cancel
Showing results for 
Search instead for 
Did you mean: 

SG560 Ver 4.0.10 PPTP server problems

Jump to solution

I just updated my SG560 to the firmware version 4.0.10.

I have my PPTP server working fine. Clients could log in without a problem. After the update all the settings seem to be the same but I get the message "The PPTP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your administrator"

I checked the user settings and checked the PPTP access checkbox. Is there anything else that is different with this new firmware version that I need to know to make this work?

Thanks!

1 Solution

Accepted Solutions
rcamm
Level 13
Report Inappropriate Content
Message 12 of 16

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

to test if the problem in KB62307 is affecting you, reboot the NAT device that is in between the client and the server. If a reboot fixes it, you have confirmed this issue.

I presume yo had verions 3 firmware previously ?

while I am not convinced a downgrade will resolve the issue, instructions are in KB62397

15 Replies
rcamm
Level 13
Report Inappropriate Content
Message 2 of 16

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

check the encryption settings are set the to the highest available.

reboot any modems/nat devices in the path between the PPTP server and the connecting client.

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

Thanks rcamm. I set the encryption level to the highest. I rebooted the device and now i get the error

"A connection could not be established to the PPP server. Try reconnecting. If the problem continues, verify your settings and contact your administrator"

Authentication Scheme

Required Encryption Level

For users I gave myself PPTP Access. Under Groups I went into PPTP access and checkmarked PPTP Access.

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

Oct 19 12:17:47 packet[249]: nf_ct_tcp: invalid packet ignored SRC=166.205.140.184 DST=76.79.220.213 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=56913 DF PROTO=TCP SPT=49826 DPT=1723 WINDOW=65535 SYN URGP=0 

Oct 19 12:17:47 packet[249]: nf_ct_tcp: invalid packet ignored SRC=166.205.140.184 DST=76.79.220.213 LEN=64 TOS=0x00 PREC=0x00 TTL=45 ID=7754 DF PROTO=TCP SPT=49826 DPT=1723 WINDOW=65535 SYN URGP=0 

Oct 19 12:17:47 pptpd[1154]: CTRL: Client 166.205.140.184 control connection started

Oct 19 12:17:47 pptpd[1154]: CTRL: Starting call (launching pppd, opening GRE)

Oct 19 12:17:47 pppd[1156]: pppd 2.4.4 started by root, uid 0

Oct 19 12:17:47 pppd[1156]: using channel 4

Oct 19 12:17:47 pppd[1156]: Using interface ppp0

Oct 19 12:17:47 pppd[1156]: Connect: ppp0 <--> /dev/pts/0

Oct 19 12:17:47 pppd[1156]: Warning - secret file /etc/config/pap-secrets has world and/or group access

Oct 19 12:17:47 pppd[1156]: sent [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x73ee0cd8> <pcomp> <accomp>]

Oct 19 12:17:50 last message repeated 1 time(s)

Oct 19 12:17:50 pppd[1156]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x30f0177d> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x30f0177d> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: rcvd [LCP ConfRej id=0x1 <auth chap MS-v2>]

Oct 19 12:17:50 pppd[1156]: sent [LCP ConfReq id=0x2 <mru 1400> <asyncmap 0x0> <magic 0x73ee0cd8> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x30f0177d> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x30f0177d> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: rcvd [LCP ConfAck id=0x2 <mru 1400> <asyncmap 0x0> <magic 0x73ee0cd8> <pcomp> <accomp>]

Oct 19 12:17:50 pppd[1156]: peer refused to authenticate: terminating link

Oct 19 12:17:50 pppd[1156]: sent [LCP TermReq id=0x3 "peer refused to authenticate"]

Oct 19 12:17:50 pppd[1156]: rcvd [LCP EchoReq id=0x0 magic=0x30f0177d]

Oct 19 12:17:51 pppd[1156]: rcvd [LCP TermReq id=0x2 "MPPE required but not available"]

Oct 19 12:17:51 pppd[1156]: sent [LCP TermAck id=0x2]

Oct 19 12:17:51 pptpd[1154]: CTRL: EOF or bad error reading ctrl packet length.

Oct 19 12:17:51 pptpd[1154]: CTRL: couldn't read packet header (exit)

Oct 19 12:17:51 pptpd[1154]: CTRL: CTRL read failed

Oct 19 12:17:51 pptpd[1154]: CTRL: Reaping child PPP[1156]

Oct 19 12:17:51 pppd[1156]: Modem hangup

Oct 19 12:17:51 pppd[1156]: Connection terminated.

Oct 19 12:17:51 pppd[1156]: Exit.

Oct 19 12:17:51 pptpd[1154]: CTRL: Client 166.205.140.184 control connection finished

Oct 19 12:17:51 pptpd[1154]: CTRL: Couldn't write packet to client.

This is what I get under System Log. Thanks for your help.

rcamm
Level 13
Report Inappropriate Content
Message 5 of 16

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

sent auth chap MS-v2

recieved auth chap MS-v2

received MPPE required but not available

does

options.pptp

have these options ?

require-mschap-v2

nomppe-stateful

require-mppe

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

Yes option.pptp has those options you asked for. Here are the contents of the file.

name PoPToP

pamservice pptp

proxyarp

auth

refuse-eap

require-mschap-v2

obey_acct_restrict

nomppe-stateful

require-mppe

nomppe-40

require-mppe-128

debug

ms-dns 209.18.47.61

mtu 1400

mru 1400

#statbase vpn.pptpserver

ipparam options.pptp

ip-up /bin/vpn-up

ip-down /bin/vpn-down

noipdefault

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

I get that PPP server error message from my Iphone. But more importantly from the client PC's they get error 619. I read up on a previous forum about another user having a similar issue. I did'nt quite get your answer about it only allowing one PPTP connection. What do I need to do for the clients not to see error 619?

Is there any way for me to go back to the old firmware? I don't know what I had. It was a Secure Computing firmware version that came with the router.

Thanks again for your help.

rcamm
Level 13
Report Inappropriate Content
Message 8 of 16

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

I was about to ask what the connecting client was...it is unusual for it to say "MPPE required but not available" and indicates a non MS OS.

The issue you are experiencing is not the same as the issue another use has that you refer to..this will not assist you.

Can I presume it is only the IPhone ?

If so, does dropping the encryption settings result in a connection ?

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

I am still having issues with the MS OS. It is intermittent. With the iPhone even dropping the encryption won't connect. Is there a way for me to go back to Firmware 2.0 or 3.0?

rcamm
Level 13
Report Inappropriate Content
Message 10 of 16

Re: SG560 Ver 4.0.10 PPTP server problems

Jump to solution

so it sounds like you have 2 issues.

the intermittant issue on MS OS is probably a  NAT issue...see KB62307

the iphone issue is a compatabilty problem

googling the issue find things like this

https://discussions.apple.com/thread/1224077?start=0&tstart=0

which make me wonder if the iphone is trying to use L2TP rather than PPTP....can you check ?