| View previous topic :: View next topic |
| Author |
Message |
veezi
Apprentice
Joined: 10 Nov 2003
Posts: 226
|
 Posted: Sun Jul 11, 2004 2:25 pm Post subject: |
 |
|
| veezi wrote: | I'm at the verge of banging my head against the wall  I'm trying to get mppe-mppc to work. Tried it all, all the tips everywhere .. I always end up with :
| Code: |
MPPE required, but kernel has no support
|
Tried:
1. compile ppp_* as modules, builtin .. no difference
2. modified ppp ebuild for exact ppp patche (1.0) for mppe_mppc .. no difference
3. clean out all and re-emerge .. no difference
I'm using development-sources 2.6.6
Anyone? any ideas ?
Thanks, |
Just changed my ppp options from:
| Code: |
noauth require-mppe refuse-eap
|
to
And it works. Though I don't understand why  |
|
| Back to top |
|
 |
Deathscythe
n00b
Joined: 04 May 2004
Posts: 65
|
| Posted: Sun Jul 11, 2004 5:23 pm Post subject: |
|
|
problem is I don't know which one is for MPPE, so I load everything I think it related to ppp and pptp.
_________________
Deathscythe
http://www.revster.com |
|
| Back to top |
|
|
Deathscythe
n00b
Joined: 04 May 2004
Posts: 65
|
| Posted: Sun Jul 11, 2004 5:29 pm Post subject: |
|
|
btw, can you tell me where did u change your require-mppe options.
_________________
Deathscythe
http://www.revster.com |
|
| Back to top |
|
|
veezi
Apprentice
Joined: 10 Nov 2003
Posts: 226
|
| Posted: Sun Jul 11, 2004 6:43 pm Post subject: |
|
|
'Which ones to load?' Ideally you shouldn't load anything manually if you have configure autoload in the kernel. The kernel will autoload whatever is needed (ppp_mppe_mppc, arc4, etc.). The reason I tried manually loading ip_conntrack and ip_gre (which till now I don't know what they have to do with MPPE/MPPC!) is that someone suggested that!
Anyway, pptp options are in /etc/ppp/options.conf (as mentioned in the first post of this topic). If you want to know what your pppd command with all options looks like, type 'ps ax | grep pppd' after you start the connection (that is after you type 'pptp-command start whatever-peer'). |
|
| Back to top |
|
|
Deathscythe
n00b
Joined: 04 May 2004
Posts: 65
|
| Posted: Sun Jul 11, 2004 9:59 pm Post subject: |
|
|
Hi,
I have successfully connect the VPN now. But I can't ping any machine at the office network. I think its a routing problem. Can you tell me how do I set this up. 
_________________
Deathscythe
http://www.revster.com |
|
| Back to top |
|
|
castrik
n00b
Joined: 16 Apr 2004
Posts: 31
|
| Posted: Mon Jul 12, 2004 12:48 am Post subject: |
|
|
| i assume that gre is to do with the IP Protocol GRE that PPTP uses. not too sure about conntrack myself. |
|
| Back to top |
|
|
veezi
Apprentice
Joined: 10 Nov 2003
Posts: 226
|
| Posted: Mon Jul 12, 2004 10:03 am Post subject: |
|
|
| Deathscythe wrote: | Hi,
I have successfully connect the VPN now. But I can't ping any machine at the office network. I think its a routing problem. Can you tell me how do I set this up. |
If you're connecting in two steps, ppp0 (for the dialup net), and ppp1 (for the pptp vpn net), which is like my setup then you need to:
1. set 'defaultroute' as one of pppd's options when brining up ppp0. This will set the default route to ppp0.
2. do not set 'defaultroute' as one of pppd's options when brining up ppp1 (the vpn). Instead, edit '/etc/ppp/ip-up' script, and in there add manual route commnads to whatever your network is. Here's an example:
| Code: |
if [ "$1" = "ppp1" ]
then
/sbin/route add -net 116.25.0.0 netmask 255.255.0.0 dev $1
/sbin/route add -net 116.190.0.0 netmask 255.255.0.0 dev $1
fi
|
3. Last you'll need to figure out how to handle your nameserver. The 'usepeerdns' option in pppd will create a file '/etc/ppp/resolv.conf' which contains the name servers that it got from the ppp server. You can copy that to '/etc/resolv.conf' within the ip-up script mentioned above. Be careful, since you're calling pppd two times, the second call (vpn connection) will overwrite '/etc/ppp/resolv.conf' that the first call created.
Of course, you can just do whatever you want, like setup your network routes, name servers and even firewall, from within the '/etc/ppp/ip-up' script.
Note that the most common mistake in routing setup here is setting your default route to the vpn tunnel device (ppp1) instead of the original device which carries the tunnel (ppp0).
Cheers, |
|
| Back to top |
|
|
Deathscythe
n00b
Joined: 04 May 2004
Posts: 65
|
| Posted: Mon Jul 12, 2004 10:01 pm Post subject: |
|
|
I tried to connect to a PC at my office's VPN. The VPN server issue me with a IP address of 192.168.4.2
The PC's IP address is 192.168.0.10
I tried to use the following route command
| Code: | | route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp0 |
But I can't connect to a server, can you tell me what's wrong with the above command.
_________________
Deathscythe
http://www.revster.com |
|
| Back to top |
|
|
minaguib
n00b
Joined: 03 Nov 2003
Posts: 35
Location: Montréal
|
| Posted: Mon Jul 12, 2004 11:38 pm Post subject: |
|
|
PPP and PPTP both have built-in capabilities to add and remove routes.
In my original post, this section:
/etc/ppp/peers/ANYVPNNAME
| Code: |
# Route: add -net XX.YY.0.0 netmask 255.255.0.0 dev TUNNEL_DEV
|
The #Route command looks like a comment, but it's not and it gets interpreted.
If your route gets added but it still doesn't work, try:
1. Accessing/pinging/tracerouting a machine by IP, not by hostname
2. Post the output of `route -n`
| Deathscythe wrote: | I tried to connect to a PC at my office's VPN. The VPN server issue me with a IP address of 192.168.4.2
The PC's IP address is 192.168.0.10
I tried to use the following route command
| Code: | | route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp0 |
But I can't connect to a server, can you tell me what's wrong with the above command. |
|
|
| Back to top |
|
|
arkhan_jg
Apprentice
Joined: 18 Mar 2003
Posts: 199
Location: Dorset, UK
|
| Posted: Tue Jul 13, 2004 5:45 pm Post subject: |
|
|
| Deathscythe wrote: | I tried to connect to a PC at my office's VPN. The VPN server issue me with a IP address of 192.168.4.2
The PC's IP address is 192.168.0.10
I tried to use the following route command
| Code: | | route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp0 |
But I can't connect to a server, can you tell me what's wrong with the above command. |
Try
| Code: | | route add -net 192.168.0.0 netmask 255.255.0.0 dev ppp0 |
_________________
make menuconfig not war |
|
| Back to top |
|
|
Corpse2
n00b
Joined: 14 Jan 2004
Posts: 60
|
| Posted: Sun Aug 01, 2004 4:41 pm Post subject: |
|
|
I'm still having problems here. Also first time kernel patcher.
I downloaded the patches from polbox.com which are in gz-format. Then it says to unpack the patch using your tool of choice.
| Code: | corpse2 linux # gunzip linux-2.6.7-mppe-mppc-1.0.patch.gz
gunzip: linux-2.6.7-mppe-mppc-1.0.patch.gz: not in gzip format
|
Same thing with the ppp patch.
What am I missing here? |
|
| Back to top |
|
|
Corpse2
n00b
Joined: 14 Jan 2004
Posts: 60
|
| Posted: Sun Aug 01, 2004 7:14 pm Post subject: |
|
|
never mind,
seems that saving the patches with Internet Exploder on Fat partition and copying this to an ext3 partition stuffed up somewhere. |
|
| Back to top |
|
|
Skydive
n00b
Joined: 19 Nov 2002
Posts: 23
Location: Belgium
|
| Posted: Sat Aug 07, 2004 1:18 pm Post subject: |
|
|
| minaguib wrote: |
If your route gets added but it still doesn't work, try:
1. Accessing/pinging/tracerouting a machine by IP, not by hostname
2. Post the output of `route -n`
|
Thanks for the excellent guide! I seem to be having the same problem as Deathscythe, though.
My VPN gets established correctly with interface ppp1.
My standard connection to the internet has interface ppp0.
Without VPN my /etc/resolv.conf file looks like this:
| Code: |
domain easynet.be
search easynet.be www.easynet.be
nameserver 212.100.160.52
nameserver 212.100.160.51
|
Easynet is my ISP.
When the VPN is being set up I can see the following logs:
| Code: |
...
local IP address 192.168.3.6
remote IP address 192.168.3.5
primary DNS address 192.168.0.5
secondary DNS address 192.168.0.12
...
|
My VPN peer is called brc and it has the option usepeerdns.
As a result, my /etc/resolv.conf looks like this as soon as the VPN is active:
| Code: |
domain easynet.be
search easynet.be www.easynet.be
nameserver 192.168.0.5
nameserver 192.168.0.12
|
Next, I add a routing rule and after that the route -n command gives me:
| Code: |
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
81.188.75.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.3.5 0.0.0.0 255.255.255.255 UH 0 0 0 ppp1
192.168.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ppp1
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
0.0.0.0 81.188.75.1 0.0.0.0 UG 0 0 0 ppp0
|
"ping 192.168.0.5" gives 100% packet loss 
Thanks in advance!
_________________
Check out the FreeCol project at http://www.freecol.org |
|
| Back to top |
|
|
veezi
Apprentice
Joined: 10 Nov 2003
Posts: 226
|
| Posted: Sun Aug 08, 2004 3:34 pm Post subject: |
|
|
Try:
| Code: |
route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp1
|
And try pinging 192.168.0.5 again. |
|
| Back to top |
|
|
Wishmaster
Tux's lil' helper
Joined: 11 May 2003
Posts: 117
Location: Essen/Germany
|
| Posted: Mon Aug 09, 2004 9:43 am Post subject: |
|
|
I've the same problem with the kernel module and I don't know why.
Debug messages are:
| Code: |
......
rcvd [CHAP Success id=0x1 "S=4F86EDC193045F25DA870E105D69E1554A6865E0 M=Welcome to fw01.seg"]
MPPE required, but kernel has no support.
sent [LCP TermReq id=0x2 "MPPE required but not available"]
rcvd [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
Discarded non-LCP packet when LCP not open
rcvd [LCP TermAck id=0x2]
Connection terminated.
...
|
I've tested all options and loaded ip_gre and ip_conntrack. ppp_mppe_mppc is loaded fine automatically when pppd starts calling.
Any further ideas?
Bye,
Wishmaster |
|
| Back to top |
|
|
Skydive
n00b
Joined: 19 Nov 2002
Posts: 23
Location: Belgium
|
| Posted: Sat Aug 14, 2004 11:18 am Post subject: |
|
|
| veezi wrote: | Try:
| Code: |
route add -net 192.168.0.0 netmask 255.255.255.0 dev ppp1
|
And try pinging 192.168.0.5 again. |
I've tried that, but it still doesn't work.
_________________
Check out the FreeCol project at http://www.freecol.org |
|
| Back to top |
|
|
ashrobo
n00b
Joined: 11 Aug 2004
Posts: 18
Location: Singapore
|
| Posted: Sun Aug 15, 2004 5:04 am Post subject: |
|
|
| Can someone send me a copy of the kernel patch? www.polbox.com seems to be down... |
|
| Back to top |
|
|
vmk
n00b
Joined: 25 May 2004
Posts: 31
|
|
| Back to top |
|
|
ashrobo
n00b
Joined: 11 Aug 2004
Posts: 18
Location: Singapore
|
| Posted: Mon Aug 16, 2004 6:45 am Post subject: |
|
|
| Thanks vmk! |
|
| Back to top |
|
|
znmeb
n00b
Joined: 29 Dec 2003
Posts: 25
Location: Beaverton, Oregon, USA
|
| Posted: Sat Jun 25, 2005 6:23 pm Post subject: |
|
|
| ashrobo wrote: | | Can someone send me a copy of the kernel patch? www.polbox.com seems to be down... |
Yeah ... it's still down as of this post. I have the patch for 2.6.11, but Portage now has 2.6.12! Is there a source for the patch to 2.6.12, or am I stuck at 11???
_________________
--
M. Edward (Ed) Borasky
znmeb@borasky-research.net
http://www.borasky-research.net/ |
|
| Back to top |
|
|
thoughtform
l33t
Joined: 24 May 2004
Posts: 600
|
| Posted: Sun Jun 26, 2005 7:39 pm Post subject: |
|
|
i need the patch for 2.6.11 and 2.6.12
thanks |
|
| Back to top |
|
|
jamapii
l33t
Joined: 16 Sep 2004
Posts: 637
|
| Posted: Tue Aug 23, 2005 3:55 pm Post subject: |
|
|
| I'm also looking for the 2.4.31 patch |
|
| Back to top |
|
|
zaiyon
Apprentice
Joined: 19 May 2004
Posts: 219
Location: Germany
|
| Posted: Tue Aug 30, 2005 12:29 am Post subject: |
|
|
Well, polbox is still down (isn't there a new official location for the patches?)
So I'm in need of the patch for 2.6.13 now, perhaps a little early ... would be great if someone could tell me where to get it.
You can download 2.6.12 from me, if you need it.
http://www.zaiyon.ath.cx/~fhd/stuff/linux-2.6.12-mppe-mppc-1.3.patch.gz
I don't have any other versions, but I'll collect, starting today.
_________________
What do you have when you have six lawyers buried up to their necks in sand? Not enough sand.
My Project - open Outcast |
|
| Back to top |
|
|
zaiyon
Apprentice
Joined: 19 May 2004
Posts: 219
Location: Germany
|
| Posted: Thu Sep 08, 2005 5:01 pm Post subject: |
|
|
OMFG look HERE: http://mppe-mppc.alphacron.de/
Everything is there! So I can finally move to 2.6.13 
_________________
What do you have when you have six lawyers buried up to their necks in sand? Not enough sand.
My Project - open Outcast |
|
| Back to top |
|
|
dspgen
Tux's lil' helper
Joined: 17 Aug 2005
Posts: 103
|
| Posted: Tue Dec 20, 2005 11:38 pm Post subject: 3rd nic + PPTP + WIFI = no driveby uploads! |
|
|
Just a success FYI:
I am using 2.6.12 kernel.
I added a 3rd nic card to my firewall box, and plugged the wifi network into it.
using http://mppe-mppc.alphacron.de and http://gentoo-wiki.com/HOWTO_PPTP_tunnels_with_kernel_2.6, I was able to PPTP with max encryption from my (Windows XP) wi-fi computers to my Gentoo firewall, and onto the internet.
It works great, just add a short-cut to the PPTP connection to your startup folder, and you never have to do anything! |
|
| Back to top |
|
|
|
Documentation, Tips & Tricks
