[ previous ] [ next ] [ threads ]
 
 From:  "Don Munyak" <don dot munyak at gmail dot com>
 To:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP error 619
 Date:  Thu, 13 Apr 2006 15:01:09 -0400 
On 4/12/06, Chris Buechler <cbuechler at gmail dot com> wrote:
> On 4/12/06, Don Munyak <don dot munyak at gmail dot com> wrote:
> >
> > Our network/firewall is nat'd, so I am aware that only one workstation
> > can pptp to a given pptp server....but, I have checked. There is no
> > one else connected to the remote office, after I log off.
> >
>
> Sometimes the states don't get cleanly closed upon disconnect, which
> causes 619's for the reason you mentioned (the firewall still thinks
> the other client is connected).  Manually clearing the state table
> will work around that.  Depending on what kind of applications you
> run, that might be a major problem, or might be transparent.
>
> I'm not aware of any good fix for the problem.  From what I've seen,
> it just seems to happen periodically.  It's never been a major issue
> for me, so I haven't really looked into it.
>
> -Chris
>

The basic application goes like this. We have a RH enterprise server
running at a client site. Sitting on this server is a virtual machine
running Pick/D3. Pick/D3 is multi-dimensional database/programming
engine. The VM is transparent to users. A user will run a terminal
emulator, using telnet to access the application. For purposes I'm not
to sure about, each user workstation has a fixed port to come in on,
typically in the range 16005-16030. RH listens for incoming traffic
and pushes it forward to the VM. This process doesn't appear to have
any issues.

I have setup two separate access methods on the m0n0wall/soekris box.
The first is an IPSEC tunnel between the clients main and remote
office's. This appears to be working pretty good except for an
occasional hiccup.

"localhost telnetd[8505]: ttloop: peer died: EOF"

For our support purposes, I also setup PPTP using the main office
m0n0wall as the endpoint/server. I did not want to setup an IPSEC
tunnel from our firewall, nor do we have an IPSEC client to run behind
our firewall. Getting connected seems to be a hit or miss issue. This
morning, one of the programers supporting the client had troubles
getting connected. Error 619. So I remotely connected to the m0n0wall
GUI (https) to see what gives. I ultimately cleared the firewall
states. This did not fix the problem. I even had the programmer reboot
his box...still no go.

Next I cleared the system log and set it to 250 entries. Then tried to
connect myself. The following is the log output. The only thing that
jumps out at me is:

--> Apr 13 16:11:27 mpd: [pt0] LCP: parameter negotiation failed

Apr 13 16:11:28 mpd: pptp0: killing connection with 66.43.x.x:46526
Apr 13 16:11:27 mpd: [pt0] LCP: Down event
Apr 13 16:11:27 mpd: [pt0] link: DOWN event
Apr 13 16:11:27 mpd: [pt0] device is now in state DOWN
Apr 13 16:11:27 mpd: [pt0] device: DOWN event in state DOWN
Apr 13 16:11:27 mpd: [pt0] LCP: phase shift ESTABLISH --> DEAD
Apr 13 16:11:27 mpd: [pt0] LCP: state change Closed --> Initial
Apr 13 16:11:27 mpd: [pt0] LCP: Down event
Apr 13 16:11:27 mpd: [pt0] link: DOWN event
Apr 13 16:11:27 mpd: [pt0] device is now in state DOWN
Apr 13 16:11:27 mpd: [pt0] device: DOWN event in state CLOSING
Apr 13 16:11:27 mpd: [pt0] LCP: state change Stopped --> Closed
Apr 13 16:11:27 mpd: [pt0] LCP: Close event
Apr 13 16:11:27 mpd: [pt0] link: CLOSE event
Apr 13 16:11:27 mpd: [pt0] device is now in state CLOSING
Apr 13 16:11:27 mpd: [pt0] device: CLOSE event in state CLOSING
Apr 13 16:11:27 mpd: [pt0] closing link "pt0"...
Apr 13 16:11:27 mpd: [pt0] bundle: CLOSE event in state OPENED
Apr 13 16:11:27 mpd: [pt0] device is now in state CLOSING
Apr 13 16:11:27 mpd: [pt0] IFACE: Close event
Apr 13 16:11:27 mpd: pptp0: closing connection with 66.43.x.x:46526
Apr 13 16:11:27 mpd: [pt0] IFACE: Close event
Apr 13 16:11:27 mpd: [pt0] IPCP: LayerFinish
Apr 13 16:11:27 mpd: [pt0] IPCP: state change Starting --> Initial
Apr 13 16:11:27 mpd: [pt0] IPCP: Close event
Apr 13 16:11:27 mpd: [pt0] IFACE: Close event
Apr 13 16:11:27 mpd: [pt0] PPTP call terminated
Apr 13 16:11:27 mpd: pptp0-0: killing channel
Apr 13 16:11:27 mpd: pptp0-0: clearing call
Apr 13 16:11:27 mpd: [pt0] device: CLOSE event in state UP
Apr 13 16:11:27 mpd: [pt0] LCP: LayerFinish
Apr 13 16:11:27 mpd: [pt0] LCP: parameter negotiation failed
Apr 13 16:11:27 mpd: [pt0] LCP: LayerFinish
Apr 13 16:11:27 mpd: [pt0] LCP: state change Req-Sent --> Stopped
Apr 13 16:11:25 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:25 mpd: MP SHORTSEQ
Apr 13 16:11:25 mpd: MP MRRU 1600
Apr 13 16:11:25 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:25 mpd: MAGICNUM cb14714d
Apr 13 16:11:25 mpd: MRU 1500
Apr 13 16:11:25 mpd: PROTOCOMP
Apr 13 16:11:25 mpd: ACFCOMP
Apr 13 16:11:25 mpd: [pt0] LCP: SendConfigReq #195
Apr 13 16:11:23 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:23 mpd: MP SHORTSEQ
Apr 13 16:11:23 mpd: MP MRRU 1600
Apr 13 16:11:23 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:23 mpd: MAGICNUM cb14714d
Apr 13 16:11:23 mpd: MRU 1500
Apr 13 16:11:23 mpd: PROTOCOMP
Apr 13 16:11:23 mpd: ACFCOMP
Apr 13 16:11:23 mpd: [pt0] LCP: SendConfigReq #194
Apr 13 16:11:21 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:21 mpd: MP SHORTSEQ
Apr 13 16:11:21 mpd: MP MRRU 1600
Apr 13 16:11:21 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:21 mpd: MAGICNUM cb14714d
Apr 13 16:11:21 mpd: MRU 1500
Apr 13 16:11:21 mpd: PROTOCOMP
Apr 13 16:11:21 mpd: ACFCOMP
Apr 13 16:11:21 mpd: [pt0] LCP: SendConfigReq #193
Apr 13 16:11:19 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:19 mpd: MP SHORTSEQ
Apr 13 16:11:19 mpd: MP MRRU 1600
Apr 13 16:11:19 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:19 mpd: MAGICNUM cb14714d
Apr 13 16:11:19 mpd: MRU 1500
Apr 13 16:11:19 mpd: PROTOCOMP
Apr 13 16:11:19 mpd: ACFCOMP
Apr 13 16:11:19 mpd: [pt0] LCP: SendConfigReq #192
Apr 13 16:11:17 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:17 mpd: MP SHORTSEQ
Apr 13 16:11:17 mpd: MP MRRU 1600
Apr 13 16:11:17 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:17 mpd: MAGICNUM cb14714d
Apr 13 16:11:17 mpd: MRU 1500
Apr 13 16:11:17 mpd: PROTOCOMP
Apr 13 16:11:17 mpd: ACFCOMP
Apr 13 16:11:17 mpd: [pt0] LCP: SendConfigReq #191
Apr 13 16:11:15 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:15 mpd: MP SHORTSEQ
Apr 13 16:11:15 mpd: MP MRRU 1600
Apr 13 16:11:15 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:15 mpd: MAGICNUM cb14714d
Apr 13 16:11:15 mpd: MRU 1500
Apr 13 16:11:15 mpd: PROTOCOMP
Apr 13 16:11:15 mpd: ACFCOMP
Apr 13 16:11:15 mpd: [pt0] LCP: SendConfigReq #190
Apr 13 16:11:13 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:13 mpd: MP SHORTSEQ
Apr 13 16:11:13 mpd: MP MRRU 1600
Apr 13 16:11:13 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:13 mpd: MAGICNUM cb14714d
Apr 13 16:11:13 mpd: MRU 1500
Apr 13 16:11:13 mpd: PROTOCOMP
Apr 13 16:11:13 mpd: ACFCOMP
Apr 13 16:11:13 mpd: [pt0] LCP: SendConfigReq #189
Apr 13 16:11:11 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:11 mpd: MP SHORTSEQ
Apr 13 16:11:11 mpd: MP MRRU 1600
Apr 13 16:11:11 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:11 mpd: MAGICNUM cb14714d
Apr 13 16:11:11 mpd: MRU 1500
Apr 13 16:11:11 mpd: PROTOCOMP
Apr 13 16:11:11 mpd: ACFCOMP
Apr 13 16:11:11 mpd: [pt0] LCP: SendConfigReq #188
Apr 13 16:11:09 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:09 mpd: MP SHORTSEQ
Apr 13 16:11:09 mpd: MP MRRU 1600
Apr 13 16:11:09 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:09 mpd: MAGICNUM cb14714d
Apr 13 16:11:09 mpd: MRU 1500
Apr 13 16:11:09 mpd: PROTOCOMP
Apr 13 16:11:09 mpd: ACFCOMP
Apr 13 16:11:09 mpd: [pt0] LCP: SendConfigReq #187
Apr 13 16:11:07 mpd: pptp0-0: ignoring SetLinkInfo
Apr 13 16:11:07 mpd: ENDPOINTDISC [802.1] 00 00 24 c6 11 50
Apr 13 16:11:07 mpd: MP SHORTSEQ
Apr 13 16:11:07 mpd: MP MRRU 1600
Apr 13 16:11:07 mpd: AUTHPROTO CHAP MSOFTv2
Apr 13 16:11:07 mpd: MAGICNUM cb14714d
Apr 13 16:11:07 mpd: MRU 1500
Apr 13 16:11:07 mpd: PROTOCOMP
Apr 13 16:11:07 mpd: ACFCOMP
Apr 13 16:11:07 mpd: [pt0] LCP: SendConfigReq #186
Apr 13 16:11:07 mpd: [pt0] LCP: phase shift DEAD --> ESTABLISH
Apr 13 16:11:07 mpd: [pt0] LCP: state change Starting --> Req-Sent
Apr 13 16:11:07 mpd: [pt0] LCP: Up event
Apr 13 16:11:07 mpd: [pt0] link: origination is remote
Apr 13 16:11:07 mpd: [pt0] link: UP event
Apr 13 16:11:07 mpd: [pt0] device is now in state UP
Apr 13 16:11:07 mpd: [pt0] device: UP event in state OPENING
Apr 13 16:11:07 mpd: [pt0] device is now in state OPENING
Apr 13 16:11:07 mpd: [pt0] attaching to peer's outgoing call
Apr 13 16:11:07 mpd: [pt0] device: OPEN event in state DOWN
Apr 13 16:11:07 mpd: [pt0] LCP: LayerStart
Apr 13 16:11:07 mpd: [pt0] LCP: state change Initial --> Starting
Apr 13 16:11:07 mpd: [pt0] LCP: Open event
Apr 13 16:11:07 mpd: [pt0] link: OPEN event
Apr 13 16:11:07 mpd: [pt0] opening link "pt0"...
Apr 13 16:11:07 mpd: [pt0] bundle: OPEN event in state CLOSED
Apr 13 16:11:07 mpd: [pt0] IPCP: Open event
Apr 13 16:11:07 mpd: [pt0] IPCP: LayerStart
Apr 13 16:11:07 mpd: [pt0] IPCP: state change Initial --> Starting
Apr 13 16:11:07 mpd: [pt0] IPCP: Open event
Apr 13 16:11:07 mpd: [pt0] IFACE: Open event
Apr 13 16:11:07 mpd: pptp0: attached to connection with 66.43.x.x:46526
Apr 13 16:11:07 mpd: mpd: PPTP connection from 66.43.x.x:46526

...Oddly enough, the programmer was able to get in only after he sent
an email ??

Thanks,

Don