|
Poptop error when connecting
I tried to establish an VPN connection within the LAN and I failed. Got the following log from /var/log/messages
Jan 26 13:30:13 FRANKIE-LINUX pptpd[9204]: CTRL: Client 192.168.0.4 control conn ection started Jan 26 13:30:13 FRANKIE-LINUX pptpd[9204]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 13:30:16 FRANKIE-LINUX pptpd[9204]: GRE: read(fd=5,buffer=804d920,len=819 6) from PTY failed: status = -1 error = Input/output error Jan 26 13:30:16 FRANKIE-LINUX pptpd[9204]: CTRL: PTY read or GRE write failed (p ty,gre)=(5,8) Jan 26 13:30:16 FRANKIE-LINUX pptpd[9204]: CTRL: Client 192.168.0.4 control conn ection finished What does that GRE and PTY mean? Thanks |
You will get this message if the GRE encrypted tunnel won't start..
Usually means the kernelmod mppe module hasn't loaded (or you didn't compile one). Check insmod ppp_mppe & insmod ip_gre If they both load ok, add aliases to them in /etc/modules.conf (or whatever file creates this), eg alias ppp-compress-18 ppp_mppe alias net-pf-47 ip_gre to allow pppd to load them automagically.. If they don't exist, jump back to the PoPtOp site and download the kernelmod prog and read the README file after unpacking it. |
Peter, Thanks for the reply.
I have downloaded kernelmod from the poptop site and installed it successfully. Now when I type #lsmod it shows that mppe and ip_gre are both being loaded. Like this: Module Size Used by Tainted: P ppp_mppe 13944 0 (unused) ip_gre 11072 0 (unused) However, it still doesn't work... /var/log/messages shows Jan 26 14:57:52 FRANKIE-LINUX pptpd[11664]: CTRL: Client 192.168.0.4 control connection started Jan 26 14:57:52 FRANKIE-LINUX pptpd[11664]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 14:57:53 FRANKIE-LINUX pptpd[11664]: GRE: read(fd=5,buffer=804d920,len=8196) from PTY failed: status = -1 error = Input/output error Jan 26 14:57:53 FRANKIE-LINUX pptpd[11664]: CTRL: PTY read or GRE write failed (pty,gre)=(5,8) Jan 26 14:57:53 FRANKIE-LINUX pptpd[11664]: CTRL: Client 192.168.0.4 control connection finished So, I am now planning to try 1. Restart my Linux box since I am not sure if I have to reboot after re-compling the kernel ( inatalling the kernelmod) 2. Try to use a WinXP client instead of a Mac OS X one. Will come back to you guys asap. |
The following comes out if I use WinXP Pro as the client.
#grep pptp /var/log/messages Jan 26 15:08:36 FRANKIE-LINUX pptpd[11692]: CTRL: Client 192.168.0.3 control connection started Jan 26 15:08:36 FRANKIE-LINUX pptpd[11692]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 15:08:36 FRANKIE-LINUX pptpd[11692]: GRE: Discarding duplicate packet Jan 26 15:08:39 FRANKIE-LINUX pptpd[11692]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Jan 26 15:08:39 FRANKIE-LINUX pptpd[11692]: CTRL: Client 192.168.0.3 control connection finished I really need to sort this out soon... Thanks guys |
now something strange happened.
After rebooting, I can't load the ppp_mppe module. when i type #insmod ppp_mppe it says Using /lib/modules/2.4.20-28.9/kernel/drivers/net/ppp_mppe.o /lib/modules/2.4.20-28.9/kernel/drivers/net/ppp_mppe.o: unresolved symbol ppp_register_compressor_R9682e733 /lib/modules/2.4.20-28.9/kernel/drivers/net/ppp_mppe.o: unresolved symbol ppp_unregister_compressor_Ra1b928df /lib/modules/2.4.20-28.9/kernel/drivers/net/ppp_mppe.o: Hint: You are trying to load a module without a GPL compatible license and it has unresolved symbols. The module may be trying to access GPLONLY symbols but the problem is more likely to be a coding or user error. Contact the module supplier for assistance, only they can help you. Perhaps the problem is not merely from ppp_mppe, but surely there's a problem here as i cant load this module.... anyone give me a light? |
Add the "Debug" keyword to both the pptpd.conf and options.pptpd files to get more output to work with...
Some of the messages will come from pppd as well as pptpd.. What version of ppp are you using? |
You won't need to manually load any modules!
I think the error message is because pppd hasn't started yet and loaded it's modules... Kernelmod makes a new ppp_generic.o module as well... |
cheers.
heres the log. Jan 26 16:33:32 FRANKIE-LINUX pptpd[2784]: MGR: Manager process started Jan 26 16:33:37 FRANKIE-LINUX pptpd[2791]: CTRL: Client 192.168.0.4 control connection started Jan 26 16:33:37 FRANKIE-LINUX pptpd[2791]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 16:33:37 FRANKIE-LINUX kernel: application bug: pppd(2792) has SIGCHLD set to SIG_IGN but calls wait(). Jan 26 16:33:37 FRANKIE-LINUX kernel: (see the NOTES section of 'man 2 wait'). Workaround activated. Jan 26 16:33:37 FRANKIE-LINUX kernel: CSLIP: code copyright 1989 Regents of the University of California Jan 26 16:33:37 FRANKIE-LINUX kernel: PPP generic driver version 2.4.2 Jan 26 16:33:37 FRANKIE-LINUX pppd[2792]: pppd 2.4.2b3 started by root, uid 0 Jan 26 16:33:37 FRANKIE-LINUX pppd[2792]: Using interface ppp0 Jan 26 16:33:37 FRANKIE-LINUX pppd[2792]: Connect: ppp0 <--> /dev/pts/2 Jan 26 16:33:38 FRANKIE-LINUX /etc/hotplug/net.agent: assuming ppp0 is already up Jan 26 16:33:40 FRANKIE-LINUX pppd[2792]: peer refused to authenticate: terminating link Jan 26 16:33:41 FRANKIE-LINUX pppd[2792]: Connection terminated. Jan 26 16:33:41 FRANKIE-LINUX pppd[2792]: Exit. Jan 26 16:33:41 FRANKIE-LINUX pptpd[2791]: GRE: read(fd=5,buffer=804d920,len=8196) from PTY failed: status = -1 error = Input/output error Jan 26 16:33:41 FRANKIE-LINUX pptpd[2791]: CTRL: PTY read or GRE write failed (pty,gre)=(5,8) Jan 26 16:33:41 FRANKIE-LINUX pptpd[2791]: CTRL: Client 192.168.0.4 control connection finished Jan 26 16:33:41 FRANKIE-LINUX /etc/hotplug/net.agent: NET unregister event not supported |
I have to use webmin to startup pptp and pptpd, so what's the command of doing that?
cheers |
service pptpd start
service pptpd stop The error message says the client refused to authenticate. Which chap~ options have you selected? Is the client set the same? # cat options.pptpd ## CHANGE TO SUIT YOUR SYSTEM lock noauth mtu 1450 mru 1450 ipcp-accept-local ipcp-accept-remote lcp-echo-failure 3 lcp-echo-interval 5 nodeflate ## turn pppd syslog debugging on debug ## change 'pptpd' to whatever you specify as your server name in chap-secrets name pptpd proxyarp #nobsdcomp # This option applies if you use ppp with chapms-strip-domain patch #chapms-strip-domain # These options apply if you use ppp with mppe patch # NB! You should also apply the ChapMS-V2 patch -chap #+chap -chapms #require-chapms-v2 +chapms-v2 #refuse-pap #refuse-chap #refuse-mschap #-eap #mppe-40 mppe-128 #require-mppe mppe-stateless # These options will tell ppp to pass on these to your clients # To use ms-dns or ms-dns in options.pptpd it must exist in /etc/resolv.conf #ms-wins your.server.here #ms-dns your.server.here |
What should be the settings for a standard WinXP Pro client and Mac OS X?
The shipped in VPN connection client in XP lets me alter settings such as using CHAP, CHAP 2 or MS CHAP... but the stand OS X one doesn't seem to come up with setting like that. after chaging the settings, we have a log like this (Using XP as the client) Jan 26 17:24:24 FRANKIE-LINUX pptpd[3037]: CTRL: Client 192.168.0.3 control connection started Jan 26 17:24:24 FRANKIE-LINUX pptpd[3037]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 17:24:24 FRANKIE-LINUX pppd[3038]: pppd 2.4.2b3 started by root, uid 0 Jan 26 17:24:24 FRANKIE-LINUX pppd[3038]: Using interface ppp0 Jan 26 17:24:24 FRANKIE-LINUX pppd[3038]: Connect: ppp0 <--> /dev/pts/2 Jan 26 17:24:24 FRANKIE-LINUX /etc/hotplug/net.agent: assuming ppp0 is already up Jan 26 17:24:24 FRANKIE-LINUX pptpd[3037]: GRE: Discarding duplicate packet Jan 26 17:24:27 FRANKIE-LINUX pptpd[3037]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Jan 26 17:24:27 FRANKIE-LINUX modprobe: modprobe: Can't locate module ppp-compress-21 Jan 26 17:24:27 FRANKIE-LINUX modprobe: modprobe: Can't locate module ppp-compress-21 Jan 26 17:24:27 FRANKIE-LINUX pppd[3038]: CHAP peer authentication succeeded for testing Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: LCP terminated by peer (3M-FrM-@^@<M-Mt^@^@^BM-f) Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Modem hangup Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Connection terminated. Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Connect time 0.1 minutes. Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Sent 80 bytes, received 66 bytes. Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Connect time 0.1 minutes. Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Sent 80 bytes, received 66 bytes. Jan 26 17:24:28 FRANKIE-LINUX pppd[3038]: Exit. Jan 26 17:24:28 FRANKIE-LINUX pptpd[3037]: CTRL: Client 192.168.0.3 control connection finished Jan 26 17:24:28 FRANKIE-LINUX /etc/hotplug/net.agent: NET unregister event not supported But can we disable the authentication in the first place, just to see if the tunnel works? but will the data in the tunnel be encrypted without authenication? Thanks Peter |
No authentication, no connect...
ppp-compress-21 is the bsd_comp module used by pppd if you don't have the "nobsdcomp" keyword in options.pptpd You need the GRE encryption to perform the chapms-V2 handshaking.. Options for XP are; http://poptop.sourceforge.net/dox/pptp_win2k/ and make sure "compression" is off in the PPTP VPN "Settings" box |
Also, check man pppd and see what format your chap & mppe options are, then change options.pptpd to match...
|
With my options.pptp like this:
I can successfully establish the connection between my Linux Box and XP, where the latter is the client (With compression off in the VPN PPTP setting under 'Properties'). And I yet to sort out the problem in my OS X box, I am looking for a decent PPTP client so I can do all the settings... any suggestions? Big thanks Peter p.s. I've kept some references below so people can sort out some of the similar questions by reading old posts. options.pptp: ## CHANGE TO SUIT YOUR SYSTEM lock ## turn pppd syslog debugging on debug ## change 'pptpd' to whatever you specify as your server name in chap-secrets name pptpd # Don't need this nobsdcomp # Tell pptpd to find local interface and put it in proxyarp mode proxyarp # This option applies if you use ppp with chapms-strip-domain patch #chapms-strip-domain # These options are for use with the OpenSSL-licensed patch # This flavor will be obsoleted ASAP. # NB! You should also apply the ChapMS-V2 patch -chap -chapms +chapms-v2 mppe-40 # both 40-bits and 128-bits encryption bite eachother mppe-128 mppe-stateless # These options are for use with the BSD-licensed patch (ppp => 2.4.2) # This is the default implementation #refuse-pap #refuse-chap #refuse-mschap #require-mschap-v2 #require-mppe # These options will tell ppp to pass on these to your clients # To use ms-dns or ms-dns in options.pptpd it must exist in /etc/resolv.conf #ms-wins <ip-of-your-winsserver> ms-dns 212.23.8.1 The log in /var/log/messages looks as follow: Jan 26 21:05:45 FRANKIE-LINUX pptpd[3447]: CTRL: Client 192.168.0.3 control connection started Jan 26 21:05:45 FRANKIE-LINUX pptpd[3447]: CTRL: Starting call (launching pppd, opening GRE) Jan 26 21:05:45 FRANKIE-LINUX pppd[3448]: pppd 2.4.2b3 started by root, uid 0 Jan 26 21:05:45 FRANKIE-LINUX pppd[3448]: Using interface ppp0 Jan 26 21:05:45 FRANKIE-LINUX pppd[3448]: Connect: ppp0 <--> /dev/pts/2 Jan 26 21:05:45 FRANKIE-LINUX /etc/hotplug/net.agent: assuming ppp0 is already up Jan 26 21:05:46 FRANKIE-LINUX pptpd[3447]: GRE: Discarding duplicate packet Jan 26 21:05:48 FRANKIE-LINUX pptpd[3447]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Jan 26 21:05:48 FRANKIE-LINUX pppd[3448]: Cannot determine ethernet address for proxy ARP Jan 26 21:05:48 FRANKIE-LINUX pppd[3448]: local IP address 192.168.0.10 Jan 26 21:05:48 FRANKIE-LINUX pppd[3448]: remote IP address 192.168.1.234 :study: :study: |
| All times are GMT -5. The time now is 11:40 AM. |