PPTP broken?

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Mon Jun 07, 2010 12:30    Post subject: PPTP broken? Reply with quote
I have a site running DD-WRT
DD-WRT v24-sp2 mega 03/27/09 (SVN revision: 11793) - rather old build. But I havent been at that site for some time, so thats why it havent been upgraded.

The problem is that this site is running PPTPD on DD-WRT router. To that PPTP Daemon 3 other routers running DD-WRT connect to.

After upgrading two of the connecting routers (to the most recent build of pre-SP2) connecting to that site ppp0 and ppp1 seems to get an OpenDNS IP adr - i've configured opendns as my DNS serves for the router, but not for PPTP.

ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.254 P-t-P:67.215.65.132 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1450 Metric:1
RX packets:125 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:9767 (9.5 KiB) TX bytes:129 (129.0 B)

ppp1 Link encap:Point-to-Point Protocol
inet addr:10.0.0.254 P-t-P:67.215.65.132 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1450 Metric:1
RX packets:718 errors:0 dropped:0 overruns:0 frame:0
TX packets:705 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:59679 (58.2 KiB) TX bytes:58593 (57.2 KiB)

ppp2 Link encap:Point-to-Point Protocol
inet addr:10.0.0.254 P-t-P:192.168.30.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1450 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:207 (207.0 B) TX bytes:213 (213.0 B)


And that means the routing table have entries with the same IP's making one of the connections hang.

67.215.65.132 * 255.255.255.255 UH 0 0 0 ppp1
67.215.65.132 * 255.255.255.255 UH 0 0 0 ppp0
192.168.30.1 * 255.255.255.255 UH 0 0 0 ppp2


Options.VPN look like this on all routers:

defaultroute
lock
noauth
nodetach
refuse-eap
lcp-echo-failure 3
lcp-echo-interval 2
persist
usepeerdns
idle 0
ip-up-script /tmp/pptpd_client/ip-up
ip-down-script /tmp/pptpd_client/ip-down
ipparam kelokepptpd
mppe required
mtu 1450
mru 1450
name different_on_routers
password different_on_routers


Does anyone know how to solve this. I've tried connecting the two routers with the most recent firmware to eachother via pptp (one as client and the other router af server). The result is the same as above. The ppp0 receives the OpenDNS ip-adr. So my question is if something is broke within pptp in the more recent builds? - Or if theres some other solution to this?

Thanks in advance

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
Sponsor
embj13
DD-WRT Novice


Joined: 24 Jul 2006
Posts: 6

PostPosted: Tue Jun 08, 2010 18:58    Post subject: Reply with quote
I think you may be on to something.

I use the PPTP client on DD-WRT to connect two Windows servers together using the RRAS service.

It was working just fine on my WRT150N, but after upgrading to a WRT610N (v24-sp2 Mega build 14311), I have't been able to get it to work.

I can dial out to the other location (which is running on a WRT54G with v24-sp2 build 12533), but I can't receive any incoming connections.

That's even if try to connect using a PC client. It seems that PPTP passthrough isn't working, even though it's checked in the options and port 1723 is open.
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Tue Jun 08, 2010 19:24    Post subject: Reply with quote
If you want to avoid DNS problems then configure the IP directly.

http://forums.opendns.com/comments.php?DiscussionID=2860#Item_5

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
cannondale
DD-WRT Novice


Joined: 28 May 2010
Posts: 7

PostPosted: Wed Jun 09, 2010 2:01    Post subject: Reply with quote
You might be able to use a solution I came up with for a related problem. Look at post #6 in this thread here:

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=449655#449655

I came up with a script that gets executed for every incoming PPTP connection and creates routes the way I need them.

-J
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Wed Jun 09, 2010 12:04    Post subject: Reply with quote
But actually this must be some sort of bug in the pptp client.

My router is WRT610n running V24SP2-big build 14569

When not specifying anything for Static DNS's under the "Basic Setup" tab, which means leaving DNS1, DNS2 DNS3 set to 0.0.0.0 ppp0 comes up with this (which is correct)

ppp0 Link encap:Point-to-Point Protocol
inet addr:10.200.10.1 P-t-P:10.0.0.254 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1438 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:129 (129.0 B) TX bytes:123 (123.0 B)


When specifying
"Static DNS1" 10.200.10.1 and leaving "Static DNS2" and "Static DNS3" at 0.0.0.0 It's still correct, but when specifying OpenDNS as DNS2 208.67.222.222 and DNS3 as 208.67.220.220 ppp0 comes up with this (incorrect)

ppp0 Link encap:Point-to-Point Protocol
inet addr:67.215.65.132 P-t-P:10.0.0.254 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1438 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:129 (129.0 B) TX bytes:123 (123.0 B)

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Wed Jun 09, 2010 12:23    Post subject: Reply with quote
And when removing the Static DNS3, which means setting as 0.0.0.0 then ppp0 comes up with the right ip. And then the /tmp/resolv.dnsmasq contains

nameserver 10.200.10.1
nameserver 208.67.222.222
nameserver 193.162.153.164


When specifying Static DNS3 as 193.162.153.164 (instead of getting this via DHCP from my ISP) then ppp0 comes up with the right options

ppp0 Link encap:Point-to-Point Protocol
inet addr:10.200.10.1 P-t-P:10.0.0.254 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1438 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:129 (129.0 B) TX bytes:123 (123.0 B)


I dont unsderstand why it doesn't come up right when specifying both OpenDNS servers as static DNS2 and static DNS3.

ANyone who can explain this? Bug?

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Wed Jun 09, 2010 16:55    Post subject: Reply with quote
See my previous post. You're using a domain name instead of an IP for your PPTP client config aren't you? OpenDNS is giving you a bad response to your DNS query.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Wed Jun 09, 2010 17:44    Post subject: Reply with quote
A solution that work is to create a script /jffs/etc/config/fixes.startup

#!/bin/sh
sleep 50
/usr/bin/killall dnsmasq
/tmp/pptpd_client/vpn stop
/tmp/pptpd_client/vpn start
sleep 15
/usr/sbin/dnsmasq --conf-file=/tmp/dnsmasq.conf


Then after reboot the ppp0 interface comes up right. Not even with the router ip, but with the ip handed out from the pptpd server.

ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.171 P-t-P:10.0.0.254 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1438 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:303 (303.0 B) TX bytes:291 (291.0 B)


This must cetainly be some sort of bug. Any of the developers or anyone else that can comment on this?

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)


Last edited by avalanche on Wed Jun 09, 2010 18:27; edited 2 times in total
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Wed Jun 09, 2010 17:52    Post subject: Reply with quote
No I'm not using a domain name for my pptp client. Only IP

See my options.vpn in previous post, and this is the connection string from ps -w|grep pptp

pptp xx.xxx.95.250 file /tmp/pptpd_client/options.vpn

theres no domain name to resolve in any of these...

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
cannondale
DD-WRT Novice


Joined: 28 May 2010
Posts: 7

PostPosted: Wed Jun 09, 2010 23:53    Post subject: Reply with quote
I would agree that it's a bug in the more recent SP2 builds. Earlier SP2 builds never required any special handling at all.

But try my script I provided the link for above -- I am certain it will work as a good workaround in your case.

-J
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Thu Jun 10, 2010 5:32    Post subject: Reply with quote
But the problem must be beacuse the pptp client tries to resolve a DNS name from somewhere inside the firmware/router settings even though its none pptp client settings. Because a nslookup on the router configured with opendns as DNS gives

nslookup nonexisting.domain.com
Name: nonexisting.domain.com
Address 1: 67.215.65.132 hit-nxdomain.opendns.com

And when disabling DNSmasq while connecting the pptp-client everything goes smoothly.

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Thu Jun 10, 2010 6:01    Post subject: Reply with quote
It's probably not a bug, but the way the pppd and pptp are designed

http://linux.die.net/man/8/pppd

I just tried to add one option to my options.vpn,

noipdefault
"Disables the default behaviour when no local IP address is specified, which is to determine (if possible) the local IP address from the hostname. With this option, the peer will have to supply the local IP address during IPCP negotiation (unless it specified explicitly on the command line or in an options file)."

And that seems to do the trick. The option noipdefault should definetly be found within the pptp-web-interface.

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
avalanche
DD-WRT User


Joined: 16 Jun 2006
Posts: 133
Location: Kolding, Denmark

PostPosted: Thu Jun 10, 2010 12:07    Post subject: Reply with quote
This will be the last post (solution) from me in this thread, and then I'll probably send a request for the developers to add a field in the web-interface to specify other options for the pptpd client

My solution for this ended up like this

nvram set pptpd_client_srvsec="mppe required
noipdefault"
nvram commit


Because the pptpd_client_srvsec variable is just taken as it is and put into options.vpn

_________________
1 x WRT610n V1 (DD-WRT mega build 18000)
1 x ASUS RT-N16 (DD-WRT mega build 18000)
1 x Linksys WRT54GS v1.1(DD-WRT)
1 x ASUS WL500g Deluxe (DD-WRT)
2 x ASUS WL500g Premium (DD-WRT)
1 x Linksys WRT 350N v2 (OpenWRT Backfire 10.03)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum