Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Drifting on August 31, 2005, 08:44:21 PM
-
I think something is very screwy with one of my sme boxes. Must admit that I have not tried this before, so may be I am working under an assuption.
Problem.
Windows XP home machine behind an SME box, VPN connection created in XP, to allow a connection to another SME box. No go....
A remote XP machine can vpn fine into said sme box.
So is the VPN access blocked for outgoing vpn connections? I tried opening port 1723, and also putting a port forward on sme to said XP machine.
I am not hot on VPN into SME, so any help most welcome.
Drift.
-
Someone must know if this should work?
-
Drifting
Have you disabled the firewall in the Windows XP workstation ?
-
Drifting
Have you disabled the firewall in the Windows XP workstation ?
Yes the firewall is turned off.
Thanks ever so much for the reply, I was beginning to think I should change my deodorant!
Drift.
-
Drifting
Have you applied the latest service pack(s). There was some problem with the VPN client in earlier versions of XP.
-
Yes it's fully patched. It is definately the SME box blocking it :cry:
Never tried this before, so I am assuming it should work but have no idea what log to look at to see whats going on.
Drift.
-
Drifting
see /var/log/messages.
Also viewable from server manager View log files.
-
Ok, found the messages, strange thing is I thought that I might see the request go out on port 1723 and a suitable line mentioning the machines IP and saying it was blocked?
Sorry, what should I be looking for?
Drift.
-
Drifting
> Sorry, what should I be looking for?
You need to tell us what it says !
Try to establish a VPN connection and then review the messages log file for that same time period, it should be fairly obvious which entries relate to the attempt.
-
Ok here is what I cut out of the log, hope this makes sense.
And thanks ever so much for your help, I have not had to delve much into Linux logs, MS ISA I am fine with.
Sep 9 18:04:59 sme kernel: denylog:IN=eth1 OUT= MAC=00:00:e8:e7:0a:d6:02:30:cd:00:07:af:08:00 SRC=82.37.170.168 DST=82.153.191.2 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=65141 DF PROTO=TCP SPT=2004 DPT=1025 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:04:59 sme kernel: denylog:IN=eth1 OUT= MAC=00:00:e8:e7:0a:d6:02:30:cd:00:07:af:08:00 SRC=82.37.170.168 DST=82.153.191.2 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=65144 DF PROTO=TCP SPT=2007 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:05:01 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=82.153.113.122 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=39283 DF PROTO=TCP SPT=3096 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:05:04 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=82.153.113.122 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=39913 DF PROTO=TCP SPT=3096 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:05:08 sme kernel: denylog:IN=eth1 OUT= MAC=00:00:e8:e7:0a:d6:02:30:cd:00:07:af:08:00 SRC=82.37.170.168 DST=82.153.191.2 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=2202 DF PROTO=TCP SPT=2007 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:05:08 sme kernel: denylog:IN=eth1 OUT= MAC=00:00:e8:e7:0a:d6:02:30:cd:00:07:af:08:00 SRC=82.37.170.168 DST=82.153.191.2 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=2205 DF PROTO=TCP SPT=2004 DPT=1025 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:05:10 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=82.153.113.122 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=40993 DF PROTO=TCP SPT=3096 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:07:09 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=82.153.106.204 DST=82.153.191.0 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=27174 DF PROTO=TCP SPT=1497 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 9 18:07:09 sme kernel: denylog:IN=eth1 OUT= MAC=00:00:e8:e7:0a:d6:02:30:cd:00:07:af:08:00 SRC=82.153.106.204 DST=82.153.191.2 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=27176 DF PROTO=TCP SPT=1499 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 9 18:07:09 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=82.153.106.204 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=27177 DF PROTO=TCP SPT=1500 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 9 18:08:50 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=80.59.33.17 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=23337 DF PROTO=TCP SPT=3097 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 9 18:08:53 sme kernel: denylog:IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:02:30:cd:00:07:af:08:00 SRC=80.59.33.17 DST=82.153.191.3 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=23673 DF PROTO=TCP SPT=3097 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
-
Drifting
They are denylog messages I assume on your loacl server, you can turn them off.
see
http://forums.contribs.org/index.php?topic=25927.msg107940#msg107940
If you don't want any such log entries, then do:
/sbin/e-smith/config setprop masq Logging none
/sbin/e-smith/signal-event remoteaccess-update
You are really looking for pptpd entries
In the remote sme server messages log file ie the sme you are trying to connect to (I see):
Sep 10 15:06:21 server pptpd[8396]: MGR: Launching /usr/sbin/pptpctrl to handle client
Sep 10 15:06:21 server pptpd[8396]: CTRL: local address = 192.xxx.x.xxx
Sep 10 15:06:21 server pptpd[8396]: CTRL: remote address = 192.xxx.x.xxx
Sep 10 15:06:21 server pptpd[8396]: CTRL: pppd speed = 460800
Sep 10 15:06:21 server pptpd[8396]: CTRL: pppd options file = /etc/ppp/options.pptpd
Sep 10 15:06:21 server pptpd[8396]: CTRL: Client xxx.xxx.xxx.xxx control connection started
Sep 10 15:06:21 server pptpd[8396]: CTRL: Received PPTP Control Message (type: 1)
Sep 10 15:06:21 server pptpd[8396]: CTRL: Made a START CTRL CONN RPLY packet
Sep 10 15:06:21 server pptpd[8396]: CTRL: I wrote 156 bytes to the client.
Sep 10 15:06:21 server pptpd[8396]: CTRL: Sent packet to client
Sep 10 15:06:21 server pptpd[8396]: CTRL: Received PPTP Control Message (type: 7)
Sep 10 15:06:21 server pptpd[8396]: CTRL: Set parameters to 1525 maxbps, 64 window size
Sep 10 15:06:21 server pptpd[8396]: CTRL: Made a OUT CALL RPLY packet
Sep 10 15:06:21 server pptpd[8396]: CTRL: Starting call (launching pppd, opening GRE)
Sep 10 15:06:21 server pptpd[8396]: CTRL: pty_fd = 5
Sep 10 15:06:21 server pptpd[8396]: CTRL: tty_fd = 6
Sep 10 15:06:21 server pptpd[8396]: CTRL: I wrote 32 bytes to the client.
Sep 10 15:06:21 server pptpd[8397]: CTRL (PPPD Launcher): Connection speed = 460800
Sep 10 15:06:21 server pptpd[8396]: CTRL: Sent packet to client
Sep 10 15:06:21 server pptpd[8397]: CTRL (PPPD Launcher): local address = 192.xxx.x.xxx
Sep 10 15:06:21 server pptpd[8397]: CTRL (PPPD Launcher): remote address = 192.xxx.x.xxx
Sep 10 15:06:21 server pppd[8397]: pppd 2.4.2b1 started by root, uid 0
Sep 10 15:06:21 server pppd[8397]: Starting negotiation on /dev/pts/0
Sep 10 15:06:21 server pptpd[8396]: CTRL: Received PPTP Control Message (type: 15)
Sep 10 15:06:21 server pptpd[8396]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Sep 10 15:06:21 server pptpd[8396]: GRE: Discarding duplicate packet
Sep 10 15:06:24 server pptpd[8396]: CTRL: Received PPTP Control Message (type: 15)
Sep 10 15:06:24 server pptpd[8396]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Sep 10 15:06:24 server kernel: divert: not allocating divert_blk for non-ethernet device ppp0
Sep 10 15:06:24 server pppd[8397]: Using interface ppp0
Sep 10 15:06:24 server pppd[8397]: New bundle ppp0 created
Sep 10 15:06:24 server pppd[8397]: CHAP peer authentication succeeded for user
...........
You may see errors instead if the connection attempt is not successful. These errors will tell you what the problem is.
-
Did you get this solved? I think I may be having the same problem. Sometimes it works, and sometimes it doesn't:
http://forums.contribs.org/index.php?topic=29401.msg122734#msg122734