[ previous ] [ next ] [ threads ]
 
 From:  Andre Courchesne <courchea at net dash forces dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  PPTP from XP to monowall 1.2
 Date:  Wed, 26 Oct 2005 12:33:10 -0400 
Hi,

  We recently updates from 1.12BetaSomething (can't remember which) to 
stable 1.12 and not PPTP is not working anymore... Here is what I see 
from the log. Any help appreciated...

Oct 26 12:08:15 gateway mpd: [pt0] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
Oct 26 12:08:15 gateway mpd:  MRU 1400
Oct 26 12:08:15 gateway mpd:  MAGICNUM 5e5d1231
Oct 26 12:08:15 gateway mpd:  PROTOCOMP
Oct 26 12:08:15 gateway mpd:  ACFCOMP
Oct 26 12:08:15 gateway mpd:  CALLBACK
Oct 26 12:08:15 gateway mpd:    Not supported
Oct 26 12:08:15 gateway mpd:  MP MRRU 1614
Oct 26 12:08:15 gateway mpd:  ENDPOINTDISC [LOCAL] c1 cf dc 52 c3 5d 49 30 8a fa 90 07 22 9c 1f 67
00 00 00 1a
Oct 26 12:08:15 gateway mpd: [pt0] LCP: SendConfigRej #1
Oct 26 12:08:15 gateway mpd:  CALLBACK
Oct 26 12:08:17 gateway mpd: [pt0] LCP: SendConfigReq #32
Oct 26 12:08:17 gateway mpd:  ACFCOMP
Oct 26 12:08:17 gateway mpd:  PROTOCOMP
Oct 26 12:08:17 gateway mpd:  MRU 1500
Oct 26 12:08:17 gateway mpd:  MAGICNUM 837c8e2b
Oct 26 12:08:17 gateway mpd:  AUTHPROTO CHAP MSOFTv2
Oct 26 12:08:17 gateway mpd:  MP MRRU 1600
Oct 26 12:08:17 gateway mpd:  MP SHORTSEQ
Oct 26 12:08:17 gateway mpd:  ENDPOINTDISC [802.1] 00 40 05 86 fe 92
Oct 26 12:08:18 gateway mpd: [pt0] LCP: rec'd Configure Request #2 link 0 (Req-Sent)
Oct 26 12:08:18 gateway mpd:  MRU 1400
Oct 26 12:08:18 gateway mpd:  MAGICNUM 5e5d1231
Oct 26 12:08:18 gateway mpd:  PROTOCOMP
Oct 26 12:08:18 gateway mpd:  ACFCOMP
Oct 26 12:08:18 gateway mpd:  CALLBACK
Oct 26 12:08:18 gateway mpd:    Not supported
Oct 26 12:08:18 gateway mpd:  MP MRRU 1614

And here is the ipfstat -nio:

@1 pass out quick on lo0 from any to any
@2 pass out quick on rl0 proto udp from 192.168.2.1/32 port = 67 to any port = 68
@3 pass out quick on rl1 proto udp from any port = 68 to any port = 67
@4 pass out quick on rl1 proto udp from 64.235.216.178/32 port = 500 to any
@5 pass out quick on rl1 proto esp from 64.235.216.178/32 to any
@6 pass out quick on rl1 proto ah from 64.235.216.178/32 to any
@7 pass out quick on rl0 proto udp from 192.168.2.1/32 port = 500 to any
@8 pass out quick on rl0 proto esp from 192.168.2.1/32 to any
@9 pass out quick on rl0 proto ah from 192.168.2.1/32 to any
@10 pass out quick on xl0 proto udp from 172.16.1.1/32 port = 500 to any
@11 pass out quick on xl0 proto esp from 172.16.1.1/32 to any
@12 pass out quick on xl0 proto ah from 172.16.1.1/32 to any
@13 pass out quick on rl0 from any to any keep state
@14 pass out quick on rl1 from any to any keep state
@15 pass out quick on xl0 from any to any keep state
@16 block out log quick from any to any
@1 pass in quick on lo0 from any to any
@2 block in log quick from any to any with short
@3 block in log quick from any to any with ipopt
@4 pass in quick on rl0 proto udp from any port = 68 to 255.255.255.255/32 port = 67
@5 pass in quick on rl0 proto udp from any port = 68 to 192.168.2.1/32 port = 67
@6 block in log quick on rl1 from 192.168.2.0/24 to any
@7 block in log quick on rl1 from 172.16.0.0/16 to any
@8 block in log quick on rl1 proto udp from any port = 67 to 192.168.2.0/24 port = 68
@9 pass in quick on rl1 proto udp from any port = 67 to any port = 68
@10 block in log quick on rl0 from !192.168.2.0/24 to any
@11 block in log quick on xl0 from !172.16.0.0/16 to any
@12 pass in quick on rl1 proto udp from any to 64.235.216.178/32 port = 500
@13 pass in quick on rl1 proto esp from any to 64.235.216.178/32
@14 pass in quick on rl1 proto ah from any to 64.235.216.178/32
@15 pass in quick on rl0 proto udp from any to 192.168.2.1/32 port = 500
@16 pass in quick on rl0 proto esp from any to 192.168.2.1/32
@17 pass in quick on rl0 proto ah from any to 192.168.2.1/32
@18 pass in quick on xl0 proto udp from any to 172.16.1.1/32 port = 500
@19 pass in quick on xl0 proto esp from any to 172.16.1.1/32
@20 pass in quick on xl0 proto ah from any to 172.16.1.1/32
@21 skip 1 in proto tcp from any to any flags S/FSRA
@22 block in log quick proto tcp from any to any
@23 block in log quick on rl0 from any to any head 100
@1 pass in quick from 192.168.2.0/24 to 192.168.2.1/32 keep state group 100
@2 pass in quick from 172.16.0.0/16 to 192.168.2.0/24 keep state group 100
@3 pass in quick from 192.168.2.0/24 to any keep state group 100
@24 block in log quick on rl1 from any to any head 200
@1 pass in quick proto gre from any to 64.235.216.178/32 keep state group 200
@2 pass in quick proto tcp from any to 64.235.216.178/32 port = 1723 keep state group 200
@3 pass in quick proto tcp from any to 192.168.1.99/32 port = 4001 keep state group 200
@4 pass in quick proto tcp from any to 192.168.1.99/32 port = 199 keep state group 200
@5 pass in quick proto tcp/udp from any to 192.168.2.101/32 port = 6881 keep state group 200
@6 pass in quick proto tcp from any to 192.168.2.109/32 port = 4662 keep state group 200
@7 pass in quick proto tcp from any to 192.168.2.152/32 port = 80 keep state group 200
@8 pass in quick proto tcp from any to 192.168.2.112/32 port = 2000 keep state group 200
@9 pass in quick proto tcp from any to 64.235.216.178/32 port = 443 keep state group 200
@10 pass in quick proto icmp from any to 64.235.216.178/32 icmp-type echo keep state group 200
@11 pass in quick proto tcp from any to any port = 1723 keep state group 200
@25 block in log quick on xl0 from any to any head 300
@1 pass in quick from 172.16.0.0/16 to any keep state group 300
@26 pass in quick on ng1 from 192.168.2.192/28 to any keep state
@27 pass in quick on ng2 from 192.168.2.192/28 to any keep state
@28 pass in quick on ng3 from 192.168.2.192/28 to any keep state
@29 pass in quick on ng4 from 192.168.2.192/28 to any keep state
@30 pass in quick on ng5 from 192.168.2.192/28 to any keep state
@31 pass in quick on ng6 from 192.168.2.192/28 to any keep state
@32 pass in quick on ng7 from 192.168.2.192/28 to any keep state
@33 pass in quick on ng8 from 192.168.2.192/28 to any keep state
@34 pass in quick on ng9 from 192.168.2.192/28 to any keep state
@35 pass in quick on ng10 from 192.168.2.192/28 to any keep state
@36 pass in quick on ng11 from 192.168.2.192/28 to any keep state
@37 pass in quick on ng12 from 192.168.2.192/28 to any keep state
@38 pass in quick on ng13 from 192.168.2.192/28 to any keep state
@39 pass in quick on ng14 from 192.168.2.192/28 to any keep state
@40 pass in quick on ng15 from 192.168.2.192/28 to any keep state
@41 pass in quick on ng16 from 192.168.2.192/28 to any keep state
@42 block in log quick from any to any


-- 
----
Andre Courchesne - Consultant
http://www.net-forces.com



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.361 / Virus Database: 267.12.5/149 - Release Date: 25/10/2005