Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: jameswilson on May 30, 2012, 08:50:20 PM
-
Hi all. I have started to ave vpn issues. It either fails to connect for a while then does and then then when connected for random time periods it will fail.
Im using windows 7 64 bit if thats relevant.
I have looked at various posts about changing the mtu size, but this wasnt an issue on beta 7 nor on the 7.5 box before.
Where should i look first?
Ta
James
-
add info
windows reports
Error 619: A connection to the remote computer could not be established, so the port used for this connection was closed.
I have tried forwarding the pptp port to the windows sbs server behind the sme, but it fails gre.
-
add info
windows reports
Error 619: A connection to the remote computer could not be established, so the port used for this connection was closed.
I have tried forwarding the pptp port to the windows sbs server behind the sme, but it fails gre.
did the vpn ever worked? how does your server connect to wan? is GRE protocol forwarded to SME?
what's in SME logs? (/var/log/messages, start from there..)
-
draytek router in bridged mode and yes it used to work fine. It connects most of the time but then drops. From multiple locations. The only difference is my laptop. ie my old laptop was on xp, this one is 7 64bit. But i was using it to connect to b7 without issues for about 2 days before i upgraded the server to final. The server had a hd failure so i assumed it was failing before cos it was rebuilding the array.
As a side note this is a new 8 final server restored from a backup (backup taken from the machine that was already sme 8 final).
However i have read he wiki on vpn and i have ticked the mutlilink option. It connects better now but still fails. When it fails it wont reconnect for a while. I have reconfigured and rebooted about an hour ago.
-
messages log
May 30 20:42:00 sme-big pptpd[4409]: CTRL: Client 212.32.55.213 control connection finished
May 30 20:58:43 sme-big pptpd[4800]: CTRL: Client 212.32.55.213 control connection started
May 30 20:58:43 sme-big pptpd[4800]: CTRL: Starting call (launching pppd, opening GRE)
May 30 20:58:43 sme-big pppd[4801]: Plugin radius.so loaded.
May 30 20:58:43 sme-big pppd[4801]: RADIUS plugin initialized.
May 30 20:58:43 sme-big pppd[4801]: pppd 2.4.4 started by root, uid 0
May 30 20:58:43 sme-big pppd[4801]: Using interface ppp0
May 30 20:58:43 sme-big pppd[4801]: Connect: ppp0 <--> /dev/pts/0
May 30 20:58:46 sme-big pptpd[4800]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
May 30 20:58:46 sme-big pppd[4801]: MPPE 128-bit stateless compression enabled
May 30 20:58:48 sme-big pppd[4801]: found interface eth0 for proxy arp
May 30 20:58:48 sme-big pppd[4801]: local IP address 192.168.16.201
May 30 20:58:48 sme-big pppd[4801]: remote IP address 192.168.16.246
May 30 20:58:48 sme-big esmith::event[4821]: Processing event: ip-up.pptpd ppp0 /dev/pts/0 460800 192.168.16.201 192.168.16.246 pptpd
May 30 20:58:48 sme-big esmith::event[4821]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
May 30 20:58:48 sme-big esmith::event[4821]: expanding /etc/rc.d/init.d/masq
May 30 20:58:49 sme-big esmith::event[4821]: generic_template_expand=action|Event|ip-up.pptpd|Action|generic_template_expand|Start|1338407928 730749|End|1338407929 120196|Elapsed|0.389447
May 30 20:58:49 sme-big esmith::event[4821]: Running event handler: /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access
May 30 20:58:49 sme-big /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access[4823]: /home/e-smith/db/configuration: OLD pptpd=service|Interfaces||TCPPort|1723|access|public|sessions|5|status|enabled
May 30 20:58:49 sme-big /etc/e-smith/events/ip-up.pptpd/S70pptp-interface-access[4823]: /home/e-smith/db/configuration: NEW pptpd=service|Interfaces|ppp0|TCPPort|1723|access|public|sessions|5|status|enabled
May 30 20:58:49 sme-big esmith::event[4821]: S70pptp-interface-access=action|Event|ip-up.pptpd|Action|S70pptp-interface-access|Start|1338407929 120677|End|1338407929 255035|Elapsed|0.134358
May 30 20:58:49 sme-big esmith::event[4821]: Running event handler: /etc/e-smith/events/actions/adjust-services
May 30 20:58:49 sme-big esmith::event[4821]: adjusting non-supervised masq (adjust)
May 30 20:58:49 sme-big esmith::event[4821]: adjust-services=action|Event|ip-up.pptpd|Action|adjust-services|Start|1338407929 255557|End|1338407929 764888|Elapsed|0.509331
May 30 21:02:11 sme-big pptpd[4800]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Protocol not available
May 30 21:02:11 sme-big pptpd[4800]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
May 30 21:02:11 sme-big pptpd[4800]: CTRL: Reaping child PPP[4801]
May 30 21:02:11 sme-big pppd[4801]: Modem hangup
May 30 21:02:11 sme-big pppd[4801]: Connect time 3.4 minutes.
May 30 21:02:11 sme-big pppd[4801]: Sent 2418602 bytes, received 236084 bytes.
May 30 21:02:11 sme-big pppd[4801]: MPPE disabled
May 30 21:02:11 sme-big pppd[4801]: Connection terminated.
May 30 21:02:12 sme-big esmith::event[4998]: Processing event: ip-down ppp0 /dev/pts/0 460800 192.168.16.201 192.168.16.246 pptpd
May 30 21:02:12 sme-big esmith::event[4998]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
May 30 21:02:12 sme-big esmith::event[4998]: expanding /etc/rc.d/init.d/masq
May 30 21:02:12 sme-big esmith::event[4998]: generic_template_expand=action|Event|ip-down|Action|generic_template_expand|Start|1338408132 113580|End|1338408132 497328|Elapsed|0.383748
May 30 21:02:12 sme-big esmith::event[4998]: Running event handler: /etc/e-smith/events/ip-down/S50isdn-down-notify
May 30 21:02:12 sme-big esmith::event[4998]: S50isdn-down-notify=action|Event|ip-down|Action|S50isdn-down-notify|Start|1338408132 497802|End|1338408132 600649|Elapsed|0.102847
May 30 21:02:12 sme-big esmith::event[4998]: Running event handler: /etc/e-smith/events/ip-down/S70pptp-interface-access
May 30 21:02:12 sme-big /etc/e-smith/events/ip-down/S70pptp-interface-access[5007]: /home/e-smith/db/configuration: OLD pptpd=service|Interfaces|ppp0|TCPPort|1723|access|public|sessions|5|status|enabled
May 30 21:02:12 sme-big /etc/e-smith/events/ip-down/S70pptp-interface-access[5007]: /home/e-smith/db/configuration: NEW pptpd=service|Interfaces||TCPPort|1723|access|public|sessions|5|status|enabled
May 30 21:02:12 sme-big esmith::event[4998]: S70pptp-interface-access=action|Event|ip-down|Action|S70pptp-interface-access|Start|1338408132 601175|End|1338408132 731840|Elapsed|0.130665
May 30 21:02:12 sme-big esmith::event[4998]: Running event handler: /etc/e-smith/events/actions/adjust-services
May 30 21:02:12 sme-big esmith::event[4998]: adjusting non-supervised masq (adjust)
May 30 21:02:13 sme-big esmith::event[4998]: adjust-services=action|Event|ip-down|Action|adjust-services|Start|1338408132 732371|End|1338408133 218332|Elapsed|0.485961
May 30 21:02:13 sme-big pppd[4801]: Exit.
May 30 21:02:13 sme-big pptpd[4800]: CTRL: Client 212.32.55.213 control connection finished
May 30 21:02:28 sme-big pptpd[5174]: CTRL: Client 212.32.55.213 control connection started
May 30 21:02:28 sme-big pptpd[5174]: CTRL: Starting call (launching pppd, opening GRE)
May 30 21:02:28 sme-big pppd[5175]: Plugin radius.so loaded.
May 30 21:02:28 sme-big pppd[5175]: RADIUS plugin initialized.
May 30 21:02:28 sme-big pppd[5175]: pppd 2.4.4 started by root, uid 0
May 30 21:02:28 sme-big pppd[5175]: Using interface ppp0
May 30 21:02:28 sme-big pppd[5175]: Connect: ppp0 <--> /dev/pts/0
May 30 21:02:28 sme-big pptpd[5174]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Protocol not available
May 30 21:02:28 sme-big pptpd[5174]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
May 30 21:02:28 sme-big pptpd[5174]: CTRL: Reaping child PPP[5175]
May 30 21:02:28 sme-big pppd[5175]: Modem hangup
May 30 21:02:28 sme-big pppd[5175]: Connection terminated.
May 30 21:02:28 sme-big pppd[5175]: Exit.
-
May 30 21:02:28 sme-big pptpd[5174]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
-
it was working before, shall i reboot the router?
-
try.. it could work.. :-)
-
ok will do
thanks mate
-
Hi all. I have started to ave vpn issues.
...
Where should i look first?
You should pay attention to this advice:
Don't report problems here - Please report bugs and potential bugs in the bug tracker
-
I agree Charlie.. I was tempted to answer in such way
Jameps, please raise a bug in bugzilla asap, thank you
-
I have been using all beta releases and Windows 7 64 bit with the built-in PPTP succesfully, without modifications to either server or client.
-
May 30 21:02:28 sme-big pptpd[5174]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Protocol not available
May 30 21:02:28 sme-big pptpd[5174]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
May 30 21:02:28 sme-big pptpd[5174]: CTRL: Reaping child PPP[5175]
May 30 21:02:28 sme-big pppd[5175]: Modem hangup
May 30 21:02:28 sme-big pppd[5175]: Connection terminated.
May 30 21:02:28 sme-big pppd[5175]: Exit.
Using a quick Google it seems that your router is not passing GRE (anymore) according to http://poptop.sourceforge.net/dox/qna.html:
Q. What does Protocol not available mean?
A. The network refuses to let the stream pass.
You might see something like this in your logs:
pppd[124]: Connect: ppp0 <--> /dev/pts/1
pptpd[123]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed:
status = -1 error = Protocol not available
pptpd[123]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
pppd[124]: Modem hangup
pppd[124]: Connection terminated.
pppd[124]: Exit.
This is caused by EPROTO error number returned by read, which in turn is caused by the receipt of an ICMP protocol unreachable message from either the local host or some router or gateway between the server and the client. The usual cause of the ICMP packet is a router or gateway that refuses to pass the GRE stream. You can use tcpdump to find where the ICMP packet comes from, and correct it.
See also the same error as seen by a client. The solution there is probably not relevant.
So it seems something in the path between your laptop and your server is not allowing the GRE protocol to pass.
BTW next time please use a code block instead of a quote block, this makes quoting from the log in a reply to your post a little easier. Thanks in advance.
-
OK sorry all.
re bug before i do, i dont think it is a bug. Every other machine even the other win 7 laptops can connect its just mine.
But bear in mind it connects and works for a bit but then drops out.
If its connectimng in the first place then it cant be gre can it?
It must be something on my own laptop that is the issue.
-
Using a quick Google it seems that your router is not passing GRE (anymore) according to http://poptop.sourceforge.net/dox/qna.html:
Not just "not passing", but in fact, "rejecting".
A common cause of this is timing related. A NAT gateway (such as SME server in servergateway mode, and most home routers) will know to expect incoming GRE packets after seeing an outgoing GRE packet pass by. It will open up its firewall to pass the return traffic. If the "return traffic" arrives first, the packet will be rejected.
-
re bug before i do, i dont think it is a bug.
Of course it's a bug. It should work. It doesn't. The only issue is what and where the bug is, and how it can be fixed or worked around. And the place to do that is in the bug tracker.
-
Finally got to the bottom of this. All other machines in the company had rock solid vpn. But mine didnt. I wondered if it was a win 7 64bit issue. But found we had another user using it just fine on win 7 64bit.
Removed all the intel c**p from my wifi on my laptop. Problem is now sorted. Not a sme issue
-
Also cant change topic to solved. I presume it times out?
-
jameswilson
Removed all the intel c**p from my wifi on my laptop. Problem is now sorted.
For the benefit of others who may run into the same issue, could you please elaborate a little on what you did.
-
There was some intel software for the wifi card. This had always caused a conflict with windows and the hardware enable/disable buttons etc.
It was called intel mywifi. Aloows the laptop to become an access point and other things of no real use.
Removed all of it from control panel. Rebooted.Now the hardware enable buttons work as expected and it doesnt have any vpn issues at all.