# University VPN + PPTP + MPPE + MPPC [SOLVED]

## froke

I'm having trouble getting a connection to my university's VPN.  The net admin says that they are using an embedded BSD device and 128-bit MPPE encryption and MPPC.  Windows clients connect just fine, however, just an interesting side note: Windows clients do not report that compression is being used.  

I have installed the patches for my 2.6.2 kernel and the patches for ppp along with ppp-2.4.2.tar.gz from http://www.polbox.com/h/hs001/

I compiled and installed ppp outside of portage.

I connect initially to the VPN with my wireless pcmcia card and then use "pon" to start the ppp client:

```

[root #] pon unr

pppd options in effect:

debug      # (from /etc/ppp/options.pptp)

nodetach      # (from /etc/ppp/options.pptp)

logfd 2      # (from /etc/ppp/options.pptp)

dump      # (from /etc/ppp/options.pptp)

noauth      # (from /etc/ppp/options.pptp)

name gkelly      # (from /etc/ppp/peers/unr)

remotename PPTP      # (from /etc/ppp/peers/unr)

      # (from /etc/ppp/options.pptp)

pty pptp wifi.unr.edu --nolaunchpppd      # (from /etc/ppp/peers/unr)

mru 1500      # (from /etc/ppp/options.pptp)

mtu 1500      # (from /etc/ppp/options.pptp)

lcp-echo-failure 50      # (from /etc/ppp/options.pptp)

lcp-echo-interval 10      # (from /etc/ppp/options.pptp)

ipparam unr      # (from /etc/ppp/peers/unr)

nobsdcomp      # (from /etc/ppp/options.pptp)

nodeflate      # (from /etc/ppp/options.pptp)

using channel 2

Using interface ppp0

Connect: ppp0 <--> /dev/pts/3

sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x2e6382b6> <pcomp> <accomp>]

rcvd [LCP ConfReq id=0x0 <accomp> <pcomp> <magic 0x6449c9d8> <auth chap MS-v2> <mrru 1600> <ssnhf> <endpoint [IP:42.0.0.1]>]

sent [LCP ConfRej id=0x0 <mrru 1600> <ssnhf>]

rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x2e6382b6> <pcomp> <accomp>]

rcvd [LCP ConfReq id=0x1 <accomp> <pcomp> <magic 0x6449c9d8> <auth chap MS-v2> <endpoint [IP:42.0.0.1]>]

sent [LCP ConfAck id=0x1 <accomp> <pcomp> <magic 0x6449c9d8> <auth chap MS-v2> <endpoint [IP:42.0.0.1]>]

sent [LCP EchoReq id=0x0 magic=0x2e6382b6]

rcvd [CHAP Challenge id=0x0 <20024f3a20db69fc70f38573ee37bc08>, name = ""]

sent [CHAP Response id=0x0 <c243382d4a77c0433aca14625ab2b7b30000000000000000b0f940b548ed8b2c0c7694779e84c37a26174a707c36fe2700>, name = "gkelly"]

rcvd [LCP EchoRep id=0x0 magic=0x6449c9d8]

rcvd [CHAP Success id=0x0 "S=48A574F64FB807FC28C1C8C4716138DC72D224CD"]

Couldn't set pass-filter in kernel: Invalid argument

sent [CCP ConfReq id=0x1 <mppe +H +M +S +L -D +C>]

rcvd [IPCP ConfReq id=0x0 <addr 134.197.14.244> <compress VJ 0f 00>]

sent [IPCP TermAck id=0x0]

rcvd [CCP ConfReq id=0x0 <mppe +H -M +S -L -D -C>]

sent [CCP ConfAck id=0x0 <mppe +H -M +S -L -D -C>]

rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]

sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]

rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]

MPPE 128-bit stateless compression enabled

sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]

rcvd [IPCP ConfNak id=0x1 <addr 42.65.76.67>]

sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 42.65.76.67>]

rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 42.65.76.67>]

rcvd [IPCP ConfReq id=0x0 <addr 134.197.14.244> <compress VJ 0f 00>]

sent [IPCP ConfAck id=0x0 <addr 134.197.14.244> <compress VJ 0f 00>]

local  IP address 42.65.76.67

remote IP address 134.197.14.244

Script /etc/ppp/ip-up started (pid 5381)

Script /etc/ppp/ip-up finished (pid 5381), status = 0x1

```

Now I have to set up the routing:

```

[root #] route add -host 42.0.0.1 dev eth1

[root #] route del default dev eth1

[root #] route add default dev ppp-0

[root #] route -n

Kernel IP routing table

Destination       Gateway         Genmask         Flags Metric Ref    Use Iface

42.0.0.1            0.0.0.0      255.255.255.255   UH     0        0        0 eth1

134.197.14.244  0.0.0.0      255.255.255.255   UH    0         0        0 ppp0

42.55.22.20       0.0.0.0      255.255.255.252   U      0         0        0 eth1

127.0.0.0          127.0.0.1   255.0.0.0             UG    0         0        0 lo

0.0.0.0              0.0.0.0      0.0.0.0                 U      0        0        0  ppp0

```

Then all is well, until I try to actually do anything.  Trying to ping www.gentoo.org results with 

```

rcvd [proto=0x2145] 00 01 2d 00 00 40 00 3d 11 3a 76 86 c5 05 01 2a 41 4c 43 00 35 80 00 01 19 75 63 a8 16 81 80 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x2 21 45 00 01 2d 00 00 40 00 3d 11 3a 76 86 c5 05 01 2a 41 4c 43 00 35 80 00 01 19 75 63 a8 16 81 ...]

rcvd [proto=0x2145] 00 01 1d 00 00 40 00 3d 11 39 86 86 c5 06 01 2a 41 4c 43 00 35 80 01 01 09 c1 77 a8 16 81 80 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x3 21 45 00 01 1d 00 00 40 00 3d 11 39 86 86 c5 06 01 2a 41 4c 43 00 35 80 01 01 09 c1 77 a8 16 81 ...]

rcvd [proto=0x2145] 00 01 2d 00 00 40 00 3d 11 3a 76 86 c5 05 01 2a 41 4c 43 00 35 80 00 01 19 38 dc a8 16 81 80 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x4 21 45 00 01 2d 00 00 40 00 3d 11 3a 76 86 c5 05 01 2a 41 4c 43 00 35 80 00 01 19 38 dc a8 16 81 ...]

rcvd [proto=0x2145] 00 01 1d 00 00 40 00 3d 11 39 86 86 c5 06 01 2a 41 4c 43 00 35 80 01 01 09 d1 62 a8 16 81 80 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x5 21 45 00 01 1d 00 00 40 00 3d 11 39 86 86 c5 06 01 2a 41 4c 43 00 35 80 01 01 09 d1 62 a8 16 81 ...]

rcvd [proto=0x2145] 00 00 75 00 00 40 00 3d 11 3b 2e 86 c5 05 01 2a 41 4c 43 00 35 80 01 00 61 3c fd a8 17 85 83 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x6 21 45 00 00 75 00 00 40 00 3d 11 3b 2e 86 c5 05 01 2a 41 4c 43 00 35 80 01 00 61 3c fd a8 17 85 ...]

rcvd [proto=0x2145] 00 00 75 00 00 40 00 3d 11 3a 2e 86 c5 06 01 2a 41 4c 43 00 35 80 02 00 61 3b fc a8 17 85 83 00 ...

Unsupported protocol 0x2145 received

sent [LCP ProtRej id=0x7 21 45 00 00 75 00 00 40 00 3d 11 3a 2e 86 c5 06 01 2a 41 4c 43 00 35 80 02 00 61 3b fc a8 17 85 ...]

```

So the error message reports that MPPC is not supported in my client.

Can anyone offer any help?  How can I be sure that MPPC is enabled for ppp?

----------

## think4urs11

Hi!

Did you already try  :Arrow: this?

HTH

T.

----------

## froke

Yes I have tried everything on that page except "Solution 2: turn off MPPC at the PPTP Server."  because I do not have control over the PPTP Server.  If I can't get MPPC to work for me, the only thing I can do is try to convince the net admins at the university to turn off MPPC

----------

## ash

Yeah, the current setup they have now is ticking me off - I am fighting the same problem.  I really would like to know whose idea it was for this authentication scheme....

----------

## froke

I'm beginning to think that my client is not the problem, but rather that the server is not configured correctly.

My client does have support for MPPC, but it is not being enabled due to the fact that the vpn server is not negotiating MPPC to be used.  This can be seen from the following log:

```

sent [CCP ConfReq id=0x1 <mppe +H +M +S +L -D +C>]

```

My client requests this configuration. Notice the +C which means MPPC compression is requested, but the server replies with:

```

rcvd [CCP ConfReq id=0x0 <mppe +H -M +S -L -D -C>]

```

Which is 128-bit stateless encryption, but with -C, or witout MPPC compression.  Information on the mppe options can be found here http://www.zvon.org/tmRFC/RFC3078/Output/chapter2.html

So my client does not think it has to compress packets, because compression was not negotiated.  But in fact compression is needed, otherwise why would I receive the "Unsupported protocol 0x2145 received" message?

Also, when connecting in Windows (which works for some reason), the connection status reports that compression is not being used.  Is this because the status is based on the negotiation made with the server?  How does the windows client eventually end up using compression, but not updating the connection status?  I have no clue.

----------

## froke

I emailed Jan Dubiec, the author of the mppe/mppc patch.  Here is the reply I got:

 *Quote:*   

> 
> 
> The problem is known to me. I am going to fix it in the next release of
> 
> my kernel patch. As a temporary solution I suggest reading http://pptpclient.sourceforge.net/howto-diagnosis.phtml#mppc
> ...

 

So now I am working on combining that patch into Jan's patch.  I hope this solves the problem.

----------

## veezi

Hi ..

Sorry if this is off-topic, but I've been trying to get this to work for ages now!

kernel is 2.6.3, patched it with Jan Dubiec's mppe/mppc. pppd is 2.4.2, patched it with Jan Dubiec's patch also.

Now, whenever I try to connect the log shows 'MPPE required, but kernel has not support' !! Why? ppp-compress-18 is alias to ppp_mppe_mppc .. and the module loads without errors.

Can any one please help? Is it because I'm using kernel 2.6.3 instead of 2.6.2 as you mentioned in your message?

Thanks,

----------

## veezi

Hi ..

I'm providing more details .. may be somebody out there can help .. pleeeeeeeeeeese !!

Problem: Trying to connect to a VPN server (which I have no information about at all) using pptp.  I'm running kernel 2.6.3, I dial through modem to internet (which works fine), and then using pptp to the VPN.

I fiddled so much with it, trying to get it to work, but without any luck. I can connect from windows without any problem. Two basic tests that I've done:

TEST1:

kernel MPPE patch for 2.6.0 from planetmirror.

pppd 2.4.1 (gentoo latest version unmodified).

alias ppp-compress-18 --> ppp_mppe

ppp options:

' noauth nobsdcomp nodeflate mppe-stateless mppe-40 mppe-128'

Result:

connection comes up, but without actual connectivity to any host, I can't even ping anything. Here's the log:

```

Mar  2 09:51:39 dragon02 pppd[15711]: pppd 2.4.1 started by root, uid 0

Mar  2 09:51:39 dragon02 pppd[15711]: using channel 5

Mar  2 09:51:39 dragon02 pppd[15711]: Using interface ppp1

Mar  2 09:51:39 dragon02 pppd[15711]: Connect: ppp1 <--> /dev/pts/4

Mar  2 09:51:40 dragon02 pptp[15712]: anon log[main:pptp.c:219]: The synchronous pptp option is NOT activated 

Mar  2 09:51:40 dragon02 pppd[15711]: sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0xfc2b1470> <pcomp> <accomp>]

Mar  2 09:51:41 dragon02 pptp[15723]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:630]: Client connection established.

Mar  2 09:51:42 dragon02 pptp[15723]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:759]: Outgoing call established (call ID 0, peer's call ID 26502). 

Mar  2 09:51:42 dragon02 pptp[15712]: anon log[decaps_hdlc:pptp_gre.c:217]: PPP mode seems to be Asynchronous. 

Mar  2 09:51:42 dragon02 pppd[15711]: rcvd [LCP ConfReq id=0x0 <mru 1400> <auth 0xc227> <magic 0x6c9e7309> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]> < 17 04 4b 36>]

Mar  2 09:51:42 dragon02 pppd[15711]: sent [LCP ConfRej id=0x0 <mrru 1614> < 17 04 4b 36>]

Mar  2 09:51:42 dragon02 pppd[15711]: rcvd [LCP ConfAck id=0x1 <mru 1000> <asyncmap 0x0> <magic 0xfc2b1470> <pcomp> <accomp>]

Mar  2 09:51:42 dragon02 pppd[15711]: rcvd [LCP ConfReq id=0x1 <mru 1400> <auth 0xc227> <magic 0x6c9e7309> <pcomp> <accomp> <callback CBCP> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 09:51:42 dragon02 pppd[15711]: sent [LCP ConfNak id=0x1 <auth chap 81>]

Mar  2 09:51:43 dragon02 pppd[15711]: rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap 81> <magic 0x6c9e7309> <pcomp> <accomp> <callback CBCP> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 09:51:43 dragon02 pppd[15711]: sent [LCP ConfAck id=0x2 <mru 1400> <auth chap 81> <magic 0x6c9e7309> <pcomp> <accomp> <callback CBCP> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 09:51:43 dragon02 pppd[15711]: cbcp_lowerup

Mar  2 09:51:43 dragon02 pppd[15711]: want: 2

Mar  2 09:51:43 dragon02 pptp[15723]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:823]: PPTP_SET_LINK_INFO received from peer_callid 0

Mar  2 09:51:43 dragon02 pptp[15723]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:826]:   send_accm is 00000000, recv_accm is FFFFFFFF

Mar  2 09:51:43 dragon02 pppd[15711]: rcvd [CHAP Challenge id=0x0 <cfd2d6fad10360faaeb85d67d4dd9670>, name = "ZUKVPNPRO01"]

Mar  2 09:51:43 dragon02 pppd[15711]: sent [CHAP Response id=0x0 <9af42fa1b9b1b3e85621987ae13f9abf0000000000000000345b1a763ad8ca7e24586058c519f00db85d362e107aa65d00>, name = ""]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [CHAP Success id=0x0 "S=5F10654FB1925FD4622D368E58453434B67E7E29"]

Mar  2 09:51:46 dragon02 pppd[15711]: Remote message: S=5F10654FB1925FD4622D368E58453434B67E7E29

Mar  2 09:51:46 dragon02 pppd[15711]: cbcp_open

Mar  2 09:51:46 dragon02 pppd[15711]: cbcp_req CONF_NO

Mar  2 09:51:46 dragon02 pppd[15711]: sent [CBCP Request id=0x1 < NoCallback>]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [CBCP Request id=0x1 < NoCallback>]

Mar  2 09:51:46 dragon02 pppd[15711]: length: 2

Mar  2 09:51:46 dragon02 pppd[15711]: Callback: none

Mar  2 09:51:46 dragon02 pppd[15711]: cbcp_resp cb_type=2

Mar  2 09:51:46 dragon02 pppd[15711]: cbcp_resp CONF_NO

Mar  2 09:51:46 dragon02 pppd[15711]: sent [CBCP Response id=0x1 < NoCallback>]

Mar  2 09:51:46 dragon02 pppd[15711]: sent [IPCP ConfReq id=0x1 <addr 192.190.53.202> <compress VJ 0f 01> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]

Mar  2 09:51:46 dragon02 pppd[15711]: sent [CCP ConfReq id=0x1 <mppe 1 0 0 60>]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [CBCP Ack id=0x1 < NoCallback>]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [CCP ConfReq id=0x4 <mppe 1 0 0 e1>]

Mar  2 09:51:46 dragon02 pppd[15711]: sent [CCP ConfNak id=0x4 <mppe 1 0 0 60>]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [IPCP ConfReq id=0x5 <addr 192.27.192.42>]

Mar  2 09:51:46 dragon02 pppd[15711]: sent [IPCP ConfAck id=0x5 <addr 192.27.192.42>]

Mar  2 09:51:46 dragon02 pppd[15711]: rcvd [CCP ConfNak id=0x1 <mppe 1 0 0 40>]

Mar  2 09:51:46 dragon02 pppd[15711]: sent [CCP ConfReq id=0x2 <mppe 1 0 0 40>]

Mar  2 09:51:47 dragon02 pppd[15711]: rcvd [CCP ConfReq id=0x6 <mppe 1 0 0 40>]

Mar  2 09:51:47 dragon02 pppd[15711]: sent [CCP ConfAck id=0x6 <mppe 1 0 0 40>]

Mar  2 09:51:47 dragon02 pppd[15711]: rcvd [CCP ConfAck id=0x2 <mppe 1 0 0 40>]

Mar  2 09:51:47 dragon02 pppd[15711]: MPPE 128 bit, stateless compression enabled

Mar  2 09:51:49 dragon02 pppd[15711]: sent [IPCP ConfReq id=0x1 <addr 192.190.53.202> <compress VJ 0f 01> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]

Mar  2 09:51:49 dragon02 pppd[15711]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]

Mar  2 09:51:49 dragon02 pppd[15711]: sent [IPCP ConfReq id=0x2 <addr 192.190.53.202> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]

Mar  2 09:51:50 dragon02 pppd[15711]: rcvd [IPCP ConfNak id=0x2 <addr 192.27.192.133> <ms-dns1 192.25.7.242> <ms-dns3 192.25.7.243>]

Mar  2 09:51:50 dragon02 pppd[15711]: sent [IPCP ConfReq id=0x3 <addr 192.27.192.133> <ms-dns1 192.25.7.242> <ms-dns3 192.25.7.243>]

Mar  2 09:51:50 dragon02 pppd[15711]: rcvd [IPCP ConfAck id=0x3 <addr 192.27.192.133> <ms-dns1 192.25.7.242> <ms-dns3 192.25.7.243>]

Mar  2 09:51:50 dragon02 pppd[15711]: local  IP address 192.27.192.133

Mar  2 09:51:50 dragon02 pppd[15711]: remote IP address 192.27.192.42

Mar  2 09:51:50 dragon02 pppd[15711]: primary   DNS address 192.25.7.242

Mar  2 09:51:50 dragon02 pppd[15711]: secondary DNS address 192.25.7.243

Mar  2 09:51:50 dragon02 pppd[15711]: Script /etc/ppp/ip-up started (pid 15726)

Mar  2 09:51:50 dragon02 pppd[15711]: Script /etc/ppp/ip-up finished (pid 15726), status = 0x0

Mar  2 09:51:53 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x4 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:51:53 dragon02 pppd[15625]: sent [LCP EchoRep id=0x4 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:03 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x5 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:03 dragon02 pppd[15625]: sent [LCP EchoRep id=0x5 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:13 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x6 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:13 dragon02 pppd[15625]: sent [LCP EchoRep id=0x6 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:23 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x7 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:23 dragon02 pppd[15625]: sent [LCP EchoRep id=0x7 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:34 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x8 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:34 dragon02 pppd[15625]: sent [LCP EchoRep id=0x8 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:44 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0x9 magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:44 dragon02 pppd[15625]: sent [LCP EchoRep id=0x9 magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:52:54 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0xa magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:52:54 dragon02 pppd[15625]: sent [LCP EchoRep id=0xa magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:53:04 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0xb magic=0x7aeb99ef d4 0c a0 02]

Mar  2 09:53:04 dragon02 pppd[15625]: sent [LCP EchoRep id=0xb magic=0xae52e1fc d4 0c a0 02]

Mar  2 09:53:15 dragon02 pppd[15625]: rcvd [LCP EchoReq id=0xc magic=0x7aeb99ef d4 0c a0 02

```

TEST2:

kernel MPPE/MPPC patch for 2.6.3 from Jan Dubiec.

pppd 2.4.2 patched with Jan Dubiec's patch.

alias ppp-compress-18 --> ppp_mppe_mppc

ppp options:

' noauth require-mppe refuse-eap'

Result:

connection doesn't come up at all. Says 'MPPE required but no kernel support'. Here's the log:

```

Mar  2 23:29:51 dragon02 pppd[10056]: pppd 2.4.2 started by root, uid 0

Mar  2 23:29:51 dragon02 pppd[10056]: using channel 6

Mar  2 23:29:51 dragon02 pppd[10056]: Using interface ppp1

Mar  2 23:29:51 dragon02 pppd[10056]: Connect: ppp1 <--> /dev/pts/0

Mar  2 23:29:52 dragon02 pptp[10057]: anon log[main:pptp.c:219]: The synchronous pptp option is NOT activated 

Mar  2 23:29:52 dragon02 pppd[10056]: sent [LCP ConfReq id=0x1 <mru 1490> <asyncmap 0x0> <magic 0xd2688a8a> <pcomp> <accomp>]

Mar  2 23:29:54 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:630]: Client connection established.

Mar  2 23:29:54 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:759]: Outgoing call established (call ID 0, peer's call ID 44634). 

Mar  2 23:29:54 dragon02 pptp[10057]: anon log[decaps_hdlc:pptp_gre.c:217]: PPP mode seems to be Asynchronous. 

Mar  2 23:29:55 dragon02 pppd[10056]: rcvd [LCP ConfReq id=0x0 <mru 1400> <auth eap> <magic 0xfeb4fa8> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]> < 17 04 51 87>]

Mar  2 23:29:55 dragon02 pppd[10056]: sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 51 87>]

Mar  2 23:29:55 dragon02 pppd[10056]: rcvd [LCP ConfAck id=0x1 <mru 1490> <asyncmap 0x0> <magic 0xd2688a8a> <pcomp> <accomp>]

Mar  2 23:29:55 dragon02 pppd[10056]: rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0xfeb4fa8> <pcomp> <accomp> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 23:29:55 dragon02 pppd[10056]: sent [LCP ConfNak id=0x1 <auth chap 07>]

Mar  2 23:29:55 dragon02 pppd[10056]: sent [LCP ConfReq id=0x1 <mru 1490> <asyncmap 0x0> <magic 0xd2688a8a> <pcomp> <accomp>]

Mar  2 23:29:56 dragon02 pppd[10056]: rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap MS-v2> <magic 0xfeb4fa8> <pcomp> <accomp> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 23:29:56 dragon02 pppd[10056]: sent [LCP ConfAck id=0x2 <mru 1400> <auth chap MS-v2> <magic 0xfeb4fa8> <pcomp> <accomp> <endpoint [local:d5.8a.c2.63.c7.64.4f.ce.88.94.c3.06.2e.6a.7c.58.00.00.00.00]>]

Mar  2 23:29:56 dragon02 pppd[10056]: rcvd [LCP ConfAck id=0x1 <mru 1490> <asyncmap 0x0> <magic 0xd2688a8a> <pcomp> <accomp>]

Mar  2 23:29:56 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:823]: PPTP_SET_LINK_INFO received from peer_callid 0

Mar  2 23:29:56 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:826]:   send_accm is 00000000, recv_accm is FFFFFFFF

Mar  2 23:29:57 dragon02 pppd[10056]: rcvd [CHAP Challenge id=0x0 <5d2cf410cc122bd57ab673bc0a78962a>, name = "ZUKVPNPRO01"]

Mar  2 23:29:57 dragon02 pppd[10056]: sent [CHAP Response id=0x0 <2dbadbd3720fe155422e5af3ef57556f0000000000000000c886f87003e424cf6a135b4143d3e7d4b6c02d3cf16d0aed00>, name = "EMEA\\Zeidats"]

Mar  2 23:29:57 dragon02 pppd[10056]: rcvd [CHAP Success id=0x0 "S=873AA8AA6E4B295F606F175BD538AABE3247FFA8"]

Mar  2 23:29:57 dragon02 pppd[10056]: kernel does not support PPP filtering

Mar  2 23:29:57 dragon02 pppd[10056]: MPPE required, but kernel has no support.

Mar  2 23:29:57 dragon02 pppd[10056]: sent [LCP TermReq id=0x2 "MPPE required but not available"]

Mar  2 23:29:57 dragon02 pppd[10056]: rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]

Mar  2 23:29:57 dragon02 pppd[10056]: Discarded non-LCP packet when LCP not open

Mar  2 23:29:57 dragon02 pppd[10056]: rcvd [IPCP ConfReq id=0x5 <addr 192.27.192.42>]

Mar  2 23:29:57 dragon02 pppd[10056]: Discarded non-LCP packet when LCP not open

Mar  2 23:29:58 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:823]: PPTP_SET_LINK_INFO received from peer_callid 0

Mar  2 23:29:58 dragon02 pptp[10068]: anon log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:826]:   send_accm is FFFFFFFF, recv_accm is FFFFFFFF

Mar  2 23:29:58 dragon02 pppd[10056]: rcvd [LCP TermAck id=0x2 "MPPE required but not available"]

Mar  2 23:29:58 dragon02 pppd[10056]: Connection terminated.

Mar  2 23:29:58 dragon02 pptp[10057]: anon warn[decaps_hdlc:pptp_gre.c:209]: short read (-1): Input/output error

Mar  2 23:29:58 dragon02 pptp[10057]: anon warn[decaps_hdlc:pptp_gre.c:210]: pppd may have shutdown, see pppd log

Mar  2 23:29:58 dragon02 pppd[10056]: Waiting for 1 child processes...

Mar  2 23:29:58 dragon02 pppd[10056]:   script /usr/sbin/pptp tunnel.com --nolaunchpppd, pid 10057

Mar  2 23:29:58 dragon02 pptp[10068]: anon log[callmgr_main:pptp_callmgr.c:236]: Closing connection

Mar  2 23:29:58 dragon02 pptp[10068]: anon log[pptp_conn_close:pptp_ctrl.c:357]: Closing PPTP connection

Mar  2 23:30:00 dragon02 pptp[10068]: anon log[call_callback:pptp_callmgr.c:76]: Closing connection

Mar  2 23:30:01 dragon02 pppd[10056]: Script /usr/sbin/pptp tunnel.com --nolaunchpppd finished (pid 10057), status = 0x0

Mar  2 23:30:01 dragon02 pppd[10056]: Exit.

```

Any help .. 

Thanks,

----------

## froke

For TEST #1, it could be a routing issue since your connection log appears to be working.  If you can still connect in the same way as TEST #1, post your output of `route -n`

As for TEST #2, I'm not sure why you are still getting the no mppe in kernel message.  you might also need ppp_async so configure that to build as a module and it should be autoloaded by anything that requires it.  I built everything ppp related as a module just in case it is required.

----------

## veezi

Hi ..

TEST1: Thanks for the routing hint. You're right, it is a routing problem. Though, I don't understand it. Perhaps you can clear it up for me .. please.

What I was doing, apparently wrong, is this:

route add default dev ppp1   --> ppp1 being the pptp interface

That didn't work. What worked is adding specific network routes with gw set to the Point-to-Point ip address of the other end.

Strange! Why doesn't default dev route work? Is's something to do with pptp, I don't think it's ppp because regular dialup (default dev being ppp0) just works fine!!

Thanks,

----------

## veezi

Oh .. stupid me, now I get it   :Embarassed: 

I need default route to ppp0 for pptp over ppp1 to work, so I can't just change the default route to ppp1 ..

Thanks for the tip again .. thinking of all the time I spent on this .. Aaah ..   :Mad: 

Regards,

----------

## froke

edit: In the following post, I am using kernel-2.6.3 and ppp-2.4.2

----------

## froke

OK, the solution to the Unsupported Protocol 0x2145 error was given to me by this page:

http://sourceforge.net/tracker/index.php?func=detail&aid=847523&group_id=33063&atid=407154

However, this patch is for just the MPPE kernel patch and I am using the MPPE/MPPC kernel patch.  So I had to insert the code, all 8 lines of it, from the sourceforge patch to Jan Dubiec's patch. 

Actually, to be more correct, first I applied Jan Dubiec's kernel patch.  Then I manually inserted the code from the sourceforge patch into the file /usr/src/linux/drivers/net/ppp_mppe_mppc_comp.c

A patch for what I did after applying Jan Dubiec's patch might look something like:

EDIT:  See next post if you want to avoid more patching

```

diff -uN drivers/net/ppp_mppe_mppc_comp.c.orig drivers/net/ppp_mppe_mppc_comp.c

--- drivers/net/ppp_mppe_mppc_comp.c.orig       2004-03-05 13:16:40.641375008 -0800

+++ drivers/net/ppp_mppe_mppc_comp.c    2004-03-05 13:20:00.911929256 -0800

@@ -942,6 +942,7 @@

 {

     struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg;

     int seq, bits, uncomplen;

+    int retval = 0; // BSD Device hack

     if (isize <= PPP_HDRLEN + MPPE_OVHD) {

        if (state->debug) {

@@ -1024,12 +1025,29 @@

                    return DECOMP_ERROR;

                }

                uncomplen += PPP_HDRLEN / 2;

+

+               // Begin BSD Device Hack

+               retval = uncomplen;

+               if(obuf[0] & 0x1) {

+                      memmove(obuf + 1, obuf, osize);

+                      obuf[0] = 0;

+                      ++retval;

+               } // End BSD Device Hack

+

                (state->stats).comp_bytes += isize;

                (state->stats).comp_packets++;

            } else {

                arcfour_decrypt(&state->arcfour_context, ibuf+PPP_HDRLEN+MPPE_OVHD,

                                isize-PPP_HDRLEN-MPPE_OVHD, obuf);

                uncomplen = isize - (PPP_HDRLEN / 2) - MPPE_OVHD;

+               // Begin BSD Device Hack

+               retval = uncomplen;

+               if(obuf[0] & 0x1) {

+                      memmove(obuf + 1, obuf, osize);

+                      obuf[0] = 0;

+                      ++retval;

+               } // End BSD Device Hack

+

                (state->stats).inc_bytes += isize;

                (state->stats).inc_packets++;

            }

@@ -1073,7 +1091,8 @@

     (state->stats).unc_bytes += uncomplen;

     (state->stats).unc_packets++;

-    return uncomplen;

+    return retval; // BSD Device Hack

+    // return uncomplen; // Original Context

 }

```

----------

## froke

The MPPE/MPPC implementation at http://www.polbox.com/h/hs001/ is now updated to fix this problem, though I haven't yet verified if it works in my case...

Note: its only updated for the most recent versions, being kernel-2.6.3 and kernel-2.4.25

----------

