Topic: Cant VPN to server, where do i start trouble shooting

[ber]

Hi got a 7.4 SME server and have had problems from day 1 trying to VPN to the server.
Ive enable remote access via the browser and also enabled certain users with VPN access with relevant directory access etc...
The network has no network domain controller available, all run on a workgroup setup.
Ive checked to make sure that the router has enable the correct port.
I've used lots of different kinds of VPN client software but all fail to get access to the server.
When running the dialer, I seem to get access to the server, authenticates, displays registering your computer on the network  and then throws up the following error 734 "the PPP link protocol was terminated" I'm using a Wink2K O/S using its standard VPN dialer."
i understand that the server uses 128Bit encryption.
Ive tried all sorts of security settings etc.. but to no avail...can anyone help me troubleshoot and find out whats going on.

[Stefano]

Ive checked to make sure that the router has enable the correct port.

you have to forward to your SME:
- port 1723 TCP
- protocol 47 GRE.. NOTE 47 is a protocol, NON a port

please post the relevant log from /var/log/messages

Ciao
Stefano

[ber]

hi nano...Ive enabled VPN vitual server preconfigured on the server...not sure about what you mean by port 47??

heres a copy of the log....
Dec 11 12:02:32 server pptpd[2722]: CTRL: Client 122.57.202.158 control connection started
Dec 11 12:02:34 server pptpd[2722]: CTRL: Starting call (launching pppd, opening GRE)
Dec 11 12:02:34 server pppd[2723]: Plugin radius.so loaded.
Dec 11 12:02:34 server pppd[2723]: RADIUS plugin initialized.
Dec 11 12:02:34 server pppd[2723]: pppd 2.4.4 started by root, uid 0
Dec 11 12:02:34 server kernel: divert: not allocating divert_blk for non-ethernet device ppp0
Dec 11 12:02:34 server pppd[2723]: Using interface ppp0
Dec 11 12:02:34 server pppd[2723]: Connect: ppp0 <--> /dev/pts/0
Dec 11 12:02:37 server pptpd[2722]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.
Dec 11 12:02:38 server pppd[2723]: Connection terminated.
Dec 11 12:02:38 server pppd[2723]: Connect time 0.1 minutes.
Dec 11 12:02:38 server pppd[2723]: Sent 0 bytes, received 0 bytes.
Dec 11 12:02:38 server kernel: divert: no divert_blk to free, ppp0 not ethernet
Dec 11 12:02:38 server pptpd[2722]: CTRL: Reaping child PPP[2723]
Dec 11 12:02:38 server pppd[2723]: Exit.
Dec 11 12:02:38 server pptpd[2722]: CTRL: Client 122.57.202.158 control connection finished

[byte]

Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.

Here is your problem, when did "Can't VPN to server" start happening ? Please report any potential bugs to the bug tracker. Thanks.

[ber]

hi there may be some issues with my router being unable to pass through GRe 47 protocol, will follow-up and advise...

[byte]

I doubt that as this line is very clear whats wrong:

Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.

basically if you've done an upgrade to 7.4 and that's when the issue started happening then your'll need to raise a bug giving your complete in detail server history.  Thanks.

[ber]

hi...update after calling D-Link with my router it is configured correctly and it will pass through GRE protocol.
Also cant VPN via our local network??

Must be the server?

[ber]

Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...

[cactus]

Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...

Than you still should report it as a bug as it is a feature that is supposed to be working.

[chris burnat]

Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...

VPN should work out of the box, regardless of SME versions, and so it should have been working with 7.2, I have a few of these and have not experienced any problems if the howto in the wiki is followed to the letter.  Please, report this issue to the Bugtracker, there are already a couple of report for 7.4 (check http://bugs.contribs.org/show_bug.cgi?id=4842 ) , your issue may be of interest to the Devs.
Thanks.

[janet]

ber

http://wiki.contribs.org/VPN_practical_tips

[akhilmathema]

Have you checked /var/log/secure?

[pfloor]

As posted by Byte, you have a definite problem here:

Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.

You have a kernel and module mismatch and you MUST fix this first.  There are several bugs (open and closed) in the bug tracker concerning this problem.  Your problem can be caused by several issues.

Post the output of the following so we can point you to the correct bug:

uname -a
rpm -qa kernel kernel-smp
rpm -qa kmod-ppp kmod-ppp-smp
df -h /boot

[ber]

  Hi thanks for the reply, heres the output from the command provided

login as: root
root@192.168.0.254's password:
Last login: Fri Dec 12 22:48:40 2008 from 192.168.0.153
[root@server ~]# uname -a
Linux server 2.6.9-67.ELsmp #1 SMP Fri Nov 16 12:48:03 EST 2007 i686 i686 i386 GNU/Linux
[root@server ~]# rpm -qa kernel kernel-smp
kernel-smp-2.6.9-67.0.20.EL
kernel-2.6.9-67.EL
kernel-smp-2.6.9-78.0.5.EL
kernel-smp-2.6.9-78.0.8.EL
kernel-2.6.9-67.0.7.EL
kernel-smp-2.6.9-67.0.15.EL
warning: only V3 signatures can be verified, skipping V4 signature
kernel-2.6.9-78.0.5.EL
kernel-2.6.9-78.0.8.EL
kernel-smp-2.6.9-67.EL
kernel-2.6.9-67.0.15.EL
warning: only V3 signatures can be verified, skipping V4 signature
warning: only V3 signatures can be verified, skipping V4 signature
[root@server ~]# rpm -qa kmod-ppp kmod-ppp-smp
kmod-ppp-smp-1.0.2-2.2.6.9_78.0.8.EL
warning: only V3 signatures can be verified, skipping V4 signature
kmod-ppp-1.0.2-2.2.6.9_78.0.8.EL
warning: only V3 signatures can be verified, skipping V4 signature
warning: only V3 signatures can be verified, skipping V4 signature
[root@server ~]# df -h /boot
Filesystem            Size  Used Avail Use% Mounted on
/dev/md1               99M   41M   54M  44% /boot
[root@server ~]#

[Stefano]

hi

why are you booting SME with an old kernel?

check if you have 2.6.9-78.0.8 entry in grub with

Code: [Select]

cat /boot/grub/menu.lst

Ciao
Stefano