Unsuccessful PPTP in between WRT54GL (dd-wrt v2.4) and Cisco 2851

Unanswered Question
Jan 20th, 2011

PROBLEM

We are trying to establish VPN using PPTP, and we can see briefly

RTR1#sh vpdn sess

%No active L2F tunnels

%No active L2TP tunnels

PPTP Session Information Total tunnels 1 sessions 1

LocID RemID TunID Intf    Username      State   Last Chg Uniq ID

2860  4793  2891  Vi2.1   123456        estabd  00:00:03 860   

RTR1#sh vpdn tunn

%No active L2F tunnels

%No active L2TP tunnels

PPTP Tunnel Information Total tunnels 1 sessions 1

LocID Remote Name     State    Remote Address  Port  Sessions VPDN Group

2892  93.86.250.72    estabd   93.86.xxx.xxx    4794  1        1             

but after that connection is reset, just to re-appear again after few seconds.

SETUP:

on dd-wrt side (client):
Firmware: DD-WRT v24-sp2 (10/10/09) vpn
running on WRT54GL

on server side running:
Cisco 2851 with image c2800nm-ipbase-mz.124-3d

On WRT side we have set PPP Client with Serevr IP and blank Remote subnet and Subnet mask, as well the MPPE encryption since cisco image does not support it.

DEBUG

Debug on Cisco side shows:

*Jan 20 09:56:31.019: ppp336 PPP: Send Message[Dynamic Bind Response]
*Jan 20 09:56:31.019: ppp336 PPP: Using vpn set call direction
*Jan 20 09:56:31.019: ppp336 PPP: Treating connection as a callin
*Jan 20 09:56:31.019: ppp336 PPP: Session handle[7F00091B] Session id[336]
*Jan 20 09:56:31.019: ppp336 PPP: Phase is ESTABLISHING, Passive Open
*Jan 20 09:56:31.019: ppp336 LCP: State is Listen
*Jan 20 09:56:33.007: ppp336 LCP: TIMEout: State Listen
*Jan 20 09:56:33.007: ppp336 PPP: Authorization NOT required
*Jan 20 09:56:33.007: ppp336 LCP: O CONFREQ [Listen] id 1 len 15
*Jan 20 09:56:33.007: ppp336 LCP: AuthProto MS-CHAP (0x0305C22380)
*Jan 20 09:56:33.007: ppp336 LCP: MagicNumber 0xDDA17010 (0x0506DDA17010)
*Jan 20 09:56:33.127: ppp336 LCP: I CONFREQ [REQsent] id 1 len 20
*Jan 20 09:56:33.127: ppp336 LCP: ACCM 0x00000000 (0x020600000000)
*Jan 20 09:56:33.127: ppp336 LCP: MagicNumber 0x3A4DAEBE (0x05063A4DAEBE)
*Jan 20 09:56:33.127: ppp336 LCP: PFC (0x0702)
*Jan 20 09:56:33.127: ppp336 LCP: ACFC (0x0802)
*Jan 20 09:56:33.127: ppp336 LCP: O CONFACK [REQsent] id 1 len 20
*Jan 20 09:56:33.127: ppp336 LCP: ACCM 0x00000000 (0x020600000000)
*Jan 20 09:56:33.127: ppp336 LCP: MagicNumber 0x3A4DAEBE (0x05063A4DAEBE)
*Jan 20 09:56:33.127: ppp336 LCP: PFC (0x0702)
*Jan 20 09:56:33.127: ppp336 LCP: ACFC (0x0802)
*Jan 20 09:56:33.131: ppp336 LCP: I CONFACK [ACKsent] id 1 len 15
*Jan 20 09:56:33.131: ppp336 LCP: AuthProto MS-CHAP (0x0305C22380)
*Jan 20 09:56:33.131: ppp336 LCP: MagicNumber 0xDDA17010 (0x0506DDA17010)
*Jan 20 09:56:33.131: ppp336 LCP: State is Open
*Jan 20 09:56:33.131: ppp336 PPP: Phase is AUTHENTICATING, by this end
*Jan 20 09:56:33.131: ppp336 MS-CHAP: O CHALLENGE id 1 len 21 from "RTR1 "
*Jan 20 09:56:33.231: ppp336 MS-CHAP: I RESPONSE id 1 len 60 from "123456"
*Jan 20 09:56:33.231: ppp336 PPP: Phase is FORWARDING, Attempting Forward
*Jan 20 09:56:33.231: ppp336 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Jan 20 09:56:33.235: ppp336 PPP: Sent MSCHAP LOGIN Request
*Jan 20 09:56:33.239: ppp336 PPP: Received LOGIN Response PASS
*Jan 20 09:56:33.239: ppp336 PPP: Phase is FORWARDING, Attempting Forward
*Jan 20 09:56:33.239: ppp336 PPP: Send Message[Connect Local]
*Jan 20 09:56:33.243: ppp336 PPP: Bind to [Virtual-Access2.1]
*Jan 20 09:56:33.243: Vi2.1 PPP: Send Message[Static Bind Response]
*Jan 20 09:56:33.243: Vi2.1 PPP: Phase is AUTHENTICATING, Authenticated User
*Jan 20 09:56:33.243: Vi2.1 MS-CHAP: O SUCCESS id 1 len 4
*Jan 20 09:56:33.243: Vi2.1 PPP: Phase is UP
*Jan 20 09:56:33.247: Vi2.1 IPCP: O CONFREQ [Closed] id 1 len 10
*Jan 20 09:56:33.247: Vi2.1 IPCP: Address 213.144.1xx.xxy (0x0306D590B811)
*Jan 20 09:56:33.247: Vi2.1 PPP: Process pending ncp packets
*Jan 20 09:56:33.343: Vi2.1 IPCP: I CONFREQ [REQsent] id 1 len 28
*Jan 20 09:56:33.343: Vi2.1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
*Jan 20 09:56:33.343: Vi2.1 IPCP: Address 192.168.1.1 (0x0306C0A80101)
*Jan 20 09:56:33.343: Vi2.1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
*Jan 20 09:56:33.343: Vi2.1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
*Jan 20 09:56:33.343: Vi2.1 IPCP: O CONFREJ [REQsent] id 1 len 16
*Jan 20 09:56:33.343: Vi2.1 IPCP: CompressType VJ 15 slots CompressSlotID (0x0206002D0F01)
*Jan 20 09:56:33.343: Vi2.1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
*Jan 20 09:56:33.347: Vi2.1 IPCP: I CONFACK [REQsent] id 1 len 10
*Jan 20 09:56:33.347: Vi2.1 IPCP: Address 213.144.1xx.xxy (0x0306D590B811)
*Jan 20 09:56:33.443: Vi2.1 IPCP: I CONFREQ [ACKrcvd] id 2 len 16
*Jan 20 09:56:33.443: Vi2.1 IPCP: Address 192.168.1.1 (0x0306C0A80101)
*Jan 20 09:56:33.443: Vi2.1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
*Jan 20 09:56:33.443: Vi2.1 IPCP: O CONFNAK [ACKrcvd] id 2 len 16
*Jan 20 09:56:33.443: Vi2.1 IPCP: Address 213.144.1xx.xxx (0x0306D590B810)
*Jan 20 09:56:33.443: Vi2.1 IPCP: PrimaryDNS 194.30.xxx.xxx (0x8106C21EDC6E)
*Jan 20 09:56:33.543: Vi2.1 IPCP: I CONFREQ [ACKrcvd] id 3 len 16
*Jan 20 09:56:33.543: Vi2.1 IPCP: Address 213.144.1xx.xxx (0x0306D590B810)
*Jan 20 09:56:33.543: Vi2.1 IPCP: PrimaryDNS 194.30.xxx.xxx (0x8106C21EDC6E)
*Jan 20 09:56:33.543: Vi2.1 IPCP: O CONFACK [ACKrcvd] id 3 len 16
*Jan 20 09:56:33.543: Vi2.1 IPCP: Address 213.144.1xx.xxx (0x0306D590B810)
*Jan 20 09:56:33.543: Vi2.1 IPCP: PrimaryDNS 194.30.xxx.xxx (0x8106C21EDC6E)
*Jan 20 09:56:33.543: Vi2.1 IPCP: State is Open
*Jan 20 09:56:33.543: Vi2.1 IPCP: Install default route thru 213.144.1xx.xxx
*Jan 20 09:56:33.543: Vi2.1 IPCP: Install route to 213.144.1xx.xxx
*Jan 20 09:56:33.543: Vi2.1 IPCP: Add link info for cef entry 213.144.1xx.xxx
*Jan 20 09:56:41.499: Vi2.1 LCP: I TERMREQ [Open] id 2 len 23
*Jan 20 09:56:41.499: Vi2.1 LCP: (0x50656572206E6F7420726573706F6E64)
*Jan 20 09:56:41.499: Vi2.1 LCP: (0x696E67)
*Jan 20 09:56:41.499: Vi2.1 LCP: O TERMACK [Open] id 2 len 4
*Jan 20 09:56:41.499: Vi2.1 PPP: Sending Acct Event[Down] id[8BD9]
*Jan 20 09:56:41.499: Vi2.1 PPP: Phase is TERMINATING
*Jan 20 09:56:42.719: Vi2.1 LCP: I CONFREQ [TERMsent] id 3 len 20
*Jan 20 09:56:42.719: Vi2.1 LCP: ACCM 0x00000000 (0x020600000000)
*Jan 20 09:56:42.719: Vi2.1 LCP: MagicNumber 0xC130370E (0x0506C130370E)
*Jan 20 09:56:42.719: Vi2.1 LCP: PFC (0x0702)
*Jan 20 09:56:42.719: Vi2.1 LCP: ACFC (0x0802)
*Jan 20 09:56:42.719: Vi2.1 LCP: Dropping packet, state is TERMsent
*Jan 20 09:56:43.503: Vi2.1 LCP: TIMEout: State TERMsent
*Jan 20 09:56:43.503: Vi2.1 LCP: State is Closed
*Jan 20 09:56:43.503: Vi2.1 PPP: Phase is DOWN
*Jan 20 09:56:43.503: Vi2.1 IPCP: State is Closed
*Jan 20 09:56:43.503: Vi2.1 IPCP: Remove link info for cef entry 213.144.1xx.xxx
*Jan 20 09:56:43.503: Vi2.1 PPP: Send Message[Disconnect]
*Jan 20 09:56:43.503: Vi2.1 IPCP: Remove route to 213.144.1xx.xxx
*Jan 20 09:56:43.503: Vi2.1 IPCP: Remove default route thru 213.144.1xx.xxx

So, we see that Incoming is requesting termination - but not sure why? (I TERMREQ)

Any help would be appreciated...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
hebaerte Tue, 01/25/2011 - 05:48

Hi,

as you mentioned, the connection setup seems ok but then the WRT sends a TERMREQ and so the connection gets terminated. I gues you'll have to to check the logs on the WRT to find out why it is doing that (I have zero experience with dd-wrt so can't help you with that, but perhaps you can try in the forum which is dedicatd to Linksys/Cisco Small Business topics.

Having said that, I did spot something odd in the debugs, which may or may not be related:

*Jan 20 09:56:33.543: Vi2.1 IPCP: Install default route thru 213.144.1xx.xxx

so it looks like the router installs a default route through the tunnel, which is kinda weird.

hth

Herbert

Actions

Login or Register to take actions

This Discussion

Posted January 20, 2011 at 5:56 AM
Stats:
Replies:1 Avg. Rating:
Views:1260 Votes:0
Shares:0

Related Content

Discussions Leaderboard