We have a client with a Linux firewall, on which we've installed a PopTop VPN with Winbind for authentication against Active Directory (using
this HowTo)
It all works fine, unless the remote user tries to connect to a terminal server using Remote Desktop, or to a Citrix server. As soon as they try to do that, it disconnects the VPN connection, and something like the following appears in /var/log/messages:
Code:
Aug 23 13:36:20 unallocated pptpd[1967]: GRE: read(fd=7,buffer=8056600,len=8260) from network failed: status = -1 error = Message too long
Aug 23 13:36:20 unallocated pptpd[1967]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
Aug 23 13:36:20 unallocated pppd[1998]: Modem hangup
Aug 23 13:36:20 unallocated pppd[1998]: pptpd-logwtmp.so ip-down ppp0
Aug 23 13:36:20 unallocated pppd[1998]: Connect time 0.8 minutes.
Aug 23 13:36:20 unallocated pppd[1998]: Sent 1776 bytes, received 8968 bytes.
Aug 23 13:36:20 unallocated pppd[1998]: MPPE disabled
Aug 23 13:36:20 unallocated pppd[1998]: Connection terminated.
Aug 23 13:36:21 unallocated pppd[1998]: Exit.
Aug 23 13:36:21 unallocated pptpd[1967]: CTRL: Client 1.2.3.4 control connection finished
Having found a
mailing list message that I thought might be relevant, I edited /etc/ppp/ip-up and /etc/ppp/options.pptpd to set the MRU & MTU.
/etc/ppp/ip-up now includes:
Code:
/sbin/ifconfig $1 mtu 1400
and /etc/ppp/options.pptpd now includes:
Code:
# put plugins here
# (putting them higher up may cause them to sent messages to the pty)
mtu 1400
mru 1400
I've tried several different values (1396, 1442, 1464, 1500) but they all give the same result.
Can anyone suggest a fix?
PPP is version 2.4.3-5
PopTop is version pptpd-1.3.3
Russ