News: This forum is now permanently frozen.
Pages: [1]
Topic: PPTP VPN - cannot connect error 678  (Read 5362 times)
« on: November 01, 2007, 10:40:30 »
alexelll *
Posts: 4

Hello

I have used m0nowall in the past (since ver. 1.0) and I managed to do preety things with it. It is a nice tool. I successfully used features like PPTP VPN to connect both over WAN and LAN, manage traffic, NAT, etc

However I've tried now ver. 1.231 and cannot connect to the VPN server even though I have set up the VPN server address, set the address range, set the firewall rule, etc.

Anyway, when trying to connect from LAN interface, the server does not answer at all, does not even get to the "verifying username and password" stage. (Windows XP returns err 687 )


My current config:

m0n0 ver. 1.231  (AMD xp 2200+, 256 RAM)
2 interfaces, one for LAN 192.168.1.0/24 and one for WAN which is not connected
I've set to the firewall, in the PPTP int. section,  the rule PPTP->any
OS: Win XP Pro
VPN client: Windows PPTP client
Client machine firewall: disabled
Connection interface: LAN

Can someone tell me what am I missing and the server does not respond to PPTP connections?

« Reply #1 on: November 01, 2007, 16:19:20 »
DJEMiVT *
Posts: 16

PPTP requires two things. TCP port 1723 and GRE (a type of protocol). If either of these two are not making it to m0n0, then it won't work. That's all that I could possibly think is wrong with your config. To test port 1723 is easy. From a client machine, open a command prompt, and type telnet <ip of m0n0> 1723. If it hangs on
Connecting to <ip of firewall>...
then it's not working

If you see a blank black window for your command prompt, it means it connected and that port 1723 is working.


Good luck.
« Reply #2 on: November 01, 2007, 20:32:51 »
alexelll *
Posts: 4

I have made a telnet connection on port 1723. It returns a black screen.
So this means port 1723 is accessible...
« Reply #3 on: November 02, 2007, 03:13:32 »
cmb *****
Posts: 851

if GRE were the problem, you'd get a 619 error.

What is the machine you're forwarding to? Can you connect to it from inside the network?  It seems like this must be a problem with the internal server.
« Reply #4 on: November 02, 2007, 14:18:37 »
alexelll *
Posts: 4

I cannot connect from the LAN network

Both the Client VPN and the mono server are in the same lan, connected through a Ethernet switch.
The server does not respond to VPN requests within LAN.
I have not tested from WAN
« Reply #5 on: November 03, 2007, 04:38:55 »
cmb *****
Posts: 851

You need to test it from the Internet, not via public IP internally.
« Reply #6 on: November 03, 2007, 11:30:11 »
alexelll *
Posts: 4

Ok, maby I did not make miself clear

Both the LAN interface of m0n0 and the client machine interface Im trying to connect from to VPN server are in the same LAN, connected via an Ethernet switch.

They both have private IPs

- m0n0 LAN int has 192.168.1.150  (and the VPN server has 192.168.1.200)
- the client LAN int has 192.168.1.11
« Reply #7 on: November 07, 2007, 06:07:37 »
cmb *****
Posts: 851

Oh! If they're on the same network, m0n0wall has nothing to do with their communication. The only way m0n0wall would affect that is if the server was on one side of m0n0wall and the client on the other side.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines