PPTP Problem
I have set the DNS and IP address settings for the PPTP connection in XP to automatic. What am I doing wrong here? Some guidance will be very helpful.
XP is taking the gateway as my server's ip (67.18.187.102) when it should take the server's gateway, no . Please help.
–-----------------------------------------------------------------------------------
13 Replies
-erik
I dont have my examples with me but i can get them for you after on how i set mine up.
First of all it looks like you need to set your ms-dns options to the same DNS servers your linode is using. The DNS servers your Windows XP is using my not be accessible from outside of your network (which is what would happen when you bring up the tunnel).
Make sure IP Forwarding is enabled.
I don't think I ever got it working where remoteip and localip are the same value, it causes routing issues. I think you are best off using a private IP address range for localip. On my system these values are in the file /etc/pptpd.conf. And then I think you need to setup iptables to NAT that. See "ROUTING CHECKLIST - MASQUERADE" in man pptpd.conf.
Does your PPTP connection timeout after a few minutes or continue to stay up? If it times out you may need to allow PPTP traffic through iptables if you haven't already. (GRE protocol 47)
Any log info from the linux side? Can you post what you are getting on the windows client side? "ipconfig /all"
Erik's solution works well.
What I have done is to install Squid on the server and then use putty to open a tunnel into the server and then onto squid like this:
"C:\Program Files\PuTTY\putty.exe" -ssh -L 8080:xxx:8080 -l yyy -i "C:\Program Files\PuTTY\private-key.ppk" -2 -4 -N -a xxx
where xxx is the server's IP and yyy is the SSH acct name on the server.
It all works now.
Thanks again.
@anderiv:
Hello there…I can't speak specifically to your PPTP question, but I thought I'd throw this into the pot. It sounds like you're perhaps just looking for a way to have a secure proxy through which you can browse the web? If this is incorrect, my apologies, but if it is correct, a much easier solution is to just use a dynamic ssh tunnel back to your linode. That doesn't involve any of the complicated VPN stuff.
-erik
I have the same problem.
I actually followed this instruction set: http://forums.bit-tech.net/showthread.php?t=132029
For both local and remoteip, i used the IP of my slice. 64.62.190.xxx
I can connect via Windows XP VPN connection manager (authentication works fine). It says it's connected but I can't seem to get any traffic in or out of it.
Here are some symptoms:
1) my slice locks up (can't connect via SSH or HTTP)
2) the IP on the windows machine says:
IP: 144.198.182.10
Subnet: 255.255.255.255
Def. Gateway: 144.198.182.10
Any thoughts on this?
PS: The reason I am VPN'ing over proxy is b/c of windows app that has no proxy capability
you seem confused about how pptpd really works, so i'll try to help you out a little.
You need to create a local network for your vpn clients to use. Using your linode's public IP for both localip and remoteip is never gonna work.
For instance, let's say your linode's ip 64.62.190.xxx
we need to choose a range of ip for the virtual network. let it be
10.60.60.0 for instance.
localip 10.60.60.1
remoteip 10.60.60.50-150
clients connecting to the vpn will recieve and ip in the 10.60.60.50-10.60.60.150 range.
you then need an iptables rules to masquerade this traffic (so they can actualy use the internet)
/sbin/iptables -t nat -A POSTROUTING -s 10.60.60.0/24 -o eth0 -j MASQUERADE
also make sure net.ipv4.ip_forward is set to 1 in /etc/sysctl.conf
that's all there is to it.
Thanks for the reply.
I did EXACTLY as you said… and now my SSH console window doesn't freeze up.
Though.. I still can't seem to get data in and out of this PPTP connection when using XP as client. When I do "ipconfig /all", i get this for the PPTP conncetion:
DHCP Enabled: no
IP: 10.60.60.50
Subnet: 255.255.255.255
Gateway: 10.60.60.50
Is this incorrect? gateway = ip..?
netmask = 255.255.255.255
Looks strange, but that's indeed how it's supposed to be. Your connection to the vpn server is all good.
Now about your inability to get data in or out of this, I must say it's pretty hard to guess what may be wrong.
Are you absolutely positive that the iptables command was run? What is the output of '/sbin/iptables -t nat -L -n' ? Also make sure IP forwarding is enabled. Check it with 'cat /proc/sys/net/ipv4/ip_forward'.
Hope it helps…
=================================
output of "/sbin/iptables -t nat -L -n"
=================================
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – 10.60.60.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
=================================
output of "cat /proc/sys/net/ipv4/ip_forward"
=================================
1
I've restarted the pptpd server with " /etc/init.d/pptpd restart". Do I need to do any service restarting for IP forward?
Turns out it was the corporate network i was in. At home, it was working just fine and dandy.
Thanks a bunch! You're the man!
is there a way to make this work with additional IP? I recently added it to my slice and would like to have a "second" VPN service using this IP…
Meaning my client would connect via the second IP i purchased.. the client receives a different "localip" (i.e. with different range) and his outbound IP would be that of the newly bought IP.
I'm having problems with poptop (pptpd) also. I followed all of the configuration steps, and am still having problems.
The connections are failing, and I get the following in my /var/log/debug
Dec 9 08:18:33 o-linode pptpd[1234]: CTRL: Reaping child PPP[1235]
There are no other debug messages, that is the only message I get whenever I try to connect.
Thanks!