VPN Server Problem

jwaustin · 05-21-2007, 12:31 PM

I have been able to connect to my domain using a PPTP connection from inside my firewall. The connection points to the internal IP address 192.168.0.102 of the Linux box serving the VPN access.

What I was unable to test was a connection out through the firewall (DLink 624) to the firewall's external address, this should be port forwarded to the 192.168.0.102 address of the Linux box. I have not tested that since I found the DLink document quoted above but I would expect that to work.

I thought you were describing attempt to call out from inside the inner network protected by the Linux box. In my case 192.168.1.* addresses. I understand this is not supposed to work.

moenterprise · 05-21-2007, 12:39 PM

I'm trying to do what you did.

Quote:

Originally Posted by jwaustin

I have been able to connect to my domain using a PPTP connection from inside my firewall. The connection points to the internal IP address 192.168.0.102 of the Linux box serving the VPN access.

moenterprise · 05-21-2007, 02:20 PM

I think the problem is that pptpd can't match my username, password and/or domain because my new error message is:

Code:

pppd[26754]: Peer MOENTERPRISE\\darren.mo failed CHAP authentication
pppd[26754]: Connection terminated.
pppd[26754]: Exit.
pptpd[26753]: GRE: read(fd=6,buffer=8059680,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
pptpd[26753]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)

moenterprise · 05-21-2007, 02:27 PM

This is my chap-secrets file (with some comments cut out):

Code:

* pptpd &/etc/samba/smbpasswd *

I did that line myself.

moenterprise · 05-25-2007, 10:20 PM

Hello? Anybody?

scheidel21 · 05-26-2007, 04:44 PM

Try a test comment out that line in your chap-secrets file and place a valid username for the domain in the file with a password, try logging on using that usernae and password, the you will at least see if it's an error in your Chap-secrets line or within samba, but it would let you know if the VPN is working appropriately.

moenterprise · 06-03-2007, 05:16 PM

I have figured out that it is VPN's authentication process that is giving me trouble. This is my chap-secrets:

Code:

darren.mo pptpd mypassword *

On my Windows machine, I typed in the correct username and password and I allowed only CHAP authentication. This is the log file:

Code:

The remote system is required to authenticate itself
but I couldn't find any suitable secret (password) for it to use to do so.
(None of the available passwords would let it use an IP address.)

So that didn't work...

Next I tried VPN with no authentication at all. I put "noauth" in both /etc/pptpd.conf and /etc/ppp/options.pptpd. It connected perfectly!
Hmmmmm...I wonder if that log message about the IP address is important...

moenterprise · 06-05-2007, 11:04 PM

I DID IT!!! All I had to do was put quotes around my password because my password has all sorts of symbols (including the # symbol, which is also a comment).

But now...I have a new question! How do I configure my server so that I can connect from another computer on the network out to moenterprise.no-ip.org instead of 192.168.249.105? It doesn't work because the server thinks that it is looping back because both computers are behind the same router. So...how? Do I edit the /etc/hosts file or something?

scheidel21 · 06-06-2007, 05:44 AM

You have to khook that computer up to a diffeerent internet connection, the easiest to test is to use a modem PPP connection to test it.

veroaimeca · 06-06-2007, 06:24 AM

http://www.pink-martini.org/missions...rMeOJ7Lhf6Vu5L