Topic: PPTP & Terminal Server client error

[guestHH]

Hi,

I have difficulties to connect to w W2k server with the TS client (winxp).

1. I establish a vpn to the e-smith server (5.6U4)
2. I startup the client using the local ip of the Terminal Server

A. Success
B. After closing the TS client, reconnecting fails. (Time out)

I have to disconnect the vpn, connect the vpn again and startup the TS client.

With 5.5U5 all went well.....

Questions:
1. Is the pptp in 5.6U4 completely functional now?
2. Is there something I overlook?

TIA
Regards,
guestHH

[guestHH]

Anybody ?

[Grub]

what does the logs say ???

[guestHH]

Hi Grub,

Below is the log (messages) of:

1. Making a pptp connection to sme 56u4 froma  winxp client
2. Starting a Terminal server session behind the sme server in the same subnet
3. Closing this terminal server session
4. Starting a new terminal server session which failes (try 2 times)
5. Manually disconnecting the pptp connection

========================= (real ip scrambled)
May  9 10:12:36 firewall pptpd[27410]: MGR: Launching /usr/sbin/pptpctrl to handle client
May  9 10:12:36 firewall pptpd[27410]: CTRL: local address = 192.168.21.1
May  9 10:12:36 firewall pptpd[27410]: CTRL: remote address = 192.168.21.242
May  9 10:12:36 firewall pptpd[27410]: CTRL: pppd speed = 460800
May  9 10:12:36 firewall pptpd[27410]: CTRL: pppd options file = /etc/ppp/options.pptpd
May  9 10:12:36 firewall pptpd[27410]: CTRL: Client xx.xx.xx.xx control connection started
May  9 10:12:36 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 1)
May  9 10:12:36 firewall pptpd[27410]: CTRL: Made a START CTRL CONN RPLY packet
May  9 10:12:36 firewall pptpd[27410]: CTRL: I wrote 156 bytes to the client.
May  9 10:12:36 firewall pptpd[27410]: CTRL: Sent packet to client
May  9 10:12:36 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 7)
May  9 10:12:36 firewall pptpd[27410]: CTRL: Set parameters to 1525 maxbps, 64 window size
May  9 10:12:36 firewall pptpd[27410]: CTRL: Made a OUT CALL RPLY packet
May  9 10:12:36 firewall pptpd[27410]: CTRL: Starting call (launching pppd, opening GRE)
May  9 10:12:36 firewall pptpd[27410]: CTRL: pty_fd = 5
May  9 10:12:36 firewall pptpd[27410]: CTRL: tty_fd = 6
May  9 10:12:36 firewall pptpd[27410]: CTRL: I wrote 32 bytes to the client.
May  9 10:12:36 firewall pptpd[27410]: CTRL: Sent packet to client
May  9 10:12:36 firewall pptpd[27411]: CTRL (PPPD Launcher): Connection speed = 460800
May  9 10:12:36 firewall pptpd[27411]: CTRL (PPPD Launcher): local address = 192.168.21.1
May  9 10:12:36 firewall pptpd[27411]: CTRL (PPPD Launcher): remote address = 192.168.21.242
May  9 10:12:36 firewall pppd[27411]: pppd 2.4.2b1 started by root, uid 0
May  9 10:12:36 firewall pppd[27411]: Using interface ppp0
May  9 10:12:36 firewall pppd[27411]: Connect: ppp0 <--> /dev/pts/0
May  9 10:12:36 firewall /etc/hotplug/net.agent: assuming ppp0 is already up
May  9 10:12:37 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 15)
May  9 10:12:37 firewall pptpd[27410]: CTRL: Got a SET LINK INFO packet with standard ACCMs
May  9 10:12:37 firewall pptpd[27410]: GRE: Discarding duplicate packet
May  9 10:12:39 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 15)
May  9 10:12:39 firewall pptpd[27410]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
May  9 10:12:39 firewall pppd[27411]: CHAP peer authentication succeeded for admin
May  9 10:12:39 firewall pppd[27411]: MPPE 128-bit stateless compression enabled
May  9 10:12:42 firewall pppd[27411]: found interface eth0 for proxy arp
May  9 10:12:42 firewall pppd[27411]: local  IP address 192.168.21.1
May  9 10:12:42 firewall pppd[27411]: remote IP address 192.168.21.242
May  9 10:12:42 firewall e-smith[27425]: Processing event: ip-up.pptpd ppp0 /dev/pts/0 460800 192.168.21.1 192.168.21.242 pptpd
May  9 10:12:42 firewall e-smith[27425]: Running event handler: /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access
May  9 10:12:43 firewall e-smith[27425]: S70pptp-interface-access=action|Event|ip-up.pptpd|Action|S70pptp-interface-access|Start|1052467962 665729|End|1052467963 40015|Elapsed|0.374286
May  9 10:12:54 firewall last message repeated 7 times
May  9 10:13:36 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 5)
May  9 10:13:36 firewall pptpd[27410]: CTRL: Made a ECHO RPLY packet
May  9 10:13:36 firewall pptpd[27410]: CTRL: I wrote 20 bytes to the client.
May  9 10:13:36 firewall pptpd[27410]: CTRL: Sent packet to client
May  9 10:13:52 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 15)
May  9 10:13:52 firewall pptpd[27410]: CTRL: Got a SET LINK INFO packet with standard ACCMs
May  9 10:13:52 firewall pppd[27411]: LCP terminated by peer (>M-+BM-B^@May  9 10:13:54 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 12)
May  9 10:13:54 firewall pptpd[27410]: CTRL: Made a CALL DISCONNECT RPLY packet
May  9 10:13:54 firewall pptpd[27410]: CTRL: Received CALL CLR request (closing call)
May  9 10:13:54 firewall pptpd[27410]: CTRL: I wrote 148 bytes to the client.
May  9 10:13:54 firewall pptpd[27410]: CTRL: Sent packet to client
May  9 10:13:54 firewall pppd[27411]: Modem hangup
May  9 10:13:54 firewall pppd[27411]: Connection terminated.
May  9 10:13:54 firewall pppd[27411]: Connect time 1.3 minutes.
May  9 10:13:54 firewall pppd[27411]: Sent 57267 bytes, received 31361 bytes.
May  9 10:13:54 firewall pptpd[27410]: CTRL: Received PPTP Control Message (type: 3)
May  9 10:13:54 firewall pptpd[27410]: CTRL: Made a STOP CTRL CONN RPLY packet
May  9 10:13:54 firewall pptpd[27410]: CTRL: Received STOP CTRL CONN request (disconnecting)
May  9 10:13:54 firewall pptpd[27410]: CTRL: I wrote 16 bytes to the client.
May  9 10:13:54 firewall pppd[27411]: Connect time 1.3 minutes.
May  9 10:13:54 firewall /etc/hotplug/net.agent: NET unregister event not supported
May  9 10:13:54 firewall pptpd[27410]: CTRL: Sent packet to client
May  9 10:13:54 firewall pppd[27411]: Sent 57267 bytes, received 31361 bytes.
May  9 10:13:54 firewall pptpd[27410]: CTRL: Client xx.xx.xx.xx control connection finished
May  9 10:13:54 firewall pppd[27411]: Exit.
May  9 10:13:54 firewall pptpd[27410]: CTRL: Exiting now
May  9 10:13:54 firewall pptpd[5728]: MGR: Reaped child 27410
================================

and....


Below is a tcpdump of a failing terminal server connection attempt:(2nd time)

=====================================
tcpdump: listening on ppp0
10:21:27.897309 192.168.21.241.2302 > 192.168.21.5.3389: S 4214131801:4214131801(0) win 65280 (DF)
10:21:27.897481 192.168.21.5.3389 > 192.168.21.241.2302: S 69388821:69388821(0) ack 4214131802 win 64240 (DF)
10:21:27.957279 192.168.21.241.2302 > 192.168.21.5.3389: . ack 1 win 65280 (DF)
10:21:27.967939 192.168.21.241.2302 > 192.168.21.5.3389: P 1:40(39) ack 1 win 65280 (DF)
10:21:27.968144 192.168.21.5.3389 > 192.168.21.241.2302: P 1:12(11) ack 40 win 64201 (DF)
10:21:28.049687 192.168.21.241.2302 > 192.168.21.5.3389: P 40:452(412) ack 12 win 65269 (DF)
10:21:28.051292 192.168.21.5.3389 > 192.168.21.241.2302: . 12:1368(1356) ack 452 win 63789 (DF)
10:21:28.051507 192.168.21.5.3389 > 192.168.21.241.2302: P 1368:1409(41) ack 452 win 63789 (DF)
10:21:28.218116 192.168.21.241.2302 > 192.168.21.5.3389: . ack 12 win 65269 (DF)
10:21:30.461807 192.168.21.5.3389 > 192.168.21.241.2302: . 12:1368(1356) ack 452 win 63789 (DF)
10:21:35.493080 192.168.21.5.3389 > 192.168.21.241.2302: . 12:1368(1356) ack 452 win 63789 (DF)
10:21:45.555668 192.168.21.5.3389 > 192.168.21.241.2302: . 12:1368(1356) ack 452 win 63789 (DF)
10:21:57.901342 192.168.21.241.2302 > 192.168.21.5.3389: P 452:461(9) ack 12 win 65269 (DF)
10:21:57.902803 192.168.21.241.2302 > 192.168.21.5.3389: F 461:461(0) ack 12 win 65269 (DF)
10:21:57.902933 192.168.21.5.3389 > 192.168.21.241.2302: . ack 462 win 63780 (DF)
10:21:57.903103 192.168.21.5.3389 > 192.168.21.241.2302: R 69390230:69390230(0) win 0 (DF)
=======================================

TIA
Regards,
guestHH

[jose velez]

For terminal server is easy to do a port fowarding and enter without VPN.  I have experience your problem with VPN and 5.6 even with the updates (but it is more stable now.)  I have to use VPN with TS because the customer application is in DOS and prints to two printers at the remote station.

In house I have Citrix but I did a port foward to my local workstation running XP

[guestHH]

Thanks Jose,

I too _still_ experience problems regarding a stable pptp connection.
Also portforwarding is active from the sme server to terminal server (3389)

I do not want to connect to terminal server without a secure connection, and we have the problem that the terminal server will break the connection to the client. We cannot figure what's wrong. So we want to try a vpn and see what happens.

But as said before, pptp connections with sme 5.6U4 is still unreliable. For instance, check accessing the server-manager over a pptp connection....

Thanks,
Regards,
guestHH

[Grub]

A connection with MS terminal service is encryted. Look for the properties of RPD-Tcp.The general tab and "Encrytion" When you are still there go for the session tab, look for the ''When Session Limit Is Reached Or Connection Is Broken option'' try the "End Session" option.
I use my self  "Remote Administartor" and that works great within a vpn connection.

[guestHH]

Thanks Grub,

I changed those settings, let's see what it does..

In the mean time, I'm confused about the correct functionality of the pptp part of SME 5.6U4.

Is it fixed or not, that's my question 'cause I hace still trouble to get a reliable vpn connection as I was used to get with version 5.5.

Regards,
guestHH

[bala]

Hi.. All

I'm getting the same problem in SME 5.6U4

How I temporarily solve it is to ping its local lan Ip when I connect by VPN.

Let’s say it LAN’s IP is 192.168.1.1, It ping it with “ping 192.168.1.1 –t” from my Windows 2000 Client PC”

Is seems “not” drop the connection to the sme-server when I do the continuous ping.


regards
Bala

[guestHH]

Thanks Bala,

I'll try that and see what happens.

Regards,
guestHH