195.239.174.158
pptpconfig: routes added to remote networks
pptpconfig: DNS changes made to /etc/resolv.conf
pptpconfig: connected
# route -n (after completion)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
195.55.31.21    195.239.174.1   255.255.255.255 UGH   0      0        0 eth0
195.239.128.19  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0

/* (This is the frontier between connection and disconnetion log) */

pptpconfig: restoring routing and DNS configuration
ip route del 195.55.31.21 via 195.239.174.1 dev eth0  src 195.239.174.158
mv /etc/resolv.conf.orig.prepago.config /etc/resolv.conf
pptpconfig: routing and DNS configuration restored

 
 
 

Problems with PPTP and remote Windows VPN Server.

Post by Clifford Kit » Mon, 23 Aug 2004 05:10:14



> # route -n (before pppd)
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0

...

Quote:> Connect: ppp0 <--> /dev/pts/2
> sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0xce639121>
> <pcomp> <accomp>]

...

Quote:> local  IP address 82.130.171.199
> remote IP address 195.239.128.19
> # route -n (after pppd exit)
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 195.239.128.19  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
> 195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0
> pptpconfig: pppd process exit status 0 (started)
> ip route add 195.55.31.21 via 195.239.174.1 dev eth0  src 195.239.174.158

Up front:  I don't know much about VPN details so this reply is just a
guess based only on some assumptions rather than facts.

I think you will need to add a default route through the PPP interface:

  ip route add default dev ppp0

This can be done in /etc/ppp/ip-up (or in the ip-up.local that some
distributions use).

Quote:> pptpconfig: routes added to remote networks
> pptpconfig: DNS changes made to /etc/resolv.conf
> pptpconfig: connected
> # route -n (after completion)
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 195.55.31.21    195.239.174.1   255.255.255.255 UGH   0      0        0 eth0
> 195.239.128.19  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
> 195.239.174.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 0.0.0.0         195.239.174.1   0.0.0.0         UG    0      0        0 eth0

A default route through the PPP interface is very likely required for the
VPN session:

195.239.128.19  0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
0.0.0.0         195.239.128.19  0.0.0.0         UG    0      0        0 ppp0

I also believe you should also find how 195.239.174.1 was set as a default
route in bringing up the new VPN routing and disable it (unless it was
accidently omitted from the "before" routing you show above).

Quote:> /* (This is the frontier between connection and disconnetion log) */
> pptpconfig: restoring routing and DNS configuration
> ip route del 195.55.31.21 via 195.239.174.1 dev eth0  src 195.239.174.158
> mv /etc/resolv.conf.orig.prepago.config /etc/resolv.conf
> pptpconfig: routing and DNS configuration restored


PPP-Q&A links, downloads:                      http://ckite.no-ip.net/
/* Speak softly and carry a sucker rod (See man syslogd, footnote to
   recommendation 4 under SECURITY THREATS). */