You are not logged in.

#1 2008-08-07 08:59:46

pietro
Member
Registered: 2006-03-24
Posts: 10

PPTP vpn connections: route problems

Hi everybody!

I'm using kvpnc to connect to the VPN network at my university...

I think that I have the same problem who is explained http://bbs.archlinux.org/viewtopic.php?id=26433 but the solution doesn't work for me!!

I can connect without problems with kvpnc, this is the output in debug mode:

error: unable to start proc (getting IP address from interface)!
debug: No default interface given, tried default interface, got success, using "eth0".
debug: Username: pippo
debug: Trying to connect to server "vpn-in.unitn.it" with user "pippo"... 
debug: [pppd] using channel 1
debug: [pppd] Using interface ppp0
debug: [pppd] Connect: ppp0 /dev/pts/5
debug: [pppd] rcvd [LCP ConfReq id=0x1 ]
debug: [pppd] sent [LCP ConfReq id=0x1 ]
debug: [pppd] sent [LCP ConfAck id=0x1 ]
debug: [pppd] rcvd [LCP ConfAck id=0x1 ]
debug: [pppd] sent [LCP EchoReq id=0x0 magic=0xcd17500b]
debug: [pppd] rcvd [LCP EchoReq id=0x0 magic=0x4e40a611]
debug: [pppd] sent [LCP EchoRep id=0x0 magic=0xcd17500b]
debug: [pppd] rcvd [CHAP Challenge id=0x85 , name = "server"]
debug: [pppd] sent [CHAP Response id=0x85 , name = "pippo"]
debug: [pppd] rcvd [LCP EchoRep id=0x0 magic=0x4e40a611]
debug: [pppd] rcvd [CHAP Success id=0x85 "S=B902B6DB3E5DA23DD96C9AA7756CD82185606ED7"]
debug: [pppd] CHAP authentication succeeded
debug: [pppd] sent [CCP ConfReq id=0x1 ]
debug: [pppd] rcvd [CCP ConfReq id=0x1 ]
debug: [pppd] sent [CCP ConfNak id=0x1 ]
debug: [pppd] rcvd [CCP ConfNak id=0x1 ]
debug: [pppd] sent [CCP ConfReq id=0x2 ]
debug: [pppd] rcvd [CCP ConfReq id=0x2 ]
debug: [pppd] sent [CCP ConfAck id=0x2 ]
debug: [pppd] rcvd [CCP ConfAck id=0x2 ]
debug: [pppd] MPPE 128-bit stateless compression enabled
debug: [pppd] sent [IPCP ConfReq id=0x1 ]
debug: [pppd] rcvd [IPCP ConfReq id=0x1 ]
debug: [pppd] sent [IPCP ConfAck id=0x1 ]
debug: [pppd] rcvd [IPCP ConfNak id=0x1 ]
debug: [pppd] sent [IPCP ConfReq id=0x2 ]
debug: [pppd] rcvd [IPCP ConfAck id=0x2 ]
debug: [pppd] Script /etc/ppp/ip-pre-up started (pid 3105)
debug: [pppd] Script /etc/ppp/ip-pre-up finished (pid 3105), status = 0x0
debug: [pppd] Cannot determine ethernet address for proxy ARP
debug: [pppd] local IP address 193.205.215.165
debug: [pppd] remote IP address 193.205.215.162

success: Successful connected to server "vpn-in.unitn.it" user: "pippo" at Wed Aug 6 15:26:14 2008 [PPTP]
success: Connection established.

If I look my network interfaces now I have ppp0:

$ sudo ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:1D:09:42:26:27
          inet addr:192.168.190.50  Bcast:192.168.190.255  Mask:255.255.255.0
          inet6 addr: fe80::21d:9ff:fe42:2627/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2252 errors:0 dropped:0 overruns:0 frame:0
          TX packets:422 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:257071 (251.0 Kb)  TX bytes:51250 (50.0 Kb)
          Interrupt:17

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:146 errors:0 dropped:0 overruns:0 frame:0
          TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:9188 (8.9 Kb)  TX bytes:9188 (8.9 Kb)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:193.205.215.165  P-t-P:193.205.215.162  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1488  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:82 (82.0 b)  TX bytes:88 (88.0 b)

wlan0     Link encap:Ethernet  HWaddr 00:1F:3B:6C:83:43
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

wmaster0  Link encap:UNSPEC  HWaddr 00-1F-3B-6C-83-43-00-00-00-00-00-00-00-00-00-00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Now I can ping my server if I use:

$ ping -I ppp0 pluto.ing.unitn.it
PING pluto.ing.unitn.it (192.168.190.71) from 192.168.1.2 ppp0: 56(84) bytes of data.
64 bytes from pluto.ing.unitn.it (192.168.190.71): icmp_seq=1 ttl=61 time=86.5 ms
64 bytes from pluto.ing.unitn.it (192.168.190.71): icmp_seq=2 ttl=61 time=82.1 ms
64 bytes from pluto.ing.unitn.it (192.168.190.71): icmp_seq=3 ttl=61 time=83.4 ms
64 bytes from pluto.ing.unitn.it (192.168.190.71): icmp_seq=4 ttl=61 time=83.0 ms
64 bytes from pluto.ing.unitn.it (192.168.190.71): icmp_seq=5 ttl=61 time=82.9 ms
^C
--- pluto.ing.unitn.it ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4013ms
rtt min/avg/max/mdev = 82.113/83.629/86.582/1.559 ms

my route is:

$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.31.206.2     *               255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     *               255.255.255.0   U     0      0        0 wlan0
default         mygateway1.ar7  0.0.0.0         UG    0      0        0 wlan0

I think that I should set as default my ppp0 connection...

I tried with:

# route add default dev ppp0

then If I look my route, now I have:

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.31.206.2     *               255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     *               255.255.255.0   U     0      0        0 wlan0
default         *               0.0.0.0         U     0      0        0 ppp0
default         mygateway1.ar7  0.0.0.0         UG    0      0        0 wlan0

Now If I tried to ping my server I don't have results mad:

bash-3.2# ping pluto.ing.unitn.it
PING pluto.ing.unitn.it (192.168.190.71) 56(84) bytes of data.
^C
--- pluto.ing.unitn.it ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7002ms

I tried also with:

# route add default gw 10.31.206.2 netmask 255.255.255.255 dev ppp0
# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.31.206.2     255.255.255.255 UGH   0      0        0 ppp0
10.31.206.2     *               255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     *               255.255.255.0   U     0      0        0 wlan0
default         mygateway1.ar7  0.0.0.0         UG    0      0        0 wlan0

but doesn't work!!!

What is wrong?
Any Hints? big_smile

Last edited by pietro (2008-08-07 09:01:00)

Offline

#2 2008-08-07 09:27:33

Bebo
Member
From: Göteborg, Sweden
Registered: 2006-06-07
Posts: 207

Re: PPTP vpn connections: route problems

I guess you are not trying to route all your traffic through the uni network? If so, you should only have one route where "dev ppp0" is involved, and that is the uni network you want to reach. That is, if 10.0.0.0 is the uni (internal) network, then it should be something like route add -net 10.0.0.0/8 dev ppp0, and all other routes should point at wlan0. So, from an empty routing table, do

route add -net 10.0.0.0/8 dev ppp0
route add -net 192.168.1.0/24 dev wlan0
route add default gw 192.168.1.1 wlan0

where I also have assumed that you have LAN network at 192.168.1.0/24, and your default gateway is your router at home, 192.168.1.1 (just a guess).

I _think_ this setup is correct (provided my initial assumption is correct, of course) smile

---------------

In your first route output, only traffic to 10.31.206.2 goes through ppp0. In your second route setup _everything_ not going to 10.31.206.2 or you LAN (192.168.1.0/24) goes through ppp0, even the connection to the uni VPN server, which will fail. In your third attempt, everything goes to ppp0, which fails for the same reason (even your LAN traffic goes to ppp0 here, which you definitely don't want - I believe smile).

Offline

#3 2008-08-07 12:44:27

pietro
Member
Registered: 2006-03-24
Posts: 10

Re: PPTP vpn connections: route problems

Thank you so much!!

Now it's working! smile

Offline

#4 2008-08-07 13:36:30

Bebo
Member
From: Göteborg, Sweden
Registered: 2006-06-07
Posts: 207

Re: PPTP vpn connections: route problems

Great! smile

Offline

#5 2013-06-18 07:24:41

francesco_dem
Member
From: Napoli - Italy
Registered: 2013-06-16
Posts: 14

Re: PPTP vpn connections: route problems

Hi everybody,i am having problems connecting to a Microsoft VPN.
I configured my profile like this:

# Lock the port
lock

# Authentication
# We don't need the tunnel server to authenticate itself
# and the kernel MPPE module available from the CVS repository also on
# [url]http://ppp.samba.org/[/url], which is packaged for DKMS as kernel_ppp_mppe.
###############################################################################

# Lock the port
lock

# Authentication
# We don't need the tunnel server to authenticate itself
noauth

# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap

# Compression
# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap

# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate

# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use.  Note that MPPE
# requires the use of MSCHAP-V2 during authentication)

# [url]http://ppp.samba.org/[/url] the PPP project version of PPP by Paul Mackarras
nobsdcomp
nodeflate

# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use.  Note that MPPE
# requires the use of MSCHAP-V2 during authentication)

# [url]http://ppp.samba.org/[/url] the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# {{{
# Require MPPE 128-bit encryption
# require-mppe-128
# }}}

# [url]http://polbox.com/h/hs001/[/url] fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption

# {{{
# Require MPPE 128-bit encryption
# require-mppe-128
# }}}

# [url]http://polbox.com/h/hs001/[/url] fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
#mppe required,stateless
# }}}

here is my /etc/ppp/cahp-secrets (password changed for security reasons)

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
xtzukXXX  PPTP  XXXXXXXXXXXX *

My /etc/ppp/peers/<profile>

pty "pptp connect.swissvpn.net --nolaunchpppd"
name xtzukysv
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam SwissVPN

so i connect to the VPN using pon and here is my log

[root@francescopc francesco]# pon SwissVPN debug dump logfd 2 nodetach
pppd options in effect:
debug		# (from command line)
nodetach		# (from command line)
logfd 2		# (from command line)
dump		# (from command line)
noauth		# (from /etc/ppp/options.pptp)
refuse-pap		# (from /etc/ppp/options.pptp)
refuse-chap		# (from /etc/ppp/options.pptp)
refuse-mschap		# (from /etc/ppp/options.pptp)
refuse-eap		# (from /etc/ppp/options.pptp)
name xtzukysv		# (from /etc/ppp/peers/SwissVPN)
remotename PPTP		# (from /etc/ppp/peers/SwissVPN)
		# (from /etc/ppp/options.pptp)
pty pptp connect.swissvpn.net --nolaunchpppd		# (from /etc/ppp/peers/SwissVPN)
crtscts		# (from /etc/ppp/options)
		# (from /etc/ppp/options)
asyncmap 0		# (from /etc/ppp/options)
lcp-echo-failure 4		# (from /etc/ppp/options)
lcp-echo-interval 30		# (from /etc/ppp/options)
hide-password		# (from /etc/ppp/options)
ipparam SwissVPN		# (from /etc/ppp/peers/SwissVPN)
proxyarp		# (from /etc/ppp/options)
nobsdcomp		# (from /etc/ppp/options.pptp)
nodeflate		# (from /etc/ppp/options.pptp)
require-mppe-128		# (from /etc/ppp/peers/SwissVPN)
noipx		# (from /etc/ppp/options)
using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xcf93892c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <accomp> <pcomp> <mru 1460> <magic 0x5cd6d834> <auth chap MS-v2> <mrru 2048> <ssnhf> <endpoint [MAC:00:50:56:95:00:3b]>]
sent [LCP ConfRej id=0x1 <mrru 2048> <ssnhf>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xcf93892c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <accomp> <pcomp> <mru 1460> <magic 0x5cd6d834> <auth chap MS-v2>]
sent [LCP ConfAck id=0x2 <accomp> <pcomp> <mru 1460> <magic 0x5cd6d834> <auth chap MS-v2>]
sent [LCP EchoReq id=0x0 magic=0xcf93892c]
rcvd [CHAP Challenge id=0x1 <bb1e68d107a05f3bdb8216f1b3343a09>, name = ""]
sent [CHAP Response id=0x1 <d2a453aa28c459179b1bdc7b09c9482e0000000000000000b44280f0db9355e201eb237c90384043ea26fac3f9eb128100>, name = "xtzukysv"]
rcvd [LCP EchoRep id=0x0 magic=0x5cd6d834]
rcvd [CHAP Success id=0x1 "S=245BD1EEEAA909E38650D53E9642F03F8ED472EC"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfReq id=0x1 <addr 80.254.79.59> <compress VJ 0f 00>]
sent [IPCP TermAck id=0x1]
rcvd [IPV6CP ConfReq id=0x1 <addr fe80::0250:56ff:fe95:003b>]
Unsupported protocol 'IPv6 Control Protocol' (0x8057) received
sent [LCP ProtRej id=0x2 80 57 01 01 00 0e 01 0a 02 50 56 ff fe 95 00 3b]
rcvd [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 67.215.65.132>]
rcvd [IPCP ConfNak id=0x1 <addr 80.254.75.149>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 80.254.75.149>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 80.254.75.149>]
rcvd [IPCP ConfReq id=0x2 <addr 80.254.79.59> <compress VJ 0f 00>]
sent [IPCP ConfAck id=0x2 <addr 80.254.79.59> <compress VJ 0f 00>]
Cannot determine ethernet address for proxy ARP
local  IP address 80.254.75.149
remote IP address 80.254.79.59
Script /etc/ppp/ip-up started (pid 1878)
Script /etc/ppp/ip-up finished (pid 1878), status = 0x0

To start my vpn connection : "pon SwissVPN" and then "route add default dev ppp0", but after 1 minutes the vpn doesn't work

[root@francescopc francesco]# sudo ifconfig -a
enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.3  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::224:8cff:fe94:707d  prefixlen 64  scopeid 0x20<link>
        ether 00:24:8c:94:70:7d  txqueuelen 1000  (Ethernet)
        RX packets 32967  bytes 23120011 (22.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 29277  bytes 8248892 (7.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 17  

enp6s0: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        ether 00:24:8c:94:70:7e  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 18  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 101  bytes 13000 (12.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 101  bytes 13000 (12.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1456
        inet 80.254.66.22  netmask 255.255.255.255  destination 80.254.79.91
        ppp  txqueuelen 3  (Point-to-Point Protocol)
        RX packets 7  bytes 92 (92.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6  bytes 72 (72.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@francescopc francesco]# ping -I ppp0 [url=http://www.google.com]www.google.com[/url]
PING [url=http://www.google.com]www.google.com[/url] (173.194.44.240) from 80.254.66.22 ppp0: 56(84) bytes of data.
^C
--- [url=http://www.google.com]www.google.com[/url] ping statistics ---
14 packets transmitted, 0 received, 100% packet loss, time 13008ms
[root@francescopc francesco]#  ping [url=http://www.google.com]www.google.com[/url]
PING [url=http://www.google.com]www.google.com[/url] (173.194.44.243) 56(84) bytes of data.
64 bytes from 173.194.44.243: icmp_seq=1 ttl=53 time=89.0 ms
64 bytes from 173.194.44.243: icmp_seq=2 ttl=53 time=90.7 ms
64 bytes from 173.194.44.243: icmp_seq=3 ttl=53 time=89.3 ms
64 bytes from 173.194.44.243: icmp_seq=4 ttl=53 time=90.5 ms
64 bytes from 173.194.44.243: icmp_seq=5 ttl=53 time=88.0 ms
64 bytes from 173.194.44.243: icmp_seq=6 ttl=53 time=88.7 ms
^C64 bytes from 173.194.44.243: icmp_seq=7 ttl=53 time=88.7 ms

--- [url=http://www.google.com]www.google.com[/url] ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6009ms
rtt min/avg/max/mdev = 88.052/89.307/90.755/1.000 ms
[root@francescopc francesco]# sudo route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    0      0        0 enp4s0
zrh1-vpn01-bge0 192.168.0.1     255.255.255.255 UGH   0      0        0 enp4s0
zrh1-vpn14-em0. 192.168.0.1     255.255.255.255 UGH   0      0        0 enp4s0
zrh1-vpn14-pptp *               255.255.255.255 UH    0      0        0 ppp0
192.168.0.0     *               255.255.255.0   U     0      0        0 enp4s0
[root@francescopc francesco]# ip route
default via 192.168.0.1 dev enp4s0 
80.254.79.58 via 192.168.0.1 dev enp4s0  src 192.168.0.3 
80.254.79.90 via 192.168.0.1 dev enp4s0  src 192.168.0.3 
80.254.79.91 dev ppp0  proto kernel  scope link  src 80.254.66.22 
192.168.0.0/24 dev enp4s0  proto kernel  scope link  src 192.168.0.3 

any help will welcome!

thanks

Last edited by francesco_dem (2013-06-18 07:26:51)

Offline

#6 2013-06-18 09:15:07

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: PPTP vpn connections: route problems

Please don't necrobump 5 year old threads: https://wiki.archlinux.org/index.php/Fo … Bumping.27


Closing


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

Board footer

Powered by FluxBB