LINUX.ORG.RU
решено ФорумAdmin

Проблема с PPTP сервером

 ,


0

4

Доброе время суток! Пытаюсь настроить PPTP сервер на маршрутизаторе с Archlinux.

Настроил всё по вики. При подключении не проходит авторизация и появляются странные ошибки в journalctl.

Journalctl:

авг 04 14:38:46 pptpd[9081]: MGR: Launching /usr/bin/pptpctrl to handle client
авг 04 14:38:46 pptpd[9081]: CTRL: pppd options file = /etc/ppp/options.pptpd
авг 04 14:38:46 pptpd[9081]: CTRL: Client 85.26.234.47 control connection started
авг 04 14:38:46 pptpd[9081]: CTRL: Received PPTP Control Message (type: 1)
авг 04 14:38:46 pptpd[9081]: CTRL: Made a START CTRL CONN RPLY packet
авг 04 14:38:46 pptpd[9081]: CTRL: I wrote 156 bytes to the client.
авг 04 14:38:46 pptpd[9081]: CTRL: Sent packet to client
авг 04 14:38:46 pptpd[9081]: CTRL: Received PPTP Control Message (type: 7)
авг 04 14:38:46 pptpd[9081]: CTRL: Set parameters to 100000000 maxbps, 8192 window size
авг 04 14:38:46 pptpd[9081]: CTRL: Made a OUT CALL RPLY packet
авг 04 14:38:46 pptpd[9081]: CTRL: Starting call (launching pppd, opening GRE)
авг 04 14:38:46 pptpd[9081]: CTRL: pty_fd = 6
авг 04 14:38:46 pptpd[9081]: CTRL: tty_fd = 7
авг 04 14:38:46 pptpd[9081]: CTRL: I wrote 32 bytes to the client.
авг 04 14:38:46 pptpd[9081]: CTRL: Sent packet to client
авг 04 14:38:46 pptpd[9082]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
авг 04 14:38:46 pppd[9082]: pppd 2.4.7 started by root, uid 0
авг 04 14:38:46 pppd[9082]: Using interface ppp0
авг 04 14:38:46 pppd[9082]: Connect: ppp0 <--> /dev/pts/1
авг 04 14:38:46 systemd-udevd[9084]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
авг 04 14:39:16 pppd[9082]: LCP: timeout sending Config-Requests
авг 04 14:39:16 pppd[9082]: Connection terminated.
авг 04 14:39:16 pppd[9082]: Modem hangup
авг 04 14:39:16 pppd[9082]: Exit.
авг 04 14:39:16 pptpd[9081]: GRE: read(fd=6,buffer=611660,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
авг 04 14:39:16 pptpd[9081]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
авг 04 14:39:16 pptpd[9081]: CTRL: Reaping child PPP[9082]
авг 04 14:39:16 pptpd[9081]: CTRL: Client 85.26.234.47 control connection finished
авг 04 14:39:16 pptpd[9081]: CTRL: Exiting now
авг 04 14:39:16 pptpd[8979]: MGR: Reaped child 9081

/var/log/pptpd

Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
LCP: timeout sending Config-Requests
Connection terminated.
Modem hangup

/etc/pptpd.conf

# TAG: debug
#       Turns on (more) debugging to syslog
#
debug

# TAG: stimeout
#       Specifies timeout (in seconds) on starting ctrl connection
#
# stimeout 10

# TAG: noipparam
#       Suppress the passing of the client's IP address to PPP, which is
#       done by default otherwise.
#
noipparam

# TAG: logwtmp
#       Use wtmp(5) to record client connections and disconnections.
#
#logwtmp

# TAG: bcrelay <if>
#       Turns on broadcast relay to clients from interface <if>
#
#bcrelay eth1

# TAG: delegate
#       Delegates the allocation of client IP addresses to pppd.
#
#       Without this option, which is the default, pptpd manages the list of
#       IP addresses for clients and passes the next free address to pppd.
#       With this option, pptpd does not pass an address, and so pppd may use
#       radius or chap-secrets to allocate an address.
#
delegate

# TAG: connections
#       Limits the number of client connections that may be accepted.
#
#       If pptpd is allocating IP addresses (e.g. delegate is not
#       used) then the number of connections is also limited by the
#       remoteip option.  The default is 100.
connections 1000

option /etc/ppp/options.pptpd
localip 192.168.0.1
remoteip 192.168.0.210-220

/etc/ppp/options.pptpd

# Read man pppd to see the full list of available options

# The name of the local system for authentication purposes
name pptpd

# Refuse PAP, CHAP or MS-CHAP connections but accept connections with
# MS-CHAPv2 or MPPE with 128-bit encryption
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128

# Add entry to the ARP system table
proxyarp

# For the serial device to ensure exclusive access to the device
lock

# Disable BSD-Compress and Van Jacobson TCP/IP header compression
nobsdcomp
novj
novjccomp

# Disable file logging
#nolog
logfile /var/log/pptpd

# DNS servers for Microsoft Windows clients. Using Google's public servers here
#ms-dns 8.8.8.8
#ms-dns 8.8.4.4

/etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
upviqq          pptpd   123                192.168.0.221

Что я сделал неправильно?

Порты в iptables открыты. На этой же машине сегодня настроил OpenVPN сервер без проблем.

gre туннель не устанавливается. надо курить routing, iptables и conntrack

anonymous ()
sysctl -w net.netfilter.nf_conntrack_helper=1

И попробуй еще раз. Если поможет - воткни на постоянку в /etc/sysctl.conf или /etc/sysctl.d

Pinkbyte ★★★★★ ()
Ответ на: комментарий от Pinkbyte

Не помогло.

Настроил всё тоже самое в виртуалке - работает. Так переставил систему и тоже заработало.

upviqq ()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.