View Single Post
  #1   (View Single Post)  
Old 24th May 2008
bartman bartman is offline
New User
 
Join Date: May 2008
Posts: 8
Default poptop on OpenBSD 4.3

Hello,

I am having issues connecting from my Mac and XP PPTP clients to my poptop server. They try and connect and are dropped right away. I have a feeling my issue has to do with how I am configuring ppp.
I am running OpenBSD 4.3 and poptop-1.3.0. ( installed using pkg_add)

The OpenBSD box is acting as a firewall/router doing nat with pf. My internal ip address on the OBSD box is 192.168.1.1.

I loosely followed the instructions found here:

http://blogs.techrepublic.com.com/networking/?p=48
and here:
http://koychev.com/Setup-OpenBSD-PP...ver-with-Poptop

However, in part 1 on the top link the author states to remove:
pseudo-device gre # GRE encapsulation interface

Which does not make sense, because PopTop uses gre and when I did remove gre, it gave me the error:

(May 16 18:21:40 cerberus pptpd[2412]: PPTPD: failed to allow GRE, errno=42) and would not start pptpd.

Therefore, I recompiled my kernel with gre. I am now able to start pptpd, but I am now receiving a new error when I try to connect:

CTRL: PTY read or GRE write failed (pty,gre)=(7,6)
pptpd[1277]: GRE: read(fd=7,buffer=3c0046a0,len=8196) from PTY failed: status = 0 error= No error

In my ppp.log I receive this error:
ppp[12874]: Warning: Label ipparam rejected -direct connection: Configuration label not found


Here are my config files.

/etc/ppp/ppp.conf:

loop:
set timeout 0
set log phase chat connect lcp ipcp command
set device localhostpploop
set dial
set login
set mppe * stateful
set ifaddr 192.168.1.2 192.168.1.234-192.168.1.254 255.255.255.255
set server /var/tmp/loop "" 0177



loop-in:
set timeout 0
set log phase lcp ipcp command
allow mode direct


pptp:
load loop
# Disable unsecured auth
disable pap
disable chap
enable mschapv2
disable deflate pred1
deny deflate pred1
disable ipv6
accept mppe
enable proxy
accept dns
set device !/etc/ppp/secure

/etc/ppp/secure:

#!/bin/sh

exec /usr/sbin/ppp -direct loop-in


/etc/pptpd.conf:
option /etc/ppp/ppp.conf
debug
logwtmp
localip 192.168.1.2
remoteip 192.168.1.234-254
listen xx.xx.xx.xxx
pidfile /var/run/pptpd.pid

I can make a successful telnet session to my external IP on port 1723 so it does not look like pf is an issue. However, here is what I am doing in pf.conf.

#PPTP
pass in quick on $ext_if proto tcp from any to $ext_if port = 1723 modulate state
pass in quick on $ext_if proto gre from any to $ext_if keep state
pass out quick on $ext_if proto gre from $ext_if to any keep state
pass in quick log on tun0 all
pass out quick log on tun0 all
pass in quick log on tun1 all
pass out quick log on tun1 all
#End PPTP

Any help would be appreciated!

Cheers,

JD
Reply With Quote