pptp vpn client disconnecting automatically
I have configured pptp vpn server in my centOS 5.5 machine,
i have installed vpn server as foolows
#yum install ppp
#rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm
localip 192.168.10.53 (VPN Server IP)
ms-dns 123.x.x.x (my isp dns ip's)
username pptpd passwd *
net.ipv4.ip_forward = 1
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
#iptables -A INPUT -i eth0 -p gre -j ACCEPT
#service iptables save
#service iptables restart
#service pptpd start
Configured port forwading for VPN in router to 1723.
Then went to another windows xp computer which is not in this network,
created VPN network connection,
Then i can able to connect to vpn server,
I am getting
IP - 192.168.10.200
SUBNET MASK - 255.255.255.255
GATEWAY - 192.168.10.200
then i can ping the local network and i can access internet also,
when i am try to access shared folder of network or browsing network IP's, then the vpn connection automatically disconnecting.
here is the log message of pptp server...
Nov 15 15:33:53 admin pptpd: CTRL: Client 220.127.116.11 control connection started
Nov 15 15:33:53 admin pptpd: CTRL: Starting call (launching pppd, opening GRE)
Nov 15 15:33:53 admin pppd: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Nov 15 15:33:53 admin pppd: pppd 2.4.4 started by root, uid 0
Nov 15 15:33:53 admin pppd: Using interface ppp0
Nov 15 15:33:53 admin pppd: Connect: ppp0 <--> /dev/pts/2
Nov 15 15:33:56 admin pptpd: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Nov 15 15:33:56 admin pppd: MPPE 128-bit stateless compression enabled
Nov 15 15:33:58 admin pppd: found interface eth0 for proxy arp
Nov 15 15:33:58 admin pppd: local IP address 192.168.10.53
Nov 15 15:33:58 admin pppd: remote IP address 192.168.10.200
Nov 15 15:34:07 admin pptpd: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Message too long
Nov 15 15:34:07 admin pptpd: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
Nov 15 15:34:07 admin pppd: Modem hangup
Nov 15 15:34:07 admin pppd: Connect time 0.2 minutes.
Nov 15 15:34:07 admin pppd: Sent 12288 bytes, received 3443 bytes.
Nov 15 15:34:07 admin pppd: MPPE disabled
Nov 15 15:34:07 admin pppd: Connection terminated.
Nov 15 15:34:07 admin pppd: Exit.
Nov 15 15:34:07 admin pptpd: CTRL: Client 18.104.22.168 control connection finished
please help to solve the problem, looked into lot of forums still no luck.
Can Anybody please help to resolve the issue...
And if you did "looked into lot of forums", you would have seen things that would have solved your problem. The error itself tells you what the issue is. The GRE (protocol 47) needs to be forwarded through any intermediate routers/switches that the VPN connection runs through. Routers don't do this automatically. It's NOT uncommon to have PPTP VPN passthrough problems with SOHO routers. VPN passthrough ability can change from one particular brand/model/firmware version to the next firmware version. You don't provide any details about your environment, so it's hard to say if that's the issue, but based on the error, it seems likely.
You are going to need to allow the PPTP traffic in through the router. This is where you need to allow IP protocol 47. This might not even be possible with consumer grade devices (that is, setting up PAT-type things), so if you're using a cheap SOHO type router, you may not be able to do this at all.
Now onwards I definitely post the solutions as you suggestions.
ISP Modem > Netgear WNDR3800 Router > Switch > Local System's and Server's
I am using Netgear WNDR3800 Router, Can i configure GRE on this Router If yes please let me know how.
I have configured port forwarding(1723) for PPTP on my router.
You still haven't posted complete details (you say it goes to a 'switch'...you don't say what kind), but again, if that switch doesn't support/is blocking GRE, then you're still stuck, no matter what your router can do.
If they DO support GRE, then the manuals will TELL YOU how to enable it....so follow those instructions. Not much anyone here can help with...this is something that YOU have to set up in your networking hardware.
Thank you very much for your support.
|All times are GMT -5. The time now is 10:21 AM.|