Topic: PPTP - again Sorry

[Mark R]

i have searched forums and tried various things and are still unable to login....
 
does SME have to be in server mode ONLY??? as i am running in server/gateway mode

Lan (192.168.0.1)
. |
SME/VPN server (192.168.1.1) set user to VPN, set client to 2
. |
Router (bla.bla.bla.bla) forwarded ports 1723, 500, 47
. |
NET
. |
client router (bla.bla.bla.bla) forward ports 1723, 500, 47
. |
client (10.0.0.2) win2k sp4



please find below my log
Jun 22 18:03:31 reygateway pptpd[7663]: MGR: Launching /usr/sbin/pptpctrl to handle client
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: local address = 192.168.0.5
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: remote address = 192.168.0.109
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: pppd speed = 460800
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: pppd options file = /etc/ppp/options.pptpd
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Client 81.168.35.196 control connection started
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Received PPTP Control Message (type: 1)
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Made a START CTRL CONN RPLY packet
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: I wrote 156 bytes to the client.
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Sent packet to client
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Received PPTP Control Message (type: 7)
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Set parameters to 1525 maxbps, 64 window size
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Made a OUT CALL RPLY packet
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Starting call (launching pppd, opening GRE)
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: pty_fd = 5
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: tty_fd = 6
Jun 22 18:03:31 reygateway pptpd[7664]: CTRL (PPPD Launcher): Connection speed = 460800
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: I wrote 32 bytes to the client.
Jun 22 18:03:31 reygateway pptpd[7664]: CTRL (PPPD Launcher): local address = 192.168.0.5
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Sent packet to client
Jun 22 18:03:31 reygateway pptpd[7664]: CTRL (PPPD Launcher): remote address = 192.168.0.109
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Received PPTP Control Message (type: 15)
Jun 22 18:03:31 reygateway pppd[7664]: pppd 2.4.2b1 started by root, uid 0
Jun 22 18:03:31 reygateway pptpd[7663]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jun 22 18:03:31 reygateway pppd[7664]: Starting negotiation on /dev/pts/0
Jun 22 18:03:32 reygateway pptpd[7663]: GRE: Discarding duplicate packet
Jun 22 18:04:02 reygateway pppd[7664]: LCP: timeout sending Config-Requests
Jun 22 18:04:02 reygateway pppd[7664]: Connection terminated.
Jun 22 18:04:02 reygateway pppd[7664]: Exit.
Jun 22 18:04:02 reygateway pptpd[7663]: GRE: read(fd=5,buffer=804d940,len=8196) from PTY failed: status = -1 error = Input/output error
Jun 22 18:04:02 reygateway pptpd[7663]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)
Jun 22 18:04:02 reygateway pptpd[7663]: CTRL: Client 81.168.35.196 control connection finished
Jun 22 18:04:02 reygateway pptpd[7663]: CTRL: Exiting now
Jun 22 18:04:02 reygateway pptpd[4833]: MGR: Reaped child 7663

I hope someone can help.

thanks mark

[MSmith]

Since the SME is in server-gateway mode, put the router in front of it into bridged mode so the SME is directly exposed to the Internet.  Delete the forwarding of ports on the client router side; that's irrelevant.

There are various settings to be tweaked on the client side connection properties ; I can't find the link right now (if I could search by my username I could probably find my previous post fairly quickly but of course I CAN'T ... grrr).

[Mark R]

Thanks Msmith,

1) My router is not the greatest (Netgear DM602) does not have halfbridge mode..... would i need to set the DMZ to my SME server?

2) in that previous post there is a comment made by harro  

5) nat create protocol=47 inside_addr=10.0.0.xxx outside_addr=0

do i need to action this?? or does SME do this when setting VPN up?

Thanks again

Mark

[ReetP]

I had exactly the same problem with this router.

Spoke to Netgear after long periods of pulling my hair out, and understand that it cannot bridge the required ports, or some stuff.

They DO have an 'unofficial' patch that should let you in. They sent it too me but i never tried it......went and bought a Draytek Vigor 2600 instead - miles better.

Not sure if I still have it, but worth a try to their tech support.

B. Rgds
John

[MarkR]

I am still having trouble,

would having SNORT installed cause me a problem?

[ReetP]

Nope, Snort is not the problem. It's the router.

EVEN if you set it with a DMZ you cannot make a VPN connection to the server. As I mentioned before it's some protocol thing - (GRE 47 ?)

Here is where the problem occurs :

Jun 22 18:03:32 reygateway pptpd[7663]: GRE: Discarding duplicate packet
Jun 22 18:04:02 reygateway pppd[7664]: LCP: timeout sending Config-Requests
Jun 22 18:04:02 reygateway pppd[7664]: Connection terminated.
Jun 22 18:04:02 reygateway pppd[7664]: Exit.
Jun 22 18:04:02 reygateway pptpd[7663]: GRE: read(fd=5,buffer=804d940,len=8196) from PTY failed: status = -1 error = Input/output error
Jun 22 18:04:02 reygateway pptpd[7663]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)

Have a read here : http://forums.contribs.org/index.php?topic=18751.0

I'm still no guru on this but that is where the problem lies.

You only have two choices. Contact Netgear tech support for the patch or get another router which is what I did

B. Rgds
John