LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 11-15-2012, 01:13 AM   #1
suresh.k
Member
 
Registered: Aug 2011
Location: Hyderabad, AP, India
Distribution: centos, Ubuntu
Posts: 163
Blog Entries: 1

Rep: Reputation: Disabled
pptp vpn client disconnecting automatically


Hi,
I have configured pptp vpn server in my centOS 5.5 machine,

i have installed vpn server as foolows
#yum install ppp
#wget http://poptop.sourceforge.net/yum/st...el6.x86_64.rpm
#rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

#vim /etc/pptpd.conf
localip 192.168.10.53 (VPN Server IP)
remoteip 192.168.10.200-300

#vim /etc/ppp/options.pptpd
ms-dns 123.x.x.x (my isp dns ip's)
ms-dns 123.x.x.x

#vim /etc/ppp/chap-secrets
username pptpd passwd *

#vim /etc/sysctl.conf
net.ipv4.ip_forward = 1

#sysctl -p

#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
#iptables -A INPUT -i eth0 -p gre -j ACCEPT

#service iptables save
#service iptables restart
#service pptpd start

Configured port forwading for VPN in router to 1723.

Then went to another windows xp computer which is not in this network,
created VPN network connection,

Then i can able to connect to vpn server,
I am getting
IP - 192.168.10.200
SUBNET MASK - 255.255.255.255
GATEWAY - 192.168.10.200

then i can ping the local network and i can access internet also,
when i am try to access shared folder of network or browsing network IP's, then the vpn connection automatically disconnecting.

here is the log message of pptp server...

Nov 15 15:33:53 admin pptpd[12328]: CTRL: Client 121.243.138.164 control connection started
Nov 15 15:33:53 admin pptpd[12328]: CTRL: Starting call (launching pppd, opening GRE)
Nov 15 15:33:53 admin pppd[12329]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Nov 15 15:33:53 admin pppd[12329]: pppd 2.4.4 started by root, uid 0
Nov 15 15:33:53 admin pppd[12329]: Using interface ppp0
Nov 15 15:33:53 admin pppd[12329]: Connect: ppp0 <--> /dev/pts/2
Nov 15 15:33:56 admin pptpd[12328]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Nov 15 15:33:56 admin pppd[12329]: MPPE 128-bit stateless compression enabled
Nov 15 15:33:58 admin pppd[12329]: found interface eth0 for proxy arp
Nov 15 15:33:58 admin pppd[12329]: local IP address 192.168.10.53
Nov 15 15:33:58 admin pppd[12329]: remote IP address 192.168.10.200
Nov 15 15:34:07 admin pptpd[12328]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Message too long
Nov 15 15:34:07 admin pptpd[12328]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
Nov 15 15:34:07 admin pppd[12329]: Modem hangup
Nov 15 15:34:07 admin pppd[12329]: Connect time 0.2 minutes.
Nov 15 15:34:07 admin pppd[12329]: Sent 12288 bytes, received 3443 bytes.
Nov 15 15:34:07 admin pppd[12329]: MPPE disabled
Nov 15 15:34:07 admin pppd[12329]: Connection terminated.
Nov 15 15:34:07 admin pppd[12329]: Exit.
Nov 15 15:34:07 admin pptpd[12328]: CTRL: Client 121.243.138.164 control connection finished


please help to solve the problem, looked into lot of forums still no luck.

thanks
suresh.

Last edited by suresh.k; 11-15-2012 at 06:22 AM.
 
Old 11-19-2012, 04:33 AM   #2
suresh.k
Member
 
Registered: Aug 2011
Location: Hyderabad, AP, India
Distribution: centos, Ubuntu
Posts: 163
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Can Anybody please help to resolve the issue...
 
Old 11-19-2012, 10:03 AM   #3
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,577

Rep: Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557
Quote:
Originally Posted by suresh.k View Post
Can Anybody please help to resolve the issue...
Don't bump your own threads. All you've succeeded in doing is removing it from the zero-reply list, which makes it LESS VISIBLE, and reduces the chances that anyone will see it. Also, you've marked numerous threads as SOLVED, but have never come back to post the solution or what worked for you...since you come here for help, others do too...posting your solution would mean that others with the same problems can then see one way of solving them.

And if you did "looked into lot of forums", you would have seen things that would have solved your problem. The error itself tells you what the issue is. The GRE (protocol 47) needs to be forwarded through any intermediate routers/switches that the VPN connection runs through. Routers don't do this automatically. It's NOT uncommon to have PPTP VPN passthrough problems with SOHO routers. VPN passthrough ability can change from one particular brand/model/firmware version to the next firmware version. You don't provide any details about your environment, so it's hard to say if that's the issue, but based on the error, it seems likely.

You are going to need to allow the PPTP traffic in through the router. This is where you need to allow IP protocol 47. This might not even be possible with consumer grade devices (that is, setting up PAT-type things), so if you're using a cheap SOHO type router, you may not be able to do this at all.
 
Old 11-20-2012, 01:57 AM   #4
suresh.k
Member
 
Registered: Aug 2011
Location: Hyderabad, AP, India
Distribution: centos, Ubuntu
Posts: 163
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by TB0ne View Post
Don't bump your own threads. All you've succeeded in doing is removing it from the zero-reply list, which makes it LESS VISIBLE, and reduces the chances that anyone will see it.
OK

Quote:
Also, you've marked numerous threads as SOLVED, but have never come back to post the solution or what worked for you...since you come here for help, others do too...posting your solution would mean that others with the same problems can then see one way of solving them.
Yes, But i have posted some of the solutions.
Now onwards I definitely post the solutions as you suggestions.

Quote:
And if you did "looked into lot of forums", you would have seen things that would have solved your problem. The error itself tells you what the issue is. The GRE (protocol 47) needs to be forwarded through any intermediate routers/switches that the VPN connection runs through. Routers don't do this automatically. It's NOT uncommon to have PPTP VPN passthrough problems with SOHO routers. VPN passthrough ability can change from one particular brand/model/firmware version to the next firmware version. You don't provide any details about your environment, so it's hard to say if that's the issue, but based on the error, it seems likely.

You are going to need to allow the PPTP traffic in through the router. This is where you need to allow IP protocol 47. This might not even be possible with consumer grade devices (that is, setting up PAT-type things), so if you're using a cheap SOHO type router, you may not be able to do this at all.
Network Environment:
ISP Modem > Netgear WNDR3800 Router > Switch > Local System's and Server's
I am using Netgear WNDR3800 Router, Can i configure GRE on this Router If yes please let me know how.
I have configured port forwarding(1723) for PPTP on my router.

Thanks
Suresh

Last edited by suresh.k; 11-20-2012 at 08:12 AM.
 
Old 11-20-2012, 09:40 AM   #5
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,577

Rep: Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557
Quote:
Originally Posted by suresh.k View Post
Yes, But i have posted some of the solutions. Now onwards I definitely post the solutions as you suggestions.
Sorry, but I've not seen any.
Quote:
Network Environment:
ISP Modem > Netgear WNDR3800 Router > Switch > Local System's and Server's
I am using Netgear WNDR3800 Router, Can i configure GRE on this Router If yes please let me know how.
I have configured port forwarding(1723) for PPTP on my router.
Ok, so did you read my first reply??? AGAIN, most SOHO type routers won't do PAT/GRE...if you want to know if the particular router that you already have supports it, then I'd suggest you read the manual that came with it, or contact their tech support folks. Also said in my first reply, is that you need GRE allowed through your firewalls/routers, along with port 1723, which you already have.

You still haven't posted complete details (you say it goes to a 'switch'...you don't say what kind), but again, if that switch doesn't support/is blocking GRE, then you're still stuck, no matter what your router can do.
 
Old 11-21-2012, 12:21 AM   #6
suresh.k
Member
 
Registered: Aug 2011
Location: Hyderabad, AP, India
Distribution: centos, Ubuntu
Posts: 163
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Quote:
AGAIN, most SOHO type routers won't do PAT/GRE...if you want to know if the particular router that you already have supports it, then I'd suggest you read the manual that came with it, or contact their tech support folks. Also said in my first reply, is that you need GRE allowed through your firewalls/routers, along with port 1723, which you already have.
OK, I am a newbie in Linux system administration, working in a small office, so that I am practising in local network to how to configure PPTP VPN in Linux. I have configured VPN as mention above procedure, by looking into some of you tube videos, so that I don't now that need to allow GRE or not through firewall/routers. I just configured as mentioned in you tube videos.

Quote:
You still haven't posted complete details ch'.(you say it goes to a 'swit..you don't say what kind), but again, if that switch doesn't support/is blocking GRE, then you're still stuck, no matter what your router can do.
My Switch is D-Link DES-1024D,

Thanks
Suresh

Last edited by suresh.k; 11-21-2012 at 12:24 AM.
 
Old 11-21-2012, 09:48 AM   #7
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,577

Rep: Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557Reputation: 2557
Quote:
Originally Posted by suresh.k View Post
OK, I am a newbie in Linux system administration,
You've been registered here for over a year now.
Quote:
working in a small office, so that I am practising in local network to how to configure PPTP VPN in Linux. I have configured VPN as mention above procedure, by looking into some of you tube videos, so that I don't now that need to allow GRE or not through firewall/routers. I just configured as mentioned in you tube videos.

My Switch is D-Link DES-1024D,
Great...so, your problem remains the same. You've got a VPN working, and now need to enable GRE. AGAIN you need to configure your switches/routers to allow this. That means that YOU need to read the manuals on those devices, and find out if they can actually support that feature or not. If they can't, they you obviously cannot use GRE with that hardware. So you either have the choice of NOT using GRE, or buying new hardware.

If they DO support GRE, then the manuals will TELL YOU how to enable it....so follow those instructions. Not much anyone here can help with...this is something that YOU have to set up in your networking hardware.
 
Old 11-21-2012, 10:52 PM   #8
suresh.k
Member
 
Registered: Aug 2011
Location: Hyderabad, AP, India
Distribution: centos, Ubuntu
Posts: 163
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
OK TB0ne

Thank you very much for your support.

Suresh,
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PPTP Packets from the VPN Client Cannot Reach the VPN server SubZeroJake Linux - Networking 1 05-14-2012 06:52 PM
PPTP VPN client Farrukh Fida Linux - Networking 6 01-28-2010 02:02 AM
PPTP VPN connect automatically (auto dial home) exactiv Linux - Networking 1 11-26-2008 06:20 PM
LXer: Linux Configure point to point tunneling PPTP VPN client for Microsoft PPTP vpn server LXer Syndicated Linux News 0 06-13-2007 08:46 AM
vpn pptp client sameer666 Solaris / OpenSolaris 2 09-15-2006 04:44 AM


All times are GMT -5. The time now is 09:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration