News: This forum is now permanently frozen.
Pages: [1]
Topic: PTPP VPN with iPhone  (Read 4723 times)
« on: January 20, 2009, 21:31:11 »
tohil *
Posts: 10

hello

i've tried to setup a PPTP VPN Connection with my m0n0 and the iPhone.
i read the howto on m0n0.ch wich is published, but it doesent work.

here are the logs from the m0n0 box

Jan 20 21:29:34    mpd: pptp0: killing connection with 193.247.250.1 15048
Jan 20 21:29:34    mpd: pptp0: ctrl connection closed by peer
Jan 20 21:29:34    mpd: pptp0: closing connection with 193.247.250.1 15048
Jan 20 21:29:34    mpd: [pt0] LCP: state change Closed --> Initial
Jan 20 21:29:34    mpd: [pt0] LCP: Down event
Jan 20 21:29:34    mpd: [pt0] LCP: state change Stopped --> Closed
Jan 20 21:29:34    mpd: [pt0] LCP: Close event
Jan 20 21:29:34    mpd: [pt0] link: DOWN event
Jan 20 21:29:34    mpd: [pt0] PPTP call terminated
Jan 20 21:29:34    mpd: pptp0-0: killing channel
Jan 20 21:29:34    mpd: pptp0-0: clearing call
Jan 20 21:29:34    mpd: [pt0] LCP: LayerFinish
Jan 20 21:29:34    mpd: [pt0] LCP: state change Req-Sent --> Stopped
Jan 20 21:29:34    mpd: [pt0] LCP: parameter negotiation failed
Jan 20 21:29:32    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:32    mpd: MP SHORTSEQ
Jan 20 21:29:32    mpd: MP MRRU 1600
Jan 20 21:29:32    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:32    mpd: MAGICNUM 776fb234
Jan 20 21:29:32    mpd: MRU 1500
Jan 20 21:29:32    mpd: PROTOCOMP
Jan 20 21:29:32    mpd: ACFCOMP
Jan 20 21:29:32    mpd: [pt0] LCP: SendConfigReq #20
Jan 20 21:29:31    racoon: ERROR: couldn't find configuration.
Jan 20 21:29:30    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:30    mpd: MP SHORTSEQ
Jan 20 21:29:30    mpd: MP MRRU 1600
Jan 20 21:29:30    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:30    mpd: MAGICNUM 776fb234
Jan 20 21:29:30    mpd: MRU 1500
Jan 20 21:29:30    mpd: PROTOCOMP
Jan 20 21:29:30    mpd: ACFCOMP
Jan 20 21:29:30    mpd: [pt0] LCP: SendConfigReq #19
Jan 20 21:29:28    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:28    mpd: MP SHORTSEQ
Jan 20 21:29:28    mpd: MP MRRU 1600
Jan 20 21:29:28    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:28    mpd: MAGICNUM 776fb234
Jan 20 21:29:28    mpd: MRU 1500
Jan 20 21:29:28    mpd: PROTOCOMP
Jan 20 21:29:28    mpd: ACFCOMP
Jan 20 21:29:28    mpd: [pt0] LCP: SendConfigReq #18
Jan 20 21:29:26    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:26    mpd: MP SHORTSEQ
Jan 20 21:29:26    mpd: MP MRRU 1600
Jan 20 21:29:26    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:26    mpd: MAGICNUM 776fb234
Jan 20 21:29:26    mpd: MRU 1500
Jan 20 21:29:26    mpd: PROTOCOMP
Jan 20 21:29:26    mpd: ACFCOMP
Jan 20 21:29:26    mpd: [pt0] LCP: SendConfigReq #17
Jan 20 21:29:24    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:24    mpd: MP SHORTSEQ
Jan 20 21:29:24    mpd: MP MRRU 1600
Jan 20 21:29:24    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:24    mpd: MAGICNUM 776fb234
Jan 20 21:29:24    mpd: MRU 1500
Jan 20 21:29:24    mpd: PROTOCOMP
Jan 20 21:29:24    mpd: ACFCOMP
Jan 20 21:29:24    mpd: [pt0] LCP: SendConfigReq #16
Jan 20 21:29:22    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:22    mpd: MP SHORTSEQ
Jan 20 21:29:22    mpd: MP MRRU 1600
Jan 20 21:29:22    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:22    mpd: MAGICNUM 776fb234
Jan 20 21:29:22    mpd: MRU 1500
Jan 20 21:29:22    mpd: PROTOCOMP
Jan 20 21:29:22    mpd: ACFCOMP
Jan 20 21:29:22    mpd: [pt0] LCP: SendConfigReq #15
Jan 20 21:29:20    mpd: ENDPOINTDISC [802.1] 00 0d b9 17 a1 74
Jan 20 21:29:20    mpd: MP SHORTSEQ
Jan 20 21:29:20    mpd: MP MRRU 1600
Jan 20 21:29:20    mpd: AUTHPROTO CHAP MSOFTv2
Jan 20 21:29:20    mpd: MAGICNUM 776fb234
Jan 20 21:29:20    mpd: MRU 1500
« Reply #1 on: January 20, 2009, 22:08:34 »
Manuel Kasper
Administrator
*****
Posts: 364

It looks like no GRE packets are getting through (PPTP VPN requires a TCP connection on port 1723, as well as GRE [IP protocol 47] connectivity). This is a common problem with mobile/3G operators that use broken NAT implementations (and Swisscom is one of them, IIRC). Try complaining to them - it's unlikely to help (especially as I've heard somewhere that they offer "VPN access" through a different APN for an extra 5 bucks a month or so), but still worth a try.
« Reply #2 on: January 20, 2009, 23:49:32 »
tohil *
Posts: 10

Ok. Thanks for your fast reply. I thought that probably some NAT problems can happend in the umts network. Else they could not allow access for that many devices at the same time. Ipv6 would be nice;)

Ive post a feature request for l2tp over ipsec. Nat-t should work better than gre packets over nat devices. Is this possible with the used freebsd kernel and modules or to much changes for actual builds of m0n0wall?

Regards us winterthur;)
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines