1 Reply Latest reply on May 24, 2011 5:51 AM by rcamm

    SG580 v3.2.2 PPTP VPN Client problem

      Hi,

      I created two PPTP connections from SG580 to remote oficces. Both show running status, but I can access only one remote side. Interesting is, when I tested firmware v4.x (after I revert back to v3.2.2) with the same configuration, I had no problem access booth sides.

      Only one difference bettween configuration of  booth connections is, that first has mask 24 and second 16. I tried create static route for second connection, but without effect.

      Any idea ?

       

                     Rene               

       

      From diagnostic page:

       

      ppp0      Link encap:Point-to-Point Protocol 

                inet addr:10.49.55.121  P-t-P:10.49.55.125  Mask:255.255.255.255

                UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1

                RX packets:8595 errors:0 dropped:0 overruns:0 frame:0

                TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

                collisions:0 txqueuelen:3

       

      ppp1      Link encap:Point-to-Point Protocol 

                inet addr:172.27.11.240  P-t-P:172.27.11.239  Mask:255.255.255.255

                UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1

                RX packets:293 errors:0 dropped:0 overruns:0 frame:0

                TX packets:295 errors:0 dropped:0 overruns:0 carrier:0

                collisions:0 txqueuelen:3

       

      Route Table                   

      172.27.11.239 dev ppp1  scope link 
      87.197.130.225 via 195.168.13.225 dev eth1
      193.201.78.148 via 195.168.13.225 dev eth1
      10.49.55.125 dev ppp0  scope link
      195.168.13.224/29 dev eth1  proto kernel  scope link  src 195.168.13.226
      192.168.240.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 192.168.240.0/24  metric 2
      192.168.241.0/24 dev eth0  proto kernel  scope link  src 192.168.241.1
      10.0.1.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 10.0.1.0/24  metric 2
      192.168.2.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 192.168.2.0/24  metric 2
      10.49.55.0/24 via 10.49.55.125 dev ppp0
      10.17.248.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 10.17.248.0/24  metric 2
      192.168.15.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 192.168.15.0/24  metric 2
      192.168.12.0/24 dev ipsec0  scope link  src 192.168.241.1
      unreachable 192.168.12.0/24  metric 2
      172.27.0.0/16 dev ppp1  scope link
      172.29.0.0/16 dev ipsec0  scope link  src 192.168.241.1
      unreachable 172.29.0.0/16  metric 2
      default via 195.168.13.225 dev eth1  metric 3
      default via 195.168.13.225 dev eth1  metric 4
      fe80::/64 dev eth1  metric 256  mtu 1500 advmss 1440
      fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440
      fe80::/64 dev ipsec0  metric 256  mtu 16260 advmss 16200
      ff00::/8 dev eth1  metric 256  mtu 1500 advmss 1440
      ff00::/8 dev eth0  metric 256  mtu 1500 advmss 1440
      ff00::/8 dev ipsec0  metric 256  mtu 16260 advmss 16200
      default dev eth1  proto kernel  metric 256  mtu 1500 advmss 1440
      default dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440
      default dev ipsec0  proto kernel  metric 256  mtu 16260 advmss 16200
      unreachable default dev lo  proto none  metric -1  error -101
        • 1. Re: SG580 v3.2.2 PPTP VPN Client problem

          I assume you are referring to the pptp client on the 580, and not the pptp server..the following assumes this when using context.

           

          PPTP client routing is setup differently in v3 to v4....v3 it is done under the ppt client setup while v4 does it in the general routing setup under network setup.

           

          With all pptp clients on all platforms, it is the client that sets the routing up that it wants to use ..the server only offers a gateway to send packes too ( as per the lcp protocol ), which may or not be passed forward depending on the pptp server enviroment/config/routes.

           

          So the problem I suspect is with the manually configurable routing setup on the pptp client.

          Hope this helps