wiki:help/scc/pptp/status

Version 11 (modified by Edwin Eefting, 8 years ago) (diff)

--

Windows VPN PPTP status

Let op: We raden het gebruik van PPTP af ivm veiligheid en andere praktische redenen. In plaats hiervan raden we de SYN-3 OpenVPN server aan

Hier ziet u een overzicht van alle actieve VPN PPTP sessies.

Probleem oplossing

Kijk eerst of u de instructies van deze pagina goed gevolgd heeft: help/scc/pptp/editsettings

Kan niet internetten vanuit Windows, zodra PPTP verbinding gemaakt is

Waarschijnlijk heeft u de firewall instellingen van de SYN-3 server niet goed staan, of de gateway instelling bij de tunnel in Windows.

Volg methode 1 of 2 op deze pagina: help/scc/pptp/editsettings

Fout 800 in Windows bij het maken van verbinding

Meestal komt dit door verkeerde firewall instellingen, waardoor de TCP paketten op poort 1723 of GRE paketten niet aankomen.

  • Controleer of alle routers en firewalls op de weg poort 1723 TCP toelaten.
  • Controleer of alle routers en firewalls de speciale GRE paketten toestaan. Dit is een speciaal protocol en dus geen TCP of UDP. NAT routers hebben hier nogal eens problemen mee.

U kunt met telnet controleren of poort 1723 beschikbaar is:

r3m0t3h0st ~ # telnet 82.161.14.18 1723
Trying 82.161.14.18...
Connected to 82.161.14.18.
Escape character is '^]'.

Als deze poort te connecten is en u krijgt nog steeds fout 800, dan komen de GRE paketten niet goed over.

Tcpdump van een werkende verbinding

Hieronder een uitdraai van een correcte verbindings opbouw via pptp. Vooral de GRE paketten geven nogal eens problemen.

Dit kunt u als leidraad gebruiken bij foutanalyse:

root@syn3.server.nl ~# tcpdump -l -n -i eth1 tcp port 1723 or proto GRE
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 68 bytes
12:44:23.389384 IP (ip windows).42906 > (ip syn3 server).1723: S 628441774:628441774(0) win 5840 <mss 1460,sackOK,timestamp 28541074[|tcp]>
12:44:23.391162 IP (ip syn3 server).1723 > (ip windows).42906: S 3878131842:3878131842(0) ack 628441775 win 5792 <mss 1460,sackOK,timestamp 108866576[|tcp]>
12:44:24.167643 IP (ip windows).42906 > (ip syn3 server).1723: . ack 1 win 5840 <nop,nop,timestamp 28541399 108866576>
12:44:24.212601 IP (ip windows).42906 > (ip syn3 server).1723: P 1:157(156) ack 1 win 5840 <nop,nop,timestamp 28541399 108866576>: pptp [|pptp]
12:44:24.212705 IP (ip syn3 server).1723 > (ip windows).42906: . ack 157 win 6432 <nop,nop,timestamp 108866782 28541399>
12:44:24.215001 IP (ip syn3 server).1723 > (ip windows).42906: P 1:157(156) ack 157 win 6432 <nop,nop,timestamp 108866782 28541399>: pptp [|pptp]
12:44:24.584567 IP (ip windows).42906 > (ip syn3 server).1723: . ack 157 win 6432 <nop,nop,timestamp 28542356 108866782>
12:44:24.649449 IP (ip windows).42906 > (ip syn3 server).1723: P 157:325(168) ack 157 win 6432 <nop,nop,timestamp 28542357 108866782>: pptp [|pptp]
12:44:24.655420 IP (ip syn3 server).1723 > (ip windows).42906: P 157:189(32) ack 325 win 7504 <nop,nop,timestamp 108866893 28542357>: pptp [|pptp]
12:44:24.760576 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 0, length 41: LCP, Conf-Request (0x01), id 1, length 27
12:44:24.883231 IP (ip windows).42906 > (ip syn3 server).1723: P 325:349(24) ack 189 win 6432 <nop,nop,timestamp 28542654 108866893>: pptp [|pptp]
12:44:24.902917 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 0, length 37: LCP, Conf-Request (0x01), id 0, length 23
12:44:24.903215 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 1, ack 0, length 27: LCP, Conf-Reject (0x04), id 0, length 9
12:44:24.923179 IP (ip syn3 server).1723 > (ip windows).42906: . ack 349 win 7504 <nop,nop,timestamp 108866960 28542654>
12:44:24.958618 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 1, ack 0, length 45: LCP, Conf-Ack (0x02), id 1, length 27
12:44:25.007238 IP (ip syn3 server) > (ip windows): GREv1, call 256, ack 1, no-payload, length 12
12:44:25.215910 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 2, ack 1, length 38: LCP, Conf-Request (0x01), id 1, length 20
12:44:25.216474 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 2, ack 2, length 38: LCP, Conf-Ack (0x02), id 1, length 20
12:44:25.216495 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 3, length 40: CHAP, Challenge (0x01), id 178, Value 748ee918be2d20b9ce5d13d676a44c[|chap]
12:44:25.460235 IP (ip windows).42906 > (ip syn3 server).1723: P 349:373(24) ack 189 win 6432 <nop,nop,timestamp 28543240 108866960>: pptp [|pptp]
12:44:25.460317 IP (ip syn3 server).1723 > (ip windows).42906: . ack 373 win 7504 <nop,nop,timestamp 108867094 28543240>
12:44:25.500146 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 3, ack 2, length 36: LCP, Ident (0x0c), id 2, length 20
12:44:25.500618 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 4, ack 3, length 42: LCP, Code-Reject (0x07), id 2, length 24
12:44:25.515413 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 4, length 35: LCP, Ident (0x0c), id 3, length 23
12:44:25.515807 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 5, ack 4, length 45: LCP, Code-Reject (0x07), id 3, length 27
12:44:25.535140 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 5, ack 3, length 77: CHAP, Response (0x02), id 178, Value b4861c0a6d23151cbf9c87[|chap]
12:44:25.587155 IP (ip syn3 server) > (ip windows): GREv1, call 256, ack 5, no-payload, length 12
12:44:25.637748 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 6, length 60: CHAP, Success (0x03), id 178, Msg S=5C6A1C5EE09E13[|chap]
12:44:25.638361 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 7, length 24: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 1, length 12
12:44:25.900487 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 6, length 24: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 4, length 12
12:44:25.900718 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 7, length 48: IPCP, Conf-Request (0x01), id 5, length 36
12:44:25.901082 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 8, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Nack (0x03), id 4, length 12
12:44:25.901098 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 9, length 18: IPCP, Term-Ack (0x06), id 5, length 6
12:44:25.916258 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 8, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 1, length 12
12:44:25.967009 IP (ip syn3 server) > (ip windows): GREv1, call 256, ack 8, no-payload, length 12
12:44:26.173223 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 9, ack 8, length 28: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 6, length 12
12:44:26.173986 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 10, ack 9, length 28: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 6, length 12
12:44:26.174011 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 11, length 24: IPCP, Conf-Request (0x01), id 1, length 12
12:44:26.462499 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 10, ack 11, length 28: IPCP, Conf-Ack (0x02), id 1, length 12
12:44:26.511054 IP (ip syn3 server) > (ip windows): GREv1, call 256, ack 10, no-payload, length 12
12:44:27.900578 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 11, length 48: IPCP, Conf-Request (0x01), id 7, length 36
12:44:27.901058 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 12, ack 11, length 46: IPCP, Conf-Reject (0x04), id 7, length 30
12:44:28.161524 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 12, ack 12, length 28: IPCP, Conf-Request (0x01), id 8, length 12
12:44:28.161961 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 13, ack 12, length 28: IPCP, Conf-Nack (0x03), id 8, length 12
12:44:28.414999 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 13, ack 13, length 28: IPCP, Conf-Request (0x01), id 9, length 12
12:44:28.422793 IP (ip syn3 server) > (ip windows): GREv1, call 256, seq 14, ack 13, length 28: IPCP, Conf-Ack (0x02), id 9, length 12
12:44:28.753561 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 14, ack 14, length 61: compressed PPP data
12:44:28.802578 IP (ip syn3 server) > (ip windows): GREv1, call 256, ack 14, no-payload, length 12
12:44:28.820100 IP (ip windows) > (ip syn3 server): GREv1, call 384, seq 15, length 178: compressed PPP data
...verbinding is actief...

Zie ook

Attachments (1)

Download all attachments as: .zip