LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-03-2004, 10:44 AM   #1
bmschkerke
LQ Newbie
 
Registered: Mar 2004
Posts: 8

Rep: Reputation: 0
SuSE 9.1 VPN Connection to WatchGuard Firebox 4500


System Specifications:
SuSE 9.1 Professional
php-gtk-pcntl-1.0.0-0.i386.rpm
php-pcntl-4.3.7-0.i386.rpm
pptpconfig-20040619-0.noarch.rpm
pptp-linux-1.5.0-1.i386.rpm
pptp-1.4.0-39
ppp-2.4.2-39.3

Using pptpconfig I have set up a VPN connection using these details:

Server
Name: VPN
Server: vpn.mycompany.com
Domain: none
Username: username
Password: password

Routing
Routing Style: Client to LAN
Networks: 10.0.50.0/24 CompanyNetwork

DNS
Automatic: unchecked
Servers: blank
Options: blank

Encryption
Require Microsoft Point to Point Encryption (MPPE): Unchecked
Refuse 40 bit Encryption: Unchecked
Refuse 128 bit Encryption: Unchecked
Refuse Stateless Encryption: Unchecked
Refuse to Authenticate with EAP: Checked

Miscellaneous
Start tunnel when this program starts: Unchecked
Reconnect if disconnected: Checked
Enabled connection debugging facilities: Checked
Options (pppd): blank
Options (pptp): blank

Selecting my created tunnel and hitting start brings up a new X window with the connection status in it.

My information, slightly edited, is below:

Code:
pptpconfig: debug information dump begins
WARNING: security sensitive information follows
pptpconfig 1.2 2004/06/19 08:57:15
# pppd --version
pppd version 2.4.2
# uname -a
Linux linux 2.6.5-7.75-default #1 Mon Jun 14 10:44:37 UTC 2004 i686 i686 i386 GNU/Linux
# grep mppe /proc/modules
ppp_mppe 16128 0 - Live 0xfad9e000
ppp_generic 29332 4 ppp_deflate,bsd_comp,ppp_async,ppp_mppe, Live 0xfad95000
# modinfo ppp_mppe
license:        BSD without advertisement clause
depends:        ppp_generic
supported:      yes
vermagic:       2.6.5-7.75-default 586 REGPARM gcc-3.3
Array
(
    [name] => VPN
    [server] => XXX.XXX.XXX.XXX
    [domain] => 
    [username] => XXXXXXXXXX
    [password] => (hidden by pptpconfig)
    [pppd-options] => 
    [pptp-options] => 
    [resolv] => 
    [dns-options] => 
    [routing] => routing_client_to_lan
    [usepeerdns] => 
    [require-mppe] => 
    [nomppe-40] => 
    [nomppe-128] => 
    [refuse-eap] => 1
    [mppe-stateful] => 
    [autostart] => 
    [iconify] => 
    [persist] => 1
    [debug] => 1
    [client-to-lan] => a:1:{s:12:"10.0.50.0/24";s:5:"VPN";}
)
# route -n (before pppd)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.0.254   0.0.0.0         UG    0      0        0 eth0
pptpconfig: debug information dump ends, starting pppd
pppd options in effect:
debug		# (from /etc/ppp/peers/VPN)
updetach		# (from command line)
idle 600		# (from /etc/ppp/options)
persist		# (from /etc/ppp/peers/VPN)
logfd 1		# (from command line)
linkname VPN		# (from /etc/ppp/peers/VPN)
dump		# (from /etc/ppp/peers/VPN)
active-filter xxx # [don't know how to print value]		# (from /etc/ppp/filters)
noauth		# (from /etc/ppp/options.pptp)
refuse-eap		# (from /etc/ppp/peers/VPN)
name XXXXXXXX		# (from /etc/ppp/peers/VPN)
remotename VPN		# (from /etc/ppp/peers/VPN)
		# (from /etc/ppp/options.pptp)
pty pptp XXX.XXX.XXX.XXX --nolaunchpppd 		# (from /etc/ppp/peers/VPN)
crtscts		# (from /etc/ppp/options)
		# (from /etc/ppp/options)
asyncmap 0		# (from /etc/ppp/options)
lcp-echo-failure 4		# (from /etc/ppp/options)
lcp-echo-interval 30		# (from /etc/ppp/options)
lcp-restart 2		# (from /etc/ppp/options)
lcp-max-configure 60		# (from /etc/ppp/options)
ipparam VPN		# (from /etc/ppp/peers/VPN)
noipdefault		# (from /etc/ppp/options)
nobsdcomp		# (from /etc/ppp/options.pptp)
nodeflate		# (from /etc/ppp/options.pptp)
noipx		# (from /etc/ppp/options)
using channel 29
Using interface ppp0
pptpconfig: monitoring interface ppp0
Connect: ppp0 <--> /dev/pts/1

[...edited out CHAP negotiation because I'm not sure how sensitive it is..]

rcvd [CHAP Success id=0x1 "S=89C48B213C116F1261CE41F968FC25E273BC0C0D"]
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfReq id=0x1 <addr 10.0.50.254>]
sent [IPCP ConfAck id=0x1 <addr 10.0.50.254>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [IPCP ConfNak id=0x2 <addr 10.0.50.231>]
sent [IPCP ConfReq id=0x3 <addr 10.0.50.231>]
rcvd [IPCP ConfAck id=0x3 <addr 10.0.50.231>]
local  IP address 10.0.50.231
remote IP address 10.0.50.254
# route -n (after pppd exit)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.50.254     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.0.254   0.0.0.0         UG    0      0        0 eth0
pptpconfig: pppd process exit status 0 (started)
ip route add XXX.XXX.XXX.XXX via 192.168.0.254 dev eth0  src 192.168.0.102
ip route add '10.0.50.0/24' dev 'ppp0'
pptpconfig: routes added to remote networks
pptpconfig: connected
# route -n (after completion)
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.50.254     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
XXX.XXX.XXX.XXX 192.168.0.254   255.255.255.255 UGH   0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.50.0       0.0.0.0         255.255.255.0   U     0      0        0 ppp0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.0.254   0.0.0.0         UG    0      0        0 eth0

ping -c 5 10.0.50.254
PING 10.0.50.254 (10.0.50.254) 56(84) bytes of data.

--- 10.0.50.254 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4000ms

pptpconfig: command failed, exit code 1
The VPN server is a WatchGuard 4500. I connect to it routinely from Windows XP Professional (both without SP1 and with SP1). The general settings under Windows XP are:

General
Host Name or IP Address: XXX.XXX.XXX.XXX

Options
Display progress while connecting: Checked
Prompt for name and password, certificate, etc: Checked
Include Windows logon domain: Unchecked
Redial Attempts: 3
Time between Redial Attempts: 1 minute
Idle Time before hanging up: Never
Redial Line if Dropped: Checked

Security
Typical: Checked
Validate my identity as follows: Require secured password
Automatically use my Windows logon name and password (and domain, if any): Unchecked
Require data encryption (disconnect if none): Checked

Networking
Type of VPN: Automatic
Enable LCP Extensions: Checked
Enable software compression: Checked
Negotiate multi link for single link connections: Unchecked

Internet (TCP/IP) Protocol Settings
Obtain an IP address automatically: Selected
Obtain DNS server address automatically: Selected
Use default gateway on remote network: Unchecked
DNS server addresses: blank
WINS server addresses: blank

I am not an IPSec user, I am a PPTP user.

The end result is that I can't get any traffic to go over the created device. The data just goes poof. No pings, traceroutes, nada. This is brand new install of SuSE 9.1 as well.

Any help?
 
Old 07-26-2004, 11:46 AM   #2
dotc
LQ Newbie
 
Registered: May 2004
Location: Dallas
Posts: 14

Rep: Reputation: 0
need help

Hi:
I am sorry. I am not that familiar with the problem. But, I may need some help from you. You were talking about VPN from SuSE 9.1 to Firebox. We have a similar setup with SuSE 9.0 and Firebox 500. Can you please tell me how to set up an VPN connection from SuSE 9.0 Firewall to the Firebox it will be very helpful.
regards
Chethan Channappa
 
Old 03-08-2005, 07:27 PM   #3
jason_gram89
LQ Newbie
 
Registered: Mar 2005
Posts: 4

Rep: Reputation: 0
I have the exact same problem

Has anyone found a solution to this yet??
 
Old 06-13-2006, 06:01 PM   #4
ericheine
LQ Newbie
 
Registered: Jan 2006
Posts: 1

Rep: Reputation: 0
Same problem with SuSE 10.0. . .

It seems to have been quite a while since bmschkerke posted his original question, but I am having this EXACT same problem with SuSE 10.0, as well.

If anyone has any further ideas, your input would be greatly appreciated.

Thanks,

Eric Heine
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firebox based browser logicalfuzz Linux - Software 2 11-02-2005 11:27 PM
vpn connection bahramcho Linux - Networking 1 05-04-2005 08:58 AM
vpn connection bahramcho Linux - Networking 1 04-29-2005 12:42 PM
Snortsam and a Watchguard havelino Linux - Hardware 0 02-17-2005 09:07 AM
Watchguard Firebox X500 neozero62 General 0 11-08-2004 05:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration