VPN problem

xnetua · 10-30-2008, 02:08 PM

Hi guys.

I'm trying to set up poptop VPN at my Centos 5.2 server (2.6.18-92.el5 #1 SMP, x86_64)
There is no pptpd RPM for x86_64 so I've compiled it from source.
ppp was installed from Centos Base repo (ppp-2.4.4-1.el5)

pptpd.conf:

Code:

option /etc/ppp/options
logwtmp
localip 192.168.1.200
remoteip 192.168.1.20-40

/etc/ppp/options:

Code:

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

When I try to connect to the server I get disconnection.

From server logs:

Code:

Oct 30 14:16:41 stekov pptpd[2750]: MGR: Manager process started
Oct 30 14:16:41 stekov pptpd[2750]: MGR: Maximum of 21 connections available
Oct 30 14:16:51 stekov pptpd[2752]: CTRL: Client 93.178.76.72 control connection started
Oct 30 14:16:51 stekov pptpd[2752]: CTRL: Starting call (launching pppd, opening GRE)
Oct 30 14:16:51 stekov pppd[2753]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so is for pppd version 2.4.3, this is 2.4.4
Oct 30 14:16:51 stekov pptpd[2752]: GRE: read(fd=6,buffer=610880,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpect
ed termination of pppd, check option syntax and pppd logs
Oct 30 14:16:51 stekov pptpd[2752]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Oct 30 14:16:51 stekov pptpd[2752]: CTRL: Client 93.178.76.72 control connection finished

modules:

Code:

# lsmod | grep ppp
ppp_async              45249  0
crc_ccitt              35265  1 ppp_async
ppp_mppe               39881  0
ppp_generic            62689  2 ppp_async,ppp_mppe
slhc                   39873  1 ppp_generic

# lsmod | grep gre
ip_gre                 47329  0

# lsmod | grep nat
ip_nat_ftp             36545  0
ip_conntrack_ftp       41489  1 ip_nat_ftp
iptable_nat            40773  0
ip_nat_pptp            39365  0
ip_conntrack_pptp      45665  1 ip_nat_pptp
ip_nat                 53100  3 ip_nat_ftp,iptable_nat,ip_nat_pptp
ip_conntrack           91237  7 ip_nat_ftp,ip_conntrack_ftp,iptable_nat,ip_nat_pptp,ip_conntrack_pptp,ip_nat,ip_conntrack_netbios_ns
nfnetlink              40457  2 ip_nat,ip_conntrack
ip_tables              55329  3 iptable_mangle,iptable_nat,iptable_filter
x_tables               50377  7 ipt_REJECT,ipt_tos,iptable_nat,ip_tables,ip6t_REJECT,xt_tcpudp,ip6_tables

Then I've removed ppp-2.4.4 and installed ppp-2.4.3 from source.
I'm able to start the connection now but it stucks at login/password checking and then drops the connection.

I see the following records at logs:

Code:

Oct 30 19:19:18 stekov pptpd[5128]: CTRL: Client 93.178.76.72 control connection started
Oct 30 19:19:18 stekov pptpd[5128]: CTRL: Starting call (launching pppd, opening GRE)
Oct 30 19:19:18 stekov pppd[5129]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Oct 30 19:19:18 stekov pppd[5129]: pppd 2.4.3 started by root, uid 0
Oct 30 19:19:18 stekov pppd[5129]: Using interface ppp0
Oct 30 19:19:18 stekov pppd[5129]: Connect: ppp0 <--> /dev/pts/2
Oct 30 19:19:48 stekov pppd[5129]: LCP: timeout sending Config-Requests
Oct 30 19:19:48 stekov pppd[5129]: Connection terminated.
Oct 30 19:19:48 stekov pppd[5129]: Using interface ppp0
Oct 30 19:19:48 stekov pppd[5129]: Connect: ppp0 <--> /dev/pts/2
Oct 30 19:19:48 stekov pppd[5129]: tcflush failed: Bad file descriptor
Oct 30 19:19:48 stekov pppd[5129]: tcsetattr: Invalid argument (line 1001)
Oct 30 19:19:48 stekov pppd[5129]: Exit.
Oct 30 19:19:48 stekov pptpd[5128]: GRE: read(fd=6,buffer=610880,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Oct 30 19:19:48 stekov pptpd[5128]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Oct 30 19:19:48 stekov pptpd[5128]: CTRL: Client 93.178.76.72 control connection finished

LCP and software data compression are disabled.

What's wrong with it?

snugglefuss · 10-31-2008, 07:37 AM

I searched Google using the search term "tcflush failed pppd pptpd" without the quotes.

One of the results
http://www.webhostingtalk.com/showthread.php?t=676331

In that forum a person suggests to
The problem is happening when pptpd attempts to use pppd for its services. You will need the debug information to investigate this more.

Take a look here to find out how to enable debugging...
http://pptpclient.sourceforge.net/ho...is.phtml#debug

The break down in your connection is covered here....
http://pptpclient.sourceforge.net/ho...ml#lcp_timeout

So it seems the best option is to get logging enabled as described on http://pptpclient.sourceforge.net website in the Diagnosis HOWTO page. That page seems to have a detailed diagnosis analysis once you get your debug logging sorted out for the pptp client.

Don't know much about this myself but I also need to set up a vpn on Ubuntu soon so I would like to know if you come right. Good luck!