LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-22-2010, 01:59 AM   #1
koodoo
Member
 
Registered: Aug 2004
Location: a small village faraway in the mountains
Distribution: Fedora Core 1, Slackware 10.0 | 2.4.26 | custom 2.6.14.2, Slackware 10.2 | 11.0, Slackware64-13
Posts: 345

Rep: Reputation: 32
PPTP VPN can connect, but cannot ping/ssh


Hi,

Apologies for posting again in a new thread. But earlier I had posted in a thread that was ~2 years old and so I am posting my query in a new thread.
I have Slackware64 13 installed and I am trying to connect to my university pptp vpn server. The instructions on the universities webpage specifically mention that "You _must_ disable EAP in the list of Authentication methods. You also _must_ enable the Use Point-to-Point encryption (MPPE) option."

So far I think that I can connect, however I cannot ssh/ping any machine across the tunnel. The output of
pppd call cseVPN dump debug logfd 2 nodetach require-mppe is
Code:
root@knapsacker:~# pppd call cseVPN dump debug logfd 2 nodetach require-mppe                                                                
pppd options in effect:                                                                                                                     
debug           # (from command line)                                                                                                       
nodetach                # (from command line)                                                                                               
logfd 2         # (from command line)                                                                                                       
dump            # (from command line)                                                                                                       
noauth          # (from /etc/ppp/peers/cseVPN)                                                                                              
refuse-pap              # (from /etc/ppp/options)                                                                                           
refuse-chap             # (from /etc/ppp/options)                                                                                           
refuse-mschap           # (from /etc/ppp/options)                                                                                           
refuse-eap              # (from /etc/ppp/options)                                                                                           
name myusername            # (from /etc/ppp/peers/cseVPN)                                                                                      
remotename cseVPN               # (from /etc/ppp/peers/cseVPN)                                                                              
                # (from /etc/ppp/peers/cseVPN)                                                                                              
pty pptp pptp.cse.tamu.edu --nolaunchpppd               # (from /etc/ppp/peers/cseVPN)                                                      
ipparam cseVPN          # (from /etc/ppp/peers/cseVPN)                                                                                      
nobsdcomp               # (from /etc/ppp/peers/cseVPN)                                                                                      
nodeflate               # (from /etc/ppp/peers/cseVPN)                                                                                      
require-mppe            # (from command line)                                                                                               
require-mppe-128                # (from /etc/ppp/peers/cseVPN)                                                                              
using channel 6                                                                                                                             
Using interface ppp0                                                                                                                        
Connect: ppp0 <--> /dev/pts/6                                                                                                               
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x3d808735> <pcomp> <accomp>]                                                                
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x3d808735> <pcomp> <accomp>]                                                                
rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x3b365ca2> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]                                                                                          
sent [LCP ConfRej id=0x1 <callback CBCP> <mrru 1614>]                                                                                       
rcvd [LCP ConfReq id=0x2 <mru 1400> <auth eap> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
sent [LCP ConfNak id=0x2 <auth chap MS-v2>]
rcvd [LCP ConfReq id=0x3 <mru 1400> <auth chap MS-v2> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
sent [LCP ConfAck id=0x3 <mru 1400> <auth chap MS-v2> <magic 0x3b365ca2> <pcomp> <accomp> <endpoint [local:39.29.ff.15.42.87.42.68.b9.e7.eb.f4.8c.3d.a0.47.00.00.00.00]>]
rcvd [CHAP Challenge id=0x0 <a448b3899d0baabcf4b9b1405c5ead7e>, name = "PPTP"]
sent [CHAP Response id=0x0 <8b930fc10ba9eec29ef05e9e1959ac6d48036aff7f0000c57ba7dec6b9de3329921d09c2ed907f6327cb67fa5fec817a25>, name = "shishir"]
rcvd [CHAP Success id=0x0 "S=299877682CCEF29CFAD330CB081386F41FED82BD"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D +C>]
sent [CCP ConfNak id=0x5 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfReq id=0x6 <addr 192.168.11.130>]
sent [IPCP TermAck id=0x6]
rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x7 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x7 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [IPCP ConfNak id=0x2 <addr 192.168.11.158>]
sent [IPCP ConfReq id=0x3 <addr 192.168.11.158>]
rcvd [IPCP ConfAck id=0x3 <addr 192.168.11.158>]
rcvd [IPCP ConfReq id=0x8 <addr 192.168.11.130>]
sent [IPCP ConfAck id=0x8 <addr 192.168.11.130>]
local  IP address 192.168.11.158
remote IP address 192.168.11.130
Script /etc/ppp/ip-up started (pid 5729)
Script /etc/ppp/ip-up finished (pid 5729), status = 0x4

/var/log/messages contains the following:
Code:
Feb 18 05:34:08 knapsacker pppd[6010]: pppd options in effect:
Feb 18 05:34:08 knapsacker pppd[6010]: debug^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: nodetach^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: logfd 2^I^I# (from command line) 
Feb 18 05:34:08 knapsacker pppd[6010]: dump^I^I# (from command line)    
Feb 18 05:34:08 knapsacker pppd[6010]: noauth^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-pap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-chap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-mschap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: refuse-eap^I^I# (from /etc/ppp/options)
Feb 18 05:34:08 knapsacker pppd[6010]: name shishir^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: remotename cseVPN^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: ^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: pty pptp pptp.cse.tamu.edu --nolaunchpppd^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: ipparam cseVPN^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: nobsdcomp^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: nodeflate^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: require-mppe^I^I# (from command line)
Feb 18 05:34:08 knapsacker pppd[6010]: require-mppe-128^I^I# (from /etc/ppp/peers/cseVPN)
Feb 18 05:34:08 knapsacker pppd[6010]: pppd 2.4.4 started by koodoo, uid 0
Feb 18 05:34:08 knapsacker pppd[6010]: Using interface ppp0
Feb 18 05:34:08 knapsacker pppd[6010]: Connect: ppp0 <--> /dev/pts/3
Feb 18 05:34:08 knapsacker pptp[6011]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Feb 18 05:34:08 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Feb 18 05:34:09 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 4576).
Feb 18 05:34:09 knapsacker pptp[6011]: anon log[decaps_gre:pptp_gre.c:405]: discarding duplicate or old packet 0 (expecting 2)
Feb 18 05:34:11 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:950]: PPTP_SET_LINK_INFO received from peer_callid 40280
Feb 18 05:34:11 knapsacker pptp[6016]: anon log[ctrlp_disp:pptp_ctrl.c:953]:   send_accm is 00000000, recv_accm is FFFFFFFF
Feb 18 05:34:11 knapsacker pppd[6010]: CHAP authentication succeeded
Feb 18 05:34:12 knapsacker pppd[6010]: MPPE 128-bit stateless compression enabled
Feb 18 05:34:12 knapsacker dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.9" (uid=1000 pid=3895 comm="kded4 ") interface="org.freedesktop.Hal.Device.CPUFreq" member="GetCPUFreqAvailableGovernors" error name="(unset)" requested_reply=0 destination="org.freedesktop.Hal" (uid=0 pid=3606 comm="/usr/sbin/hald --daemon=yes "))
Feb 18 05:34:15 knapsacker pppd[6010]: local  IP address 192.168.11.203
Feb 18 05:34:15 knapsacker pppd[6010]: remote IP address 192.168.11.130

and my routing table is:
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
pptp.cs.tamu.ed dslrouter.weste 255.255.255.255 UGH   0      0        0 eth1
192.168.11.130  *               255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
169.254.0.0     *               255.255.0.0     U     0      0        0 eth1
loopback        *               255.0.0.0       U     0      0        0 lo
default         dslrouter.weste 0.0.0.0         UG    0      0        0 eth1
Can anyone provide me any pointers as to how to get this working?

Thanks,
koodoo.
 
Old 02-23-2010, 11:31 AM   #2
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
VPN gives you possibility to enter different network. This network is not in your computer subnetwork, so you need to state a GW through which your packets will go to university subnetwork.
Code:
Network                   GW
pptp.cs.tamu.ed      dslrouter.weste     255.255.255.255    UGH   0      0        0 eth1
default                    dslrouter.weste      0.0.0.0                    UG    0      0        0 eth1
I think this is not right, because GW=dslrouter.weste can't be GW for 0.0.0.0 (default) and for pptp.cs.tamu.ed
Network "pptp.cs.tamu.ed" has its own GW, as well as network 192.168.11.130.

What is output of command: ifconfig eth0?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PPTP VPN can connect, but cannot ping terrio Linux - Networking 5 02-18-2010 05:39 AM
Can we do secure PPTP over the SSH, in security, like a VPN? frenchn00b Linux - General 8 11-29-2009 06:49 PM
How can I connect to my VPN server(win2003, pptp) jenen Linux - Networking 4 10-27-2009 12:35 PM
PPTP VPN cant connect to Lan Spunky Linux - Networking 10 10-17-2008 09:18 AM
creating VPN with PPtP to connect to a router Lleb_KCir Linux - General 3 08-11-2004 11:50 PM


All times are GMT -5. The time now is 06:56 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration