Go Back   DaemonForums > OpenBSD > OpenBSD Packages and Ports

OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 24th May 2008
bartman bartman is offline
New User
Join Date: May 2008
Posts: 8
Default poptop on OpenBSD 4.3


I am having issues connecting from my Mac and XP PPTP clients to my poptop server. They try and connect and are dropped right away. I have a feeling my issue has to do with how I am configuring ppp.
I am running OpenBSD 4.3 and poptop-1.3.0. ( installed using pkg_add)

The OpenBSD box is acting as a firewall/router doing nat with pf. My internal ip address on the OBSD box is

I loosely followed the instructions found here:

and here:

However, in part 1 on the top link the author states to remove:
pseudo-device gre # GRE encapsulation interface

Which does not make sense, because PopTop uses gre and when I did remove gre, it gave me the error:

(May 16 18:21:40 cerberus pptpd[2412]: PPTPD: failed to allow GRE, errno=42) and would not start pptpd.

Therefore, I recompiled my kernel with gre. I am now able to start pptpd, but I am now receiving a new error when I try to connect:

CTRL: PTY read or GRE write failed (pty,gre)=(7,6)
pptpd[1277]: GRE: read(fd=7,buffer=3c0046a0,len=8196) from PTY failed: status = 0 error= No error

In my ppp.log I receive this error:
ppp[12874]: Warning: Label ipparam rejected -direct connection: Configuration label not found

Here are my config files.


set timeout 0
set log phase chat connect lcp ipcp command
set device localhostpploop
set dial
set login
set mppe * stateful
set ifaddr
set server /var/tmp/loop "" 0177

set timeout 0
set log phase lcp ipcp command
allow mode direct

load loop
# Disable unsecured auth
disable pap
disable chap
enable mschapv2
disable deflate pred1
deny deflate pred1
disable ipv6
accept mppe
enable proxy
accept dns
set device !/etc/ppp/secure



exec /usr/sbin/ppp -direct loop-in

option /etc/ppp/ppp.conf
listen xx.xx.xx.xxx
pidfile /var/run/pptpd.pid

I can make a successful telnet session to my external IP on port 1723 so it does not look like pf is an issue. However, here is what I am doing in pf.conf.

pass in quick on $ext_if proto tcp from any to $ext_if port = 1723 modulate state
pass in quick on $ext_if proto gre from any to $ext_if keep state
pass out quick on $ext_if proto gre from $ext_if to any keep state
pass in quick log on tun0 all
pass out quick log on tun0 all
pass in quick log on tun1 all
pass out quick log on tun1 all

Any help would be appreciated!


Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT. The time now is 04:28 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick