[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Installing, Configuring, Troubleshooting server daemons such as Web and Mail

[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Postby sombra84 » 2012/02/09 00:41:59

Hello Everyone,

I run a PPTP server via PopTop on my Centos 5 box. It accepts incoming connections from Windows, Mac, iPhone, Linux no problem. My DD-WRT router which connects to commercial PPTP no problem, won't connect to my CentOS box running PPTP. I assume it's a disagreeance with authentication protocol / type, etc. However, the log the server provides in /var/log/messages is not very detailed, I see this:

Code: Select all
Feb  7 12:24:58 la1 pptpd[3154]: CTRL: Client 190.53.xxx.xxx control connection started
Feb  7 12:24:59 la1 pptpd[3154]: CTRL: Starting call (launching pppd, opening GRE)
Feb  7 12:24:59 la1 pppd[3155]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Feb  7 12:24:59 la1 pppd[3155]: pppd 2.4.4 started by root, uid 0
Feb  7 12:24:59 la1 pppd[3155]: Using interface ppp0
Feb  7 12:24:59 la1 pppd[3155]: Connect: ppp0 <--> /dev/pts/3
Feb  7 12:25:05 la1 pppd[3155]: Modem hangup
Feb  7 12:25:05 la1 pppd[3155]: Connection terminated.
Feb  7 12:25:05 la1 pppd[3155]: Connect time 0.1 minutes.
Feb  7 12:25:05 la1 pppd[3155]: Sent 10 bytes, received 0 bytes.
Feb  7 12:25:05 la1 pppd[3155]: Exit.


I figured out that if i DISABLE require-mppe-128 it will connect but not pass traffic.

I am on the latest pppd and I do not understand why this happens. I read it was a bug in older pppd with an issue with mppe-128 disconnecting due to authentication issues. Why does it occur now? Is there a fix? With mppe-128 off the tunnel is unsecure and my iPhone won't connect.
sombra84
 
Posts: 8
Joined: 2012/01/30 17:19:54

[SOLVED] PoPTop / Incoming DDWRT issue (need better logging?

Postby pschaff » 2012/02/11 23:27:21

Welcome to the CentOS fora. Please see the recommended reading for new users linked in my signature.

There are a number of EL5 pptp packages available, including from EPEL, RPMforge, and kbs-CentOS-Testing. Which are you using? It would also help to provide more information about your system by running "./getinfo.sh" and showing us the output file.
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America

Re: PoPTop / Incoming DDWRT issue (need better logging?)

Postby sombra84 » 2012/02/19 05:38:35

[SOLVED] The issue is the PopTop Package and older MPPE standard.

Make sure that you get the latest release of PopTop and set MPPE-Required but not MPPE-REQUIRED-128 (this seems to break iOS).

If you set it to MPPE-Required or comment out MPPE-Required it fixes DD-WRT connections but breaks iOS connections.

Upgrading to the latest PopTop fixes this, set it to "MPPE-Required" in the options and restart the pptpd server.
sombra84
 
Posts: 8
Joined: 2012/01/30 17:19:54

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Postby pschaff » 2012/02/19 14:37:24

Thanks for reporting back. Marking this thread [SOLVED] for posterity. [I almost hate to ask, but future forum searchers may want to know how you upgraded the PopTop package.]
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Postby sombra84 » 2012/02/20 20:01:49

Sure, in CentOS 5 the latest ppp and pptpd would not install, i got stuck with 2.4.4 after countless tries. In my Cent OS 6 box it defaulted to install 2.4.5.

So on Cent OS 5 what I did is went for the beta repository:

Code: Select all
rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm

Code: Select all
yum --enablerepo=poptop-beta install pptpd


After that I just proceeded as normal.

The ideal setup is now this, in /etc/ppp/options.pptpd set the MPPE-required-128 line to just mppe-required.

That fixes it. If you use the iPhone or iOS make sure that in the VPN settings the encryption level is set to "Auto".

It works fine that way... dd-wrt, pc/mac and iPhone can all connect happily.
sombra84
 
Posts: 8
Joined: 2012/01/30 17:19:54

Re: [SOLVED] PoPTop / Incoming DDWRT issue (need better logging?)

Postby pschaff » 2012/02/21 10:30:15

Thanks for the information.
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America


Return to CentOS 5 - Server Support

Who is online

Users browsing this forum: No registered users and 0 guests