From: "__ Radien__" <radien@zworg.com>
To: netfilter@lists.netfilter.org
Subject: Help! problem with PPTPD and pptp nat helper
Date: Tue, 21 Dec 2004 07:00:25 -0800 [thread overview]
Message-ID: <15655.1103641225@zworg.com> (raw)
Guys
I have problem in having
- kernel 2.4(Fedora Core 1) + ip_nat_pptp (in patch-o-matic 20040406)
loaded with
- running pptpd 1.2.1
Server Side Configuration:
-Linux 2.4 Fedora Core 1, patched by pptp-conntrack-nat properly(tested
for proper NAT + ConnectionTracking on multiple
PPTP-Tunnel sessions)
-iptables 1.2.11 patched the same as kernel
-pptpd 1.2.1
-ppp 2.4.3 cvs20040527.4
-lsmod output:
===================================
Module Size Used by Not tainted
ip_nat_pptp 3308 0 (unused)
ip_conntrack_pptp 4304 1 [ip_nat_pptp]
ip_conntrack_proto_gre 4852 0 [ip_nat_pptp ip_conntrack_pptp]
ppp_mppe 14040 0 (autoclean)
ppp_async 9888 0 (autoclean)
ppp_generic 27584 0 (autoclean) [ppp_mppe ppp_async]
slhc 6844 0 (autoclean) [ppp_generic]
autofs 13780 0 (autoclean) (unused)
iptable_filter 2412 0 (autoclean) (unused)
pcnet32 18464 1
mii 4124 0 [pcnet32]
ip_nat_ftp 4048 0 (unused)
ip_conntrack_ftp 5584 1 [ip_nat_ftp]
iptable_nat 23352 2 (autoclean) [ip_nat_pptp ip_nat_ftp]
ip_conntrack 33032 4 (autoclean) [ip_nat_pptp
ip_conntrack_pptp ip_conntrack_proto_gre ip_nat_ftp
ip_conntrack_ftp iptable_nat]
ip_tables 16544 4 [iptable_filter iptable_nat]
floppy 58908 0 (autoclean)
sg 37612 0 (autoclean) (unused)
microcode 5024 0 (autoclean)
keybdev 2976 0 (unused)
mousedev 5688 0 (unused)
hid 24772 0 (unused)
input 6208 0 [keybdev mousedev hid]
usb-uhci 27468 0 (unused)
usbcore 82912 1 [hid usb-uhci]
ext3 74148 2
jbd 56560 2 [ext3]
BusLogic 101084 0
sd_mod 13740 0 (unused)
scsi_mod 112232 3 [sg BusLogic sd_mod]
===================================
Client Side configuration:
Win2k3 VPN Client set to support any encryption - optional - and any
username/password authentication method
when I try to dig a PPTP-VPN tunnel to this machine, using a pptp
client software, I get error messages and connection
fails:
Client Side error:
"Error 619: A connection to the remote computer could not be
established, so the port used for this connection was closed."
Server Side error:
(/var/log/messages on the Server)
=====================================
Dec 21 17:09:38 server pptpd[17740]: CTRL: Client 192.168.0.101 control
connection started
Dec 21 17:09:38 server pptpd[17740]: CTRL: Starting call (launching
pppd, opening GRE)
Dec 21 17:09:38 server kernel: application bug: pppd(17741) has SIGCHLD
set to SIG_IGN but calls wait().
Dec 21 17:09:38 server kernel: (see the NOTES section of 'man 2 wait').
Workaround activated.
Dec 21 17:09:38 server pppd[17741]: pppd 2.4.3 started by root, uid 0
Dec 21 17:09:38 server pppd[17741]: Using interface ppp0
Dec 21 17:09:38 server pppd[17741]: Connect: ppp0 <--> /dev/pts/1
Dec 21 17:10:09 server pppd[17741]: LCP: timeout sending Config-Requests
Dec 21 17:10:09 server pppd[17741]: Connection terminated.
Dec 21 17:10:09 server pppd[17741]: Exit.
Dec 21 17:10:09 server pptpd[17740]: GRE:
read(fd=5,buffer=804e6e0,len=8196) from PTY failed: status = -1 error =
Input/output error, usually caused by unexpected termination of pppd,
check option syntax and pppd logs
Dec 21 17:10:09 server pptpd[17740]: CTRL: PTY read or GRE write failed
(pty,gre)=(5,6)
Dec 21 17:10:09 server pptpd[17740]: CTRL: Client 192.168.0.101 control
connection finished
=====================================
/var/log/ppp/pppd.log
=====================================
==> /var/log/ppp/pppd.log <==
using channel 29
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x1 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x2 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x3 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x3 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x4 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x4 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x5 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x5 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x6 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x6 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x7 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x7 <callback CBCP>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xab867b16> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x8 <mru 1400> <magic 0x347a73ef> <pcomp> <accomp>
<callback CBCP>]
sent [LCP ConfRej id=0x8 <callback CBCP>]
LCP: timeout sending Config-Requests
Connection terminated.
=====================================
==>Interesting part is, If I unload "ip_nat_pptp" module then connection
will be established well with no errors.<==
The configuration files, /etc/pptpd.conf and /etc/ppp/option.pptpd and
/etc/ppp/options were tested to work properly - with
the above configurations but with the original (not patched) kernel and
iptables!
Anyone can help please?
TIA
next reply other threads:[~2004-12-21 15:00 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-21 15:00 __ Radien__ [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-12-21 16:58 Help! problem with PPTPD and pptp nat helper Gary W. Smith
2004-12-26 12:15 Radien Radien
2004-12-27 22:15 Gary W. Smith
[not found] <27594E8BA9D5CA458F5EF87D88B6B48F0198C6@pxtvjoexd01.pxt.primeexalia.com>
2005-01-16 5:25 ` Radien Radien
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=15655.1103641225@zworg.com \
--to=radien@zworg.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox