This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple PPTP VPN logins from behind NAT not working

Astaor v7, Release 7.405

The first to login is just fine and everything works just as it should, but if another computer behind the same NAT connects no requests to the network behind the firewall works. If I check the packet filter I can see that the requests go through the astaro marked green, but nothing works.

When checking the pptp logs I see someting that makes me believe that the problem is that both pptp connections associate with the same source ip and thus the answears to the second connections requests go to the first connection (since the source ip of the pptp connection is the same)

When I connect from a machine not on the same NAT everything works fine via both connections.

This thread was automatically locked due to age.

Parents

0 Arvid over 16 years ago

The only difference I can find between the working and not working logins are the srcip in the line:
2009:08:27-18:59:32 login pppd-pptp[3346]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="***" variant="pptp" srcip="81.232.79.160" virtual_ip="172.20.10.131"
and the client ip address in the following line:
2009:08:27-18:59:26 login pptpd[3341]: CTRL: Client 81.232.79.160 control connection started

(the usernames are removed and replaced by ***, I've tried with both different users for both simultaneous connections and the same user for both without any difference in the result)

First login from within NAT (works)


2009:08:27-18:43:50 login pptpd[2344]: MGR: Launching /usr/local/sbin/pptpctrl to handle client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: local address = 172.20.10.129
2009:08:27-18:43:50 login pptpd[2344]: CTRL: remote address = 172.20.10.130
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Client 81.232.79.160 control connection started
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 1)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Made a START CTRL CONN RPLY packet
2009:08:27-18:43:50 login pptpd[2344]: CTRL: I wrote 156 bytes to the client.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Sent packet to client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 7)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Set parameters to 100000000 maxbps, 64 window size
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Made a OUT CALL RPLY packet
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Starting call (launching pppd, opening GRE)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: pty_fd = 6
2009:08:27-18:43:50 login pptpd[2344]: CTRL: tty_fd = 7
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd-pptp
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): local address = 172.20.10.129
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): remote address = 172.20.10.130
2009:08:27-18:43:50 login pppd-pptp[2345]: Plugin /usr/sbin/aua.so loaded.
2009:08:27-18:43:50 login pppd-pptp[2345]: AUA plugin initialized.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: I wrote 32 bytes to the client.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Sent packet to client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 15)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Got a SET LINK INFO packet with standard ACCMs
2009:08:27-18:43:50 login pptpd[2344]: GRE: Bad checksum from pppd.
2009:08:27-18:43:50 login pppd-pptp[2345]: pppd 2.4.3 started by (unknown), uid 0
2009:08:27-18:43:50 login pppd-pptp[2345]: Starting negotiation on /dev/ttyp0
2009:08:27-18:43:55 login pppd-pptp[2345]: Using interface ppp0
2009:08:27-18:43:55 login pppd-pptp[2345]: MPPE 128-bit stateless compression enabled
2009:08:27-18:43:55 login pppd-pptp[2345]: found interface eth4 for proxy arp
2009:08:27-18:43:55 login pppd-pptp[2345]: local IP address 172.20.10.129
2009:08:27-18:43:55 login pppd-pptp[2345]: remote IP address 172.20.10.130
2009:08:27-18:43:55 login pppd-pptp[2356]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="***" variant="pptp" srcip="81.232.79.160" virtual_ip="172.20.10.130"

2009:08:27-19:20:13 login pppd-pptp[4215]: LCP terminated by peer (MPPE disabled)
2009:08:27-19:20:13 login pppd-pptp[4215]: Connect time 7.6 minutes.
2009:08:27-19:20:13 login pppd-pptp[4215]: Sent 54805 bytes, received 31949 bytes.
2009:08:27-19:20:13 login pppd-pptp[4728]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="***" variant="pptp" srcip="79.102.209.118" virtual_ip="172.20.10.131"
2009:08:27-19:20:14 login pptpd[4214]: CTRL: EOF or bad error reading ctrl packet length.
2009:08:27-19:20:14 login pptpd[4214]: CTRL: couldn't read packet header (exit)
2009:08:27-19:20:14 login pptpd[4214]: CTRL: CTRL read failed
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Reaping child PPP[4215]
2009:08:27-19:20:14 login pppd-pptp[4215]: Modem hangup
2009:08:27-19:20:14 login pppd-pptp[4215]: Connection terminated.
2009:08:27-19:20:14 login pppd-pptp[4215]: Exit.
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Client 79.102.209.118 control connection finished
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Exiting now
2009:08:27-19:20:14 login pptpd[4201]: MGR: Reaped child 4214

Reply

0 Arvid over 16 years ago


2009:08:27-18:43:50 login pptpd[2344]: MGR: Launching /usr/local/sbin/pptpctrl to handle client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: local address = 172.20.10.129
2009:08:27-18:43:50 login pptpd[2344]: CTRL: remote address = 172.20.10.130
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Client 81.232.79.160 control connection started
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 1)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Made a START CTRL CONN RPLY packet
2009:08:27-18:43:50 login pptpd[2344]: CTRL: I wrote 156 bytes to the client.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Sent packet to client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 7)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Set parameters to 100000000 maxbps, 64 window size
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Made a OUT CALL RPLY packet
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Starting call (launching pppd, opening GRE)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: pty_fd = 6
2009:08:27-18:43:50 login pptpd[2344]: CTRL: tty_fd = 7
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd-pptp
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): local address = 172.20.10.129
2009:08:27-18:43:50 login pptpd[2345]: CTRL (PPPD Launcher): remote address = 172.20.10.130
2009:08:27-18:43:50 login pppd-pptp[2345]: Plugin /usr/sbin/aua.so loaded.
2009:08:27-18:43:50 login pppd-pptp[2345]: AUA plugin initialized.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: I wrote 32 bytes to the client.
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Sent packet to client
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Received PPTP Control Message (type: 15)
2009:08:27-18:43:50 login pptpd[2344]: CTRL: Got a SET LINK INFO packet with standard ACCMs
2009:08:27-18:43:50 login pptpd[2344]: GRE: Bad checksum from pppd.
2009:08:27-18:43:50 login pppd-pptp[2345]: pppd 2.4.3 started by (unknown), uid 0
2009:08:27-18:43:50 login pppd-pptp[2345]: Starting negotiation on /dev/ttyp0
2009:08:27-18:43:55 login pppd-pptp[2345]: Using interface ppp0
2009:08:27-18:43:55 login pppd-pptp[2345]: MPPE 128-bit stateless compression enabled
2009:08:27-18:43:55 login pppd-pptp[2345]: found interface eth4 for proxy arp
2009:08:27-18:43:55 login pppd-pptp[2345]: local IP address 172.20.10.129
2009:08:27-18:43:55 login pppd-pptp[2345]: remote IP address 172.20.10.130
2009:08:27-18:43:55 login pppd-pptp[2356]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="***" variant="pptp" srcip="81.232.79.160" virtual_ip="172.20.10.130"

2009:08:27-19:20:13 login pppd-pptp[4215]: LCP terminated by peer (MPPE disabled)
2009:08:27-19:20:13 login pppd-pptp[4215]: Connect time 7.6 minutes.
2009:08:27-19:20:13 login pppd-pptp[4215]: Sent 54805 bytes, received 31949 bytes.
2009:08:27-19:20:13 login pppd-pptp[4728]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="***" variant="pptp" srcip="79.102.209.118" virtual_ip="172.20.10.131"
2009:08:27-19:20:14 login pptpd[4214]: CTRL: EOF or bad error reading ctrl packet length.
2009:08:27-19:20:14 login pptpd[4214]: CTRL: couldn't read packet header (exit)
2009:08:27-19:20:14 login pptpd[4214]: CTRL: CTRL read failed
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Reaping child PPP[4215]
2009:08:27-19:20:14 login pppd-pptp[4215]: Modem hangup
2009:08:27-19:20:14 login pppd-pptp[4215]: Connection terminated.
2009:08:27-19:20:14 login pppd-pptp[4215]: Exit.
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Client 79.102.209.118 control connection finished
2009:08:27-19:20:14 login pptpd[4214]: CTRL: Exiting now
2009:08:27-19:20:14 login pptpd[4201]: MGR: Reaped child 4214

Children

No Data