Topic: VPN Problems...

[pablitobs]

Hi, I am having troubles connecting to the VPN PPTP at work this is the log for the connection, I already apply the suggested patches, and updates but still do not work. The server is in gateway mode and is connected directly to the Internet line (1 GB connection), it has been working fine for the past 2 years but suddently it stops working, no updates prior the problem were applied:

Code: [Select]

Feb  2 12:58:20 firewall pptpd[5360]: CTRL: Client xxx.xx.xx.xxx control connection started
Feb  2 12:58:21 firewall pptpd[5360]: CTRL: Starting call (launching pppd, opening GRE)
Feb  2 12:58:21 firewall pppd[5361]: Plugin radius.so loaded.
Feb  2 12:58:21 firewall pppd[5361]: RADIUS plugin initialized.
Feb  2 12:58:21 firewall pppd[5361]: pppd 2.4.4 started by root, uid 0
Feb  2 12:58:21 firewall kernel: divert: not allocating divert_blk for non-ethernet device ppp1
Feb  2 12:58:21 firewall pppd[5361]: Using interface ppp1
Feb  2 12:58:21 firewall pppd[5361]: Connect: ppp1 <--> /dev/pts/1
Feb  2 12:58:51 firewall pppd[5361]: LCP: timeout sending Config-Requests
Feb  2 12:58:58 firewall pptpd[5360]: CTRL: Reaping child PPP[5361]
Feb  2 12:58:58 firewall pppd[5361]: Modem hangup
Feb  2 12:58:58 firewall pppd[5361]: Connection terminated.
Feb  2 12:58:58 firewall kernel: divert: no divert_blk to free, ppp1 not ethernet
Feb  2 12:58:58 firewall pppd[5361]: Exit.
Feb  2 12:58:58 firewall pptpd[5360]: CTRL: Client xxx.xx.xx.xxx control connection finished
Any adviceThanks....

[cactus]

http://pptpclient.sourceforge.net/howto-diagnosis.phtml#lcp_timeout

[pablitobs]

Thanks for the link, I will follow the steps and let you know how it worked...

[cactus]

Thanks for the link, I will follow the steps and let you know how it worked...

If you are to do so, please do not mess with the ip table rules on your server. AFAIK that should not be needed.

[Brenno]

I'll be watching this post as I, too am having the same issues.  XP users seem to be affected as are those running Mac OS X 10.5.8 - Vista users are still connecting normally.

I am currently running:

kmod-appletalk-smp.i586 1.0-5.el4.sme
kmod-appletalk.i586 1.0-5.el4.sme
kmod-ppp-smp.i586 1.0.2-6.el4.sme
kmod-ppp.i586 1.0.2-6.el4.sme
kmod-slip-smp.i586 1.0-5.el4.sme
kmod-slip.i586 1.0-5.el4.sme

I wasn't able to apply the patch correctly (as per http://forums.contribs.org/index.php/topic,45209.0.html) so I simply updated all the kmod packages via the server manager.

[Stefano]

kmod-appletalk-smp.i586 1.0-5.el4.sme
kmod-appletalk.i586 1.0-5.el4.sme
kmod-ppp-smp.i586 1.0.2-6.el4.sme
kmod-ppp.i586 1.0.2-6.el4.sme
kmod-slip-smp.i586 1.0-5.el4.sme
kmod-slip.i586 1.0-5.el4.sme

can I ask you why are you running i586?

[Brenno]

Stefano,

Sorry - those are the packages currently listed as upgrades in the server-manager software installer.  rpm -qa kmod* shows:

kmod-slip-1.0-5.el4.sme
kmod-slip-hugemem-1.0-5.el4.sme
kmod-slip-xenU-1.0-5.el4.sme
kmod-slip-smp-1.0-5.el4.sme
kmod-ppp-1.0.2-6.el4.sme
kmod-ppp-smp-1.0.2-6.el4.sme
kmod-ppp-xenU-1.0.2-6.el4.sme
kmod-ppp-hugemem-1.0.2-6.el4.sme
kmod-appletalk-1.0-5.el4.sme
kmod-appletalk-hugemem-1.0-5.el4.sme
kmod-appletalk-smp-1.0-5.el4.sme
kmod-appletalk-xenU-1.0-5.el4.sme

[Brenno]

I've tried to tackle this a bit more and followed (as much as I could) the link in catus' post above.  I enabled pptpd debug logging via syslogd and then attempted to connect again from my XP client, with resulting log snippet:

Code: [Select]

Feb  5 09:19:39 mail pptpd[7476]: CTRL: Client XX.XX.XX.XX control connection started
Feb  5 09:19:39 mail pptpd[7476]: CTRL: Starting call (launching pppd, opening GRE)
Feb  5 09:19:39 mail pppd[7477]: Plugin radius.so loaded.
Feb  5 09:19:39 mail pppd[7477]: RADIUS plugin initialized.
Feb  5 09:19:39 mail pppd[7477]: pppd 2.4.4 started by root, uid 0
Feb  5 09:19:39 mail pppd[7477]: using channel 7
Feb  5 09:19:39 mail kernel: divert: not allocating divert_blk for non-ethernet device ppp0
Feb  5 09:19:39 mail pppd[7477]: Using interface ppp0
Feb  5 09:19:39 mail pppd[7477]: Connect: ppp0 <--> /dev/pts/2
Feb  5 09:19:39 mail pppd[7477]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x5e02cdd8> <pcomp> <accomp>]
Feb  5 09:19:39 mail udevd[1311]: udev done!
Feb  5 09:19:42 mail pppd[7477]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x5e02cdd8> <pcomp> <accomp>]
Feb  5 09:20:06 mail last message repeated 8 times
Feb  5 09:20:09 mail pppd[7477]: LCP: timeout sending Config-Requests
Feb  5 09:20:16 mail pppd[7477]: Modem hangup
Feb  5 09:20:16 mail pppd[7477]: Connection terminated.
Feb  5 09:20:16 mail pptpd[7476]: CTRL: Reaping child PPP[7477]
Feb  5 09:20:16 mail kernel: divert: no divert_blk to free, ppp0 not ethernet
Feb  5 09:20:16 mail pppd[7477]: Exit.
Feb  5 09:20:16 mail pptpd[7476]: CTRL: Client XX.X.X.XX control connection finished
Feb  5 09:20:16 mail udevd[1311]: udev done!

This looks to me like the LCP ConfReq is not being returned by the client and so the server is dropping the connection.  I don't have the savvy to diagnose this any further.

Note that I was attempting these connections from inside the LAN, which has always worked in the past. I also ensured that I wasn't going through any sort of router or other node that might interfere with the transmission of GRE packets.

I have opened bug 5758 at http://bugs.contribs.org/show_bug.cgi?id=5758

[Brenno]

Now that the bug has been closed as resolved (due to this being ruled as a client-side problem) I'm coming back to here to see if anyone else in the community has encountered and solved this.  pablitobs, did you have any luck following the tips in cactus' post?  If so, what did you do?

At the end of the day, all I can say is that everything seemed to work just fine before the update and now it doesn't.  To the best of my knowledge, nothing has changed on the XP machine in this time frame, and there's still the issue of Mac OS X 10.5.8 not connecting, either, though I cannot test this as I don't have access to a Mac to verify whether it's also a client-side problem (though I'm suspicious this would affect both Mac and XP).

[Fumetto]

Try to read this 3D... I think the problem is the same...

[CharlieBrady]

Try to read this 3D... I think the problem is the same...

I don't. That refers to a client issue specific to Ubuntu. Doesn't apply to Win XP or Mac OS/X.

[Fumetto]

On that 3D the problem is on configuration client-side... the problem is the same in the sense that the client will be sought...