Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: ber on December 10, 2008, 11:41:59 PM
-
Hi got a 7.4 SME server and have had problems from day 1 trying to VPN to the server.
Ive enable remote access via the browser and also enabled certain users with VPN access with relevant directory access etc...
The network has no network domain controller available, all run on a workgroup setup.
Ive checked to make sure that the router has enable the correct port.
I've used lots of different kinds of VPN client software but all fail to get access to the server.
When running the dialer, I seem to get access to the server, authenticates, displays registering your computer on the network and then throws up the following error 734 "the PPP link protocol was terminated" I'm using a Wink2K O/S using its standard VPN dialer."
i understand that the server uses 128Bit encryption.
Ive tried all sorts of security settings etc.. but to no avail...can anyone help me troubleshoot and find out whats going on.
-
Ive checked to make sure that the router has enable the correct port.
you have to forward to your SME:
- port 1723 TCP
- protocol 47 GRE.. NOTE 47 is a protocol, NON a port
please post the relevant log from /var/log/messages
Ciao
Stefano
-
hi nano...Ive enabled VPN vitual server preconfigured on the server...not sure about what you mean by port 47??
heres a copy of the log....
Dec 11 12:02:32 server pptpd[2722]: CTRL: Client 122.57.202.158 control connection started
Dec 11 12:02:34 server pptpd[2722]: CTRL: Starting call (launching pppd, opening GRE)
Dec 11 12:02:34 server pppd[2723]: Plugin radius.so loaded.
Dec 11 12:02:34 server pppd[2723]: RADIUS plugin initialized.
Dec 11 12:02:34 server pppd[2723]: pppd 2.4.4 started by root, uid 0
Dec 11 12:02:34 server kernel: divert: not allocating divert_blk for non-ethernet device ppp0
Dec 11 12:02:34 server pppd[2723]: Using interface ppp0
Dec 11 12:02:34 server pppd[2723]: Connect: ppp0 <--> /dev/pts/0
Dec 11 12:02:37 server pptpd[2722]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.
Dec 11 12:02:38 server pppd[2723]: Connection terminated.
Dec 11 12:02:38 server pppd[2723]: Connect time 0.1 minutes.
Dec 11 12:02:38 server pppd[2723]: Sent 0 bytes, received 0 bytes.
Dec 11 12:02:38 server kernel: divert: no divert_blk to free, ppp0 not ethernet
Dec 11 12:02:38 server pptpd[2722]: CTRL: Reaping child PPP[2723]
Dec 11 12:02:38 server pppd[2723]: Exit.
Dec 11 12:02:38 server pptpd[2722]: CTRL: Client 122.57.202.158 control connection finished
-
Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.
Here is your problem, when did "Can't VPN to server" start happening ? Please report any potential bugs to the bug tracker. Thanks.
-
hi there may be some issues with my router being unable to pass through GRe 47 protocol, will follow-up and advise...
-
I doubt that as this line is very clear whats wrong:
Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.
basically if you've done an upgrade to 7.4 and that's when the issue started happening then your'll need to raise a bug giving your complete in detail server history. Thanks.
-
hi...update after calling D-Link with my router it is configured correctly and it will pass through GRE protocol.
Also cant VPN via our local network??
Must be the server?
-
Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...
-
Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...
Than you still should report it as a bug as it is a feature that is supposed to be working.
-
Ive had issues with VPN when i installed the Linux server- about a year ago, 7.2, VPN wasnt a big requirement then and didnt pursue it, now would like to get it up and going....dont think upgrading to 7.4 is the cause as the problem existed before...
VPN should work out of the box, regardless of SME versions, and so it should have been working with 7.2, I have a few of these and have not experienced any problems if the howto in the wiki is followed to the letter. Please, report this issue to the Bugtracker, there are already a couple of report for 7.4 (check http://bugs.contribs.org/show_bug.cgi?id=4842 ) , your issue may be of interest to the Devs.
Thanks.
-
ber
http://wiki.contribs.org/VPN_practical_tips
-
Have you checked /var/log/secure?
-
As posted by Byte, you have a definite problem here:
Dec 11 12:02:38 server pppd[2723]: MPPE required, but kernel has no support.
You have a kernel and module mismatch and you MUST fix this first. There are several bugs (open and closed) in the bug tracker concerning this problem. Your problem can be caused by several issues.
Post the output of the following so we can point you to the correct bug:
uname -a
rpm -qa kernel kernel-smp
rpm -qa kmod-ppp kmod-ppp-smp
df -h /boot
-
:P Hi thanks for the reply, heres the output from the command provided
login as: root
root@192.168.0.254's password:
Last login: Fri Dec 12 22:48:40 2008 from 192.168.0.153
[root@server ~]# uname -a
Linux server 2.6.9-67.ELsmp #1 SMP Fri Nov 16 12:48:03 EST 2007 i686 i686 i386 GNU/Linux
[root@server ~]# rpm -qa kernel kernel-smp
kernel-smp-2.6.9-67.0.20.EL
kernel-2.6.9-67.EL
kernel-smp-2.6.9-78.0.5.EL
kernel-smp-2.6.9-78.0.8.EL
kernel-2.6.9-67.0.7.EL
kernel-smp-2.6.9-67.0.15.EL
warning: only V3 signatures can be verified, skipping V4 signature
kernel-2.6.9-78.0.5.EL
kernel-2.6.9-78.0.8.EL
kernel-smp-2.6.9-67.EL
kernel-2.6.9-67.0.15.EL
warning: only V3 signatures can be verified, skipping V4 signature
warning: only V3 signatures can be verified, skipping V4 signature
[root@server ~]# rpm -qa kmod-ppp kmod-ppp-smp
kmod-ppp-smp-1.0.2-2.2.6.9_78.0.8.EL
warning: only V3 signatures can be verified, skipping V4 signature
kmod-ppp-1.0.2-2.2.6.9_78.0.8.EL
warning: only V3 signatures can be verified, skipping V4 signature
warning: only V3 signatures can be verified, skipping V4 signature
[root@server ~]# df -h /boot
Filesystem Size Used Avail Use% Mounted on
/dev/md1 99M 41M 54M 44% /boot
[root@server ~]#
-
hi
why are you booting SME with an old kernel?
check if you have 2.6.9-78.0.8 entry in grub with
cat /boot/grub/menu.lst
Ciao
Stefano
-
stefano,
I dont have an answer for your question- I installed SME about a year ago downloaded from SME site, then have done upgrades as advised.
I dont know why I kernel is old as you have mentioned. :mad:
heres the output:
[root@server ~]# cat /boot/grub/menu.lst
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/main/root
# initrd /initrd-version.img
#boot=/dev/hda
default=7
timeout=5
splashimage=(hd0,0)/grub/smeserver.xpm.gz
foreground 000000
background 4E95D3
hiddenmenu
title SME Server (2.6.9-78.0.8.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.8.EL ro root=/dev/main/root
initrd /initrd-2.6.9-78.0.8.EL.img
title SME Server (2.6.9-78.0.8.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.8.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-78.0.8.ELsmp.img
title SME Server (2.6.9-78.0.5.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.5.ELsmp ro root=/dev/main/root noapic noacpi
initrd /initrd-2.6.9-78.0.5.ELsmp.img
title SME Server (2.6.9-78.0.5.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.5.EL ro root=/dev/main/root noapic noacpi
initrd /initrd-2.6.9-78.0.5.EL.img
title SME Server (2.6.9-67.0.15.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.15.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.15.EL.img
title SME Server (2.6.9-67.0.15.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.15.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.15.ELsmp.img
title SME Server (2.6.9-67.0.7.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.7.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.7.EL.img
title SME Server (2.6.9-67.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-67.ELsmp.img
title SME Server (2.6.9-67.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.EL.img
-
hi
change the bold line
# initrd /initrd-version.img
#boot=/dev/hda
default=7
timeout=5
splashimage=(hd0,0)/grub/smeserver.xpm.gz
to
default=1
and reboot.. ti should work..
anyway, please open a bug because this kind of problem should not appen..
ciao
Stefano
-
stefano, I'm very new to Linux and am still learning command lines, can you advise how to change the data you've mentioned from the command lines...regards John :P
-
Hi John
login to SME, on console or via putty
let's move to the target dir
cd /boot/grub
do a copy of the file before editing
cp menu.lst menu.bak
edit file
pico menu.lst
change the line as suggested, then close with Ctrl-X and Y (read the messages on the screen.. you could have them in different language from english according to your locale
then reboot your server..
if everything works fine, remove the back file with
rm /boot/grub/menu.bak
HTH
ciao
Stefano
-
hi
why are you booting SME with an old kernel?
check if you have 2.6.9-78.0.8 entry in grub with
cat /boot/grub/menu.lst
Ciao
Stefano
I don't think the OP did that on purpose. There have been a couple bug reports about the wrong kernel being (automatically) selected, kernels not installing properly and even kernels missing from the boot selection menu after upgrading to 7.4. The cause/solution is yet to be found, see:
http://bugs.contribs.org/show_bug.cgi?id=4802
http://bugs.contribs.org/show_bug.cgi?id=4815
-
I don't think the OP did that on purpose.
You are right, my question could be misunderstood.. I apologize
Ciao
Stefano
-
[root@server ~]# uname -a
Linux server 2.6.9-67.ELsmp #1 SMP Fri Nov 16 12:48:03 EST 2007 i686 i686 i386 GNU/Linux
[root@server ~]#
That is the cause of your problem. You are running a very old kernel, but you do not have the VPN kernel modules installed which correspond to that version of the kernel. You need to boot the 2.6.9_78.0.8.EL version of the kernel.
-
Hi all i get a general gist of what the recommendation is- "Ive got a old kernel"
How do i fix this problem-upgrading the kernel?
Will it cause other issues?
I host five domains/emails and its running sweet...just don't want to jeopardize the server due to the fact that its hosting websites for my clients.
-
Hi Charlie, can you advise how I can boot my SME server to the latest kernel?
-
From the FAQ: "Restart your server and at the beginning of the boot-up use the arrow keys to select the kernel you would like to boot into." You should see the 2.6.9_78.0.8.EL version of the kernel in the list, select it. After selecting the desired kernel, press ENTER, the server will boot with selected kernel. This operation can be reversed, you can reselect your old kernel later on if you wish.
-
Chris, thanks for your help, will keep everyone posted on the progress.,...Regards John :P
-
:P Hi Chris, I rebooted and was not able to find the kernel option that you recommended.
I did get the following options. I didnt choose any and supposed that I need to download the latest kernel..How?\
Here is the options that I do get...
Centos (2.6.9-67.ELsmp)
Centos (2.6.9-67. EL)
SME Server (2.6.9-55.0.12 EL)
SME Server (2.6.9-55.0.12. ELsmp)
SME Server (2.6.9-55.0.2. ELsmp)
SME Server-up (2.6.9-55.0.2. EL)
Can you shed osome light on how I can upgrade my kernel to resolve the VPN issue...Regards John
.
-
ber
how I can upgrade my kernel to resolve the VPN issue
Check the server manager software updates panel and see that only the standard repositories are enabled as per FAQ
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Which_repositories_should_be_enabled
Then login to sme Linux command prompt and do
yum clean all
yum update
signal-event post-upgrade
signal-event reboot
Report back your success or failure
-
Hi Mary, updated my software settings as recommended and ran the commands as well. Rebooted.
No improvement on my VPN issue.
I'm still running on the my old kernel version if that was before.
Hmmm...any further suggestions?
-
Ber, there are now many operations having been performed on your server without tracking the results properly, and as a result a state of confusion prevails. For example, you have just updated your server, it would be useful having a look at the log files to ascertain whether a kernel update has taken place. It does not end here, your reply in comment #15 suggests that at some stage, you had 2.6.9-78.0.8 present in some form - why this kernel is not showing in the boot option is a matter which should be investigated.
You problem may be the result of a shortcoming with SME software, or a succession of errors on your part, or a combination of both... . The best course of action would have been, and still is, to report this issue in the Bugtracker, as previously suggested. Whilst the Butracker is not a support forum, you may benefit from the detailed investigative work that will take place once you have lodged a formal report, and above all, the root cause of the problem will be identified and corrected which will benefit all if indeed we have a bug.
So please fill a report at Bugzilla, provide a detailed summary of your issue and above all do not make any further changes to your server until such time as one of the Dev have a good look at this issue.
-
ber
To set the correct default kernel (which should not unduly affect further investigation if required)
pico -w /boot/grub/grub.conf
change
default=7
to
default=1
to save, at the same time press ctrl o
to exit, at the same time press ctrl x
reboot your server and it should run the required default kernel
(ie the second kernel listed in grub.conf 0=1st 1=2nd & so on)
Beyond that, if your issues still persist, please do as chris suggests.
-
:P Mary, Hi, Im in the process of forwarding a detailed report in the bugs forum, as someone has advised the server "had" been using the latest kernel but for whatever reason is using an old one. Ill send all info and this particular thread to the developer team and see what they come up with. Pardon me for my ignorance- is the latest kernel option available on my server or does it need to be "downloaded". I may not be using the right terminology. Does the kernels Ive listed in the previous replies state that there is a latest version kerenel available on my server that I can use?
Is you latest reply/solution dealing with the issues Ive brought up?
Regards John
-
ber
Back in reply #15
http://forums.contribs.org/index.php/topic,42858.msg203057.html#msg203057
you listed the contents of grub.conf, which indicated the latest kernel was listed, but the default setting was set to run a different kernel
My answer should correct that wrong setting, which may resolve your issues
You can see which kernels are actually installed with
rpm -q kernel kernel-smp
grub.conf is just a file that tells sme what to do when it starts up, and it does list all the available installed kernels to choose from.
It is normal to run the current latest kernel but some non standard situations require a different kernel to run. Try to avoid those situations as they only create problems when upgrading.
-
mary, sorry no luck heres some data from the server that may help...
login as: root
root@192.168.0.254's password:
Last login: Fri Dec 19 12:32:53 2008 from 192.168.0.153
[root@server ~]# cat /boot/grub/menu.lst
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/main/root
# initrd /initrd-version.img
#boot=/dev/hda
default=7
timeout=5
splashimage=(hd0,0)/grub/smeserver.xpm.gz
foreground 000000
background 4E95D3
hiddenmenu
title SME Server (2.6.9-78.0.8.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.8.EL ro root=/dev/main/root
initrd /initrd-2.6.9-78.0.8.EL.img
title SME Server (2.6.9-78.0.8.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.8.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-78.0.8.ELsmp.img
title SME Server (2.6.9-78.0.5.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.5.ELsmp ro root=/dev/main/root noapic noacpi
initrd /initrd-2.6.9-78.0.5.ELsmp.img
title SME Server (2.6.9-78.0.5.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-78.0.5.EL ro root=/dev/main/root noapic noacpi
initrd /initrd-2.6.9-78.0.5.EL.img
title SME Server (2.6.9-67.0.15.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.15.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.15.EL.img
title SME Server (2.6.9-67.0.15.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.15.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.15.ELsmp.img
title SME Server (2.6.9-67.0.7.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.0.7.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.0.7.EL.img
title SME Server (2.6.9-67.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.ELsmp ro root=/dev/main/root
initrd /initrd-2.6.9-67.ELsmp.img
title SME Server (2.6.9-67.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-67.EL ro root=/dev/main/root
initrd /initrd-2.6.9-67.EL.img
[root@server ~]# rpm -q kernel kernel-smp
kernel-2.6.9-67.EL
kernel-2.6.9-67.0.7.EL
kernel-2.6.9-67.0.15.EL
kernel-2.6.9-78.0.5.EL
kernel-2.6.9-78.0.8.EL
kernel-smp-2.6.9-67.EL
kernel-smp-2.6.9-67.0.15.EL
kernel-smp-2.6.9-67.0.20.EL
kernel-smp-2.6.9-78.0.5.EL
kernel-smp-2.6.9-78.0.8.EL
[root@server ~]#
Regards John
-
ber
sorry no luck....
I don't really know what that means.
Please advise what you did.
If the listing you provide is the current status of the grub.conf file, then the default is still set to 7, so of course your system will boot the "wrong" kernel
Did you run
pico -w /boot/grub/grub.conf
and make the suggested change and ensure you saved the change and then rebooted ?
Use grub.conf and not menu.lst
You do appear to have the current kernel-2.6.9-78.0.8 installed
Here's the output from my system for comparison
rpm -q kernel kernel-smp
kernel-2.6.9-67.0.1.EL
kernel-2.6.9-67.0.4.EL
kernel-2.6.9-67.0.7.EL
kernel-2.6.9-78.0.8.EL
kernel-smp-2.6.9-67.0.1.EL
kernel-smp-2.6.9-67.0.4.EL
kernel-smp-2.6.9-67.0.7.EL
kernel-smp-2.6.9-78.0.8.EL
To see the kernel that is running do
uname -r
2.6.9-78.0.8.ELsmp
-
To set the correct default kernel (which should not unduly affect further investigation if required)
pico -w /boot/grub/grub.conf
change
default=7
to
default=1
Mary, that's not necessary. SME server should always rewrite the default to the last-booted kernel. So all that should be required is to reboot by the desired kernel at the grub splash screen.
-
Mary, that's not necessary. SME server should always rewrite the default to the last-booted kernel. So all that should be required is to reboot by the desired kernel at the grub splash screen.
The OP can't select the proper kernel and shows similar symptoms of this bug http://bugs.contribs.org/show_bug.cgi?id=4802 as the proper kernel is not listed on his splash screen.
ber, please follow up in that bug as your server seems to exhibit similar issues.
-
:P Hi Chris, I rebooted and was not able to find the kernel option that you recommended.
I did get the following options. I didnt choose any and supposed that I need to download the latest kernel..How?\
Here is the options that I do get...
Centos (2.6.9-67.ELsmp)
Centos (2.6.9-67. EL)
SME Server (2.6.9-55.0.12 EL)
SME Server (2.6.9-55.0.12. ELsmp)
SME Server (2.6.9-55.0.2. ELsmp)
SME Server-up (2.6.9-55.0.2. EL)
Can you shed some light?...
No but you have. Your grub.conf and your kernel list on your splash screen don't match. Go to the bug report you opened and make sure you include this information.
I am closing this thread, please solve this in the bug tracker.