Text only | Text with Images

Hurricane Electric's IPv6 Tunnel Broker Forums

Tunnelbroker.net Specific Topics => Questions & Answers => Topic started by: babapiskota on June 23, 2010, 12:18:55 AM

Title: PPTP: pptpclient problem on Gentoo linux
Post by: babapiskota on June 23, 2010, 12:18:55 AM
Hi, please help me. I use Gentoo linux and use pptpclient emerged in portage. I cannot connect to pptp server @ tunnelbroker but i don't understand why.

kernel:
2.6.32-hardened-r9

tcpdump:

08:50:04.687868 IP 192.168.250.54.47670 > 216.66.80.30.1723: S 3040466992:3040466992(0) win 5840 <mss 1460,sackOK,timestamp 3051730 0,nop,wscale 6>
08:50:04.705293 IP 216.66.80.30.1723 > 192.168.250.54.47670: S 1678891704:1678891704(0) ack 3040466993 win 64240 <mss 1460>
08:50:04.705356 IP 192.168.250.54.47670 > 216.66.80.30.1723: . ack 1 win 5840
08:50:04.706776 IP 192.168.250.54.47670 > 216.66.80.30.1723: P 1:157(156) ack 1 win 5840: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(AS) BEARER_CAP(DA) MAX_CHAN(65535) FIRM_REV(1) [|pptp]
08:50:04.706959 IP 216.66.80.30.1723 > 192.168.250.54.47670: . ack 157 win 64240
08:50:04.844953 IP 216.66.80.30.1723 > 192.168.250.54.47670: P 1:157(156) ack 157 win 64240: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) [|pptp]
08:50:04.845000 IP 192.168.250.54.47670 > 216.66.80.30.1723: . ack 157 win 6432
08:50:05.708923 IP 192.168.250.54.47670 > 216.66.80.30.1723: P 157:325(168) ack 157 win 6432: pptp CTRL_MSGTYPE=OCRQ CALL_ID(0) CALL_SER_NUM(0) MIN_BPS(2400) MAX_BPS(10000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(3) PROC_DELAY(0) [|pptp]
08:50:05.709396 IP 216.66.80.30.1723 > 192.168.250.54.47670: . ack 325 win 64240
08:50:05.728626 IP 216.66.80.30.1723 > 192.168.250.54.47670: R 157:157(0) ack 325 win 64240

-----------------------------------------------------------------------

system log:

Jun 23 08:50:04 x pppd[11073]: pppd 2.4.4 started by root, uid 0
Jun 23 08:50:04 x pppd[11073]: Using interface ppp0
Jun 23 08:50:04 x pppd[11073]: Connect: ppp0 <--> /dev/pts/5
Jun 23 08:50:04 x pptp[11074]: anon log[main:pptp.c:310]: The synchronous pptp option is NOT activated
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Jun 23 08:50:05 x ntpdate[10958]: step time server 87.229.111.33 offset -0.000044 sec
Jun 23 08:50:05 x pptp[11082]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Jun 23 08:50:05 x pptp[11082]: anon log[pptp_read_some:pptp_ctrl.c:551]: read error: Connection reset by peer
Jun 23 08:50:05 x pptp[11082]: anon log[callmgr_main:pptp_callmgr.c:258]: Closing connection (shutdown)
Jun 23 08:50:05 x pptp[11082]: anon log[pptp_send_ctrl_packet:pptp_ctrl.c:622]: write error: Broken pipe
Jun 23 08:50:05 x pptp[11082]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
Jun 23 08:50:05 x pppd[11073]: Child process pptp tserv6.fra1.ipv6.he.net --nolaunchpppd (pid 11074) terminated with signal 15
Jun 23 08:50:05 x pppd[11073]: Modem hangup
Jun 23 08:50:05 x pppd[11073]: Connection terminated.
Jun 23 08:50:05 x pppd[11073]: Exit.

-----------------------------------------------------------------------

/etc/ppp/peers/tunnel:
pty "pptp tserv6.fra1.ipv6.he.net --nolaunchpppd"
name myaccountname
remotename PPTP
file /etc/ppp/options.pptp
ipparam tunnel

-----------------------------------------------------------------------

/etc/ppp/options.pptp:

lock
noauth
#persist

#refuse-pap
#refuse-eap
#refuse-chap
#refuse-mschap

mtu 1400
mru 1400

lcp-echo-failure 30
lcp-echo-interval 10

-----------------------------------------------------------------------

/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
myaccountname   PPTP    myaccountpassword   *

-----------------------------------------------------------------------

kernel config:

Cryptographic options --->
Title: Re: PPTP: pptpclient problem on Gentoo linux
Post by: mthode on June 24, 2010, 08:12:34 AM
http://www.tunnelbroker.net/forums/index.php?topic=951.0

This setup is what I used for gentoo linux on my laptop.  I didn't test it on hardened but go ahead and ask me on #gentoo-hardened on freenode.  I'm prometheanfire.
Title: Re: PPTP: pptpclient problem on Gentoo linux
Post by: fewlishfox on June 28, 2010, 10:22:32 AM
I was experiencing this issue until I corrected some mistakes in my config that weren't immediately obvious. Here's the relevant part of my conf.d/net for baselayout 1.12.13:

Code Select
# Configure the Hurricane Electric PPTP tunnel
depend_ppp0() {
    need net.eth0
}
config_ppp0=( "ppp" )
pppd_ppp0=( "persist"
            "nobsdcomp"
            "nodeflate"
            "lock"
            "noauth"
            "holdoff 10"
            "mru 1460"
            "mtu 1460"
            )
username_ppp0="fewlishfox%12345"
password_ppp0="password"

# Define the PPTP IPv4 remote and local endpoints
HEREMOTE="216.66.80.26"
HELOCAL="184.104.60.44"

# Define the command used to create the PPP interface
link_ppp0="pty \"pptp $HEREMOTE --nolaunchpppd\""

# When the PPP interface comes up, add to routing table "admin" a default route
# via the tunnel, and route all packets from the local tunnel endpoint according to this table
postup() {
    if [[ ${IFACE} = ppp0 ]]; then
        ip route add default dev ppp0 table admin
        ip rule add from $HELOCAL table admin
    fi
    return 0;
}
Text only | Text with Images