Страница 1 из 1

Проблема с ppp vpn

Добавлено: 2007-04-26 9:29:12
alex3
поставил pptpd по статье лиса
настроил, в фаере все разрешил, врубаю.
Клиент цепляется и отваливается.
Лог

Код: Выделить всё

Apr 26 09:52:43 flamewall pptpd[15035]: MGR: Manager process started
Apr 26 10:00:51 flamewall pptpd[26883]: MGR: Launching /usr/local/sbin/pptpctrl to handle client
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: pppd options file = /etc/ppp/options.pptp
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: Client ххх.ххх.ххх.ххх control connection started
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: Received PPTP Control Message (type: 1)
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: Made a START CTRL CONN RPLY packet
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: I wrote 156 bytes to the client.
Apr 26 10:00:51 flamewall pptpd[26883]: CTRL: Sent packet to client
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: Received PPTP Control Message (type: 7)
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: Made a OUT CALL RPLY packet
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: Starting call (launching pppd, opening GRE)
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: pty_fd = 10
Apr 26 10:00:52 flamewall pptpd[26883]: CTRL: tty_fd = 9
Apr 26 10:00:52 flamewall pptpd[26884]: CTRL (PPPD Launcher): program binary = /usr/sbin/ppp
Apr 26 10:00:52 flamewall ppp[26884]: Phase: Using interface: tun0
Apr 26 10:00:52 flamewall ppp[26884]: Phase: deflink: Created in closed state
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: ident user-ppp VERSION (built COMPILATIONDATE)
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: set device /dev/cuad1
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: set speed 115200
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5            ""
 AT OK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: set timeout 180
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: default: enable dns
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: enable proxy
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: set dns хх.хх.хх.хх
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: set ifaddr х.х.х.х
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: set timeout 300
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: enable MSChapV2
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Command: pptp: set nbns хх.хх.хх.хх
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: PPP Started (direct mode).
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: bundle: Establish
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: deflink: closed -> opening
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: deflink: Connected!
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: deflink: opening -> carrier
Apr 26 10:00:52 flamewall ppp[26884]: tun0: Phase: deflink: carrier -> lcp
Apr 26 10:00:52 flamewall ppp[26884]: tun0: LCP: FSM: Using "deflink" as a transport
Apr 26 10:00:52 flamewall ppp[26884]: tun0: LCP: deflink: State change Initial --> Closed
Apr 26 10:00:52 flamewall ppp[26884]: tun0: LCP: deflink: State change Closed --> Stopped
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP: deflink: LayerStart
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  ACFCOMP[2]
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  PROTOCOMP[2]
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  ACCMAP[6] 0x00000000
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  MRU[4] 1500
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  MAGICNUM[6] 0xc1093819
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Apr 26 10:00:53 flamewall ppp[26884]: tun0: LCP: deflink: State change Stopped --> Req-Sent
Apr 26 10:00:53 flamewall pptpd[26883]: CTRL: I wrote 32 bytes to the client.
Apr 26 10:00:53 flamewall pptpd[26883]: CTRL: Sent packet to client
Apr 26 10:00:53 flamewall pptpd[26883]: CTRL: Received PPTP Control Message (type: 15)
Apr 26 10:00:53 flamewall pptpd[26883]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  ACFCOMP[2]
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  PROTOCOMP[2]
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  ACCMAP[6] 0x00000000
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  MRU[4] 1500
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  MAGICNUM[6] 0xc1093819
Apr 26 10:00:56 flamewall ppp[26884]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  ACFCOMP[2]
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  PROTOCOMP[2]
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  ACCMAP[6] 0x00000000
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  MRU[4] 1500
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  MAGICNUM[6] 0xc1093819
Apr 26 10:00:59 flamewall ppp[26884]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Apr 26 10:01:02 flamewall ppp[26884]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
Apr 26 10:01:02 flamewall ppp[26884]: tun0: LCP:  ACFCOMP[2]
Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: PTY read or GRE write failed (pty,gre)=(10,9)
Apr 26 10:15:06 flamewall kernel: Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: PTY read or GRE write failed (pty,gre)=(10,
9)
Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: Reaping child PPP[39113]
Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: Client ххх.ххх.ххх.ххх control connection finished
Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: Exiting now
Apr 26 10:15:06 flamewall pptpd[26987]: MGR: Reaped child 39112
в чем может быть проблема?

Добавлено: 2007-04-26 9:52:41
Alex Keda
файрволл?

Добавлено: 2007-04-26 10:15:42
alex3

Код: Выделить всё

08300 allow log logamount 1000 gre from any to any
08400 allow log logamount 1000 ip from any to me dst-port 1723
08500 allow ip from any to any via tun0

Добавлено: 2007-04-26 10:18:38
Alex Keda
a если allow all

Добавлено: 2007-04-26 10:28:54
alex3
где?
просто тупо поставить allow all - это рутер....

Добавлено: 2007-04-26 10:32:32
Alex Keda
на минуту поставь - потестить.
=========
возьми машину любую да подыми фрю с поптопом - дел на 15 минут - постестить.
когда будет рабочее решенеие - пеернесёшь на гейт

Добавлено: 2007-05-01 13:12:57
roygbiv
копать вроде это стоит:

Код: Выделить всё

Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: PTY read or GRE write failed (pty,gre)=(10,9)
Apr 26 10:15:06 flamewall kernel: Apr 26 10:15:06 flamewall pptpd[39112]: CTRL: PTY read or GRE write failed (pty,gre)=(10,9) 
и ещё, протокол gre пропусти в фаере пока тестишь:
allow gre from any to any