Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: adrian gill on October 13, 2003, 07:19:18 PM
-
I have recently upgraded our sme server from 5.6 to 6 however I must stress that I still had this problem in 5.6. When I try to connect to a remote sme server from a client pc through our sme server more often than not I cannot connect. I have examined the logs on the remote client server and found the following:
Oct 11 14:06:48 sme-server-1 pptpd[12260]: MGR: Launching /usr/sbin/pptpctrl to handle client
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: local address = 192.168.1.4
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: remote address = 192.168.1.247
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: pppd speed = 460800
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: pppd options file = /etc/ppp/options.pptpd
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: Client 81.111.88.141 control connection started
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: Received PPTP Control Message (type: 1)
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: Made a START CTRL CONN RPLY packet
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: I wrote 156 bytes to the client.
Oct 11 15:06:48 sme-server-1 pptpd[12260]: CTRL: Sent packet to client
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Received PPTP Control Message (type: 7)
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Set parameters to 1525 maxbps, 64 window size
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Made a OUT CALL RPLY packet
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Starting call (launching pppd, opening GRE)
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: pty_fd = 5
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: tty_fd = 6
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: I wrote 32 bytes to the client.
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Sent packet to client
Oct 11 15:06:49 sme-server-1 pptpd[12261]: CTRL (PPPD Launcher): Connection speed = 460800
Oct 11 15:06:49 sme-server-1 pptpd[12261]: CTRL (PPPD Launcher): local address = 192.168.1.4
Oct 11 15:06:49 sme-server-1 pptpd[12261]: CTRL (PPPD Launcher): remote address = 192.168.1.247
Oct 11 15:06:49 sme-server-1 pptpd[12260]: GRE: read(fd=6,buffer=80559a0,len=8260) from network failed: status = -1 error = Protocol not available
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Client 81.111.88.141 control connection finished
Oct 11 15:06:49 sme-server-1 pptpd[12260]: CTRL: Exiting now
Oct 11 14:06:49 sme-server-1 pptpd[4025]: MGR: Reaped child 12260
It would appear for some reason that our server is blocking the gre protocol 47 which I have also found be the case in various forums on the e-smith site, please see "http://forums.contribs.org/index.php?topic=16424.msg63560#msg63560", "http://forums.contribs.org/index.php?topic=16424.msg63560#msg63560"
Hope someone knows the answer to this because im stumped!!!
Regards
Adrian
-
A couple of possiblities, as I have had various problems on this front just recently whilst upgrading to ADSL.
Can you VPN from an alternative location e.g. dialup to the net on a workstation and connect via VPN thereby bypassing your server? I think that it is more likely to be the remote end that has the problem and not your end.
Depending on what sort of connection you have, I had a Vigor ADSL router that works fine, and a Netgear DM602 that didn't - something to do with NAT and GRE on protocol 47 - way beyond my comprehension. Suspect any routers that you have. I think that the GRE thing is not uncommon, and perhaps some servers are being unfairly blamed !
Since I tracked down the culprit as the Netgear, I can VPN fine here behind a 5.12 to a 5.6 and a 6 server, from the 5.6 to the 6 and from the 6 to the 5.6 (I can't to the 5.12 here as it is ISDN dialup, but from experience, it works OK).
The only mods I have made are adding the 'multilink' line to options.pptd
Best regards,
John
-
Thanks for your reply john, I can confirm that I have no problems connecting to the remote server if I bypass the sme server connected directley to dsl router so it seems it is definatley the sme server causing the problem. Strange how you dont get the same problem though?????
-
Aaaah - just had a thought why mine works and yours does not. My local server does not act as a router itself - it is a DMZ machine in the router setup and same at the other end.
Both this and the remote servers are purely in server only mode, although both are DMZ machines running web/mail etc.
That may be the difference ? In which case as you said, it is your server blocking the GRE protocol. I think that during my hunting about, I read something about GRE not liking NAT ? I believe that was the problem with the Netgear DSL in that it was screwing the GRE in NAT mode. Their tech-support did offer an unsupported hack BIOS which put it in non NAT mode but I declined to take it up.
I think that the server runs NAT and wonder if this is at the root of it all.
Unfortunately I am no guru on this. I would have a further read about NAT/GRE and how SME handles it. Alternatively, dispensing with the routing and applying server only mode seems too work :-)
B. Rgds
John
-
So your server is not your gateway??? Do your client pc's connect through your server or connect straight to your router???
Regards
Adrian