Re: Strange VPN problems

[Dan Williams <dcbw redhat com>]

On Wed, 2008-11-05 at 17:31 +0000, Rick Jones wrote:
> I've never been able to get NM to make a successful VPN connection,
> and I finally have some meaningful (I hope) logs etc.
> 
> I can get a working connection using pppd with pptp on the command
> line, but not using NM. It seems that the NM plugin sets up the
> connection slightly differently. This command line works (executed as
> root):
> 
> /usr/sbin/pppd pty '/usr/sbin/pptp server.my.domain --nolaunchpppd'
> nodetach lock usepeerdns noipdefault refuse-pap refuse-chap
> refuse-mschap require-mppe nobsdcomp nodeflate name rick
> 
> (auth is handled by chap-secrets in normal way)
> 
> The server is another Linux box, so the connection is served by pppd +
> pptp on the remote end as well. In particular the server log shows the
> server responding to client PPTP echo requests at 1 minute intervals:
> 
> pptpd[2289]: CTRL: Received PPTP Control Message (type: 5)
> pptpd[2289]: CTRL: Made a ECHO RPLY packet
> pptpd[2289]: CTRL: I wrote 20 bytes to the client.
> pptpd[2289]: CTRL: Sent packet to client
> ... etc
> 
> When I create the connection with NM, no PPTP echo messages are
> received, instead the server attempts to send the echoes, but gets no
> response. This kind of thing appears after about 2 minutes:
> 
> pptpd[31784]: CTRL: Sending ECHO REQ id 1
> pptpd[31784]: CTRL: Made a ECHO REQ packet
> pptpd[31784]: CTRL: I wrote 16 bytes to the client.
> pptpd[31784]: CTRL: Sent packet to client
> pptpd[31784]: CTRL: EOF or bad error reading ctrl packet length.
> pptpd[31784]: CTRL: couldn't read packet header (exit)
> pptpd[31784]: CTRL: CTRL read failed
> pptpd[31784]: CTRL: Client 89.193.143.54 control connection finished
> pptpd[31784]: CTRL: Exiting now

What does the routing table look like immediately after you connect, and
then right before the 2-minute disconnection?  'route -n' format please.

Thanks!
Dan