LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   PPTP VPN can connect, but cannot ping/ssh (http://www.linuxquestions.org/questions/linux-networking-3/pptp-vpn-can-connect-but-cannot-ping-ssh-790707/)

koodoo 02-22-2010 01:59 AM

PPTP VPN can connect, but cannot ping/ssh
 
Hi,

Apologies for posting again in a new thread. But earlier I had posted in a thread that was ~2 years old and so I am posting my query in a new thread.
I have Slackware64 13 installed and I am trying to connect to my university pptp vpn server. The instructions on the universities webpage specifically mention that "You _must_ disable EAP in the list of Authentication methods. You also _must_ enable the Use Point-to-Point encryption (MPPE) option."

So far I think that I can connect, however I cannot ssh/ping any machine across the tunnel. The output of
pppd call cseVPN dump debug logfd 2 nodetach require-mppe is
Code:

root@knapsacker:~# pppd call cseVPN dump debug logfd 2 nodetach require-mppe                                                               
pppd options in effect:                                                                                                                   
debug          # (from command line)                                                                                                     
nodetach                # (from command line)                                                                                             
logfd 2        # (from command line)                                                                                                     
dump            # (from command line)                                                                                                     
noauth          # (from /etc/ppp/peers/cseVPN)                                                                                             
refuse-pap              # (from /etc/ppp/options)                                                                                         
refuse-chap            # (from /etc/ppp/options)                                                                                         
refuse-mschap          # (from /etc/ppp/options)                                                                                         
refuse-eap              # (from /etc/ppp/options)                                                                                         
name myusername            # (from /etc/ppp/peers/cseVPN)                                                                                     
remotename cseVPN              # (from /etc/ppp/peers/cseVPN)                                                                             
                # (from /etc/ppp/peers/cseVPN)                                                                                             
pty pptp pptp.cse.tamu.edu --nolaunchpppd              # (from /etc/ppp/peers/cseVPN)                                                     
ipparam cseVPN          # (from /etc/ppp/peers/cseVPN)                                                                                     
nobsdcomp              # (from /etc/ppp/peers/cseVPN)                                                                                     
nodeflate              # (from /etc/ppp/peers/cseVPN)                                                                                     
require-mppe            # (from command line)                                                                                             
require-mppe-128                # (from /etc/ppp/peers/cseVPN)                                                                             
using channel 6                                                                                                                           
Using interface ppp0                                                                                                                       
Connect: ppp0 <--> /dev/pts/6                                                                                                             
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x3d808735> <pcomp> <accomp>]                                                               
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x3d808735> <pcomp> <accomp>]                                                               
rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x3b365ca2> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]                                                                                         
sent [LCP ConfRej id=0x1 <callback CBCP> <mrru 1614>]                                                                                     
rcvd [LCP ConfReq id=0x2 <mru 1400> <auth eap> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
sent [LCP ConfNak id=0x2 <auth chap MS-v2>]
rcvd [LCP ConfReq id=0x3 <mru 1400> <auth chap MS-v2> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
sent [LCP ConfAck id=0x3 <mru 1400> <auth chap MS-v2> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
rcvd [CHAP Challenge id=0x0 <a448b3899d0baabcf4b9b1405c5ead7e>, name = "PPTP"]
sent [CHAP Response id=0x0 <8b930fc10ba9eec29ef05e9e1959ac6d48036aff7f0000c57ba7dec6b9de3329921d09c2ed907f6327cb67fa5fec817a25>, name = "shishir"]
rcvd [CHAP Success id=0x0 "S=299877682CCEF29CFAD330CB081386F41FED82BD"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D +C>]
sent [CCP ConfNak id=0x5 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfReq id=0x6 <addr 192.168.11.130>]
sent [IPCP TermAck id=0x6]
rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x7 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x7 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [IPCP ConfNak id=0x2 <addr 192.168.11.158>]
sent [IPCP ConfReq id=0x3 <addr 192.168.11.158>]
rcvd [IPCP ConfAck id=0x3 <addr 192.168.11.158>]
rcvd [IPCP ConfReq id=0x8 <addr 192.168.11.130>]
sent [IPCP ConfAck id=0x8 <addr 192.168.11.130>]
local  IP address 192.168.11.158
remote IP address 192.168.11.130
Script /etc/ppp/ip-up started (pid 5729)
Script /etc/ppp/ip-up finished (pid 5729), status = 0x4


/var/log/messages contains the following:
Code:

Feb 18 05:34:08 knapsacker pppd[6010]: pppd options in effect:
Feb 18 05:34:08 knapsacker pppd[6010]: debug^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: nodetach^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: logfd 2^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: dump^I^I# (from command line)   
Feb 18 05:34:08 knapsacker pppd[6010]: noauth^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-pap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-chap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-mschap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-eap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: name shishir^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: remotename cseVPN^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: ^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: pty pptp pptp.cse.tamu.edu --nolaunchpppd^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: ipparam cseVPN^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: nobsdcomp^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: nodeflate^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: require-mppe^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: require-mppe-128^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: pppd 2.4.4 started by koodoo, uid 0
Feb 18 05:34:08 knapsacker pppd[6010]: Using interface ppp0
Feb 18 05:34:08 knapsacker pppd[6010]: Connect: ppp0 <--> /dev/pts/3
Feb 18 05:34:08 knapsacker pptp[6011]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 4576).
Feb 18 05:34:09 knapsacker pptp[6011]: anon log[decaps_gre:pptp_gre.c:405]: discarding duplicate or old packet 0 (expecting 2)
Feb 18 05:34:11 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:950]: PPTP_SET_LINK_INFO received from peer_callid 40280
Feb 18 05:34:11 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:953]:  send_accm is 00000000, recv_accm is FFFFFFFF
Feb 18 05:34:11 knapsacker pppd[6010]: CHAP authentication succeeded
Feb 18 05:34:12 knapsacker pppd[6010]: MPPE 128-bit stateless compression enabled
Feb 18 05:34:12 knapsacker dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.9" (uid=1000 pid=3895 comm="kded4 ") interface="org.freedesktop.Hal.Device.CPUFreq" member="GetCPUFreqAvailableGovernors" error name="(unset)" requested_reply=0 destination="org.freedesktop.Hal" (uid=0 pid=3606 comm="/usr/sbin/hald --daemon=yes "))
Feb 18 05:34:15 knapsacker pppd[6010]: local  IP address 192.168.11.203
Feb 18 05:34:15 knapsacker pppd[6010]: remote IP address 192.168.11.130


and my routing table is:
Code:

Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
pptp.cs.tamu.ed dslrouter.weste 255.255.255.255 UGH  0      0        0 eth1
192.168.11.130  *              255.255.255.255 UH    0      0        0 ppp0
192.168.1.0    *              255.255.255.0  U    0      0        0 eth1
169.254.0.0    *              255.255.0.0    U    0      0        0 eth1
loopback        *              255.0.0.0      U    0      0        0 lo
default        dslrouter.weste 0.0.0.0        UG    0      0        0 eth1

Can anyone provide me any pointers as to how to get this working?

Thanks,
koodoo.

nimnull22 02-23-2010 11:31 AM

VPN gives you possibility to enter different network. This network is not in your computer subnetwork, so you need to state a GW through which your packets will go to university subnetwork.
Code:

Network                  GW
pptp.cs.tamu.ed      dslrouter.weste    255.255.255.255    UGH  0      0        0 eth1
default                    dslrouter.weste      0.0.0.0                    UG    0      0        0 eth1

I think this is not right, because GW=dslrouter.weste can't be GW for 0.0.0.0 (default) and for pptp.cs.tamu.ed
Network "pptp.cs.tamu.ed" has its own GW, as well as network 192.168.11.130.

What is output of command: ifconfig eth0?


All times are GMT -5. The time now is 10:07 AM.