You are not logged in.
Hello people,
I'm pretty new at setting up a VPN to http://www.relakks.com. For those who don't know: relakks anonymizes your internet-traffic using VPN (pptp).
My problem is that I want to connect to the Relakks server through my router. The setup is like that:
Relakks <---> Router (192.168.0.253) <--NAT--> Me (192.168.0.20)
Now, if I use 'pon Relakks', /var/log/deamon.log says:
Feb 4 00:04:22 plueschi pppd[3759]: Connect: ppp0 <--> /dev/pts/3
Feb 4 00:04:22 plueschi pptp[3760]: anon log[main:pptp.c:276]: The synchronous pptp option is NOT activated
Feb 4 00:04:22 plueschi pptp[3763]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Feb 4 00:04:22 plueschi pptp[3763]: anon log[ctrlp_disp:pptp_ctrl.c:738]: Received Start Control Connection Reply
Feb 4 00:04:22 plueschi pptp[3763]: anon log[ctrlp_disp:pptp_ctrl.c:772]: Client connection established.
Feb 4 00:04:23 plueschi pptp[3763]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Feb 4 00:04:23 plueschi pptp[3763]: anon log[ctrlp_disp:pptp_ctrl.c:857]: Received Outgoing Call Reply.
Feb 4 00:04:23 plueschi pptp[3763]: anon log[ctrlp_disp:pptp_ctrl.c:896]: Outgoing call established (call ID 0, peer's call ID 30720).
Feb 4 00:04:26 plueschi pppd[3759]: Warning - secret file /etc/ppp/chap-secrets has world and/or group access
Feb 4 00:04:26 plueschi pppd[3759]: CHAP authentication succeeded
Feb 4 00:04:26 plueschi pppd[3759]: MPPE 128-bit stateless compression enabled
Feb 4 00:04:26 plueschi pppd[3759]: Cannot determine ethernet address for proxy ARP
Feb 4 00:04:26 plueschi pppd[3759]: local IP address 83.233.**.**
Feb 4 00:04:26 plueschi pppd[3759]: remote IP address 83.233.**.**
Feb 4 00:04:26 plueschi pppd[3759]: primary DNS address 82.209.**.**
Feb 4 00:04:26 plueschi pppd[3759]: secondary DNS address 82.209.**.**
Feb 4 00:04:29 plueschi pptp[3760]: anon log[decaps_gre:pptp_gre.c:407]: buffering packet 15 (expecting 14, lost or reordered)
Feb 4 00:05:12 plueschi pptp[3760]: anon log[decaps_gre:pptp_gre.c:407]: buffering packet 49 (expecting 48, lost or reordered)
Feb 4 00:05:12 plueschi pptp[3760]: anon log[decaps_gre:pptp_gre.c:407]: buffering packet 50 (expecting 48, lost or reordered)
Feb 4 00:05:31 plueschi pptp[3760]: anon log[decaps_gre:pptp_gre.c:407]: buffering packet 80 (expecting 79, lost or reordered)
Feb 4 00:05:32 plueschi pppd[3759]: LCP terminated by peer (MPPE disabled)
Feb 4 00:05:32 plueschi pppd[3759]: Connect time 1.1 minutes.
Feb 4 00:05:32 plueschi pppd[3759]: Sent 688168952 bytes, received 3478 bytes.
Feb 4 00:05:32 plueschi pptp[3763]: anon log[pptp_read_some:pptp_ctrl.c:543]: read returned zero, peer has closed
Feb 4 00:05:32 plueschi pptp[3763]: anon log[callmgr_main:pptp_callmgr.c:255]: Closing connection (shutdown)
Feb 4 00:05:32 plueschi pptp[3763]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
Feb 4 00:05:32 plueschi pptp[3763]: anon log[pptp_read_some:pptp_ctrl.c:543]: read returned zero, peer has closed
Feb 4 00:05:32 plueschi pptp[3763]: anon log[call_callback:pptp_callmgr.c:78]: Closing connection (call state)
Feb 4 00:05:32 plueschi pppd[3759]: Modem hangup
Feb 4 00:05:32 plueschi pppd[3759]: Connection terminated.
Feb 4 00:05:32 plueschi pppd[3759]: Exit.
ppp_mppe and ip_gre are loaded as kernel-modules.
Another strange thing is that 'pptpgw' has like 90% of the CPU- usage in the 1.1 minutes of the connection.
Here the configuration files:
#/etc/ppp/options
asyncmap 0
auth
crtscts
lock
hide-password
modem
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
noipx
#/etc/ppp/options.pptp
lock
noauth
refuse-eap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
require-mppe-128
#/etc/ppp/peers/Relakks
remotename Relakks
linkname Relakks
ipparam Relakks
pty "pptp pptp.relakks.com --nolaunchpppd"
name <username>
usepeerdns
require-mppe-128
refuse-eap
noauth
noipdefault
nodefaultroute
file /etc/ppp/options.pptp
I really have no clue how I can get this working and I hope someone out there can help me.
Thanks!
EDIT:
The problem was the routing. A script and a nice Howto to do the routing for you:
/etc/rc.d/relakks:
IFACE=<iface>
GATEWAY=<routerip>
TIMEOUT=30
case "$1" in
start)
echo "Starting Relakks service..."
rm /tmp/ip-up.conf 2> /dev/null
if ! pon Relakks ; then
echo "Could not execute start the pppd daemon."
exit 2
fi
CYCLES=0
while [ ! -e /tmp/ip-up.conf ] ; do
if [ $CYCLES -ge $TIMEOUT ] ; then
echo "Timeout error when connecting to Relakks."
exit 3
fi
sleep 1s
CYCLES=$((CYCLES +1))
done
. /tmp/ip-up.conf
rm /tmp/ip-up.conf
for RELAKKSHOST in $(host pptp.relakks.com | awk '{print $NF}') $REMOTE ;
do
route add -host $RELAKKSHOST/32 gw $GATEWAY dev $IFACE
done
route add default $TUNFACE
route del -host $REMOTE dev $TUNFACE
route del default gw $GATEWAY dev $IFACE
cp /etc/resolv.conf /etc/resolv.conf.bak
cp /etc/ppp/resolv.conf /etc/resolv.conf
;;
stop)
echo "Stopping Relakks service"
poff Relakks
cp /etc/resolv.conf.bak /etc/resolv.conf
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "usage: $0 {start|stop|restart}"
esac
exit 0
/etc/ppp/ip-up:
#!/bin/sh
cat > /tmp/ip-up.conf << EOF
TUNFACE=$1
DEVICE=$2
SPEED=$3
LOCAL=$4
REMOTE=$5
PARAM=$6
EOF
exit 0
Last edited by jongking (2007-03-28 22:45:59)
Offline