Date: Wed, 14 Jul 2004 12:35:39 -0400 (EDT) From: "Mike Jakubik" <mikej@rogers.com> To: freebsd-net@freebsd.org Subject: PPTP VPN using MPD behind NAT help needed Message-ID: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182>
next in thread | raw e-mail | index | archive | help
Hello,
I am attempting to setup a PPTP VPN server using MPD on a FreeBSD 5.2-C
box, which is behind a DSL router. Unfortunately it does not seem to work
for everyone trying to connect to the server, and i cant figure out what
the problem is. It works for some clients, and it does not for others (It
just sits on 'Verifying username and password' under XP) All the clients
are using Windows XP, all of them are behind some sort of NAT firewall,
which is setup to allow all outgoing traffic. I can establish a PPTP
connection locally just fine, and one of our clients can too, but the rest
do not work.
Here is my network layout:
(192.168.138.50) (192.168.138.1) ()
VPN server > DLink DSL router > Internet
Typical client setup:
Internet < Generic NAT/Firewall < Windows XP PC
The DLink router has PPTP passthrough enabled, and incoming PPTP
connections are forwarded to 192.168.138.50.
MPD version 3.18
Here is mpd.conf:
---
default:
load pptp0
load pptp1
load pptp2
pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 192.168.138.50/32 192.168.138.200/32
load standard
pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 192.168.138.50/32 192.168.138.201/32
load standard
pptp2:
new -i ng2 pptp2 pptp2
set ipcp ranges 192.168.138.50/32 192.168.138.202/32
load standard
standard:
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link mtu 1460
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.1.1
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
---
Here is mpd.links:
---
pptp0:
set link type pptp
set pptp self 192.168.138.50
set pptp enable incoming
set pptp disable originate
pptp1:
set link type pptp
set pptp self 192.168.138.50
set pptp enable incoming
set pptp disable originate
pptp2:
set link type pptp
set pptp self 192.168.138.50
set pptp enable incoming
set pptp disable originate
---
Here is mpd.secrets:
---
mike "secret"
---
And here is the log from an unsucessful attempt:
---
Jul 14 12:04:37 fbsd mpd: mpd: pid 59486, version 3.18
(root@fbsd.afirma.ca 16:17 13-Jul-2004)
Jul 14 12:04:37 fbsd mpd: [pptp0] ppp node is "mpd59486-pptp0"
Jul 14 12:04:37 fbsd mpd: mpd: local IP address for PPTP is 192.168.138.50
Jul 14 12:04:37 fbsd mpd: [pptp0] using interface ng0
Jul 14 12:04:37 fbsd mpd: [pptp1] ppp node is "mpd59486-pptp1"
Jul 14 12:04:37 fbsd mpd: [pptp1] using interface ng1
Jul 14 12:04:37 fbsd mpd: [pptp2] ppp node is "mpd59486-pptp2"
Jul 14 12:04:37 fbsd mpd: [pptp2] using interface ng2
Jul 14 12:04:50 fbsd mpd: mpd: PPTP connection from 69.193.41.53:3104
Jul 14 12:04:50 fbsd mpd: pptp0: attached to connection with
69.193.41.53:3104
Jul 14 12:04:50 fbsd mpd: [pptp0] IFACE: Open event
Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event
Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: state change Initial --> Starting
Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: LayerStart
Jul 14 12:04:50 fbsd mpd: [pptp0] IPCP: Open event
Jul 14 12:04:50 fbsd mpd: [pptp0] bundle: OPEN event in state CLOSED
Jul 14 12:04:50 fbsd mpd: [pptp0] opening link "pptp0"...
Jul 14 12:04:50 fbsd mpd: [pptp0] link: OPEN event
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Open event
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Initial --> Starting
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: LayerStart
Jul 14 12:04:50 fbsd mpd: [pptp0] device: OPEN event in state DOWN
Jul 14 12:04:50 fbsd mpd: [pptp0] attaching to peer's outgoing call
Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state OPENING
Jul 14 12:04:50 fbsd mpd: [pptp0] device: UP event in state OPENING
Jul 14 12:04:50 fbsd mpd: [pptp0] device is now in state UP
Jul 14 12:04:50 fbsd mpd: [pptp0] link: UP event
Jul 14 12:04:50 fbsd mpd: [pptp0] link: origination is remote
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: Up event
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: state change Starting --> Req-Sent
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: phase shift DEAD --> ESTABLISH
Jul 14 12:04:50 fbsd mpd: [pptp0] LCP: SendConfigReq #1
Jul 14 12:04:50 fbsd mpd: ACFCOMP
Jul 14 12:04:50 fbsd mpd: PROTOCOMP
Jul 14 12:04:50 fbsd mpd: MRU 1500
Jul 14 12:04:50 fbsd mpd: MAGICNUM f822715a
Jul 14 12:04:50 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:04:50 fbsd mpd: MP MRRU 1600
Jul 14 12:04:50 fbsd mpd: MP SHORTSEQ
Jul 14 12:04:50 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:04:50 fbsd mpd: pptp0-0: ignoring SetLinkInfo
Jul 14 12:04:52 fbsd mpd: [pptp0] LCP: SendConfigReq #2
Jul 14 12:04:52 fbsd mpd: ACFCOMP
Jul 14 12:04:52 fbsd mpd: PROTOCOMP
Jul 14 12:04:52 fbsd mpd: MRU 1500
Jul 14 12:04:52 fbsd mpd: MAGICNUM f822715a
Jul 14 12:04:52 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:04:52 fbsd mpd: MP MRRU 1600
Jul 14 12:04:52 fbsd mpd: MP SHORTSEQ
Jul 14 12:04:52 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:04:54 fbsd mpd: [pptp0] LCP: SendConfigReq #3
Jul 14 12:04:54 fbsd mpd: ACFCOMP
Jul 14 12:04:54 fbsd mpd: PROTOCOMP
Jul 14 12:04:54 fbsd mpd: MRU 1500
Jul 14 12:04:54 fbsd mpd: MAGICNUM f822715a
Jul 14 12:04:54 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:04:54 fbsd mpd: MP MRRU 1600
Jul 14 12:04:54 fbsd mpd: MP SHORTSEQ
Jul 14 12:04:54 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:04:56 fbsd mpd: [pptp0] LCP: SendConfigReq #4
Jul 14 12:04:56 fbsd mpd: ACFCOMP
Jul 14 12:04:56 fbsd mpd: PROTOCOMP
Jul 14 12:04:56 fbsd mpd: MRU 1500
Jul 14 12:04:56 fbsd mpd: MAGICNUM f822715a
Jul 14 12:04:56 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:04:56 fbsd mpd: MP MRRU 1600
Jul 14 12:04:56 fbsd mpd: MP SHORTSEQ
Jul 14 12:04:56 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:04:58 fbsd mpd: [pptp0] LCP: SendConfigReq #5
Jul 14 12:04:58 fbsd mpd: ACFCOMP
Jul 14 12:04:58 fbsd mpd: PROTOCOMP
Jul 14 12:04:58 fbsd mpd: MRU 1500
Jul 14 12:04:58 fbsd mpd: MAGICNUM f822715a
Jul 14 12:04:58 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:04:58 fbsd mpd: MP MRRU 1600
Jul 14 12:04:58 fbsd mpd: MP SHORTSEQ
Jul 14 12:04:58 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:00 fbsd mpd: [pptp0] LCP: SendConfigReq #6
Jul 14 12:05:00 fbsd mpd: ACFCOMP
Jul 14 12:05:00 fbsd mpd: PROTOCOMP
Jul 14 12:05:00 fbsd mpd: MRU 1500
Jul 14 12:05:00 fbsd mpd: MAGICNUM f822715a
Jul 14 12:05:00 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:05:00 fbsd mpd: MP MRRU 1600
Jul 14 12:05:00 fbsd mpd: MP SHORTSEQ
Jul 14 12:05:00 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:02 fbsd mpd: [pptp0] LCP: SendConfigReq #7
Jul 14 12:05:02 fbsd mpd: ACFCOMP
Jul 14 12:05:02 fbsd mpd: PROTOCOMP
Jul 14 12:05:02 fbsd mpd: MRU 1500
Jul 14 12:05:02 fbsd mpd: MAGICNUM f822715a
Jul 14 12:05:02 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:05:02 fbsd mpd: MP MRRU 1600
Jul 14 12:05:02 fbsd mpd: MP SHORTSEQ
Jul 14 12:05:02 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:04 fbsd mpd: [pptp0] LCP: SendConfigReq #8
Jul 14 12:05:04 fbsd mpd: ACFCOMP
Jul 14 12:05:04 fbsd mpd: PROTOCOMP
Jul 14 12:05:04 fbsd mpd: MRU 1500
Jul 14 12:05:04 fbsd mpd: MAGICNUM f822715a
Jul 14 12:05:04 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:05:04 fbsd mpd: MP MRRU 1600
Jul 14 12:05:04 fbsd mpd: MP SHORTSEQ
Jul 14 12:05:04 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:06 fbsd mpd: [pptp0] LCP: SendConfigReq #9
Jul 14 12:05:06 fbsd mpd: ACFCOMP
Jul 14 12:05:06 fbsd mpd: PROTOCOMP
Jul 14 12:05:06 fbsd mpd: MRU 1500
Jul 14 12:05:06 fbsd mpd: MAGICNUM f822715a
Jul 14 12:05:06 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:05:06 fbsd mpd: MP MRRU 1600
Jul 14 12:05:06 fbsd mpd: MP SHORTSEQ
Jul 14 12:05:06 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:08 fbsd mpd: [pptp0] LCP: SendConfigReq #10
Jul 14 12:05:08 fbsd mpd: ACFCOMP
Jul 14 12:05:08 fbsd mpd: PROTOCOMP
Jul 14 12:05:08 fbsd mpd: MRU 1500
Jul 14 12:05:08 fbsd mpd: MAGICNUM f822715a
Jul 14 12:05:08 fbsd mpd: AUTHPROTO CHAP MSOFTv2
Jul 14 12:05:08 fbsd mpd: MP MRRU 1600
Jul 14 12:05:08 fbsd mpd: MP SHORTSEQ
Jul 14 12:05:08 fbsd mpd: ENDPOINTDISC [802.1] 00 48 54 82 6d aa
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Req-Sent --> Stopped
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: parameter negotiation failed
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: LayerFinish
Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state UP
Jul 14 12:05:10 fbsd mpd: pptp0-0: clearing call
Jul 14 12:05:10 fbsd mpd: pptp0-0: killing channel
Jul 14 12:05:10 fbsd mpd: [pptp0] PPTP call terminated
Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event
Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: Close event
Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: state change Starting --> Initial
Jul 14 12:05:10 fbsd mpd: [pptp0] IPCP: LayerFinish
Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event
Jul 14 12:05:10 fbsd mpd: pptp0: closing connection with 69.193.41.53:3104
Jul 14 12:05:10 fbsd mpd: [pptp0] IFACE: Close event
Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING
Jul 14 12:05:10 fbsd mpd: [pptp0] bundle: CLOSE event in state OPENED
Jul 14 12:05:10 fbsd mpd: [pptp0] closing link "pptp0"...
Jul 14 12:05:10 fbsd mpd: [pptp0] device: CLOSE event in state CLOSING
Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state CLOSING
Jul 14 12:05:10 fbsd mpd: [pptp0] link: CLOSE event
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Close event
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Stopped --> Closed
Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state CLOSING
Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN
Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: state change Closed --> Initial
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: phase shift ESTABLISH --> DEAD
Jul 14 12:05:10 fbsd mpd: [pptp0] device: DOWN event in state DOWN
Jul 14 12:05:10 fbsd mpd: [pptp0] device is now in state DOWN
Jul 14 12:05:10 fbsd mpd: [pptp0] link: DOWN event
Jul 14 12:05:10 fbsd mpd: [pptp0] LCP: Down event
Jul 14 12:05:10 fbsd mpd: pptp0: killing connection with 69.193.41.53:3104
---
Any help would be greatly appreciated.
Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?62362.66.11.183.182.1089822939.squirrel>