Hi,
I've stumbled across a problem which really have me wondering about what
can be wrong. I've tried several tutorials on Google, including both for
my old 2.2 kernel and my recently upgraded 2.6.15 kernel. The first
being custom compiled, the second being a debian stock unstable kernel.
The setup is as follows:
comp#1
192.168.0.2
gateway ---- vpn.example.com
comp#2 192.168.0.1
192.168.0.3 ext.example.com
Comp#2 is a laptop (Windows 2000 and Windows XP, same results), and is
the client attempting to connect to the VPN. When moving comp#2 to
another location (with a hardware firewall through another provider),
everything works as it should. Moving the laptop back to the original
location, it produces the familiar 619 error under Windows ("The
specified port is not connected"). The setup process on port 1723 is
confirmed working with telnet, and is also confirmed to be working by
tcpdump.
The kernel has ip_gre loaded:
Module Size Used by
ip_conntrack_proto_sctp 8452 0
ip_conntrack_ftp 7536 0
ip_gre 12064 0
ip_conntrack_pptp 10128 0
esp4 7808 0
ipt_state 2048 9
ipt_MASQUERADE 3328 1
iptable_nat 7300 1
ip_nat 17580 2 ipt_MASQUERADE,iptable_nat
ip_conntrack 49580 7
ip_conntrack_proto_sctp,ip_conntrack_ftp,ip_conntr ack_pptp,ipt_state,ipt_MASQUERADE,iptable_nat,ip_n at
tcpdump produces quite a bit of output, but the most interesting is
probably:
22:57:59.891104 IP vp.example.com > ext.example.com: GREv1, call 49152,
seq 1, length 25: LCP, Conf-Request (0x01), id 0, length 11
22:57:59.894405 IP ext.example.com.1482 > vp.example.com.1723: P
325:349(24) ack 189 win 17332: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(36000)
SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
22:57:59.895747 IP ext.example.com > vp.example.com: GREv1, call 36000,
seq 0, length 46: LCP, Conf-Request (0x01), id 0, length 32
22:57:59.996729 IP vp.example.com.1723 > ext.example.com.1482: . ack 349
win 8192
22:58:01.885558 IP ext.example.com > vp.example.com: GREv1, call 36000,
seq 1, length 46: LCP, Conf-Request (0x01), id 1, length 32
22:58:01.929414 IP vp.example.com > ext.example.com: GREv1, call 49152,
seq 2, ack 1, length 40: LCP, Conf-Reject (0x04), id 1, length 22
This process repeats, until Term-Request and Term-Ack. I can supply more
information if necessary. "vp.example.com" is the reverse mapping for
vpn.example.com.
If anyone have any idea of what can be the cause if this problem, I'd be
grateful for any pointers or ideas. The core issues are that it a) works
from another connection b) GRE seems to get through as it should.
--
John Fjoldstad
Similar Threads
Linear Mode
