Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: Drifting on April 20, 2015, 12:17:49 AM

Title: PPTP VPN suddenly stopped working?
Post by: Drifting on April 20, 2015, 12:17:49 AM

Protocol not available? No idea what is missing. Or why it should suddenly have stopped? Could this have been due to an update?


pr 19 23:10:48 hkd1 pptpd[3067]: CTRL: Client (IP of client) control connection finished
Apr 19 23:11:02 hkd1 pptpd[3076]: CTRL: Client (IP of client) control connection started
Apr 19 23:11:02 hkd1 pptpd[3076]: CTRL: Starting call (launching pppd, opening GRE)
Apr 19 23:11:02 hkd1 pppd[3077]: Plugin radius.so loaded.
Apr 19 23:11:02 hkd1 pppd[3077]: RADIUS plugin initialized.
Apr 19 23:11:02 hkd1 pppd[3077]: pppd 2.4.5 started by root, uid 0
Apr 19 23:11:02 hkd1 pppd[3077]: Using interface ppp1
Apr 19 23:11:02 hkd1 pppd[3077]: Connect: ppp1 <--> /dev/pts/1
Apr 19 23:11:02 hkd1 pptpd[3076]: GRE: read(fd=7,buffer=608be0,len=8260) from network failed: status = -1 error = Protocol not available
Apr 19 23:11:02 hkd1 pptpd[3076]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)
Apr 19 23:11:02 hkd1 pppd[3077]: Modem hangup
Apr 19 23:11:02 hkd1 pppd[3077]: Connection terminated.
Apr 19 23:11:02 hkd1 pppd[3077]: Exit.
Apr 19 23:11:02 hkd1 pptpd[3076]: CTRL: Client (IP of client) control connection finished

Regards Paul.

Title: Re: PPTP VPN suddenly stopped working?
Post by: Stefano on April 20, 2015, 01:27:55 AM

Code: [Select]

Apr 19 23:11:02 hkd1 pptpd[3076]: GRE: read(fd=7,buffer=608be0,len=8260) from network failed: status = -1 error = Protocol not available
Apr 19 23:11:02 hkd1 pptpd[3076]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6)

you have issues with GRE protocol..

did you change anything? router? is your server in server only mode or server and gateway?

Title: Re: PPTP VPN suddenly stopped working?
Post by: Drifting on April 20, 2015, 08:44:40 AM

Hi Stefano.

It is in server-gateway mode. Odd thing was that it worked a couple of updates back. I tend to only use it to access for administration. Has anyone any suggestions on where to look? or what might be causing this?

Paul
(ps Thanks whoever moved my post to SME8 to 9, you were quick :-) )

Title: Re: PPTP VPN suddenly stopped working?
Post by: janet on April 20, 2015, 10:49:26 AM

Paul

See
http://wiki.contribs.org/VPN_practical_tips

Try restarting your router/modem.
Is it in bridged mode ?

Have you restarted the server also ?

Title: Re: PPTP VPN suddenly stopped working?
Post by: Drifting on April 20, 2015, 11:19:36 AM

Hi Janet.

The server itself is making a direct PPP connection to our fibre provider (VDSL unit), there is no router only the SME server. Have installed a number of updates, and rebooted as normal. It was then on one of my server checks that I noticed that the vpn no longer worked. I modified the server connection on the client to point to another server (As the wiki was mostly client related not server, so worthwhile checking the client first)and the connection was fine and worked. It is something on this server? but what? I have no idea.

As every thanks Janet, you seem to get me out of scrapes a lot lately :-)

Paul.

Title: Re: PPTP VPN suddenly stopped working?
Post by: janet on April 20, 2015, 12:28:46 PM

Paul

Well the howto has a link to extensive troubleshooting techniques, so work through them.
If you feel an update broke VPN then lodge a bug report & be prepared to follow through with providing information.

Title: Re: PPTP VPN suddenly stopped working?
Post by: DanB35 on April 20, 2015, 01:32:29 PM

Since PPTP is so insecure (see http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_28432006.html, https://www.schneier.com/pptp-faq.html), you may want to take this opportunity to set up a more secure VPN like OpenVPN (see http://wiki.contribs.org/OpenVPN_Bridge) or OpenSwan IPSEC (http://wiki.contribs.org/Openswan_IPSEC).

Title: Re: PPTP VPN suddenly stopped working?
Post by: CharlieBrady on April 20, 2015, 03:04:55 PM

Quote from: Drifting on April 20, 2015, 12:17:49 AM

Apr 19 23:11:02 hkd1 pptpd[3076]: GRE: read(fd=7,buffer=608be0,len=8260) from network failed: status = -1 error = Protocol not available

This means that a GRE packet was sent by pptpd on the server, and it was rejected via an ICMP message from the client end, or from a firewall gateway somewhere between your server and the client.

The most common cause of this is that the client is behind a NAT gateway, and the NAT gateway is rejecting GRE unless there is expected traffic because of outbound GRE. But if the server is faster at sending its first GRE packet than the client is, then the gateway won't see outbound GRE before the first inbound GRE packet arrives, and will reject it.

SME server has a configuration option to allow for this case. You can try  it.

config setprop pptpd Passive enabled
signal-event remoteaccess-update

With this option, pptpd on the server will wait until it receives a GRE packet before it sends its first GRE packet.

Title: Re: PPTP VPN suddenly stopped working?
Post by: Drifting on April 22, 2015, 11:43:32 AM

Thankyou Charlie.

Followed your instructions an now working as before. Wonder what caused it?

Regards Paul