This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote access on Astaro: L2TP and PPTP not working

Dear all,

I am testing the different remote access possibilities on the Astaro 220. Firmware version is 7.303.

- SSL: working fine, but slow.
- PPTP: I am encoutering two problems:

- I cannot connect with my own username, only with admin account. My own username is part of the same 'superadmins' group as the admin account. My own username is backend synced with AD. Authentication with SSL works with this user.
This is shown by the live log during my attempt:

2008:12:08-15:52:39 (none) pptpd[18743]: CTRL: Client 81.247.184.93 control connection started
2008:12:08-15:52:39 (none) pptpd[18743]: CTRL: Starting call (launching pppd, opening GRE)
2008:12:08-15:52:39 (none) pppd-pptp[18744]: Plugin /usr/sbin/aua.so loaded.
2008:12:08-15:52:39 (none) pppd-pptp[18744]: AUA plugin initialized.
2008:12:08-15:52:39 (none) pppd-pptp[18744]: Plugin /usr/sbin/dhcpc.so loaded.
2008:12:08-15:52:39 (none) pppd-pptp[18744]: DHCPC: plugin initialized
2008:12:08-15:52:39 (none) pppd-pptp[18744]: pppd 2.4.3 started by (unknown), uid 0
2008:12:08-15:52:39 (none) pppd-pptp[18744]: Starting negotiation on /dev/ttyp0
2008:12:08-15:52:39 (none) pptpd[18743]: GRE: Bad checksum from pppd.
2008:12:08-15:52:43 (none) pptpd[18743]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
2008:12:08-15:52:45 (none) pppd-pptp[18744]: Peer myusername failed CHAP authentication
2008:12:08-15:52:45 (none) pppd-pptp[18744]: Connection terminated.
2008:12:08-15:52:45 (none) pppd-pptp[18744]: Exit.

- Secondly, Whenever I connect using PPTP, I do not receive the correct gateway. The gateway is always set the same address as the IP address assigned to my connection. This happens as well using an outside DHCP server as using the PPTP pool. All the other settings like DNS are fine, but because of gateway settings being wrong, I cannot connect to the network. Am I missing something here?

- L2TP over IPsec: configured like in the book, but when I try to make a connection using the windows built-in client, it's not even passing the 'connecting to .. .IP address'.

If somebody can help me here, I would like to use a faster way than SSL to connect to our network,

Kind regards,

Günther

This thread was automatically locked due to age.

0 BAlfson over 16 years ago

Günther, we have no problems with the WIndows client and L2TP/IPSec. Enable 'Debug' on the 'Advanced' tab and look for funny stuff in the log. If you aren't even getting there, then you probably have a configuration error in the client; an incorrect host or 'L2TP over IPSec vpn' not selected on the 'Networking' tab.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 anometric over 16 years ago in reply to BAlfson

Hello,

I still have the gateway issue on PPTP. What could this be about?

About L2TP: I enabled debug mode, but nothing appears. On the windows client, the following message appears:

Connecting to
Error 789:: The L2TP connection attempt failed because the security layer encountered a processing error during initial negociations with the remote computer.

The client has been set up like the procedure 'Remote Access via L2TP over IPSec Configuring ASG and Client' states.

The astaro as well has been set up following the procedure. But I was wandering what the interface setting should be: WAN or LAN? WAN because it's connecting through the outside connection or LAN because it's connecting to the LAN...

Please help,

Thanks

Günther
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 16 years ago in reply to anometric

Günther, what interface setting where?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel