[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Installing, Configuring, Troubleshooting server daemons such as Web and Mail
Post Reply
sombra84
Posts: 8
Joined: 2012/01/30 17:19:54

[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Post by sombra84 » 2012/02/09 00:41:59

Hello Everyone,

I run a PPTP server via PopTop on my Centos 5 box. It accepts incoming connections from Windows, Mac, iPhone, Linux no problem. My DD-WRT router which connects to commercial PPTP no problem, won't connect to my CentOS box running PPTP. I assume it's a disagreeance with authentication protocol / type, etc. However, the log the server provides in /var/log/messages is not very detailed, I see this:

[code]
Feb 7 12:24:58 la1 pptpd[3154]: CTRL: Client 190.53.xxx.xxx control connection started
Feb 7 12:24:59 la1 pptpd[3154]: CTRL: Starting call (launching pppd, opening GRE)
Feb 7 12:24:59 la1 pppd[3155]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Feb 7 12:24:59 la1 pppd[3155]: pppd 2.4.4 started by root, uid 0
Feb 7 12:24:59 la1 pppd[3155]: Using interface ppp0
Feb 7 12:24:59 la1 pppd[3155]: Connect: ppp0 <--> /dev/pts/3
Feb 7 12:25:05 la1 pppd[3155]: Modem hangup
Feb 7 12:25:05 la1 pppd[3155]: Connection terminated.
Feb 7 12:25:05 la1 pppd[3155]: Connect time 0.1 minutes.
Feb 7 12:25:05 la1 pppd[3155]: Sent 10 bytes, received 0 bytes.
Feb 7 12:25:05 la1 pppd[3155]: Exit.
[/code]

I figured out that if i DISABLE require-mppe-128 it will connect but not pass traffic.

I am on the latest pppd and I do not understand why this happens. I read it was a bug in older pppd with an issue with mppe-128 disconnecting due to authentication issues. Why does it occur now? Is there a fix? With mppe-128 off the tunnel is unsecure and my iPhone won't connect.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?

Post by pschaff » 2012/02/11 23:27:21

Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature.

There are a number of EL5 pptp packages available, including from EPEL, RPMforge, and kbs-CentOS-Testing. Which are you using? It would also help to [url=http://www.centos.org/modules/newbb/viewtopic.php?topic_id=28723&forum=54]provide more information about your system[/url] by running "./getinfo.sh" and showing us the output file.

sombra84
Posts: 8
Joined: 2012/01/30 17:19:54

Re: PoPTop / Incoming DDWRT issue (need better logging?)

Post by sombra84 » 2012/02/19 05:38:35

[SOLVED] The issue is the PopTop Package and older MPPE standard.

Make sure that you get the latest release of PopTop and set MPPE-Required but not MPPE-REQUIRED-128 (this seems to break iOS).

If you set it to MPPE-Required or comment out MPPE-Required it fixes DD-WRT connections but breaks iOS connections.

Upgrading to the latest PopTop fixes this, set it to "MPPE-Required" in the options and restart the pptpd server.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Post by pschaff » 2012/02/19 14:37:24

Thanks for reporting back. Marking this thread [SOLVED] for posterity. [I almost hate to ask, but future forum searchers may want to know how you upgraded the PopTop package.]

sombra84
Posts: 8
Joined: 2012/01/30 17:19:54

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Post by sombra84 » 2012/02/20 20:01:49

Sure, in CentOS 5 the latest ppp and pptpd would not install, i got stuck with 2.4.4 after countless tries. In my Cent OS 6 box it defaulted to install 2.4.5.

So on Cent OS 5 what I did is went for the beta repository:

[code]rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm[/code]
[code]yum --enablerepo=poptop-beta install pptpd[/code]

After that I just proceeded as normal.

The ideal setup is now this, in /etc/ppp/options.pptpd set the MPPE-required-128 line to just mppe-required.

That fixes it. If you use the iPhone or iOS make sure that in the VPN settings the encryption level is set to "Auto".

It works fine that way... dd-wrt, pc/mac and iPhone can all connect happily.

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Post by pschaff » 2012/02/21 10:30:15

Thanks for the information.

Post Reply