PPPD Connect Using Broadband Connection (problem)

Hello,

For the past 10+ days I have been pulling my hair out trying to configure
pppd (on my SUSE Linux 7.3 system) using my cable modem broadband
connection. I have to use SUSE linux 7.3 because im using linux for Kylix
development and thats the only OS that is currently supported.

My situation is that I am trying to connect my home linux system to a remote
office. The remote office is using Microsoft RAS server, hence I need pppd
to connect to it. Before I began I configured my home Windows XP system
such that it connected to the remote office using the VPN, this worked
therefore
acknowledging the connection parameters I was using were correct. I then
proceeded to install the latest version of pppd on my linux box, and
configured
the pppd config files as follows:

/etc/ppp/options.pptp
----------------------------------------------------------------------------
---------------
debug
noauth
crtscts
lock
nodetach
lcp-echo-interval 30
lcp-echo-failure 4
idle 600
noipx
nobsdcomp
nodeflate
debug
mppe-40
mppe-128
mppe-stateless
-proxyarp
----------------------------------------------------------------------------
---------------

NOTE: If I set 'proxyarp' instead of '-proxyarp' then I get the following
error when
I start pppd:

Cannot determine ethernet address for proxy

Im not sure if this is a problem....


/etc/ppp/tunnel
----------------------------------------------------------------------------
---------------
pty "pptp xxx.xxx.150.2 --nolaunchpppd"
name <username> remotename PPTP
#require-mschap-v2
# require-mppe-128
file /etc/ppp/options.pptp
ipparam tunnel
----------------------------------------------------------------------------
---------------

NOTE: I have to comment out 'require-mschap-v2' and 'require-mppe-128'
otherwise
when I try and start pppd I get the following error:

pppd: In file /etc/ppp/peers/tunnel: unrecognized option 'require-mschap-v2'

Is this a major problem?

When I use the above configuration scripts and execute 'pppd call tunnel' to
connect
I notice that the system does seem to connect with the remote RAS server - I
dont
see any error messages, however I dont see a message stating connection
established
either... Provided below is the output that I receive from the pppd command
when
I attempt to connect:

----------------------------------------------------------------------------
---------------
using channel 60
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x8180c1ef> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <auth chap 81> <magic 0xb351445> <pcomp> <accomp>
<callback CBCP> <mrru 1614> <endpoint [MAC:00:10:b5:bb:e6:71]> < 17 04 00
45>]
sent [LCP ConfRej id=0x0 <mrru 1614> < 17 04 00 45>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x8180c1ef> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <auth chap 81> <magic 0xb351445> <pcomp> <accomp>
<callback CBCP> <endpoint [MAC:00:10:b5:bb:e6:71]>]
sent [LCP ConfAck id=0x1 <auth chap 81> <magic 0xb351445> <pcomp> <accomp>
<callback CBCP> <endpoint [MAC:00:10:b5:bb:e6:71]>]
sent [LCP EchoReq id=0x0 magic=0x8180c1ef]
cbcp_lowerup
want: 2
rcvd [CHAP Challenge id=0x0 <17f0fce699daa9d2461fd66b35950441>, name =
"BACKUP-SERVER"]
sent [CHAP Response id=0x0
<fe5daf6d10de0ec17bf67790fe395e0800000000000000001 d7faeeac12b855a32705742986
660407210c3b228fee45700>, name = "xxxxxxxx"]
rcvd [LCP EchoRep id=0x0 magic=0xb351445]
rcvd [CHAP Success id=0x0 "S=4FE5BC46FA73E96FC1E8947AD669201302223914"]
Remote message: S=4FE5BC46FA73E96FC1E8947AD669201302223914
cbcp_open
cbcp_req CONF_NO
sent [CBCP Request id=0x1 < NoCallback>]
rcvd [CBCP Request id=0x1 < NoCallback>]
length: 2
Callback: none
cbcp_resp cb_type=2
cbcp_resp CONF_NO
sent [CBCP Response id=0x1 < NoCallback>]
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress VJ 0f 01>]
sent [CCP ConfReq id=0x1 <mppe 1 0 0 60>]
rcvd [CBCP Ack id=0x1 < NoCallback>]
rcvd [proto=0x803f] 01 03 00 1f 03 05 00 05 01 02 16 00 01 00 01 00 00 42 41
43 4b 55 50 2d 53 45 52 56 45 52 00
Unsupported protocol 'NETBIOS Framing Control Protocol' (0x803f) received
sent [LCP ProtRej id=0x2 80 3f 01 03 00 1f 03 05 00 05 01 02 16 00 01 00 01
00 00 42 41 43 4b 55 50 2d 53 45 52 56 45 52 ...]
rcvd [IPXCP ConfReq id=0x4 <network 38dab8a5> <node 000000000001>]
Unsupported protocol 'Novell IPX Control Protocol' (0x802b) received
sent [LCP ProtRej id=0x3 80 2b 01 04 00 12 01 06 38 da b8 a5 02 08 00 00 00
00 00 01]
rcvd [CCP ConfReq id=0x5 <mppe 1 0 0 e1>]
sent [CCP ConfNak id=0x5 <mppe 1 0 0 60>]
rcvd [IPCP ConfReq id=0x6 <addr 192.168.2.50>]
sent [IPCP ConfAck id=0x6 <addr 192.168.2.50>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [CCP ConfNak id=0x1 <mppe 1 0 0 40>]
sent [CCP ConfReq id=0x2 <mppe 1 0 0 40>]
rcvd [CCP ConfReq id=0x7 <mppe 1 0 0 40>]
sent [CCP ConfAck id=0x7 <mppe 1 0 0 40>]
rcvd [IPCP ConfNak id=0x2 <addr 192.168.2.57>]
sent [IPCP ConfReq id=0x3 <addr 192.168.2.57>]
rcvd [CCP ConfAck id=0x2 <mppe 1 0 0 40>]
MPPE 128 bit, stateless compression enabled
rcvd [IPCP ConfAck id=0x3 <addr 192.168.2.57>]
local IP address 192.168.2.57
remote IP address 192.168.2.50
Script /etc/ppp/ip-up started (pid 8731)
Script /etc/ppp/ip-up finished (pid 8731), status = 0x0
sent [LCP EchoReq id=0x1 magic=0x8180c1ef]
rcvd [LCP EchoRep id=0x1 magic=0xb351445]
sent [LCP EchoReq id=0x2 magic=0x8180c1ef]
rcvd [LCP EchoRep id=0x2 magic=0xb351445]
....
....
....
----------------------------------------------------------------------------
---------------

The interesting thing is that when I reach this point (thinking I am
connected) I contact
the remote office and I asked the administrator whether he could acknowledge
that I
was actually connected, he said that I had successfully connected. The
problem is that
once connected I can not ping any of the servers. The only IP addresses
that I can
ping are:

192.168.2.57 <---- my assigned IP address
192.168.2.50 <---- the remote MS RAS server

If I try pinging any other server IP address I get 'From 172.18.6.61
Destination Host
Unreachable'. I am completely confused because I have absolutely no idea
where the
IP address 172.18.6.61 is coming from, neither do the administrators at the
remote
office.

I would have assummed that there may have been a problem with the
config/routing
at the remote office, but I ruled this out because when I connect using my
Windows XP
machine I am able to ping all the servers successfully.

Im not sure if this will help, but I saw a post in another newsgroup that
explained
I could monitor the ping requests going out using the command 'tcpdump -i
ppp0'. I
invoked this command and then issued the ping command, however the tcpdump
returned absolutely nothing - however when I monitored eth0 ''tcpdump -i
eth0' I
noticed all the ping requests were appearing here. Im not sure what this
means....

Thats all the information I have, I would be *exceptionally* grateful if
someone could
possibly help me on this issue.

Best regards

Spencer
((E-Mail Removed))

Mhh, hidden cross-post. See reply in comp.protocols.ppp.

Michael

--
Linux@TekXpress
http://www-users.rwth-aachen.de/Mich...kxp/tekxp.html

"Spencer" <(E-Mail Removed)> writes:

]Hello,


]My situation is that I am trying to connect my home linux system to a remote
]office. The remote office is using Microsoft RAS server, hence I need pppd
]to connect to it. Before I began I configured my home Windows XP system
]such that it connected to the remote office using the VPN, this worked
]therefore
]acknowledging the connection parameters I was using were correct. I then
]proceeded to install the latest version of pppd on my linux box, and

What is "the latest version"? The last stable release was 2.4.1. 2.4.2
is in development and may have bugs.


]configured
]the pppd config files as follows:

]/etc/ppp/options.pptp
]----------------------------------------------------------------------------
]---------------
]debug
]noauth
]crtscts
]lock
]nodetach
]lcp-echo-interval 30
]lcp-echo-failure 4
]idle 600
]noipx
]nobsdcomp
]nodeflate
]debug
]mppe-40
]mppe-128
]mppe-stateless
]-proxyarp
get rid of this proxyarp statement altogether. It is inappropriate for
pppd where it is the other end that is connected to the net. proxyarp
says "for the address x.x.x.x connected to this subnet of which it is a
valid ip address for this subnet, if a packet comes in, send that packet
to the ethernet address of this machine instead."

]----------------------------------------------------------------------------
]---------------

]NOTE: If I set 'proxyarp' instead of '-proxyarp' then I get the following
]error when
]I start pppd:

]Cannot determine ethernet address for proxy

]Im not sure if this is a problem....

proxyarp is inappropriate for your situation.




]/etc/ppp/tunnel
]----------------------------------------------------------------------------
]---------------
]pty "pptp xxx.xxx.150.2 --nolaunchpppd"
]name <username> remotename PPTP
]#require-mschap-v2
]# require-mppe-128
]file /etc/ppp/options.pptp
]ipparam tunnel
]----------------------------------------------------------------------------
]---------------

]NOTE: I have to comment out 'require-mschap-v2' and 'require-mppe-128'
]otherwise
]when I try and start pppd I get the following error:

]pppd: In file /etc/ppp/peers/tunnel: unrecognized option 'require-mschap-v2'

This was entirely inappropriate in teh first place unless you really
wanted the remote computer to authenticate itself to you. If you do want
it to, use the much more standard ordinary chap instead.
require-chap
however I suspect you do NOT want that.




]Is this a major problem?

]When I use the above configuration scripts and execute 'pppd call tunnel' to
]connect
]I notice that the system does seem to connect with the remote RAS server - I
]dont
]see any error messages, however I dont see a message stating connection
]established
]either... Provided below is the output that I receive from the pppd command
]when
]I attempt to connect:

Use the output in the file which is listed in /etc/syslog.conf for
daemon.* traffic. It has time stamps which can be useful.

Or put the line
daemon.*;local2.* /var/log/ppplog
into /etc/syslog.conf and then do
killall -1 syslogd

However your debug output shows you are connected fine.
<output deleted>


]The interesting thing is that when I reach this point (thinking I am
]connected) I contact

You are.

]the remote office and I asked the administrator whether he could acknowledge
]that I
]was actually connected, he said that I had successfully connected. The
]problem is that
]once connected I can not ping any of the servers. The only IP addresses
]that I can
]ping are:

]192.168.2.57 <---- my assigned IP address
]192.168.2.50 <---- the remote MS RAS server

That you can ping the remote machine shows you are connected. Tehre is
nothing wrong with your ppp connection. There is something wrong with
the routing.



However nowhere do I see the teh
defaultroute
option. If you want traffic to go through that connection you must tell
the routing for which addresses to use it. defaultroute says to use it
for all addresses not otherwise specifically routed.


]If I try pinging any other server IP address I get 'From 172.18.6.61
]Destination Host
]Unreachable'. I am completely confused because I have absolutely no idea
]where the
]IP address 172.18.6.61 is coming from, neither do the administrators at the
]remote
]office.

That is the ip address of your gateway on the ethernet system.


]I would have assummed that there may have been a problem with the
]config/routing
]at the remote office, but I ruled this out because when I connect using my
]Windows XP
]machine I am able to ping all the servers successfully.

No there is a problem with routing on your system.



]Im not sure if this will help, but I saw a post in another newsgroup that
]explained
]I could monitor the ping requests going out using the command 'tcpdump -i
]ppp0'. I
]invoked this command and then issued the ping command, however the tcpdump
]returned absolutely nothing - however when I monitored eth0 ''tcpdump -i
]eth0' I
]noticed all the ping requests were appearing here. Im not sure what this
]means....

It means that your routing is screwed up.

You have to tell the system which packets to send. Do you want all
addresses to go through the pppd connection? Use defaultroute, but kill
the default route on your ethernet first.
Do you just want some (eg your office subnet) ? Put explicit routing
requests into /etc/ppp/ip-up and kill them in /etc/ppp/ip-down

route add 111.222.333.0 -netmask 255.255.255.0 ppp0
in ip-up for example
and the same with delete instead in ip-down.

ppp is a point to point connection. It connects only two machines. If
you want other traffic to go down that pipe, you have to tell your
system explicitely.



]Thats all the information I have, I would be *exceptionally* grateful if
]someone could
]possibly help me on this issue.

]Best regards

]Spencer
]((E-Mail Removed))