[ previous ] [ next ] [ threads ]
 From:  Mark Nellemann - Privat <mark at nellemann dot nu>
 To:  Fred Wright <fw at well dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP problem with Linux Client
 Date:  Wed, 11 Aug 2004 15:20:52 +0200
Hi Fred,

I have the exact same setup (with a net4501) and problem.

After connecting to my monowall with the linux pptp client, I ran tcpdump:

waylander:~# tcpdump -w pptp.cap -s 1536 -i ppp0 ip proto 47
tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture 
size 1536 bytes
''0 packets captured
0 packets received by filter
0 packets dropped by kernel

Am I typing something wrong?



Fred Wright wrote:
> On Tue, 10 Aug 2004, Alex Bihlmaier wrote:
>>I have a Debian Unstable Client with pptpconfig (as well as MPPE Support 
>>in the kernel).
>>This client can happily connect to another PPTP Server and can get the 
>>traffic routed.
>>But with the M0n0wall as PPTP Server I am getting the following log 
>>output after a sucessfull login into the pptp service:
>>Aug 10 23:28:22 erwin mpd: [pptpc0] LCP: rec'd Protocol Reject #17 link 
>>0 (Opened)
>>Aug 10 23:28:22 erwin mpd: [pptpc0] LCP: protocol 0x2145 was rejected
> It looks like there's a difference of opinion over whether Protocol Field
> Compression is in use.  PPP protocol types are nominally 16-bit values,
> but they're coded in a manner that permits the common ones to be sent as
> single bytes if both parties agree to it.  0x0021, a.k.a. 0x21, is the PPP
> protocol type for IPv4, and 0x45 is the first byte of an optionless IPv4
> header.  So it seems that MPD is using PFC while the Debian client isn't
> recognizing it, and is instead trying to interpret 0x2145 as the PPP
> protocol.
> There's no way to tell which party is at fault without seeing the LCP
> negotiations.  If PFC was negotiated on, then Debian is to blame for not
> handling it correctly.  If it was negotiated off (or not negotiated at
> all, since off is the default), then MPD or the FreeBSD kernel is to blame
> for using it without permission.  If there's an option to disable PFC, you
> might try it.
> If you send me a packet trace I'll take a look.  You should be able to do
> that on the Debian box with something like:
> 	tcpdump -w pptp.cap -s 1536 -i <interface> ip proto 47
> 					Fred Wright
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Mark Nellemann <mark at nellemann dot nu>
PGP ID: 0x46961513 - Jabber ID: mark at here dot dk