# pptpclient and w2k vpn with mppe

## KsE

I finally got pptpclient to work with win win2k vpn. It connetcs fine, and windows says there is a client connect. ifconfig even shows ppp0 with an ip. I can't get to any of the servers on the network I'm conneted to though. Is there a config I need to change or something? I added a router statement, but that doesn't seem to work.

```

route add -net 10.10.0.0/24 dev ppp0

```

What's going on here?

----------

## mayday147

This is what I have in the ip-up.local script, which is executed after the connection is up.

```

#!/bin/sh

route add -host 192.168.0.1 eth0

route del default eth0

route add default ppp0

route add default gw 192.168.0.1 dev ppp0

```

----------

## KsE

What is your local ip? And the remote network?

This is what my config looks like when it's up.

My local network is 10.0.0.0/24, and the network I'm trying to connect to is 10.10.0.0/24.

```

# ifconfig

ppp0      Link encap:Point-to-Point Protocol

          inet addr:10.10.0.77  P-t-P:10.10.0.74  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:996  Metric:1

          RX packets:9 errors:0 dropped:0 overruns:0 frame:0

          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3

          RX bytes:112 (112.0 b)  TX bytes:80 (80.0 b)

```

I want to be able to use that network like I'm already on it. I know this works, 'cause I can do it in windows where everything gets autoconfigured for me.

----------

## mayday147

My local network is 192.168.0.0/24 , but the VPN is in another network range :192.168.2.0/24. This is how my ifconfig looks like:

```

eth0      Link encap:Ethernet  HWaddr 00:90:27:77:2C:67  

          inet addr:192.168.0.247  Bcast:192.168.0.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:11002399 errors:0 dropped:0 overruns:0 frame:0

          TX packets:11179696 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000 

          RX bytes:2529052826 (2411.8 Mb)  TX bytes:1675204839 (1597.5 Mb)

ppp0      Link encap:Point-to-Point Protocol  

          inet addr:192.168.2.53  P-t-P:192.168.0.1  Mask:255.255.255.255

          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1490  Metric:1

          RX packets:815144 errors:0 dropped:0 overruns:0 frame:0

          TX packets:619748 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:3 

          RX bytes:794482185 (757.6 Mb)  TX bytes:379042650 (361.4 Mb)

```

And this is how my configs looks like, if it helps:

```

charlie mayday # cat /etc/ppp/options.pptp 

lock

noauth

nobsdcomp

nodeflate

debug dump logfd 2 nodetach

mru 1490

mtu 1490

updetach

#noccp

#nodefaultroute

charlie mayday # cat /etc/ppp

ppp/    pptp.d/ 

charlie mayday # cat /etc/ppp/peers/backspace 

pty "pptp 192.168.0.1 --nolaunchpppd"

name mayday_test

remotename zeus

file /etc/ppp/options.pptp

ipparam backspace

```

----------

## KsE

Should my p-t-p address be from my local network then? I looks like your's is, and the inet address is the address of the network you're connectin to. Do you think this might be my problem? And where would this part be configured?

----------

## mayday147

Yes, the p-t-p address should be from your local network and it seems that your's isn't.

Can you post your configs and maybe I can find the issue?

P.S. Have you tried using my configs?

----------

## KsE

This is what I have.

```

# cat /etc/ppp/chap-secrets

<domain>\\<user> <PPTP> <pass> *

# cat /etc/ppp/options.pptp

lock

noauth

nobsdcomp

nodeflate

mtu 1000

mru 1000

lcp-echo-failure 10

lcp-echo-interval 10

# cat /etc/ppp/peers/my_peer

pty "pptp <address of vpn server> --nolaunchpppd"

name <domain>\\<user>

remotename <PPTP>

require-mppe-128

file /etc/ppp/options.pptp

ipparam my_peer

```

----------

## KsE

The 'pty' portion is supposed to be the address of the vpn server, right? You have a local address. How does your pptpclient know the location of the vpn server?

----------

## mayday147

 *KsE wrote:*   

> The 'pty' portion is supposed to be the address of the vpn server, right? You have a local address. How does your pptpclient know the location of the vpn server?

 

1.Yes , the pty portion should contain your vpn server address.

2.Try a bigger mtu

3. Are you sure the ip.up.local script is triggered? And what does that script contain?

4.Tell me if you tried my config, please.

----------

## KsE

Tried your config. That didn't work. I haven't added anything to the ip.up script. I'm just adding routes manually until I get something that actually works. This is what I've tried for a route.

```

# route add -net 10.10.0.0/24 dev ppp0

```

This would add the network 10.10.0.0/24 to go through dev pp0, right? I don't want my default route to go through the vpn either. I want the default route for the 10.10.0.0/24 network to go through ppp0.

From what I understand now is, the p-t-p address is your local address that the vpn server assigns for you. Your address on the vpn network. The inet address is the address that the vpn servers uses. Every user that logs into the vpn has a different p-t-p address, but the inet address will be the same for every user. 

Any ideas?

----------

## KsE

I figured out that it's not a route problem, or a pptp problem. It's a ppp problem. It connects with mppe-128 stateless, but ppp doesn't use that protocol when talking to the vpn server.

Why's this happening, and how do i fix it?

Also, what is the mppe-mppc use flag do? When it's enabled, I can't use "require-mppe-128", which is needed for pptpclient to connect using mppe-128

----------

## mayday147

So ,does  your VPN server require the mppe-128 or not? If not, then comment the 'require-mppe-128 ' line in your config. If it does, then check if your ppp and the kernel is compiled with mppe-mppc support. In my case, it seems that my vpn server requires that I have those patches, although I don't have any line such 'require-mppe-128 '. 

I guess I wasn't so clear, but I'm very tired. Sorry. 

P.S. Have you read this and this howtos ?

----------

## KsE

Yes, it requires mppe-128. I looked at those links, and in the second link, the wiki one, is that patch different than the patch the pptpclient page says to use? Otherwise, I have it patched.

----------

## mayday147

Yes , it is the same patch.

Anyway, what are the errors you get? Show me the entire connect log.

----------

## KsE

If I compile mppe-mppc into ppp, and start pptp client, I get this error:

```

pppd: In file /etc/ppp/peers/freeze: unrecognized option 'require-mppe-128'

```

If I take out that line from my peers/my_peer file, it starts up just fine, then I get and error.

```

MPPE 128-bit stateful compression enabled

rcvd [IPCP ConfAck id=0x3 <addr 10.10.0.87>]

local  IP address 10.10.0.87

remote IP address 10.10.0.74

Script /etc/ppp/ip-up started (pid 10651)

Script /etc/ppp/ip-up finished (pid 10651), status = 0x1

rcvd [LCP ProtRej id=0x6 b0 fa 0e 00 78 a7 b8 d5 5b 41 f1 26 c0 10 ef 7d ae <cut out some> ...]

Protocol-Reject for unsupported protocol 0xb0fa

```

It's not using mppe-128 any more apparently.

Also, I'm using the patch provided by pptpclient, which is the same you said, but the version is 2.4.xx. Does that mean for a 2.4 kernel? I'm using a 2.6.10 kernel. If so, would I need to use a newer patch from polbox then?

----------

## KsE

Ok. I got this whole thing working. I'm going to write up a HOWTO on this.....

----------

## mayday147

I'm very glad you solved it  :Very Happy: 

----------

## KsE

Thanks for your help mayday147.

Here is the howto I wrote up https://forums.gentoo.org/viewtopic-p-2113748.html#2113748;

----------

## mayday147

You're welcome. Nice howto.

----------

