Unresponsive PPTP Server on DLink DIR-890L

Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
motojapi
DD-WRT Novice


Joined: 14 Oct 2012
Posts: 42

PostPosted: Wed Sep 16, 2020 17:07    Post subject: Unresponsive PPTP Server on DLink DIR-890L Reply with quote
Hi,

I am trying to setup standard (DD-WRT built-in) PPTP server on my main router, 890L running build 43904. I can set it up but absolutely no response.

Setup on Services - VPN - PPTP Server
PPTP Server Enable
Broadcast Support Disable
MPPE Encryption Enable
DNS1 1.1.1.1 (same as setup Static DNS 1)
DNS2 8.8.8.8 (same as setup Static DNS 2)
MTU 1300
MRU 1300
Server IP 192.168.1.2
Client IPs 192.168.1.200-220
Max Associated Clients 20
Authentication Chap
Chap Secrets testuser * longpassword763445 *

I can't connect to the PPTP server using Windows 10 built-in VPN, neither from LAN or WAN. I've tried using both the router WAN IP and DDNS name from afraid.org with several different W10 laptops.

When I turn off the 'Block Anonymous WAN Requests (ping)' I can ping the router WAN IP from internal and external networks. I can also ping the router from external IP using afraid.org DDNS name.

I can't ping the PPTP server 192.168.1.2 from internal network.

I have saved, applied settings and rebooted the router several times. I am on Comcast network using my own Arris SB6190 modem, router set to DHCP. From my network I can use several commercial VPN services on various computers to connect to VPN servers externally.

Any suggestions on what to try or check?

BR,

J

_________________
D-Link DIR-825 B1 - DD-WRT v3.0-r35681 std (04/06/18) modded with 2 USB ports
D-Link DIR-890L - DD-WRT v3.0-r44863 std (11/24/20)
Sponsor
dpp3530
DD-WRT Guru


Joined: 12 Dec 2007
Posts: 519
Location: Pittsburgh, PA USA

PostPosted: Thu Sep 17, 2020 1:19    Post subject: Reply with quote
I went with a simpler configuration. My PPTP server is the router's primary IP and I left DNS and WINS blank so it picks them up from the router. MTU is default. My configuration is attached (note that my internal network is 192.168.6.0/24).

It should also be noted that you won't be able to connect to the PPTP server from your own internal LAN. You must be coming from an external address.



2020-09-16 21_05_50-Window.jpg
 Description:
 Filesize:  23.12 KB
 Viewed:  521 Time(s)

2020-09-16 21_05_50-Window.jpg



_________________
__________________________
Linksys WRT-1900AC
DD-WRT v3.0 STD 44340
Linksys EA6700
DD-WRT v3.0 STD 44340
Asus RT-AC56U
DD-WRT v3.0 STD 44340
Netgear AC1450
DD-WRT v3.0 STD 44340
motojapi
DD-WRT Novice


Joined: 14 Oct 2012
Posts: 42

PostPosted: Thu Sep 17, 2020 15:48    Post subject: Reply with quote
dpp3530 wrote:
I went with a simpler configuration.


Thank you for your response. I duplicated this with the exception of different subnet address. Still no dice, can't connect. I get the W10 standard error message "The network connection between your computer and the VPN server was interrupted. This can be caused . . . "

I am starting to suspect the problem is either at the Comcast/Arris SB6190 modem (combo or separately) or in the network the connecting computer is on (AT&T wireless network, either via 4G modem or personal hotspot through iPhone 7 or 8).

If you (or someone else) has any suggestions I am all ears

_________________
D-Link DIR-825 B1 - DD-WRT v3.0-r35681 std (04/06/18) modded with 2 USB ports
D-Link DIR-890L - DD-WRT v3.0-r44863 std (11/24/20)
dpp3530
DD-WRT Guru


Joined: 12 Dec 2007
Posts: 519
Location: Pittsburgh, PA USA

PostPosted: Thu Sep 17, 2020 19:19    Post subject: Reply with quote
First thing I would do is telnet (or SSH) to the router command line and run a PS command to see if PPTP is actually running. If it's not, you'd need to check logs to see why it's failing. It may be something as simple as an invisible character in the username/password combo.

Check ShieldsUp (https://www.grc.com/x/ne.dll?bh0bkyd2) and do a custom port scan to see if 1723 TCP is open. The SB6190 doesn't appear to be a router/modem combo, but Comcast could be blocking it on their end. If the port shows closed or stealth, you may be out of luck.

As far as the client goes, I frequently connect through the hotspot on my AT&T phone but my plan is through work and I can't say if there's a difference in personal vs business plans. If PPTP is running and 1723 is open, you might try taking your laptop to somewhere with free wifi and attempting a connection just to see if it does. Also, if it's a Windows client, try turning off the firewall temporarily just to see if that makes a difference.

It's also worth noting that one of the disadvantages of PPTP is the static ports it uses. You can easily be blocked if someone else going through the same firewall is also using PPTP - even to a different server. We ran into that at my old job back when PPTP was state of the art VPN technology. You had three or four sales guys at the same hotel and things got hairy. One of the reasons it's considered dead tech.

If you have the option, I'd suggest setting up the OpenVPN server on the router. It's a bit more robust and most OSes have a client. I use that as my primary VPN solution with PPTP as a backup.

_________________
__________________________
Linksys WRT-1900AC
DD-WRT v3.0 STD 44340
Linksys EA6700
DD-WRT v3.0 STD 44340
Asus RT-AC56U
DD-WRT v3.0 STD 44340
Netgear AC1450
DD-WRT v3.0 STD 44340
motojapi
DD-WRT Novice


Joined: 14 Oct 2012
Posts: 42

PostPosted: Thu Sep 17, 2020 23:18    Post subject: Reply with quote
Hi,

Thank you again, I will try these in a week (the reason I need VPN access is that I spend every other week away and want/need access to my home network resources and trying to do it without a PC running locally all the time). When away I mostly rely on mobile modem with ATT subscription or occasionally using iPhone as the hotspot.

dpp3530 wrote:
If you have the option, I'd suggest setting up the OpenVPN server on the router. It's a bit more robust and most OSes have a client. I use that as my primary VPN solution with PPTP as a backup.


I read about OpenVPN but sounded much more difficult to setup than PPTP. I am very comfortable with hardware hacks and low level (logics, PC) programming, novice on Linux, TCP/IP etc. I did scan through the OpenVPN - DD-WRT Wiki but got cold feet. Also I would want to use either W10 laptop (or as a second alternative iPad Pro) as the client and at least to me it appeared the Wiki was written for Linux (Mac) as client.

If there is a good resource on the OpenVPN on DD-WRT with either PC or iPad (iOS) client you can point me to I would appreciate. What I am trying to do requires just a single client connection from mobile hotspot; no need for multiple clients etc.

_________________
D-Link DIR-825 B1 - DD-WRT v3.0-r35681 std (04/06/18) modded with 2 USB ports
D-Link DIR-890L - DD-WRT v3.0-r44863 std (11/24/20)
Zyxx
DD-WRT User


Joined: 28 Dec 2018
Posts: 288

PostPosted: Fri Sep 18, 2020 7:21    Post subject: Reply with quote
Excellent guides regarding OpenVPN are in this forum in the Advanced Networking category. Marked as important topic.

But as you stated, sometimes the configuration seems overwhelming.

Do yourself a favour and also have a look into Wireguard.
Wireguard aims to be fast, Easy-to-use and secure VPN alternative to OpenVPN.
DD-WRT does support it, there are very good guides in the Advanced Networking category, too and it is faster than OpenVPN.
dpp3530
DD-WRT Guru


Joined: 12 Dec 2007
Posts: 519
Location: Pittsburgh, PA USA

PostPosted: Fri Sep 18, 2020 20:43    Post subject: Reply with quote
I hadn't tried setting up Wireguard, but about 45 minutes of time and I now have it working. Most of what I needed was in https://wiki.dd-wrt.com/wiki/index.php/The_Easiest_Tunnel_Ever. As I wanted access to resources on my network, I disabled CVE-2019-14899 Mitigation, but otherwise, it was pretty straightforward.
_________________
__________________________
Linksys WRT-1900AC
DD-WRT v3.0 STD 44340
Linksys EA6700
DD-WRT v3.0 STD 44340
Asus RT-AC56U
DD-WRT v3.0 STD 44340
Netgear AC1450
DD-WRT v3.0 STD 44340
motojapi
DD-WRT Novice


Joined: 14 Oct 2012
Posts: 42

PostPosted: Wed Sep 30, 2020 13:50    Post subject: Reply with quote
Hi,

Thank you both for suggestions.

ShieldsUp shows the port 1723 is not open. SSHing into the router and looking for pptp is not obvious if it is running. At least not a process named pptp (I am not so familiar with Linux). I can see the dynamic DNS running (inadyn with a bunch of parameters).

Unless there are obvious suggestions I think I will forget PPTP server and now try the Wireguard following the link posted.

_________________
D-Link DIR-825 B1 - DD-WRT v3.0-r35681 std (04/06/18) modded with 2 USB ports
D-Link DIR-890L - DD-WRT v3.0-r44863 std (11/24/20)
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6665
Location: Netherlands

PostPosted: Wed Sep 30, 2020 13:58    Post subject: Reply with quote
dpp3530 wrote:
I hadn't tried setting up Wireguard, but about 45 minutes of time and I now have it working. Most of what I needed was in https://wiki.dd-wrt.com/wiki/index.php/The_Easiest_Tunnel_Ever. As I wanted access to resources on my network, I disabled CVE-2019-14899 Mitigation, but otherwise, it was pretty straightforward.


That link is obsolete.

See the sticky threads in the advanced networking forum

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
dpp3530
DD-WRT Guru


Joined: 12 Dec 2007
Posts: 519
Location: Pittsburgh, PA USA

PostPosted: Fri Oct 02, 2020 15:31    Post subject: Reply with quote
egc wrote:
That link is obsolete.


Yeah, but it worked. Smile

_________________
__________________________
Linksys WRT-1900AC
DD-WRT v3.0 STD 44340
Linksys EA6700
DD-WRT v3.0 STD 44340
Asus RT-AC56U
DD-WRT v3.0 STD 44340
Netgear AC1450
DD-WRT v3.0 STD 44340
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 6665
Location: Netherlands

PostPosted: Fri Oct 02, 2020 15:46    Post subject: Reply with quote
dpp3530 wrote:
egc wrote:
That link is obsolete.


Yeah, but it worked. Smile


Sure I can set up entirely from the command line doing routing and iptables by myself that also works

But I am not recommending people to do so.

You steer people to obsolete instructions.

As this topic is resolved I will close this thread

_________________
Routers:Netgear R7800, R6400v1, R6400v2, Linksys EA8500, EA6900 (XvortexCFE), E2000 (converted WRT320N), WRT54GS v1.
OpenVPN Policy Based Routing: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321686
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN Server Setup:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Wireguard Server setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
Wireguard Client setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
Wireguard Advanced setup guide:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum