• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

PPTP: pptpclient problem on Gentoo linux

Started by babapiskota, June 23, 2010, 12:18:55 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

babapiskota

June 23, 2010, 12:18:55 AM Last Edit: June 23, 2010, 12:53:27 AM by babapiskota
Hi, please help me. I use Gentoo linux and use pptpclient emerged in portage. I cannot connect to pptp server @ tunnelbroker but i don't understand why.

kernel:
2.6.32-hardened-r9

tcpdump:

08:50:04.687868 IP 192.168.250.54.47670 > 216.66.80.30.1723: S 3040466992:3040466992(0) win 5840 <mss 1460,sackOK,timestamp 3051730 0,nop,wscale 6>
08:50:04.705293 IP 216.66.80.30.1723 > 192.168.250.54.47670: S 1678891704:1678891704(0) ack 3040466993 win 64240 <mss 1460>
08:50:04.705356 IP 192.168.250.54.47670 > 216.66.80.30.1723: . ack 1 win 5840
08:50:04.706776 IP 192.168.250.54.47670 > 216.66.80.30.1723: P 1:157(156) ack 1 win 5840: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(AS) BEARER_CAP(DA) MAX_CHAN(65535) FIRM_REV(1) [|pptp]
08:50:04.706959 IP 216.66.80.30.1723 > 192.168.250.54.47670: . ack 157 win 64240
08:50:04.844953 IP 216.66.80.30.1723 > 192.168.250.54.47670: P 1:157(156) ack 157 win 64240: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) [|pptp]
08:50:04.845000 IP 192.168.250.54.47670 > 216.66.80.30.1723: . ack 157 win 6432
08:50:05.708923 IP 192.168.250.54.47670 > 216.66.80.30.1723: P 157:325(168) ack 157 win 6432: pptp CTRL_MSGTYPE=OCRQ CALL_ID(0) CALL_SER_NUM(0) MIN_BPS(2400) MAX_BPS(10000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(3) PROC_DELAY(0) [|pptp]
08:50:05.709396 IP 216.66.80.30.1723 > 192.168.250.54.47670: . ack 325 win 64240
08:50:05.728626 IP 216.66.80.30.1723 > 192.168.250.54.47670: R 157:157(0) ack 325 win 64240

-----------------------------------------------------------------------

system log:

Jun 23 08:50:04 x pppd[11073]: pppd 2.4.4 started by root, uid 0
Jun 23 08:50:04 x pppd[11073]: Using interface ppp0
Jun 23 08:50:04 x pppd[11073]: Connect: ppp0 <--> /dev/pts/5
Jun 23 08:50:04 x pptp[11074]: anon log[main:pptp.c:310]: The synchronous pptp option is NOT activated
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Jun 23 08:50:04 x pptp[11082]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Jun 23 08:50:05 x ntpdate[10958]: step time server 87.229.111.33 offset -0.000044 sec
Jun 23 08:50:05 x pptp[11082]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Jun 23 08:50:05 x pptp[11082]: anon log[pptp_read_some:pptp_ctrl.c:551]: read error: Connection reset by peer
Jun 23 08:50:05 x pptp[11082]: anon log[callmgr_main:pptp_callmgr.c:258]: Closing connection (shutdown)
Jun 23 08:50:05 x pptp[11082]: anon log[pptp_send_ctrl_packet:pptp_ctrl.c:622]: write error: Broken pipe
Jun 23 08:50:05 x pptp[11082]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
Jun 23 08:50:05 x pppd[11073]: Child process pptp tserv6.fra1.ipv6.he.net --nolaunchpppd (pid 11074) terminated with signal 15
Jun 23 08:50:05 x pppd[11073]: Modem hangup
Jun 23 08:50:05 x pppd[11073]: Connection terminated.
Jun 23 08:50:05 x pppd[11073]: Exit.

-----------------------------------------------------------------------

/etc/ppp/peers/tunnel:
pty "pptp tserv6.fra1.ipv6.he.net --nolaunchpppd"
name myaccountname
remotename PPTP
file /etc/ppp/options.pptp
ipparam tunnel

-----------------------------------------------------------------------

/etc/ppp/options.pptp:

lock
noauth
#persist

#refuse-pap
#refuse-eap
#refuse-chap
#refuse-mschap

mtu 1400
mru 1400

lcp-echo-failure 30
lcp-echo-interval 10

-----------------------------------------------------------------------

/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
myaccountname   PPTP    myaccountpassword   *

-----------------------------------------------------------------------

kernel config:

Cryptographic options --->
  • Cryptographic API
  • HMAC support
    [M] MD5 digest algorithm
    --- SHA1 digest algorithm
    [M] SHA256 digest algorithm
    [M] SHA384 and SHA512 digest algorithms
    [M] DES and Triple DES EDE cipher algorithms
    [M] ARC4 cipher algorithm
    [M] Deflate compression algorithm
    Device Drivers --->
    Networking support --->
  • PPP (point-to-point protocol) support
  • PPP filtering
    [M] PPP support for async serial ports
    [M] PPP support for sync tty ports
    [M] PPP Deflate compression
    [M] PPP BSD-Compress compression
    [M] PPP MPPE compression (encryption) (NEW)
    [M] PPP MPPE compression (encryption) (EXPERIMENTAL)
    [M] PPP over Ethernet (EXPERIMENTAL)
    [M] PPP over L2TP (EXPERIMENTAL)

    -----------------------------------------------------------------------

    # pon tunnel debug dump logfd 2 nodetach
    pppd options in effect:
    debug           # (from command line)
    nodetach                # (from command line)
    logfd 2         # (from command line)
    dump            # (from command line)
    noauth          # (from /etc/ppp/options.pptp)
    name myaccountname              # (from /etc/ppp/peers/tunnel)
    remotename PPTP         # (from /etc/ppp/peers/tunnel)
                   # (from /etc/ppp/options.pptp)
    pty pptp tserv6.fra1.ipv6.he.net --nolaunchpppd         # (from /etc/ppp/peers/tunnel)
    mru 1400                # (from /etc/ppp/options.pptp)
    mtu 1400                # (from /etc/ppp/options.pptp)
    lcp-echo-failure 30             # (from /etc/ppp/options.pptp)
    lcp-echo-interval 10            # (from /etc/ppp/options.pptp)
    ipparam tunnel          # (from /etc/ppp/peers/tunnel)
    nobsdcomp               # (from /etc/ppp/options.pptp)
    nodeflate               # (from /etc/ppp/options.pptp)
    using channel 103
    Using interface ppp0
    Connect: ppp0 <--> /dev/pts/5
    sent [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <magic 0x6dfe97e1> <pcomp> <accomp>]
    Child process pptp tserv6.fra1.ipv6.he.net --nolaunchpppd (pid 15898) terminated with signal 15
    Modem hangup
    Connection terminated.

mthode

#1
June 24, 2010, 08:12:34 AM
http://www.tunnelbroker.net/forums/index.php?topic=951.0

This setup is what I used for gentoo linux on my laptop.  I didn't test it on hardened but go ahead and ask me on #gentoo-hardened on freenode.  I'm prometheanfire.

fewlishfox

#2
June 28, 2010, 10:22:32 AM
I was experiencing this issue until I corrected some mistakes in my config that weren't immediately obvious. Here's the relevant part of my conf.d/net for baselayout 1.12.13:

Code Select
# Configure the Hurricane Electric PPTP tunnel
depend_ppp0() {
    need net.eth0
}
config_ppp0=( "ppp" )
pppd_ppp0=( "persist"
            "nobsdcomp"
            "nodeflate"
            "lock"
            "noauth"
            "holdoff 10"
            "mru 1460"
            "mtu 1460"
            )
username_ppp0="fewlishfox%12345"
password_ppp0="password"

# Define the PPTP IPv4 remote and local endpoints
HEREMOTE="216.66.80.26"
HELOCAL="184.104.60.44"

# Define the command used to create the PPP interface
link_ppp0="pty \"pptp $HEREMOTE --nolaunchpppd\""

# When the PPP interface comes up, add to routing table "admin" a default route
# via the tunnel, and route all packets from the local tunnel endpoint according to this table
postup() {
    if [[ ${IFACE} = ppp0 ]]; then
        ip route add default dev ppp0 table admin
        ip rule add from $HELOCAL table admin
    fi
    return 0;
}
Print
Go Up Pages1
User actions