Home | Scripts | How To's | About


PoPToP PPTP + MPPE 128bit Encryption + MPPC Compression VPN Server

View Comments

Just as with my Postfix HOWTO I am going to share my experiences in setting up a a working PPTP VPN server. I decided to write this after I saw a lack of concise documentation for the current versions of PoPToP and the current Linux kernel.

By the end of this document you will hopefully achieve what I have:

  • Be running the latest stable release of PoPToP (1.1.4 at the time of this document).
  • Patch your Linux kernel (2.6.6 as of this document) with MPPE and MPPC support.
  • Patch the latest stable version of pppd (2.4.2 as of this document) with MPPE and MPPC support.
  • Allow remote clients to connect to your network using the VPN server.
  • Encrypt the VPN tunnel with the MPPE protocol.
  • Compress the data in the tunnel with the MPPC protocol.
  • Authentication done through MS CHAP-v2.
  • Run your VPN server behind a Linux firewall utilizing iptables (optional, but still covered)

To start off, you will use the following applications/patches:

Updates:

08/16/04: After countless hours of scratching my head trying to figure this out on a VPN server I'm setting up, I finally figued it out. Even though the MPPE patch was enabled in the kernel, it wasn't being recognized by pppd. After reading Jan's site I noticed that I had to enable SHA1 and RC4 encyption in the kernel. Recompiled and viola, works again.

Installing and Patching Sources

Linux Kernel

I normally extract my kernel source into /usr/src and link to "linux". Extract the kernel, put the Kernel patch (linux-2.6.6-mppe-mppc-1.0.patch.gz) into the same directory, extract it, and patch the kernel as follows. Finally install it as you normally do.

$ tar zxvf linux-2.6.6.tar.gz
$ ln -s linux-2.6.6 linux
$ gunzip linux-2.6.6-mppe-mppc-1.0.patch.gz
$ patch -p0 -i linux-2.6.6-mppe-mppc-1.0.patch
$ cd linux
$ make menuconfig (or the config tool of your choice)
go to Device Drivers -> Networking Options -> select "PPP support" and then select "Microsoft PPP compression/encryption (MPPC/MPPE)"
$ make bzImage

PPP

After you finish patching and compiling the kernel (hopefully you have boot into it by now), it's now time to patch and install a copy of pppd. Make sure you have the pppd patch in the same directory as the pppd tar.gz (ppp-2.4.2-mppe-mppc-1.0.patch.gz).

$ tar zxvf ppp-2.4.2.tar.gz
$ gunzip ppp-2.4.2-mppe-mppc-1.0.patch.gz
$ patch -p0 -i ppp-2.4.2-mppe-mppc-1.0.patch
$ cd ppp-2.4.2
$ ./configure
$ make
$ make install (as root)

PoPToP (pptpd)

Finally we compile an install a copy of the PoPToP PPTPD.

$ tar zxvf pptpd-1.1.4-b4.tar.gz
$ cd poptop-1.1.4
$ ./configure
$ make
$ make install (as root)

Now for configuring all of this.

Configuration

PoPToP (pptpd)

First let's setup the configuration file for PoPToP. By default it resides in /etc/pptpd.conf. Here is my configuration file:

option /etc/ppp/options-pptpd
localip 172.19.1.6
remoteip 172.19.1.30-50

Let's go over this line-by-line. The first line specifies the pppd configuration file, for the sake of this document (and my setup), we're going to use /etc/ppp/options-pptpd.

The second line is set to the IP address of the server's network interface (in my case, 172.19.1.6).

The line after that tells the the daemon what IP addresses to assign to incoming clients that connect to the server. In my configuration file it will give the IP addresses 172.19.1.30 to 172.19.1.50.

pppd

In the last section we setup the configuration file for our pptpd daemon. In the first line we specified the pppd configuration file. This is the one we're going to configure next. NOTE: for security sake, MAKE SURE that the /etc/ppp directory and everything in it are chmod'ed 700 and only root owns it.

My options-pptpd file looks like this:

name *
lock
mtu 1450
mru 1450
proxyarp
auth
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
deflate 0

# Handshake Auth Method
+chap
+mschap-v2

# Data Encryption Methods
mppe required

The two lines that I had trouble with are the mschap-v2 and mppe lines.

My first mistake was that instead of putting "+mschap-v2" I was putting "chapms-v2" as I had in my configuration file that used an older version of pppd. Oddly enough pppd would not error out on this, but eventually after searching google I was able to find the correct syntax.

And lastly, I was not using the right syntax for the MPPE patch. Even though Jan Dubiec mentioned on his page that he uses a different syntax for initiating his patch, I neglected to pay attention to that and used the common "+mppe-128" line.

chap-secrects

Now we need to create the chap-secrets. This file belongs in /etc/ppp/chap-secrets. It is very important the this file be accessible by only root and no one else as it contains plaintext passwords. 

# Client	Server	Password		IP Address
Serge	*	stupidpassword	*

This will allow the user "Serge" with the password "stupidpassword" to connect to this VPN server from any IP address.

Start Up

Now let's start everything up and see if it works (*crosses fingers*).

Start pptpd:

$ /usr/local/sbin/pptpd (as root)

Let's check our /var/log/messages file to make sure it didn't fail...

Jun 1 11:00:43 merlot pptpd[10611]: MGR: Manager process started
Jun 1 11:00:43 merlot pptpd[10611]: MGR: Maximum of 21 connections available

Looks good!

Go to your Windows client (XP Pro in my case) and open "Network Connections."

Start the "New Connection Wizard." Choose "connect to the network at my workplace" ->
Choose "Virtual Private Network connection" ->
Enter a name for your connection ->
Enter the hostname of the VPN server ->
Click finish.

Go to the properties of this new connection. Click on the "Networking" tab ->
Double click on "Internet Protocol (TCP/IP)" ->
Click on "Advanced..." ->
Untick "Use default gateway on remote network."

This will prevent all your Internet traffic from running through the VPN server (not necessary to do this, but I do). Now for the real moment of truth. Trying to connect...

Connect

Enter your username and password in the connection dialog box and click "Connect." Monitor your /var/log/messages file, you should see something like this:

 
Jun 1 11:11:32 merlot pptpd[10633]: CTRL: Client 172.19.1.89 control connection started
Jun 1 11:11:32 merlot pptpd[10633]: CTRL: Starting call (launching pppd, opening GRE)
Jun 1 11:11:32 merlot pppd[10634]: pppd 2.4.2 started by root, uid 0
Jun 1 11:11:32 merlot pppd[10634]: Using interface ppp0
Jun 1 11:11:32 merlot pppd[10634]: Connect: ppp0 <--> /dev/pts/77
Jun 1 11:11:35 merlot pppd[10634]: MPPC/MPPE 128-bit stateful compression enabled
Jun 1 11:11:38 merlot pppd[10634]: found interface eth0 for proxy arp
Jun 1 11:11:38 merlot pppd[10634]: local IP address 172.19.1.6
Jun 1 11:11:38 merlot pppd[10634]: remote IP address 172.19.1.31

If you see this... CONGRATULATIONS! You have successfully setup a Linux-based PPTP VPN server capable of MPPC and MPPE using MS-CHAP v2 for handshake authentication.

VPN Server Behind Firewall (optional)

In the event that your VPN server is behind a Linux (iptables) firewall and you want to have access to it from the Internet, follow these quick instructions:

First of all, you must have "IP: GRE tunnels over IP" and "IP: broadcast GRE over IP" support in your kernel. Make sure you have that done, or else this might not work.

To forward the PPTP ports from your router's external interface (eth1 in my case, eth0 is my internal interface, 172.19.1.6 is my VPN server's internal IP) to your VPN server, use this iptables rule set:

$ /sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 1723 -j DNAT --to 172.19.1.6
$ /sbin/iptables -A FORWARD -i eth1 -o eth0 -p TCP -d 172.19.1.6 --dport 1723 -j ACCEPT
$ /sbin/iptables -A FORWARD -i eth1 -o eth0 -p 47 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$ /sbin/iptables -t nat -A PREROUTING -i eth1 -p 47 -j DNAT --to 172.19.1.6

Conclusion

Hope that this document has helped some of you in some way or another. Happy VPN'ing!
 


Comments (Last 10): [Show All]


November 08th, 2013 @ 11:11AM


September 04th, 2013 @ 08:39AM


September 04th, 2013 @ 08:39AM


September 04th, 2013 @ 08:39AM


September 04th, 2013 @ 08:39AM


September 04th, 2013 @ 08:39AM


September 04th, 2013 @ 08:39AM


Pharmd521January 29th, 2013 @ 12:22AM

Very nice site!

Pharmd96January 29th, 2013 @ 12:22AM

Very nice site! [url=http://opeaixy.com/qsqvtxa/2.html]cheap cialis[/url]

Pharmd189January 29th, 2013 @ 12:22AM

Very nice site! cheap cialis http://opeaixy.com/qsqvtxa/4.html

Pharme642January 29th, 2013 @ 12:22AM

Very nice site! <a href="http://opeaixy.com/qsqvtxa/1.html">cheap viagra</a>

Pharmd592January 29th, 2013 @ 12:22AM

Hello! egbadgg interesting egbadgg site! I'm really like it! Very, very egbadgg good!

birdwesJuly 08th, 2012 @ 05:29PM

http://mailstation.co.uk/2012/07/patching-recent-linux-kernels-2-6-15-for-mppe-and-mppc-vpn/

birdwesJuly 08th, 2012 @ 05:28PM

Here's the paych for 3.2.21

error 628February 27th, 2012 @ 11:09PM

It is generally an issue with your modem, phone line, or a blocking port. This article answers the question how to fix error 628 Windows 7.

Contact ISP to Check the Phone Line
Upgrade the Network Driver
Repair your Network Configurations
Reinstall Modem Device
Disable the Firewall Protection

You can also get some help from this article: http://www.error628.com/

FernandoMarch 30th, 2009 @ 07:57AM

My Poptop is working ok, but I can\'t connect to the VPN from behind linux firewall
PC-----------> Internet Router-----------> VPN (POPTOP) works ok
PC-----------> Linux FireWall-------------> VPN (POPTOP) doesn\'t works \"Error 619\"
Could somesone help me ?


THECODEJune 28th, 2008 @ 09:16AM

I get 619 port closed error in Windows XP SP2.

I have Debian server and poptop 1.3

Any ideas?

Bimol th,INDIASeptember 17th, 2007 @ 09:09PM

I am not able to ping other pc after connected VPN.? how to solve this problem.

Unable to conect to pptpd server behind a ADSL router from internetDecember 17th, 2006 @ 11:38AM

hello,

i have a ubuntu server, with pptpd configurated. i open all in iptables. When i try to conect from one computer in the LAN with de windows pptp client i have not problem, but, when i try to conect from internet, i got the error: 628 in the windows client.

I have fowarded pptp and ipsec ports to internal ip adress of server, and if i run a windows 2003 VPN server in the LAN, the conexions PPTP from internet connect fine.

Someone can help me??

tnks in advance!


PeterNovember 18th, 2006 @ 05:11PM

CatX ,

I had the same problem try changing the line:

mppe required

to:

mppe required,stateless

skisteven1October 30th, 2006 @ 07:37PM

I'm having a problem getting internet from VPN connected clients. I have a feeling it's my iptables rules. Any suggestions? Should this all just work automatically? I've already done ip_forwarding, and can't figure out if I need to add routes or something by hand. My internal IP is: 192.168.1.101, and I have external ip's on the same subnet. eth1 is external, eth0 is internal.

Here's my iptables output:

root@firewall:~# iptables -L -v
Chain INPUT (policy ACCEPT 52649 packets, 4293K bytes)
pkts bytes target prot opt in out source destination
1296 98668 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
0 0 REJECT tcp -- eth1 any anywhere anywhere tcp dpt:domain reject-with icmp-port-unreachable

Chain FORWARD (policy DROP 1 packets, 90 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- eth1 any anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- any eth1 anywhere anywhere
1 90 LOG all -- any any anywhere anywhere LOG level warning

Chain OUTPUT (policy ACCEPT 1218 packets, 219K bytes)
pkts bytes target prot opt in out source destination

Ron GardnerOctober 03rd, 2006 @ 12:22PM

Hi all,

I have the VPN working.. I'm able to connect and route between the server and the client, however.... I am unable to route from the client over the vpn to the Internet.. or from Internet through vpnserver to client. My network is a flat C class.

My linux server is 216.53.188.249 - 252 255.255.255.0 (it's not subnetted).

.249 is servers main IP.. eth0
.250 is the listening IP of the vpn server.. (also on eth0:1)

.251 is reserved for connected VPN client...

This all happens ok.. .251 is given to the client upon connection.. from client/server I can ping the .250 and the .251 from both ends..
however I'm not able to route thru the vpn to the Internet .. or from the Internet over the VPN to the client. communication between client and server is fine though.. I thought it may have been a firewall issue with not passing traffic, but if I disable the iptables firewall.. the problem is still there.

Anyone have any ideas on what routing statement I'd need to add to get this to work?

Thank you in advance,

Ron

feel free to email me at r o n (AT) stop spamming (DOT) net


Ney CorrêaSeptember 28th, 2006 @ 08:41AM

Hi ppl,

I'm having problems with mppe, when I connect without mppe criptography my vpn works fine, but when I try to use mppe criptography I can't do anything. Anyone have idea ?

Thanks.

StratoSeptember 04th, 2006 @ 08:38AM

Hi,

I have a problem connecting to a PPTP server on a Fortinet-60, from a linux pptp client.

the client get IP address from server, and the is disconnected from the VPN.

pptp logs "Connexion terminated (unhandled)" into syslog.

There is no comment in the sources of poptop :(

Does anybody know what is the problem ?
is it possible to connect through PPTP VPN between a fortinet "pptp server" and a linux client ?

My config : Slack 10.2 + pppd-2.4.3 patched for MPPE/MPPC, kernel 2.6.13 MPPE/MPPC patched, and pptp-client-1.7.0 (poptop)

Thank !

Fernando ChucreAugust 24th, 2006 @ 12:32PM

In the kernel only MPPE was implemented. For MPPC is necessary a patch, but i not know where find.

CatXAugust 18th, 2006 @ 04:58AM

Have a problem with my VPN, the problem is that i connect successful form my WinXP sp2 to the server can ping myself but cannot ping anything else even ppp0 ip address
gateway is asignet as ip adres with 255.255.255.255 mask.
Can`t understand what`s wrong, it did worked, but i did`t used it for some time only thing is changed was kernel.
System is: Slackware-Current 20060818, kernel is 2.6.17.8
ppp-2.4.3 with ppp-2.4.3-mppe-mppc-1.1.patch
pptpd-1.3.0
-------------------
cat modules.conf
alias char-major-108 ppp_generic
alias ppp-compress-18 ppp_mppe
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
alias tty-ldisc-3 ppp_async
alias tty-ldisc-14 ppp_synctty
--------------------------
cat pptpd.conf
#speed 115200
option /etc/ppp/options.pptpd
localip 10.100.1.1
remoteip 10.100.1.2-101
#netmask 255.255.255.0
#ppp /usr/local/sbin/pppd
debug
-----------------------------
cat options.pptpd
#name vpn.bc.kz
lock
mtu 1512
mru 1512
#nodeflate
#nobsdcomp
-pap
-chap
-mschap
+mschap-v2
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 30
lcp-echo-interval 5
#require-mschap-v2
mppe required
#stateless
#silent
#nodefaultroute
proxyarp
#ms-dns 172.20.32.20
#netmask 255.255.255.0
#10.1.3.116:10.1.3.116
#plugin /usr/local/lib/pppd/2.4.3/radius.so
logfile /var/log/pptpd.log
#nologfd
auth
debug

Can some one suggest anything about that?

lonetreeJuly 11th, 2006 @ 06:24PM

just as MonsieurCampeur has describe. I am having the same problem from the first day I have my VPN server running back in 2004. I ca access the VPN server machine but still can't get access to the rest of the machine in the LAN. Anyone has successfully done this?


Vince C.June 03rd, 2006 @ 03:26AM

Hi.

I have installed pptpd and pptpclient on two Gentoo Linux machines. The connection starts successfully but drops packets after more or less 1 minute.

If I ping the remote peer (from either peer) packets start being dropped around seq num 50-60 but the link remains active. I have to run "poff" on the Gentoo Linux client, wait a little and run "pon" again for another minute...

Frutrating: with Windows clients the link remains active and functional till I close it :(.

The server is behind a 3Com wireless/ADSL/router which forwards port 1723 directly to the VPN server. Any idea?

MarekJanuary 17th, 2006 @ 03:39PM

While the MPPE/MPPC patch is not needed in 2.6.15, how does one get the ppp-compress-18 module functionality? pppd refuses to work with a certain PPTP connection for me because it cannot load this particular module.

IanJanuary 12th, 2006 @ 09:52PM

As of Linux kernel 2.6.15, the MPPE/MPPC patch is no longer needed. The module is included in the kernel.

MonsieurCampeurMay 11th, 2005 @ 02:47PM

I found out that I needed to add a route to my Windows XP client to the remote LAN after connecting. After that I could access any other machines on the remote LAN. Anyone knows of a way to automate adding a route after connecting to VPN?


MonsieurCampeurApril 27th, 2005 @ 03:31PM

Does anyone know how to setup the routing on VPN server to allow clients to access machines on internal remote LAN? I can ping the VPN server but I can't ping other machines.

youngApril 26th, 2005 @ 03:20AM

sorry for double message

DanielApril 13th, 2005 @ 04:41AM

The below allowed me to connect, but I was unable to ping any machines on the internal network from my VPN client, and I was unable to ping the vpn client from machines inside the network.

It turned out I needed to enable bridging in the linux kernel.

All is now hunky doory.

carsten@dickenscheid.netMarch 25th, 2005 @ 07:33PM

I´ve all settings configured, patched, updated like this doc, allover it works very well, but one thing...
The mppc compression does not work.
Last message in log:
"MPPE 128-bit stateless compression enabled"
At the VPN connection client (Win XP Pro) Details
Encryption: MPPE 128 Bit
but
Compression: None

I require the compression, how can i enable it???
Please help me :)

Answer please via E-Mail ;)

(Sorry for my bad english, i´m german!!!)

curlyromania@yahoo.comMarch 17th, 2005 @ 02:00PM

Using 2.6.10-1.770 FC3, I did everything from your tutorial. Everytime I got this. Without mppe works fine but no encription, no compression. Please help me.

Mar 18 00:02:09 razvans pptpd[5049]: CTRL: Client 192.168.1.111 control connection started
Mar 18 00:02:09 razvans pptpd[5049]: CTRL: Starting call (launching pppd, opening GRE)
Mar 18 00:02:09 razvans pppd[5050]: In file /etc/ppp/options.pptpd: unrecognized option 'mppe'
Mar 18 00:02:09 razvans pptpd[5049]: GRE: read(fd=4,buffer=804db80,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Mar 18 00:02:09 razvans pptpd[5049]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Mar 18 00:02:09 razvans pptpd[5049]: CTRL: Client 192.168.1.111 control connection finished

RazvanMarch 15th, 2005 @ 06:13AM

Sorry for this stupid question but I don't know how to boot in the patched kernel. I am new in patching the kernel and I need some help, this is the first time.

Thank you.

MarlicOneMarch 15th, 2005 @ 02:10AM

I've found a solution to my problem. I was wrong it wasn't MPPE that was the trouble. I tested to connect with Win2K and it worked fine, the difference from WinXP was the MTU of the pppX interface. When connection with WinXP it was set to 1396 and with Win2K to 1496.

For some reason it doesn't work setting the mtu in /etc/ppp/options.pptpd so I added the following to /etc/ppp/ip-up.local

#!/bin/bash

PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH

ifconfig $1 mtu 1500

which set the mtu on the starting pppX interface. this will affect all ppp devices, but as i'm not using dialup this works for me.

patchMarch 14th, 2005 @ 01:49PM

Using POPTOP 1.1.2 on Suse 9.2 I have a strange problem: connects from linux-clients work fine. but windows xp clients gets connected and than after a sec. the connection terminates. whats wrong?

larryMarch 14th, 2005 @ 02:18AM

Hi !

How can i use poptop with freeradius ? Thanks....

MarlicOneMarch 12th, 2005 @ 08:04AM

Hope someone knows a solution to this problem ...

PPTPD works fine unencrypted, I use NETBIOS and FTP to move files over the tunnel, but when I use MPPE-128 it seems to be an buffer overflow when I send data more then a couple of KB. So I can browse a folder via NETBIOS with 10 files/folders but when I try to browse a folder with 50 files/folders it just hangs. Same goes for FTP, so it's probably not a NETBIOS problem.

If anyone might know a solution I can provide more info on my system.

FreddieMarch 08th, 2005 @ 05:11PM

Hi,

I think I am getting closer on solving the "PTY read or GRE write failed" problem". This is the situation: I have a remote VPN server, connected directly to a ADSL access. In the other hand I have another Linux firewall with IPMASQUERADE, and windows clients behind that firewall. When I try to make a VPN (PPTP) connection through that MASQ firewall, I get the error. But, if I connect through a U.S. Robotics router, or connect the windows PC directly to the ADSL connection, I can connecto to the VPN server without a problem. So my guess is that there is somehting wrong with the IP MASQUERADE module. I guess there is something wrong with the GRE connection tracking, something is lost or mis-routed. I'll be doing a bit more research, but to all those who had that problem, just try to connect directly your PC of windows host to you internet connection, and you won't have that problem. Hope this can help, keep in touch: alperal@hotmail.com


Good Luck !

MattMarch 03rd, 2005 @ 10:39PM

help im getting this error

The remote system is required to authenticate itself
but I couldn't find any suitable secret (password) for it to use to do so.

(None of the available passwords would let it use an IP address.)



Anyone got any ideas on what to do?

GlebMarch 03rd, 2005 @ 01:53PM

Hi, Serge (&#1080;&#1083;&#1080; &#1087;&#1088;&#1086;&#1089;&#1090;&#1086; &#1087;&#1088;&#1080;&#1074;&#1077;&#1090;) =)

Here are logs from /log/messages:

Mar 3 20:31:24 debian pptpd[2231]: MGR: Manager process started
Mar 3 20:31:28 debian pptpd[2232]: CTRL: Client 82.207.71.89 control connection started
Mar 3 20:31:28 debian pptpd[2232]: CTRL: Starting call (launching pppd, opening GRE)
Mar 3 20:31:28 debian pptpd[2232]: CTRL: Client 82.207.71.89 control connection finished
Mar 3 20:33:56 debian pptpd[2236]: MGR: Manager process started
Mar 3 20:34:05 debian pptpd[2239]: MGR: Manager process started

That's all and there is no any other data.
Also when I try to establish a connection from my WinXP Pro I get a message that "A connection to the remote computer could not be established, so the port used for this connection was closed". Also nothing appear at /log/messages
There is no any firewall at the server. Local firewall was totally disabled during tests.

What can be the problem?
Thanks beforehand for your answer ;)

AlexFebruary 26th, 2005 @ 07:44AM

To Teiss:

Have you turned on IP forwarding (echo 1 > /proc/sys/net/ipv4/ip_forward) ?

TeissFebruary 25th, 2005 @ 05:41AM

Hello,

I am trying to enable tunnel.
I am using mandrake 10.0 and lastest pptpd and pppd version.

connection is successfully established, but I was obliged to change in options.pptpd the line
require-mppe-128
by
mppe required

and also, I had to enter something in /etc/ppp/options for
pass-filter, because default value was not ok.

Problem is even if I am connected, ping is not possible from client to server ! And default gateway of client is the same as the ip address assigned to him during connection, not the address of the server ? Is it right ?

Thank you
Teiss

AlexFebruary 24th, 2005 @ 09:04AM

To Ozzie:
While running make menuconfig, try to select
SHA1 and RC4 under Cryptographic API, before doing
make dep and make bzImage.

mkFebruary 20th, 2005 @ 09:23AM

To: vladimir
Do you have ARC4 and SHA1 checked in your kernel config (in "Cryptographic Option")?

BlakeFebruary 17th, 2005 @ 10:08PM

Sorry, how do you check iptables rules to see if that exists? My VPN server is just another computer on my network and I port forward to it.

BlakeFebruary 17th, 2005 @ 10:00PM

The VPN works great, I can connect to the VPN server and ping it however I cant ping other computers within that LAN that the VPN Server resides in.. Any suggestions?

StephenFebruary 15th, 2005 @ 07:17AM

For those running pptpd on a gateway and being unable to connect to anything else on the network other than the pptp server, see if you have a common gateway rule:
iptables -I FORWARD -i eth0 -d 192.168.0.0/16 -j DROP
That will cause your problem.

stephenFebruary 15th, 2005 @ 05:31AM

Please note that you need to have libpcap0.7-dev before compiling pppd. The ./configure does not check for this. If you don't, you'll get errors about missing bpf.h and pcap.h

zoioroxo_brFebruary 08th, 2005 @ 03:53AM

friend who can be this
[root@P2_NATU:/etc/ppp]$tail -f /var/log/messages
Feb 9 09:50:23 P2_NATU pptpd[4222]: MGR: Maximum of 10 connections available
Feb 9 09:50:32 P2_NATU pptpd[4224]: CTRL: Client 192.168.0.55 control connection started
Feb 9 09:50:32 P2_NATU pptpd[4224]: CTRL: Starting call (launching pppd, opening GRE)
Feb 9 09:50:32 P2_NATU pptpd[4224]: CTRL: Client 192.168.0.55 control connection finished
Feb 9 09:50:37 P2_NATU pptpd[4226]: CTRL: Client 192.168.0.55 control connection started
Feb 9 09:50:37 P2_NATU pptpd[4226]: CTRL: Starting call (launching pppd, opening GRE)
Feb 9 09:50:37 P2_NATU pptpd[4226]: CTRL: Client 192.168.0.55 control connection finished
Feb 9 09:51:08 P2_NATU pptpd[4228]: CTRL: Client 192.168.0.55 control connection started
Feb 9 09:51:08 P2_NATU pptpd[4228]: CTRL: Starting call (launching pppd, opening GRE)
Feb 9 09:51:08 P2_NATU pptpd[4228]: CTRL: Client 192.168.0.55 control connection finished

RyanFebruary 07th, 2005 @ 11:39PM

Post POPTOP install routing setup, anybody got a how to for getting the VPN clients able to ping lan machines on the same subnet as the VPN servers primary (only) nic. i'm running a pptp server behind my router, usually have an mswinblows pptp configuration running, the linux box has almost completely replaced this blows box. but i can figure out the routing scheme,... any help i'm running debian 2.4.27 kernel sources with the MPPE patch applied. ryan (hat - h) rytechcomputing.ca if you can help!

Robpol86February 06th, 2005 @ 02:16AM

disregard that last post, i fixed it by typing
echo 1 > /proc/sys/net/ipv4/ip_forward

Robpol86February 06th, 2005 @ 12:14AM

as daniel said, "pptpd is running fine, i can connect to the server, i get assigned an ip from the block, i can ping myself and the pptp server but nothing else on the network which pptp is running on. What am I missing? (ps not running iptables)"

i have the same problem

Przemek LamorskiJanuary 27th, 2005 @ 12:15PM

I found one thing missing in pptpd.conf file.

localization of pppd exec.

ppp /usr/local/sbin/pppd

vladimirJanuary 27th, 2005 @ 03:35AM

HELLO!!!!
&#1045;xplain please such situation:
RedHat 7.3
kernel = 2.4.28 + linux-2.4.28-mppe-mppc-1.2.patch.gz
pppd-2.4.3 + ppp-2.4.3-mppe-mppc-1.1.patch.gz

monolithic kernel;
make menuconfig -> choose "PPP (point-to-point protocol) support" and "Microsoft PPP compression/encryption (MPPC/MPPE)"
dep mod; make bzImage

when loading the system is given message

"Kernel does'n provide ARC4 and/or SHA1 algorithms required be MPPE/MPPS. Chek CryptoAPI configuration"

in than problem?
what did i do wrong?
how can i correct this?

OzzieJanuary 26th, 2005 @ 09:51AM

I've got a problem with loading of ppp_mppe_mppc module
when i'm trying to load this module i get an error:

/lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: /lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: unresolved symbol crypto_alloc_tfm
/lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: /lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: unresolved symbol crypto_free_tfm
/lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: insmod /lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o failed
/lib/modules/2.4.28-ow1/kernel/drivers/net/ppp_mppe_mppc.o: insmod ppp_mppe_mppc failed

Crypto is enabled in config , depmod also complain about unresolved symbols... only in crypto and ppp_mppe_mppc

FernandoJanuary 25th, 2005 @ 05:13PM

Hi ..

I'm having some serious vpn errors that closes the clients connections. This is not link problem or firewall. I use a freebsd 5.1 - RELEASE box that worked fine with poptop until last friday when I begin to experience strange behaviors.
I saw something with pptp and altq bandwidth control, but i'm not setting rules for the gre protocol or the 1723 port.
Next is a part of my problematic log, please help me :-)

Log:

Jan 25 13:55:46 vpn pptpd[32308]: CTRL: EOF or bad error reading ctrl packet
length.

Jan 25 13:55:46 vpn pptpd[32308]: CTRL: couldn't read packet header (exit)

Jan 25 13:55:46 vpn pptpd[32308]: CTRL: CTRL read failed

Jan 25 13:55:59 vpn pptpd[32321]: GRE: Discarding duplicate packet

Jan 25 13:55:59 vpn ppp[32322]: Warning: Add route failed: 0.0.0.0/0 already
exists

Jan 25 13:55:59 vpn ppp[32322]: Warning: Local: bind: Address already in use

Jan 25 13:55:59 vpn ppp[32322]: Warning: set server: Failed 2

Jan 25 13:56:01 vpn pptpd[32321]: CTRL: Ignored a SET LINK INFO packet with
real ACCMs!

Jan 25 13:57:12 vpn pptpd[32319]: GRE: xmit failed from decaps_hdlc: No
buffer space available

Jan 25 13:57:12 vpn pptpd[32319]: CTRL: PTY read or GRE write failed
(pty,gre)=(6,5)


Thanx

DanielJanuary 23rd, 2005 @ 04:08PM

pptpd is running fine, i can connect to the server, i get assigned an ip from the block, i can ping myself and the pptp server but nothing else on the network which pptp is running on. What am I missing? (ps not running iptables)

OrryJanuary 21st, 2005 @ 06:52PM

Thanks for this wonderful howto. I set up my poptop server following the instructions except using kernel 2.4.28 and pppd 2.4.3. However, there is one problem with my server. windows XP home edition clients can successfully login, and XP pro clients always get error 619. I have tried both XP Pro with SP1 and SP2, but no luck. Can you shead any light on this?

MarcusJanuary 18th, 2005 @ 10:04PM

Hi there list.

I have just installed pptpd-1.2.1-1 & ppp-2.4.2-1

When i start the service i get this...
Jan 19 07:50:17 mail2 pptpd[15127]: MGR: Manager process started
Jan 19 07:50:17 mail2 pptpd[15127]: MGR: Maximum of 2 connections available

As soon as i try and connect i get this...
Jan 19 07:50:35 mail2 pptpd[15134]: CTRL: Client 10.128.15.194 control connection started
Jan 19 07:50:35 mail2 pptpd[15134]: CTRL: Starting call (launching pppd, opening GRE)
Jan 19 07:50:35 mail2 pppd[15135]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so is for pppd version 2.4.3, this is 2.4.2
Jan 19 07:50:35 mail2 pptpd[15134]: GRE: read(fd=4,buffer=804e6e0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Jan 19 07:50:35 mail2 pptpd[15134]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Jan 19 07:50:35 mail2 kernel: application bug: pptpctrl(15134) has SIGCHLD set to SIG_IGN but calls wait().
Jan 19 07:50:35 mail2 kernel: (see the NOTES section of 'man 2 wait'). Workaround activated.
Jan 19 07:50:35 mail2 pptpd[15134]: CTRL: Client 10.128.15.194 control connection finished

What am i doing wrong and can someone please assist me in getting it fixed.

Email marcusv at siemagblanes.co.za

Giles CoocheyJanuary 14th, 2005 @ 04:43AM

Jimmy:

Your problem appears to be due to the running ppp daemon not recognising the mppe option. This could mean that you've not patched pppd or it might mean that your patched pppd has been installed to /usr/local/sbin and you already have a standard pppd daemon elsewhere, in /usr/sbin for example. doing a "whereis pppd" might give more information.

VPN:

Your problem appears to be the kernel not supporting the GRE protocol at all. In your kernel configuration check that you have "IP: GRE tunnels over IP" enabled under Networking Options.

Now anyone care to look at my radius / mppe problem... seems to be a case of mppe_keys_set not being 1 during a sanity check... :-(

Giles CoocheyJanuary 11th, 2005 @ 08:40AM

Here's a problem,

I'm using Linux 2.4.28 kernel, pppd 2.4.3 (tried 2.4.2 as well - with same problem) and poptop 1.2.0-b4

I'm trying to use the radius plugin for pppd for remote authentication. I find however, that "plugin radius.so" and "mppe required" cannot coexist as options in the same ppp configuration.

The connection terminates with a line like this:

Jan 11 15:05:31 gate pppd[2412]: MPPE required, but keys are not available. Possible plugin problem?

If "mppe required" is commented out of the configuration, then connections where the client requires encryption fail, but connections where the client doesn't require MPPE encryption succeed, and MPPC is enabled for that connection.

So what's causing this? Is there a fix?

Please Help!

giles (at) coochey.net

krabDecember 31st, 2004 @ 01:07AM

Florin wrote:
I have this same problem on Debian. I just added the modprobe to my /etc/init.d/pptpd start section, but it's still weird. bsd_comp is loaded automatically, why not ppp_mppe_mppc too?

I read somewhere actually newer kernel reads /etc/modprobe.conf to load modules. I just copy the contents of /etc/module.conf to /etc/modprobe.conf but also leave /etc/module.conf there.

You may want to try this to see if it helps.

FlorinDecember 30th, 2004 @ 10:03AM

krab wrote:
"Actually, I had another problem. Although I add to my /etc/modules.conf the following
alias ppp-compress-18 ppp_mppe_mppc

The kernel does not load that module automatically. The log says the kernel does not have mppe. After adding the following command, it runs smoothly.

# modprobe ppp_mppe_mppc

My system is linux fedora core 2 linux-2.6.9."

I have this same problem on Debian. I just added the modprobe to my /etc/init.d/pptpd start section, but it's still weird. bsd_comp is loaded automatically, why not ppp_mppe_mppc too?

gpeacey@peermusic.comDecember 21st, 2004 @ 12:55AM

Hi, thanks for a great page. I have ppp 2.4.2 pptp 1.1.2 on a Suse 9.0. I Had vpn working and then suddenlly I get this error messages:
pppd: Couldn't attach to channel 1:No such device or address
Any help would be great
Thanks Geoff

krabDecember 19th, 2004 @ 08:58PM

Vladk wrote:

It's about message dated November 14
"CTRL (PPPD Launcher): Failed to launch PPP daemon."
So here is a common problem for those guys who compile ppp from sources.
pptpctrl think that pppd will be in default place, in /usr/sbin/pppd.
However from sources u have it in /usr/local/sbin/pppd.
The solution is to make sure your pppd program is installed and that pptpctrl knows where to find it.
I did just simple simlink and it works fine.

I was bothered by this too in the beginning.

Since I installed ppp-2.4.3 with tarball but did not remove the default ppp-2.4.2 in Linux fedora core 2. The system launches the pppd from /usr/sbin/pppd instead of /usr/local/sbin/pppd. No wonder I could not get mppc done.

Simply add the following line to /etc/pptpd.conf

ppp /usr/local/sbin/pppd

It works fine for me.

Actually, I had another problem. Although I add to my /etc/modules.conf the following
alias ppp-compress-18 ppp_mppe_mppc

The kernel does not load that module automatically. The log says the kernel does not have mppe. After adding the following command, it runs smoothly.

# modprobe ppp_mppe_mppc

My system is linux fedora core 2 linux-2.6.9.

VladkDecember 17th, 2004 @ 05:40AM

It's about message dated November 14
"CTRL (PPPD Launcher): Failed to launch PPP daemon."
So here is a common problem for those guys who compile ppp from sources.
pptpctrl think that pppd will be in default place, in /usr/sbin/pppd.
However from sources u have it in /usr/local/sbin/pppd.
The solution is to make sure your pppd program is installed and that pptpctrl knows where to find it.
I did just simple simlink and it works fine.

JimmyDecember 13th, 2004 @ 07:23AM

Dec 13 23:02:37 yf165 pptpd[4778]: CTRL: Client 218.15.204.194 control connection started
Dec 13 23:02:38 yf165 pptpd[4778]: CTRL: Starting call (launching pppd, opening GRE)
Dec 13 23:02:38 yf165 pppd[4779]: In file /etc/ppp/options-pptpd: unrecognized option '+mschap-v2'
Dec 13 23:02:38 yf165 pptpd[4778]: GRE: read(fd=4,buffer=804d560,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Dec 13 23:02:38 yf165 pptpd[4778]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Dec 13 23:02:38 yf165 pptpd[4778]: CTRL: Client 218.15.204.194 control connection finished

GabrielDecember 03rd, 2004 @ 06:07PM

Hi Serge!

your site is excellent! =) it's the first time I patch and compile so fast and cleanly... I used to follow poptop.org's kernel patch but it does not work well with slackware so I always needed to explode and patch myself, but end with no compression. now in two steps I have everything.

but there is a problem I do not understand and ask for help:

I have lot's of this messages no matter which (poptop's or here) patch I use for the kernel or ppp version I use:

divert: not allocating divert_blk for non-ethernet device ppp0
divert: no divert_blk to free, ppp0 not ethernet

I have googled for this and everybuddy asks but nobody answer... and meanwhile I cannot server pptp because of this error.
sometimes, it work. specially when I just reboot.. but this should work always...

any hint?
thanks in advance

GabrielDecember 03rd, 2004 @ 06:02PM

Hi Serge!

your site is excellent! =) it's the first time I patch and compile so fast and cleanly... I used to follow poptop.org's kernel patch but it does not work well with slackware so I always needed to explode and patch myself, but end with no compression. now in two steps I have everything.

but there is a problem I do not understand and ask for help:

I have lot's of this messages no matter which (poptop's or here) patch I use for the kernel or ppp version I use:

divert: not allocating divert_blk for non-ethernet device ppp0
divert: no divert_blk to free, ppp0 not ethernet

I have googled for this and everybuddy asks but nobody answer... and meanwhile I cannot server pptp because of this error.
sometimes, it work. specially when I just reboot.. but this should work always...

any hint?
thanks in advance

Diego MoratoNovember 29th, 2004 @ 10:40AM

If anyone need help to configure under Debian, I help you.
Send me an e-mail
info@delphichannel.com.br

NickNovember 20th, 2004 @ 11:56AM

This was a GREAT help!! Thanks a lot for putting this up with all of the latest information, and thanks for all of the comments (w/ help)!

Guy RouillierNovember 19th, 2004 @ 11:36PM

Thanks for this HOWTO, and to those who posted comments as they helped me get up and running. I was experiencing the protocol errors on gentoo AMD64. The replacement ppp_mppe_mppc fixed it. Moreover, with that in place, I was able to use a stock ppp 2.4.3 from samba/ppp, and a stock pptp from pptpclient.

JoshNovember 18th, 2004 @ 11:35AM

Oh and Serge, THANKS! This article rocks.

JoshNovember 18th, 2004 @ 11:34AM

Stefan: I had the same problem. You need to recompile your kernel or modules.

This is on kernel 2.6.9, btw. It may be different under earlier kernels. Under the PPP support section in Networking Options, make sure "PPP support for sync tty ports" is selected. I also selected "PPP support for async serial ports," "PPP Deflate compression" and "PPP BSD-Compress compression." I selected them all as modules, saved the config, did "make modules" and then "make modules_install". After restarting pptpd, everything worked.

Serge, you might want to add that bit to this HOWTO.

facNovember 15th, 2004 @ 02:09PM

I have a little problem where the server seems to get data but doesnt forward it (cant access or pings any sites) any idea why? maybe some routing rules need to be defined?

SltexNovember 15th, 2004 @ 06:41AM

Patch for PPP version 2.4.3 ?
when i active "logwtmp" i get this message
Plugin /usr/lib/ppptpd/pptpd-logwtmp.so is for pppd version 2.4.3 this is 2.4.2

StefanNovember 14th, 2004 @ 02:41AM

Hy,
I`m getting these errors:
Nov 14 00:38:01 testing pptpd[5804]: GRE: read(fd=6,buffer=804db80,len=8196) from PTY failed: status = 0 error = No error
Nov 14 00:38:01 testing pptpd[5804]: CTRL: PTY read or GRE write failed (pty,gre)=(6,5)
Nov 14 00:47:27 testing pptpd[5898]: CTRL (PPPD Launcher): Failed to launch PPP daemon.
Nov 14 00:47:27 testing pptpd[5898]: CTRL: PPPD launch failed!
Nov 14 00:47:27 testing pptpd[5897]: GRE: read(fd=6,buffer=804db80,len=8196) from PTY failed: status = 0 error = No error
Nov 14 00:47:27 testing pptpd[5897]: CTRL: PTY read or GRE write failed (pty,gre)=(6,5)

This the 3`rd time i tried to set it up.

RizioNovember 10th, 2004 @ 10:36AM

From: stager
Posted: November 7th, 2004, 4:47 pm PST

how do i compile ppp with mppre support in slackware? it doesnt work when i use the make comand.

I’m also not able to make under Slackware 10 kernel 2.4.27, both patched or not. Strange enough ppp.2.4.2b3 makes, installs and works.


From: GS
Posted: October 26th, 2004, 1:37 am PST

Hi Serge,

thanks a lot for this great site. I recently made a server (redhat 7.3, kernel 2.4.27, the 1.1 patches) for a friend using your site. One problem………..

I have the same problem, seldom in a test environment and always in the production environment.

SongNovember 08th, 2004 @ 03:28PM

same here, unsupported protocol problem:

Nov 9 10:21:32 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:32 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:33 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:35 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:35 anaconda pppd[17114]: Unsupported protocol 'Stream Protocol ST-II' (0x33) received
Nov 9 10:21:35 anaconda pppd[17114]: Unsupported protocol 0x55 received
Nov 9 10:21:38 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:41 anaconda pppd[17114]: Unsupported protocol 0xba00 received
Nov 9 10:21:41 anaconda pppd[17114]: Unsupported protocol 0xc005 received
Nov 9 10:21:42 anaconda pppd[17114]: Unsupported protocol 0x8f received
Nov 9 10:21:44 anaconda pppd[17114]: Unsupported protocol 0x0 received
Nov 9 10:21:45 anaconda pppd[17114]: Unsupported protocol 0x74d7 received

I dont' know if its related but I am able to make the connection but there is no traffic in both directions. The connections stays connected for hours, but I get no traffic, can't even ping the VPN server host.

losing sleep and hair...sex life is degrading.....

stagerNovember 07th, 2004 @ 04:47PM

how do i compile ppp with mppre support in slackware? it doesnt work when i use the make comand.

JamesNovember 02nd, 2004 @ 07:22PM

First of all, thanks for this great tutorial! I got my VPN server up and working twice (between crashes :-P) with no problems using it. I have a quick question for you though:

Why can't the remote users connected to the VPN ping each other?

For instance, I have my VPN on the subnet 10.10.10.X, and the VPN server is running on 10.10.10.1. When users remotely connect they get IPs ranging from 10.10.10.2-254. However, they cannot ping each other except for the server IP.

More information: My house's subnet is 192.168.1.X, and the server's IP on that network is 192.168.1.26, but that shouldn't matter. I also tried to have the VPN server set its local IP at 192.168.1.26 and assign remote IPs in the range 192.168.1.200-254 (since we have a few machines interspersed between 2 and 100 or so already). This worked fine, but still, the only IPs the connected users could ping were 192.168.1.26 and themselves, not each other.

Thanks for your help!

vncNovember 02nd, 2004 @ 05:46AM

????

Nov 2 15:45:47 produser pptpd[2987]: MGR: Launching /usr/sbin/pptpctrl to handle client
Nov 2 15:45:47 produser pptpd[2987]: CTRL: local address = 192.168.5.1
Nov 2 15:45:47 produser pptpd[2987]: CTRL: remote address = 192.168.5.234
Nov 2 15:45:47 produser pptpd[2987]: CTRL: pppd speed = 115200
Nov 2 15:45:47 produser pptpd[2987]: CTRL: pppd options file = /etc/ppp/options.pptpd
Nov 2 15:45:47 produser pptpd[2987]: CTRL: Client 192.168.0.210 control connection started
Nov 2 15:45:47 produser pptpd[2987]: CTRL: Received PPTP Control Message (type: 1)
Nov 2 15:45:47 produser pptpd[2987]: CTRL: Made a START CTRL CONN RPLY packet
Nov 2 15:45:47 produser pptpd[2987]: CTRL: I wrote 156 bytes to the client.
Nov 2 15:45:47 produser pptpd[2987]: CTRL: Sent packet to client
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Received PPTP Control Message (type: 7)
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Set parameters to 152 maxbps, 16 window size
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Made a OUT CALL RPLY packet
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Starting call (launching pppd, opening GRE)
Nov 2 15:45:48 produser pptpd[2987]: CTRL: pty_fd = 5
Nov 2 15:45:48 produser pptpd[2987]: CTRL: tty_fd = 6
Nov 2 15:45:48 produser pptpd[2987]: CTRL: I wrote 32 bytes to the client.
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Sent packet to client
Nov 2 15:45:48 produser pptpd[2988]: CTRL (PPPD Launcher): Connection speed = 115200
Nov 2 15:45:48 produser pptpd[2988]: CTRL (PPPD Launcher): local address = 192.168.5.1
Nov 2 15:45:48 produser pptpd[2988]: CTRL (PPPD Launcher): remote address = 192.168.5.234
Nov 2 15:45:48 produser pptpd[2987]: GRE: read(fd=5,buffer=804d5a0,len=8196) from PTY failed: status = -1 error = Input/output error
Nov 2 15:45:48 produser pptpd[2987]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6)
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Closing child BCrelay with pid 0
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Closing child ppp with pid 2988
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Client 192.168.0.210 control connection finished
Nov 2 15:45:48 produser pptpd[2987]: CTRL: Exiting now
Nov 2 15:45:48 produser pptpd[2964]: MGR: Reaped child 2987

GSOctober 26th, 2004 @ 01:37AM

Hi Serge,

thanks a lot for this great site. I recently made a server (redhat 7.3, kernel 2.4.27, the 1.1 patches) for a friend using your site. One problem occurred however. When I compiled the compression as a module in the kernel I got a kernel panic upon VPN connection (killing interrupt handler). Afterwards I compiled the compression into the kernel directly and everything went fine. It really works great now.

Thanks again,

GS

JVOctober 25th, 2004 @ 07:16PM

I have de same problem,
I try to solve disabling de mppe 128bits data encryption with mppe required,no128,no56 in /etc/pptpd-options, but without success, and on my network connection I can saw that the data encryption was negociated at 40bits,
but I had the same issue "Unsupported protocol 0x??? received"

DocOctober 23rd, 2004 @ 04:20PM

I get errors like this with the 1.1 version of the patch!
Anybody else?
Going back to 1.0 fixes it so i assume 1.1 is broken or i am doing something wrong :-)

Oct 24 01:16:08 gateway pptpd[32081]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Oct 24 01:16:08 gateway pppd[15971]: found interface eth0 for proxy arp
Oct 24 01:16:08 gateway pppd[15971]: local IP address 172.31.18.1
Oct 24 01:16:08 gateway pppd[15971]: remote IP address 172.31.18.25
Oct 24 01:16:08 gateway pppd[15971]: MPPC/MPPE 128-bit stateless compression enabled
Oct 24 01:16:08 gateway pppd[15971]: Unsupported protocol 0x0 received
Oct 24 01:16:09 gateway pppd[15971]: Unsupported protocol 0xd3 received

SergeOctober 15th, 2004 @ 01:40PM

Post comments, questions and suggestions here. This way I don't have to answer the same questions multiple times over email :)

 
Post Comment:

Use the following verification number: 8km8cwpnbkd

Name 
Comment 
Verification 


© Karbon12 Ventures - PHP Architecture.com

eBay Sniper