# pptpclient wont work

## Otacon

Hi guys,

Been using Gentoo on a server or two for a while, but have no taken the plunge into using it for my Desktop/Workstation. The issue I'm currently having is with the pptpclient connection to my workplace. I've been following this guide on the Wiki, but when I go to 'pon' the connection I just get:

 *Quote:*   

> pon *vpnname* debug dump logfd 2 nodetach
> 
> pppd options in effect:
> 
> debug           # (from command line)
> ...

 

If I tail /var/log/messages, I see this:

 *Quote:*   

> May  1 15:25:19 toledo pptp[23268]: anon log[main:pptp.c:276]: The synchronous pptp option is NOT activated
> 
> May  1 15:25:20 toledo pptp[23270]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
> 
> May  1 15:25:20 toledo pptp[23270]: anon log[ctrlp_disp:pptp_ctrl.c:738]: Received Start Control Connection Reply
> ...

 

Anyone care to point me in the right direction? Arch is AMD64, and versions as below:

 *Quote:*   

> Calculating dependencies ...done!
> 
> [ebuild   R   ] net-dialup/ppp-2.4.3-r14
> 
> [ebuild   R   ] net-dialup/pptpclient-1.7.1

 

Thanks  :Smile: 

----------

## Otacon

Not sure I totally understand what you mean, but I just set remotename to 'PPTP', and it didnt work. Thanks for the reply though.

----------

## dgaffuri

Sorry for the noise, I've deleted the post because I realized that PPTP was the server name in chap-secrets. I'm really stupid.

----------

## mrness

that howto missinformed you. if you didn't patch your kernel with mppe-mppc.patch, you shouldn't enable that USE flag!

the only thing that patch gives you is MPPC compression but it requires you to use a kernel <=2.6.14. I don't think you are interested in this compression method.

even though you run pppd with debug flag on, your log doesn't have anything logged by pppd process! 

maybe you need to set your syslog to save daemon.debug facility?  

you should take a look at this topic, if you wanna know how to set your link using baselayout-1.12.

----------

## dgaffuri

 *mrness wrote:*   

> that howto missinformed you. if you didn't patch your kernel with mppe-mppc.patch, you shouldn't enable that USE flag!
> 
> the only thing that patch gives you is MPPC compression but it requires you to use a kernel <=2.6.14. I don't think you are interested in this compression method.

 

If I emerge ppp without the mppe-mppc use flag I'm no more able to connect to my office VPN.

```
# pon vpn debug dump logfd 2 nodetach

pppd options in effect:

....

rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]

sent [CCP ConfReq id=0x1]

sent [CCP ConfRej id=0x4 <mppe +H +M +S +L -D +C>]

rcvd [IPCP ConfReq id=0x5 <addr 10.10.100.163>]

sent [IPCP ConfAck id=0x5 <addr 10.10.100.163>]

rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]

sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]

rcvd [CCP ConfNak id=0x1 <mppe -H -M -S -L -D -C>]

sent [CCP ConfReq id=0x2]

rcvd [LCP TermReq id=0x6 "F\001_\37777777702\000<\37777777715t\000\000\002\37777777746"]

LCP terminated by peer (F^A_M-B^@<M-Mt^@^@^BM-f)

sent [LCP TermAck id=0x6]

Connection terminated.

....
```

I thought that the MPPE patch was included in kernel starting with 2.6.15. May you clarify this, please?

----------

## mrness

Indeed, the MPPE patch was accepted in kernel 2.6.15, but the mppe-mppc patch is an entire different patch (in fact, it was concurent with the MPPE patch before the latter was accepted by kernel devs). Btw, the ppp upstream has used MPPE patch long before the kernel correspondent has been accepted in the kernel. 

If you choose to use mppe-mppc USE flag, you need a mppe-mppc patched kernel which can be only a kernel <= 2.6.14 (their patch cannot be applied to anything newer).

Now, about your failed connection to the office,  you probably didn't used the right pppd options because your pppd refuse to use MPPE. Please see other posts in this forums, as well as the man page of your installed pppd (mppe options differs between mppe-mppc and mppe-only variants of the net-dialup/ppp).

----------

## dgaffuri

 *mrness wrote:*   

> Now, about your failed connection to the office,  you probably didn't used the right pppd options because your pppd refuse to use MPPE. Please see other posts in this forums, as well as the man page of your installed pppd (mppe options differs between mppe-mppc and mppe-only variants of the net-dialup/ppp).

 

Thanx, I will try to fix it.

Edit: of course you were right, I had to change mppe stateless (required with the USE flag) with require-mppe (without the USE flag). Now it works, and also solved a problem I had browsing a web site through a vpn over another vpn. Thanks again.

----------

## Otacon

Ah right, I see. Well, I've recompiled ppp without that use flag but I'm still having a bit of trouble, though I suspect while following incorrect guides I may have broken something.

Could anyone point me to a reliable guide for my system, so that I might start again?

----------

## Otacon

Any idea why I keep getting this? :

 *Quote:*   

> modprobe ppp_mppe
> 
> FATAL: Error inserting ppp_mppe (/lib/modules/2.6.15-gentoo-r5/kernel/drivers/net/ppp_mppe.ko): No such device

 

Shouldnt that be lib64?

----------

## mrness

You probably have MPPE support builtin. Check the configuration by running:

```
zgrep MPPE /proc/config.gz
```

Only when you build it as a module, "modprobe ppp_mppe" makes sense.

----------

## Otacon

Managed to get it working in the end by messing around with the kernel/pppd config. Only problem now is that I cant actually ping any hosts on the remote network  :Sad: 

Do I need to enable ip forwarding support in the kernel for this?

Thanks for your help btw, very much appreciated  :Smile: 

----------

## dgaffuri

 *Otacon wrote:*   

> Managed to get it working in the end by messing around with the kernel/pppd config. Only problem now is that I cant actually ping any hosts on the remote network 
> 
> Do I need to enable ip forwarding support in the kernel for this?

 

You need to add a route. I've this in /etc/ppp/ip-up.local

```
[[ "$6" = "<my vpn>" ]] && /sbin/route add -net 10.0.0.0 netmask 255.0.0.0 gw $5
```

See comments in file for parameters explanation.

Don't know if it's the best way, but it works for me.

----------

## mrness

The best way of adding routes is through baselayout standard mechanisms.

You should define a routes_ppp0 variable in /etc/conf.d/net like this:

```
routes_ppp0=(

   "10.0.0.0/8"

)
```

Normally this route would require a "via" (aka nexthop) parameter, but point-to-point links don't need it.

----------

## Otacon

pptpconfig adds the neccesary route for me, but that made no difference. For some reason the ppp interface doesnt come up via the init script, I've yet to turn my eye to that, would just like to get it working first.

----------

## dgaffuri

 *mrness wrote:*   

> The best way of adding routes is through baselayout standard mechanisms.
> 
> You should define a routes_ppp0 variable in /etc/conf.d/net like this:
> 
> ```
> ...

 

I've successfully configured the VPN in /etc/conf.d/net. It works except for adding the route. Am i missing something?

```
config_ppp0=( "ppp" )

link_ppp0="pty 'pptp server.domain --nolaunchpppd'"

username_ppp0='domain\user'

pppd_ppp0=(

        "debug"         # Enables syslog debugging

        "updetach"

        "noauth"

        "usepeerdns"

        "nobsdcomp" "nodeflate"

        "refuse-eap"

        "lock"

        "require-mppe"

)

routes_ppp0=(

        "10.0.0.0/8"

)
```

----------

## mrness

Set RC_VERBOSE="yes" in /etc/conf.d/rc and see what messages are spitted out by baselayout.

Probably you don't have iproute2 installed. This route syntax is incompatible with ifconfig (see /etc/conf.d/net.example for how to set routes using ifconfig).

----------

## dgaffuri

I can't see any significant message, iproute2 is there

```
 # /etc/init.d/net.ppp0 start

 * Caching service dependencies ...                                                  [ ok ]

 * Starting ppp0

 *   Loading networking modules for ppp0

 *     modules: apipa arping ccwgroup macchanger macnet rename netplugd iwconfig essidnet iptunnel iproute2 pppd system dhcpcd ip6to4

 *       netplugd provides plug

 *       iwconfig provides wireless

 *       iproute2 provides interface

 *       pppd provides ppp

 *       dhcpcd provides dhcp

 *   Running preup function                                                          [ ok ]

 *   Bringing up ppp0

 *     ppp

 *       Running pppd ...

 *       ppp0 received address 10.10.100.199

# netstat -rn

Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface

10.10.100.163   0.0.0.0         255.255.255.255 UH        0 0          0 ppp0

192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1

127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo

0.0.0.0         192.168.0.1     0.0.0.0         UG        0 0          0 eth1

# emerge -pv iproute2 baselayout

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild   R   ] sys-apps/iproute2-2.6.15.20060110  USE="berkdb -atm -minimal" 0 kB

[ebuild   R   ] sys-apps/baselayout-1.12.0_pre19-r2  USE="unicode -bootstrap -build -static" 0 kB

```

However I'm able to add the route by setting in /etc/ppp/ip-up.local

```
[[ "$6" = "reply" ]] && /sbin/route add -net 10.0.0.0 netmask 255.0.0.0 gw $5
```

and adding

```
"ipparam reply"
```

to pppd_ppp0 in /etc/conf.d/net.

Thanks for your help

----------

## mrness

I've retested route setup on  a PPPoE link and it works for me.

Of course, you'll not see informational messages about it at /etc/init.d/net.ppp0 start because the interface is actually started by if-up script, but the route is set.

----------

