PPTP VPN under Tiger 10.4.5
I recently got my first Mac a month ago. At first, it was able to connect to my work's VPN (PPTP on a linux server). However, a couple weeks later, their PPTP server died and they had to completely redo it. At about the same time, I updated to 10.4.6. Ever since then, I haven't been able to connect to the VPN. I don't know if it was the update or the server redo that caused it. It appears to connect, but then it sits at "Authenticating" forever. I have verified with my coworkers who have macs that this is an issue with them, too. However, Windows boxes can still connect. Also, we know someone who has an ibook with 10.3 and she can still connect. Tonight I updated to 10.4.7 but the connection issue is still there. Has anyone heard of this happening? Anything I can do?
Here is the output in the connection log when I try to connect:
Tue Jun 27 22:34:16 2006 : PPTP connecting to server '*.com' (**.***.***.**)...
Tue Jun 27 22:34:16 2006 : PPTP connection established.
Tue Jun 27 22:34:16 2006 : Using interface ppp0
Tue Jun 27 22:34:16 2006 : Connect: ppp0 <--> socket[34:17]
If I try to run Internet Connect from terminal, here is what is outputted:
2006-06-27 22:40:05.784 Internet Connect[356] CFLog (0): CFMessagePort: bootstrap_register(): failed 1103 (0x44f), port = 0x3303, name = 'com.apple.internetconnect.ServiceProvider'
See /usr/include/servers/bootstrap_defs.h for the error codes.
2006-06-27 22:40:05.796 Internet Connect[356] CFLog (99): CFMessagePortCreateLocal(): failed to name Mach port (com.apple.internetconnect.ServiceProvider)
Any help would be appreciated. Thanks!!
20' Intel iMac Mac OS X (10.4.6)
This may be only grasping at straws, but when I get hung up at "Authenticating" on VPN, I manually reset my (wireless) router. Not the full reset, but just a disconnect and reconnect.
Similar Messages
-
Pptp VPN route : Leopard does not set correct netmask
Hello
Today I switched from a MacOSX 10.4.11 (Tiger) PowerBook to a MacOS 10.5.5 (Leopard) MacBook Pro. I configured my pptp VPN settings with the "Internet Connection Tool" and Network-Settings-panel on Leopard identically as on my Tiger PowerBook (option route all traffic over VPN on both systems disabled).
As far I could connect on the Leopard system to the destination VPN server without any problem, but could only establish a traffic-connection to the VPN server it self. As on my Tiger system the VPN connection worked seamless over several years now I supposed some routing problem.
In fact on the Tiger system the routing table showed me, that the destination network has a 255.255.0.0 network mask and was correctly received and set on the Tiger routing table, but that the Leopard systems assumes a 255.255.255.0 network mask and set this assumption to the its routing table: (destination LAN has address space 10.50.0.0 - 10.50.255.255 / netmask 255.255.0.0)
Tiger 10.4.11 :
10.50/16 ppp0 USc 0 0 ppp0
Leopard 10.5.5 :
10.50/24 ppp0 USc 0 0 ppp0
In the Leopard vpn setting panel, there is also the possibility to set manually the destination ip-address and netmask, but I found it has no effect on the real setting on Leopard. The only way to set the correct route with the correct netmask is under Leopard to do it by the command shell - first deleting the route set by Leopard and setting a new route with a the correct netmask :
route delete -net 10.50. -interface ppp0
route add -net 10.50. -interface ppp0 -netmask 255.255.0.0
I do not understand, why under Tiger (and also on MacOSX 10.3.X) the pptp VPN worked always correct and set the correct netmask, and now Leopard (MacOSX 10.5.X) does some kind of assumption and is not able to set the correct netmask.
Any Ideas ?How did you determine that partial traffic is sent through the VPN?
Basic principles of VPN is to avoid using a common subnet for your client ip pool. Having an uncommon subnet will solve your #2 issue below. Simply change the 3rd octet on your home network from .1 to something else, .11
I have a working pptp server configuration on ubuntu 10 with iphone 3g iOS 4.1 connected, invested hours of research, but only a short time configuring the server and iphone vpn client. passing internet traffic through local gateway/router from work wi-fi and accessing local desktop using windows remote desktop lite app. -
PPTP VPN on Server 2008R2 dropping users but acting like it is still connected
Hello,
I'm having a weird problem and I'm at a loss. We have a couple of cloud servers that form our remote office system. Basically, their is 1 DC, 1 Remote Desktop server, and 2 member servers being used as workstations. The users access these
server and resources via a PPTP VPN setup on the DC using RRAS. Everything has worked fairly well for the last year, but recently, my users have complained that they get disconnected at random times over the last couple of weeks. I was able
to observe the behavior yesterday and it goes something like this:
-The user is working fine
-The user tries to access a share, open a web page, tries to open a remote desktop session or notices that their Outlook client is disconnected and finds that nothing can be reached outside of the local machine. I tried pinging the DC address,
www.google.com, and the RDP server without success. From the server, I tried pinging the errant workstation without success. The server shows the connection to be active and the workstation does not disconnect the connection. On
one occasion, the problem just rectified itself and everything started working again. On all other occasions, the VPN had to be disconnected and reconnected. Note that some workstations are not reporting this problem.
-The user disconnects the VPN
-The user reconnects the VPN and usually everything is okay again for awhile, but sometimes they are disconnected within minutes.
This is new behavior, and no changes have been made by me and the Cloud support people tell me they haven't done anything. At this point, I'm not even sure how to go about troubleshooting it. The next time it happened, I was going to pull an ARP table
to see if anything looks amiss, but the only other avenue I have going is a call into the cloud services support to see if they can look for dropped or filtered information between our main office and our cloud server.
The only part of this setup that is a little bit different for me is the IPv4 settings in the RRAS console under properties of the server. Normally in the IPv4 settings, I select DHCP and allow the users to pull from the existing DHCP server. However, the
cloud support recommended against having a DHCP server, so instead of DHCP, I selected "use static IP address pool." I put 10.216.8.197 to 10.216.8.22 and the subnet mask is picking up from the server as 255.255.255.224 and the default gateway is
picking up from the server as 10.216.8.193.
Does anyone have any advice on how to troubleshoot this problem? What to try next if the cloud services support doesn't find anything, etc?
Thanks,
Jeffery SmithHi Jeffery,
According to your description, the VPN clients can connect the server at the beginning, but when we reconnected after going wrong, they were disconnected within minutes. Maybe the next time it happened, we could follow steps below to troubleshoot this issue.
Use ipconfig /all command in the VPN client when we set up VPN connection, to view which IP address the VPN client obtain.
Pull an ARP table from the VPN client to view the IP Address-Physical Address mappings as you said will help to troubleshoot this issue. The assigned IP address maybe used by other computers.
If the static IP address pool range from 10.216.8.197 to 10.216.8.22, due to the subnet is 255.255.255.224, there are 8 subnet in the 10.216.8.0/27 network. If the static IP address pool consists of ranges of IP addresses that are for a separate subnet,
then we need to either enable an IP routing protocol on the remote access server computer or add static IP routes consisting of the {IP Address, Mask} of each range to the routers of the intranet. If the routes are not added, then remote access clients can’t
receive traffic from resources on the intranet.
Best Regards,
Tina -
Remote Desktop/Access shared files over PPTP VPN
Hello,
I just bought the RV180W so I can connect to my office computer from anywhere as a VPN client. The two things I need to do while I am connected as a VPN client is to be able to access my files on my office desktop and be able to remote desktop to it as well. I have Win7 on all of my computers. Ideally, I would like to do that over PPTP VPN connection but if that is not possible I can try Cisco QuickVPN software.
I enabled PPTP on my router and created a user account. I was also able to successfully establish the connection remotely. While I was connected as a PPTP VPN client, I was able to access the Internet and my router setup page which is telling me that the connection is good. However, I was not able to either discover my office PC under my network tab in Win7 nor I was able to remote desktop. I keep my office PC on all the time and it never go to sleep. I did not create any connection policy but maybe this is the problem. Please let me know if you know of a solution.
Thanks!Hi David,
Thank you for the response.
I was able to access the router configuration using the local IP address (in my case 192.168.1.1). I don't think I would have been able to access it using the public IP address since I have the router remote management feature disabled.
Now after reading your email, I was finally able to remote desktop and access shared files through a PPTP VPN connection. Here is what I did:
1- I separted the PPTP VPN IP address range from my DHCP range (in my case, PPTP VPN range is 192.168.1.200 to 210 and my DHCP range is from 192.168.1.100 to 199)
2- I assigned my office desktop PC that I am trying to remote desktop to a fixed IP address (192.168.1.20)
3- For remote desktop, I had to type the IP address (192.168.1.20). Typing the PC name (officepc) or searching for was not working.
4- For shared files, I had to map a network drive as //192.168.1.20/My Pictures for example. I couldn't find my PC when searched for it under Network.
After doing all that, I was able to do kinda what I wanted. Ideally, I would have liked to avoid using fixed IP addresses and be able to access computers by their name and see them under the Network tab. Is their a way to do this? I noticed that RV220W offers SSL VPN, would that help me?
I would appreciate it if you could answer my last two questions.
Thanks!
Mustafa -
Trouble about vpn connecting (PPTP VPN did not respond)
I am new in mac. These days I have searched a lot on line for the solution to this problem but none fixed it. So....
Our lab only have an instruciton for connecting vpn under windows and I succeeded to do this by following this in windwos 7.
There is a host name instead of ip address in the instruciton and I think that should not be the problem.
And in the protocol of TCP/IP property settings, the user was asked to Remove the tick before “Use default gateway on remote network”. Besides, in the instruction, it sets to obtain the IP address and DNS address automatically, so that I do not have such inforamtion about the server of our lab.
In my new macbook pro (Mac ox lion 10.7.3), I did the following things:
1. in system properties->network, Select the + button at the bottom left of the screen to add a new connection.
2. Select the following:
a. Interface: VPN
b. VPN Type: PPTP
c. Service Name: SAS VPN
d. Select Create.
3. Configuration: default
server address: host name “xxx.xx.xxxx.xx”
account name: (I am sure there is no error in this)
encryptiong: none
4. click Authorization settings to input the password.
5. Click the Advanced button. and Select Options. Verify Send all traffic over VPN connection is checked. (and is not checked ) (I tried both, none of them worked). About the other seetings.
6. On the TCP/IP tab, set "Configure IPv4" to "Using PPP." So I can not input the DNS server information.
7. click apply and then try to connect.
However, it returned me an error said " PPTP-VPN server did not respond. Try to reconnect. If that continues....."
I think there are lots of experts in mac os x. Can anyone here help me with this? Thanks a lot in advance!>> encryptiong: none
I found out, that you NEED the encryption in Lion Server VPN.
I understand, that you use Lion Server as you mention the problem here in the Lion Server section.
I do the following: Install the "Admin Tool VPN" from App-Store for some Euros. Than I found section PPTP and there is a check for
a) Active
b) Compression and Encryption
I take the check for b) out and restart (Off / On), took my XP-Notebook and connected via PPTP and all working!
Since Lion Apple hide a lot of things from the official tools and if you have some special tools, you can activate function. There is
Level 1, the userlevel: Something like Dashboard in the new MS-Servers or the Server App in the new Lion Server
Level 2, the administrator level: The difference between Server App and Server Admin! The Server Tools you need download separatly as you know after a while, something is missing. Same with the new Airport Utility: Userlevel tool = AU 6.0 with grafical fun and some basics, AU 5.6 is the tool for the admin what you separtly need download.
Level 3, the special deeper view: Typically it is the command line interface, CLI, but if you need some GUI (grafical user interface), you buy an App like Admin VPN Tool and this tool (App for some Euros) in real does nothing else than comfortably set some inside switches and flags that the offical GUI admin tools not have realized.
Why?
Oh, I think it's because security issues. You want the Mac Server become like a Microsoft Server? So, you shouldn't use not encrypted connections and that's (in my understanding) the reason why the Lion Server EXPECTS YOU to use encryption and the official tools not give you the oportunity to switch the encryption off! -
Hi.
We have just setup a SA520 at a customer location. It is running firmware version 1.1.65.
It seems to be operating fine, except PPTP VPN.
Looking at the log from the SA520 it forwards port 1723 and 500 to the correct PPTP server in the network. But it seems like this machine it not receiving the PPTP VPN request.
On the server is also running a FTP service which works fine - so the server is alive.
Is there something about we also need to use GRE (Protocol 47) when using PPTP? We have looked everywhere in the SA520, but can't find it.
Any help appreciated, thanks!
/Ulrik
Attached: SA520-log, PPTP-server-log, Firewall-rules.Hi Federico.
I also believe GRE must be used to establish the PPTP connection, but it is not listed as a service under firewall rules or anywhere else in the SA520.
The reason to open port 500 was because we could see a request to the port, when we were trying to connect. It doesn't change anything if the port is open or not.
I don't think it establish the PPTP tunnel at all. The receiving server is just listening for connections as the screenshot of the log shows. It doesn't indicate an established connection.
I am pretty sure GRE is the problem, but they big question is how do enable it in the SA520.
/Ulrik -
[solved] SSH doesn't work over PPTP VPN with pptpclient
I just got set up with access to my work's PPTP VPN. Using pptpclient I can establish a connection and ping servers. I can use telnet to confirm ports 22, 80 etc are accessible and I can access web services in my browser, but SSH doesn't work.
When I try and SSH to a server it just hangs for a minute and then "Connection closed by 10.70.11.10". Wondering if SSH was using my default route rather than the appropriate tunnel, I tried setting my default route to use the VPN, and ping, telnet, nmap etc still seem to function and return expected results, but SSH still hangs and closes. There are no entries in the sshd log on the servers that I attempted to get access to. I have both Arch and CentOS servers and I cannot get to either via SSH.
My colleague connected to the VPN on his mobile phone and managed to SSH to a server, so it doesn't seem that the VPN is blocking this... any ideas?
Thanks
[update]
Solved! I found that in /etc/ppp/options, un-commenting -mru fixed this for me:
# Disable MRU [Maximum Receive Unit] negotiation (use default, i.e.
# 1500).
-mru
[/update]
Last edited by jsteel (2014-08-10 20:06:31)targetbsp wrote:
summit48 wrote:
Windows10 has hijacked the back end believing every Laptop and Desktop PC is a Smartphone. What do you mean by that?Windows 10: Microsoft under attack over privacyhttp://www.theguardian.com/technology/2015/jul/31/windows-10-microsoft-faces-criticism-over-privacy-default-settings In the "one size fits all" philosophy of Microsoft there is no distinction between a smartphone and a PC. You might turn some of these privacy setting on for a smartphone but not on a PC. -
[Solved] NetworkManager-pptp VPN not working after update to 0.9.10
Hello,
I have a PPTP VPN set up and it's been working for a long time. However, after I updated last night to networkmanager-0.9.10, it is no longer able to connect to the remote network. I can activate the VPN connection, enter my password, but after a short period of time, the connection reports: "Error: Connection activation failed: the VPN service returned invalid configuration." As I mentioned before, this VPN was working right before the update and I didn't change the configuration on either my computer or the destination network so I'm pretty sure that this is something to do with the update. I'm wondering if anybody else has run into this problem and if they've been able to find a solution. I've been searching all over these forums and the internet for some hours now and I haven't found anything yet. I'm hoping that somebody might be able to point me in the right direction or maybe know of something that might have changed with the new update.
Here is my VPN configuration (using NetworkManager-PPTP. I've also obscured the public IP address):
[connection]
id=MyVPN
uuid=fe6e6265-1a79-4a69-b6d1-8b47e9d4c948
type=vpn
permissions=user:greyseal96:;
autoconnect=false
timestamp=1408950986
[vpn]
service-type=org.freedesktop.NetworkManager.pptp
gateway=192.168.146.114
require-mppe=yes
user=greyseal96
password-flags=3
[ipv6]
method=auto
[ipv4]
method=auto
route1=10.17.0.0/16,10.17.1.1,1
never-default=true
Here are my logs during the time that I tried to connect:
Aug 24 23:44:15 MyArchBox NetworkManager[578]: <info> Starting VPN service 'pptp'...
Aug 24 23:44:15 MyArchBox NetworkManager[578]: <info> VPN service 'pptp' started (org.freedesktop.NetworkManager.pptp), PID 1938
Aug 24 23:44:15 MyArchBox NetworkManager[578]: <info> VPN service 'pptp' appeared; activating connections
Aug 24 23:44:21 MyArchBox NetworkManager[578]: <info> VPN connection 'MyVPN' (ConnectInteractive) reply received.
Aug 24 23:44:21 MyArchBox NetworkManager[578]: <info> VPN plugin state changed: starting (3)
Aug 24 23:44:21 MyArchBox NetworkManager[578]: ** Message: pppd started with pid 1945
Aug 24 23:44:21 MyArchBox NetworkManager[578]: <info> VPN connection 'MyVPN' (Connect) reply received.
Aug 24 23:44:21 MyArchBox pppd[1945]: Plugin /usr/lib/pppd/2.4.6/nm-pptp-pppd-plugin.so loaded.
Aug 24 23:44:21 MyArchBox NetworkManager[578]: Plugin /usr/lib/pppd/2.4.6/nm-pptp-pppd-plugin.so loaded.
Aug 24 23:44:21 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (plugin_init): initializing
Aug 24 23:44:21 MyArchBox pppd[1945]: pppd 2.4.6 started by root, uid 0
Aug 24 23:44:21 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 3 / phase 'serial connection'
Aug 24 23:44:21 MyArchBox pppd[1945]: Using interface ppp0
Aug 24 23:44:21 MyArchBox pppd[1945]: Connect: ppp0 <--> /dev/pts/2
Aug 24 23:44:21 MyArchBox NetworkManager[578]: Using interface ppp0
Aug 24 23:44:21 MyArchBox NetworkManager[578]: Connect: ppp0 <--> /dev/pts/2
Aug 24 23:44:21 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 5 / phase 'establish'
Aug 24 23:44:21 MyArchBox NetworkManager[578]: <info> (ppp0): new Generic device (driver: 'unknown' ifindex: 10)
Aug 24 23:44:21 MyArchBox NetworkManager[578]: <info> (ppp0): exported as /org/freedesktop/NetworkManager/Devices/9
Aug 24 23:44:21 MyArchBox pptp[1947]: nm-pptp-service-1938 log[main:pptp.c:333]: The synchronous pptp option is NOT activated
Aug 24 23:44:21 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 1 'Start-Control-Connection-Request'
Aug 24 23:44:21 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_disp:pptp_ctrl.c:758]: Received Start Control Connection Reply
Aug 24 23:44:21 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_disp:pptp_ctrl.c:792]: Client connection established.
Aug 24 23:44:22 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 7 'Outgoing-Call-Request'
Aug 24 23:44:22 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_disp:pptp_ctrl.c:877]: Received Outgoing Call Reply.
Aug 24 23:44:22 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_disp:pptp_ctrl.c:916]: Outgoing call established (call ID 0, peer's call ID 50048).
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 6 / phase 'authenticate'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (get_credentials): passwd-hook, requesting credentials...
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (get_credentials): got credentials from NetworkManager-pptp
Aug 24 23:44:25 MyArchBox pppd[1945]: CHAP authentication succeeded
Aug 24 23:44:25 MyArchBox NetworkManager[578]: CHAP authentication succeeded
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 8 / phase 'network'
Aug 24 23:44:25 MyArchBox pppd[1945]: MPPE 128-bit stateless compression enabled
Aug 24 23:44:25 MyArchBox NetworkManager[578]: MPPE 128-bit stateless compression enabled
Aug 24 23:44:25 MyArchBox pppd[1945]: Cannot determine ethernet address for proxy ARP
Aug 24 23:44:25 MyArchBox pppd[1945]: local IP address 10.17.10.3
Aug 24 23:44:25 MyArchBox pppd[1945]: remote IP address 10.17.10.1
Aug 24 23:44:25 MyArchBox pppd[1945]: primary DNS address 10.17.2.22
Aug 24 23:44:25 MyArchBox pppd[1945]: secondary DNS address 10.17.2.23
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> VPN connection 'MyVPN' (IP4 Config Get) reply received from old-style plugin.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> VPN Gateway: 192.168.146.114
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Tunnel Device: ppp0
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> IPv4 configuration:
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Internal Address: 10.17.10.3
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Internal Prefix: 32
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Internal Point-to-Point Address: 10.17.10.1
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Maximum Segment Size (MSS): 0
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Static Route: 10.17.0.0/16 Next Hop: 10.17.1.1
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Forbid Default Route: yes
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Internal DNS: 10.17.2.22
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> Internal DNS: 10.17.2.23
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> DNS Domain: '(none)'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <info> No IPv6 configuration
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <error> [1408949065.481618] [platform/nm-linux-platform.c:1716] add_object(): Netlink error adding 10.17.0.0/16 via 10.17.1.1 dev ppp0 metric 1 mss 0 src user: Unspecific failure
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <warn> VPN connection 'MyVPN' did not receive valid IP config information.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Cannot determine ethernet address for proxy ARP
Aug 24 23:44:25 MyArchBox NetworkManager[578]: local IP address 10.17.10.3
Aug 24 23:44:25 MyArchBox NetworkManager[578]: remote IP address 10.17.10.1
Aug 24 23:44:25 MyArchBox NetworkManager[578]: primary DNS address 10.17.2.22
Aug 24 23:44:25 MyArchBox NetworkManager[578]: secondary DNS address 10.17.2.23
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 9 / phase 'running'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_ip_up): ip-up event
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_ip_up): sending Ip4Config to NetworkManager-pptp...
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: PPTP service (IP Config Get) reply received.
Aug 24 23:44:25 MyArchBox pppd[1945]: Terminating on signal 15
Aug 24 23:44:25 MyArchBox pppd[1945]: Modem hangup
Aug 24 23:44:25 MyArchBox pptp[1954]: nm-pptp-service-1938 log[callmgr_main:pptp_callmgr.c:245]: Closing connection (unhandled)
Aug 24 23:44:25 MyArchBox pptp[1954]: nm-pptp-service-1938 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 12 'Call-Clear-Request'
Aug 24 23:44:25 MyArchBox pptp[1954]: nm-pptp-service-1938 log[call_callback:pptp_callmgr.c:84]: Closing connection (call state)
Aug 24 23:44:25 MyArchBox pppd[1945]: Connect time 0.0 minutes.
Aug 24 23:44:25 MyArchBox pppd[1945]: Sent 0 bytes, received 0 bytes.
Aug 24 23:44:25 MyArchBox pppd[1945]: MPPE disabled
Aug 24 23:44:25 MyArchBox pppd[1945]: Connection terminated.
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox NetworkManager[578]: inet 10.17.0.0/16 table main
Aug 24 23:44:25 MyArchBox NetworkManager[578]: priority 0x1 protocol static
Aug 24 23:44:25 MyArchBox NetworkManager[578]: nexthop via 10.17.1.1 dev 10
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <error> [1408949065.487073] [platform/nm-linux-platform.c:2252] link_change(): Netlink error changing link 10: <DOWN> mtu 0 (1) driver 'unknown' udi '/sys/devices/virtual/net/ppp0': No such device
Aug 24 23:44:25 MyArchBox NetworkManager[578]: <error> [1408949065.487153] [platform/nm-linux-platform.c:1777] delete_object(): Netlink error deleting 10.17.10.3/32 lft forever pref forever lifetime 1862-0[4294967295,4294967295] dev ppp0 src kernel: No such device (-31)
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: Terminated ppp daemon with PID 1945.
Aug 24 23:44:25 MyArchBox kernel: Loading kernel module for a network device with CAP_SYS_MODULE (deprecated). Use CAP_NET_ADMIN and alias netdev- instead.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Terminating on signal 15
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Modem hangup
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 8 / phase 'network'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Connect time 0.0 minutes.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Sent 0 bytes, received 0 bytes.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: MPPE disabled
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 10 / phase 'terminate'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 5 / phase 'establish'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 5 / phase 'establish'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 11 / phase 'disconnect'
Aug 24 23:44:25 MyArchBox NetworkManager[578]: Connection terminated.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 1 / phase 'dead'
Aug 24 23:44:25 MyArchBox dbus[579]: [system] Rejected send message, 10 matched rules; type="error", sender=":1.51" (uid=0 pid=1938 comm="/usr/lib/networkmanager/nm-pptp-service ") interface="(unset)" member="(unset)" error name="org.freedesktop.DBus.Error.UnknownMethod" requested_reply="0" destination=":1.52" (uid=0 pid=1945 comm="/sbin/pppd pty /sbin/pptp 192.168.146.114 --nolaunc")
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** Message: nm-pptp-ppp-plugin: (nm_exit_notify): cleaning up
Aug 24 23:44:25 MyArchBox pppd[1945]: Exit.
Aug 24 23:44:25 MyArchBox NetworkManager[578]: ** (nm-pptp-service:1938): WARNING **: pppd exited with error code 16
Aug 24 23:44:45 MyArchBox NetworkManager[578]: <info> VPN service 'pptp' disappeared
If you've gotten this far, thank you for taking the time to read through all this! Any help that you can give would be much appreciated.
Last edited by greyseal96 (2014-08-27 15:20:02)Hmm, not sure about the 3.16 series kernel, but I found that when I upgraded to kernel 3.18 the PPTP VPN also stopped working. This time, though, it was because, for some reason, there was a change in kernel 3.18 where the firewall kernel modules necessary for the VPN don't get loaded so the firewall won't allow some of the PPTP traffic from the remote side back in. Since the firewall is stateful, these modules need to be loaded so that the firewall can know that the incoming PPTP traffic from the remote side is part of an existing connection. Here's what my network manager logs looked like:
NetworkManager[619]: <info> Starting VPN service 'pptp'...
NetworkManager[619]: <info> VPN service 'pptp' started (org.freedesktop.NetworkManager.pptp), PID 31139
NetworkManager[619]: <info> VPN service 'pptp' appeared; activating connections
NetworkManager[619]: <info> VPN connection 'MyVPN' (ConnectInteractive) reply received.
NetworkManager[619]: <info> VPN plugin state changed: starting (3)
NetworkManager[619]: ** Message: pppd started with pid 31148
NetworkManager[619]: <info> VPN connection 'MyVPN' (Connect) reply received.
pppd[31148]: Plugin /usr/lib/pppd/2.4.7/nm-pptp-pppd-plugin.so loaded.
NetworkManager[619]: Plugin /usr/lib/pppd/2.4.7/nm-pptp-pppd-plugin.so loaded.
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (plugin_init): initializing
pppd[31148]: pppd 2.4.7 started by root, uid 0
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 3 / phase 'serial connection'
pppd[31148]: Using interface ppp0
pppd[31148]: Connect: ppp0 <--> /dev/pts/5
NetworkManager[619]: Using interface ppp0
NetworkManager[619]: Connect: ppp0 <--> /dev/pts/5
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 5 / phase 'establish'
NetworkManager[619]: <info> (ppp0): new Generic device (driver: 'unknown' ifindex: 7)
NetworkManager[619]: <info> (ppp0): exported as /org/freedesktop/NetworkManager/Devices/6
pptp[31150]: nm-pptp-service-31139 log[main:pptp.c:333]: The synchronous pptp option is NOT activated
pptp[31157]: nm-pptp-service-31139 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 1 'Start-Control-Connection-Request'
pptp[31157]: nm-pptp-service-31139 log[ctrlp_disp:pptp_ctrl.c:758]: Received Start Control Connection Reply
pptp[31157]: nm-pptp-service-31139 log[ctrlp_disp:pptp_ctrl.c:792]: Client connection established.
pptp[31157]: nm-pptp-service-31139 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 7 'Outgoing-Call-Request'
pptp[31157]: nm-pptp-service-31139 log[ctrlp_disp:pptp_ctrl.c:877]: Received Outgoing Call Reply.
pptp[31157]: nm-pptp-service-31139 log[ctrlp_disp:pptp_ctrl.c:916]: Outgoing call established (call ID 0, peer's call ID 25344).
pppd[31148]: LCP: timeout sending Config-Requests <===HERE IS WHERE THE CONNECTION FAILS BECAUSE THE MODULES AREN'T LOADED.
pppd[31148]: Connection terminated.
NetworkManager[619]: LCP: timeout sending Config-Requests
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 11 / phase 'disconnect'
NetworkManager[619]: Connection terminated.
NetworkManager[619]: <warn> VPN plugin failed: connect-failed (1)
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (nm_phasechange): status 1 / phase 'dead'
pppd[31148]: Modem hangup
pppd[31148]: Exit.
NetworkManager[619]: <warn> VPN plugin failed: connect-failed (1)
NetworkManager[619]: Modem hangup
NetworkManager[619]: ** Message: nm-pptp-ppp-plugin: (nm_exit_notify): cleaning up
NetworkManager[619]: <warn> VPN plugin failed: connect-failed (1)
NetworkManager[619]: <info> VPN plugin state changed: stopped (6)
NetworkManager[619]: <info> VPN plugin state change reason: unknown (0)
NetworkManager[619]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
NetworkManager[619]: ** (nm-pptp-service:31139): WARNING **: pppd exited with error code 16
NetworkManager[619]: <info> VPN service 'pptp' disappeared
To fix this, I had to add a file to the /etc/modules-load.d directory to have the modules loaded into the kernel at boot. I just created a file called netfilter.conf and put the following in it:
nf_nat_pptp
nf_conntrack_pptp
nf_conntrack_proto_gre
Not sure if this addresses your problem or not, but maybe it's worth a look. -
Why does Airtunes Drop Frequnetly under Tiger?
After having sifted through the last week's worth of posts to this forum, I find that I'm having a problem that many others are also having, and that it has yet to be solved. I'm posting yet another thread on this topic, hoping that Apple will take notice.
Since upgrading to Tiger, I've had a bad experience with Airtunes frequently dropping out. Sometimes it resumes playing after a few seconds, sometimes it doesn't. Sometimes disconnecting from my wireless network and then reconnecting fixes the problem, sometimes it doesn't. As far as I know, everything is up to date:
Mac OS X 10.4.7
iTunes 6.0.5 (20)
Apple Base Station v6.3 (that's the firmware)
Software update gives me weekly updates too, so my Airport software should be current (how does one find the version number for this?). This problem also ocured under firmware 6.1. A hard reset of the Airport Express did not fix the problem either.
The strangest symptom that I experience is when Airtunes drops out and I try to deselect my speakers in iTunes. It just hangs and I get the dreaded spinning beach ball. After 2 or 3 minutes it finally deselects. Sometimes if I reselect the speakers, Airtunes resumes working. But other times it just seems dead.
While all of this is going on, my internet connection through the APExpress is still ok.
Airtunes worked flawlessly for me under Panther. So I'm fairly sure that the problem arose when I switched to Tiger.
Anyone know how to solve this problem (other than downgrading to Panther)?Okay, I've read the posts in this thread and think I might be able to contribute.
My set up is an Airport Extreme Base, with two Express's. I'm new to all this WiFi stuff, and have built this system adding each component over the past two years. So, frequent droping out has also been a problem with my setup. Yet (fingers crossed) i think I got things working pretty well with, ahem, (almost) no drop outs in days.
1. First suggestion is this link.
http://www.macgeekery.com/hacks/hardware/optimizingairportconnectivity
It basically talks about channel switching the Extreme Base Station and how to find out who else might be using that channel. With hints for advanced software from Apple (and where to get it) that I did not have, that helped me monitor signal strength and other neet learning tools.
2. I purchased airfoil recently (great software IMHO), and in the troubleshootong section it talked about how any 802.11b hardware (like my 867 Tibook) automatically down throtles your network from a potential 54 mbps to 11mbps. Now I'm not real versed on what sort of thru put you need to stream this music stuff, but 11mbps probably is not enough for two consecutive streams (w/o constantly dropping out). I have not heard of this potential problem disscussed ANYWHERE else.
3. One of my signals has to travel down a long hallway to reach the Express & speakers, 50 feet, and the signal would always stop when (it seemed as though) I would walk down it. My body seemingly disrupting the signal.
This has seemed to dimminish after my last (#4)suggestion. A house full of people would (i think) kill any signal(s) no matter how strong the signals are.
4. Upon messing around with the settings in the Airport Administrator Utility,
i accidentally had it set to 25% of its potential Transmitter power (under Airport-->Airport Network -->Wireless Options. That fixed alot, boy I felt stupid.
So, these may be things worth looking into. In addition, I have a couple of ?'s.
1. what is the multicast rate? it's under Airport-->Airport Network -->Wireless Options also. what do ya'all have it set at?
2. Would WDS have a positive signal strength effect with an Extreme Base Station and 2 or more Express stations.
I have never run any WiFi under panther, but have had constant drop out issues under tiger until recently (who knows, maybe they'll return)
Goodluck all !!!!
GG-01
PowerMac Dual 2.0 (last rev.) Mac OS X (10.4.7) Ti Book 867 -
How do I reconnect my PPTP vpn after upgrading to Yosemite
How do I reconnect my PPTP vpn after upgrading to Yosemite on my mac mini
See:
http://kb.mozillazine.org/Locked_or_damaged_places.sqlite
http://kb.mozillazine.org/Lost_bookmarks -
How to configure Multiple PPTP VPN Clients on cisco 3g supported Router
I want the router to be a PPTP VPN client to 2 independent PPTP servers, both are in different cities in Cisco routers. I have tested with one on cisco 1841 aqnd its working fine; but when I add the 2nd, its using vpdn-group 1 and therefore connecting to the wrong PPTP server:
here is the config for the one that works:
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip xxx.xxx.xxx.xxx
interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
ip nat outside
ip virtual-reassembly
zone-member security private
encapsulation ppp
ip igmp query-interval 125
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 1
no peer neighbor-route
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap-v2 ms-chap eap chap pap callin
ppp eap refuse
ppp chap hostname xxx@xxx
ppp chap password 7 xxxpassword
But if I create a vpdn-group 2 and a Dialer1 interface, with dialer-group 2, its still attempting to connect to the IP in vpdn-group 1 - how do I get it to use the 2nd vpdn-group, or how do I make this work? and which cisco 3G Router you prefer because these are remote sites and only 3G Internet service is available.I want the router to be a PPTP VPN client to 2 independent PPTP servers, both are in different cities in Cisco routers. I have tested with one on cisco 1841 aqnd its working fine; but when I add the 2nd, its using vpdn-group 1 and therefore connecting to the wrong PPTP server:
here is the config for the one that works:
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip xxx.xxx.xxx.xxx
interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
ip nat outside
ip virtual-reassembly
zone-member security private
encapsulation ppp
ip igmp query-interval 125
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 1
no peer neighbor-route
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap-v2 ms-chap eap chap pap callin
ppp eap refuse
ppp chap hostname xxx@xxx
ppp chap password 7 xxxpassword
But if I create a vpdn-group 2 and a Dialer1 interface, with dialer-group 2, its still attempting to connect to the IP in vpdn-group 1 - how do I get it to use the 2nd vpdn-group, or how do I make this work? and which cisco 3G Router you prefer because these are remote sites and only 3G Internet service is available. -
Help needed to connect to remote PPTP VPN via PIX 515e
Hello,
A user in our office needs to connect to a client's remote PPTP VPN but can't connect. The user is running Windows 7. We have a Cisco PIX 515e firewall that is running PIX Version 6.3(3) - this is what our user is having to go through to try and make the connection to the client's remote VPN.
The client's network guys have come back and said the issue is at our side. They say that they can see some of our traffic but not all of it. The standard error is shown below, and they say it's symptomatic of the client-side firewall not allowing PPTP traffic:
"A connection between the VPN server and the VPN client XXX.XXX.XXX.XXX has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets."
I have very little firewall experience and absolutely no Cisco experience I'm afraid. From looking at the PIX config I can see the following line:
fixup protocol pptp 1723.
Does this mean that the PPTP protcol is enabled on our firewall? Is this for both incoming and outgoing traffic?
I can see no reference to GRE 47 in the PIX config. Can anyone advise me what I should look for to see if this has been enabled or not?
I apologise again for my lack of knowledge. Any help or advice would be very gratefully received.
RosHi Eugene,
Thank you for taking the time to reply to me. Please see our full PIX config below. I've XX'd out names and IP addresses as I'm never comfortable posting those type of details in a public forum. I hope that the information below is still sufficient for you.
Thanks again for your help,
Ros
PIX(config)# en
Not enough arguments.
Usage: enable password [] [level ] [encrypted]
no enable password level
show enable
PIX(config)# show config
: Saved
: Written by enable_15 at 10:30:31.976 GMT/BDT Mon Apr 4 2011
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 DMZ security10
enable password XXX encrypted
passwd XXX encrypted
hostname PIX
domain-name XXX.com
clock timezone GMT/BST 0
clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol pptp 1723
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name XX.XX.XX.XX Secondary
access-list outside_access_in permit tcp XX.XX.XX.XX 255.255.255.240 host XX.XX.XX.XX eq smtp
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq https
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 993
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 587
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 82
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq www
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq https
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 993
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 587
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 82
access-list outside_access_in permit tcp host XX.XX.XX.XX host XX.XX.XX.XX eq 82
access-list outside_access_in permit tcp host XX.XX.XX.XX host XX.XX.XX.XX eq 82
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq smtp
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 8082
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq https
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 993
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 587
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 82
access-list outside_access_in permit tcp any host XX.XX.XX.XX eq smtp
access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq www
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.0.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl deny udp any any eq 135
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_40 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_60 permit ip any XX.XX.XX.XX 255.255.255.0
access-list USER1 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_10 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_20 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_30 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_50 permit ip any XX.XX.XX.XX 255.255.255.0
access-list outside_cryptomap_70 permit ip any XX.XX.XX.XX 255.255.0.0
access-list USER2 permit ip any XX.XX.XX.XX 255.255.255.0
access-list USER3 permit ip any XX.XX.XX.XX 255.255.255.0
access-list USER4 permit ip any XX.XX.XX.XX 255.255.0.0
pager lines 24
logging on
logging host inside XX.XX.XX.XX
icmp permit any outside
icmp permit any inside
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip address outside XX.XX.XX.XX 255.255.255.248
ip address inside XX.XX.XX.XX 255.255.255.0
no ip address DMZ
ip audit info action alarm
ip audit attack action alarm
pdm location XX.XX.XX.XX 255.255.255.255 inside
pdm location XX.XX.XX.XX 255.255.0.0 outside
pdm location XX.XX.XX.XX 255.255.255.0 outside
pdm logging debugging 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) XX.XX.XX.XX XX.XX.XX.XX netmask 255.255.255.255 0 0
static (inside,outside) XX.XX.XX.XX. XX.XX.XX.XX netmask 255.255.255.255 0 0
static (inside,outside) XX.XX.XX.XX. XX.XX.XX.XX netmask 255.255.255.255 0 0
static (inside,outside) XX.XX.XX.XX XX.XX.XX.XX netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 XX.XX.XX.XX 1
route inside XX.XX.XX.XX 255.255.0.0 XX.XX.XX.XX 1
timeout xlate 3:00:00
timeout conn 2:00:00 half-closed 0:30:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
ntp authenticate
ntp server XX.XX.XX.XX source outside prefer
http server enable
http XX.XX.XX.XX 255.255.0.0 outside
http XX.XX.XX.XX 255.255.255.0 outside
http XX.XX.XX.XX 255.255.255.255 inside
snmp-server host inside XX.XX.XX.XX
no snmp-server location
no snmp-server contact
snmp-server community XXX
snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map cola 20 set transform-set ESP-3DES-MD5
crypto dynamic-map dod 10 set transform-set ESP-3DES-MD5
crypto map outside_map 10 ipsec-isakmp dynamic cola
crypto map outside_map 20 ipsec-isakmp
crypto map outside_map 20 match address outside_cryptomap_20
crypto map outside_map 20 set peer XX.XX.XX.XX
crypto map outside_map 20 set transform-set ESP-3DES-MD5
crypto map outside_map 25 ipsec-isakmp
crypto map outside_map 25 match address USER1
crypto map outside_map 25 set peer XX.XX.XX.XX
crypto map outside_map 25 set transform-set ESP-3DES-MD5
crypto map outside_map 30 ipsec-isakmp
crypto map outside_map 30 match address outside_cryptomap_30
crypto map outside_map 30 set peer XX.XX.XX.XX
crypto map outside_map 30 set transform-set ESP-3DES-MD5
crypto map outside_map 40 ipsec-isakmp
crypto map outside_map 40 match address outside_cryptomap_40
crypto map outside_map 40 set peer XX.XX.XX.XX
crypto map outside_map 40 set transform-set ESP-3DES-MD5
crypto map outside_map 50 ipsec-isakmp
crypto map outside_map 50 match address outside_cryptomap_50
crypto map outside_map 50 set peer XX.XX.XX.XX
crypto map outside_map 50 set transform-set ESP-3DES-MD5
crypto map outside_map 60 ipsec-isakmp
crypto map outside_map 60 match address outside_cryptomap_60
crypto map outside_map 60 set peer XX.XX.XX.XX
crypto map outside_map 60 set transform-set ESP-3DES-MD5
crypto map outside_map 70 ipsec-isakmp
crypto map outside_map 70 match address outside_cryptomap_70
crypto map outside_map 70 set peer XX.XX.XX.XX
crypto map outside_map 70 set transform-set ESP-3DES-MD5
crypto map outside_map 75 ipsec-isakmp
crypto map outside_map 75 match address USER4
crypto map outside_map 75 set peer XX.XX.XX.XX
crypto map outside_map 75 set transform-set ESP-3DES-MD5
crypto map outside_map 80 ipsec-isakmp
crypto map outside_map 80 match address USER2
crypto map outside_map 80 set peer XX.XX.XX.XX
crypto map outside_map 80 set transform-set ESP-3DES-MD5
crypto map outside_map 90 ipsec-isakmp
crypto map outside_map 90 match address USER3
crypto map outside_map 90 set peer XX.XX.XX.XX
crypto map outside_map 90 set transform-set ESP-3DES-MD5
crypto map outside_map interface outside
isakmp enable outside
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
telnet XX.XX.XX.XX 255.255.0.0 outside
telnet XX.XX.XX.XX 255.255.255.255 inside
telnet XX.XX.XX.XX 255.255.255.255 inside
telnet XX.XX.XX.XX 255.255.255.255 inside
telnet timeout 30
ssh XX.XX.XX.XX 255.255.255.248 outside
ssh XX.XX.XX.XX 255.255.255.248 outside
ssh timeout 30
management-access inside
console timeout 0
terminal width 80
Cryptochecksum:XXX
PIX(config)# -
Has anyone got PPTP VPN to work on Lion Server?
Has anyone got PPTP VPN to work on Lion Server?
I had a go with the terminal commnds posted by apple support but no joy. Since then Apple has pulled the suport article - is it because it didn't work?
I get PPTP is less secure but PPTP seems to be more reliable don't know whey they can't keep as GUI. I've got them both running on our 10.4 server and L2TP stoped allowing connections for no reason PPTP was still working L2TP started working again on its own. Plus L2TP drops my connection when I connect with a 2nd device e.g connected with my Macbook connect with my iPhone (different username) it drops my Macbook.
Any advice getting PPTP to work on Lion Server would be appreciated
Thanks
BenHi,
I have posted a bugreport on this issue to Apple. Currently (10.7.2) it is not possible to run PPTP on any Mac OS X Server when using a 10.7 Server as Directory Server.
I have tried 'everything', but the MPPE encryption mechanism seems to be broken.
Edit: I see now that the bugreport is filed as a duplicate to an older case, which is now closed. I hope this means they have found the problem and will release a fix in the next update. -
[SOLVED]How to configure pptp vpn start on boot with netcfg?
I've configured 2 profiles:
eth0 and ppp0, where ppp0 is a pptp vpn tunnel.
$ ls /etc/network.d/
eth0 examples interfaces ppp0
$ cat /etc/network.d/ppp0
CONNECTION='ppp'
INTERFACE='ppp0'
PEER='dxt'
PPP_TIMEOUT=10
$ cat /etc/conf.d/netcfg
# Enable these netcfg profiles at boot time.
# - prefix an entry with a '@' to background its startup
# - set to 'last' to restore the profiles running at the last shutdown
# - set to 'menu' to present a menu (requires the dialog package)
# Network profiles are found in /etc/network.d
NETWORKS=(eth0 ppp0)
# Specify the name of your wired interface for net-auto-wired
WIRED_INTERFACE="eth0"
# Specify the name of your wireless interface for net-auto-wireless
WIRELESS_INTERFACE="wlan0"
Manually, I can start up ppp0 correctly.
$ sudo netcfg -u ppp0
:: ppp0 up [ BUSY ] Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
CHAP authentication succeeded
MPPE 128-bit stateless compression enabled
Cannot determine ethernet address for proxy ARP
local IP address 10.100.3.132
remote IP address 10.100.3.1
[ DONE ]
$ ip addr list dev ppp0
8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 10.100.3.132 peer 10.100.3.1/32 scope global ppp0
But after booting, only eth0 is up. How to configure ppp0 to start on boot with netcfg?
Last edited by rchiang (2012-12-21 01:09:32)Thanks a lot for your instruction.
netcfg works now!
chris_l wrote:
Did you
systemctl enable [email protected] -
2 questions about PPTP VPN on 878
Hello,
I've configured my 878 router as a PPTP VPN server. It works very fine and very quickly. Using the XP VPN client from a remote site, I can "see" all servers in my network.
2 questions
1) When doing telnet on the 878 through the VPN, it is very slow.
2) I would have to get access to the internet through the VPN. But this does not work.
What should I change in this config :
Thanks in advance,
Guy
version 12.3
no service pad
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
service password-encryption
service linenumber
service sequence-numbers
hostname ineo-21029
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 .....
username ...
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip subnet-zero
no ip cef
no ip dhcp use class
ip name-server 212.100.160.51
ip name-server 212.100.160.52
ip port-map ms-sql port 1433
vpdn enable
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
no ftp-server write-enable
isdn switch-type basic-net3
controller DSL 0
mode atm
line-term cpe
line-mode 2-wire line-zero
dsl-mode shdsl symmetric annex B
line-rate auto
interface BRI0
no ip address
shutdown
isdn switch-type basic-net3
interface ATM0
description === to PE/Router ====
no ip address
ip accounting output-packets
load-interval 30
no atm ilmi-keepalive
interface ATM0.1 point-to-point
description $ES_WAN$
pvc 8/35
oam-pvc manage 5
oam-pvc manage cc end direction both
oam retry 3 3 1
oam retry cc end 3 3 30
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface Virtual-Template1
ip unnumbered Vlan1
peer default ip address pool test
no keepalive
ppp encrypt mppe auto
ppp authentication pap chap ms-chap ms-chap-v2
interface Vlan1
description $FW_INSIDE$
ip address 192.168.2.2 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp chap hostname ....
ppp chap password ....
ppp pap sent-username ....
ip local pool test 192.168.2.240 192.168.2.250
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
no ip http secure-server
ip nat inside source list 101 interface Dialer1 overload
access-list 101 permit ip 192.168.2.0 0.0.0.255 any
dialer-list 1 protocol ip permit
control-plane
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
line vty 0 4
access-class 113 in
exec-timeout 0 0
transport preferred all
transport input all
transport output all
scheduler max-task-time 5000Thanks for this message.
Finding no solution to my problem, i've switched to other tools : Easy VPN server in the router + Cisco VPN client. My 2 questions have now received a positive answer.
I was very important for me to get Internet acess through the VPN. Because we rent a dedicated server, located somewhere, and the access to this server is firewall-protected on our public IP address. Thus, when i'm outside and want to manage this serveur, i've to connect via VPN at our central office first.
Best regards,
Guy
Maybe you are looking for
-
Different Deadlock trace files
Hello, In our application we use to have deadlock issues and i need to analyze that trace file.Some time i use to have trace files which is having current session and waiting session information and with modules and queries they are executing in top
-
Please help! I can't send a text message to one specific friend of mine when he has iMessage turned off. I can receive his texts, but he never receives mine. Both are iPhones, obviously, different carriers which shouldn't matter. Neither of us got ne
-
Using mozilla for the first time i wish to open a contact list. I cannot any way to do this basic task.
-
Clean Install? What is required? Macbook shutdowns?
I am experiencing these annoying MB shutdowns, all the time, and have tried EVERYTHING possible to reset and change, like the RAM sticks, the PMU, the PRAM, firmware, and many other things. I am going to try a clean install, but first of all, how do
-
IPAD2 corrupt will not update or restore
I have an IPAD2 32 GB with 4/5 GB of free space. Have had a very slow keyboard and had done a reset a few days ago with no problem. Software was up to date as of this morning 8.3. Did a reboot because of the continuing slow and delay issues with the