01-03-2012 07:27 AM
FW = 1.1.0.1
PPTP = enabled
server IP = 192.168.0.1
pptp range = 192.168.0.90-94 (DHCP range starts at .100)
MPPE = off
Netbios = off
PPTP user = created and enabled
Passthru = all enabled
Coming in from work, can ssh to server inside, so basic setup and port forwarding work. Then tried pptp WinXP client from work. Win pptp client gives error 619, and the RV100W logs show
2012-01-03 08:30:09 RV110W daemon.warning pppd[9716]: Warning - secret file /tmp/ppp/pap-secrets has world and/or group access
2012-01-03 08:30:39 RV110W daemon.warning pppd[9716]: LCP: timeout sending Config-Requests
2012-01-03 08:30:39 RV110W daemon.err pptpd[9715]: GRE: read(fd=12,buffer=451c4c,len=8196) from PTY failed: status = -1 error = Input/out
put error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
2012-01-03 08:30:39 RV110W daemon.err pptpd[9715]: CTRL: PTY read or GRE write failed (pty,gre)=(12,13)
2012-01-03 08:31:09 RV110W daemon.warning pppd[9844]: Warning - secret file /tmp/ppp/pap-secrets has world and/or group access
2012-01-03 08:31:39 RV110W daemon.warning pppd[9844]: LCP: timeout sending Config-Requests
2012-01-03 08:31:39 RV110W daemon.err pptpd[9843]: GRE: read(fd=12,buffer=451c4c,len=8196) from PTY failed: status = -1 error = Input/out
put error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
2012-01-03 08:31:39 RV110W daemon.err pptpd[9843]: CTRL: PTY read or GRE write failed (pty,gre)=(12,13)
01-04-2012 05:44 AM
I recalled reading somewhere that Remote Managment had to be enabled for QuickVPN to work so I turned that on too (just in case). Now I can remote into the RV110w from work, but my WinXP PPTP still throws Error 619
Oh and the FW version is 1.1.0.9
01-04-2012 02:28 PM
Steve,
Have you attempted a PPTP connection from another location other than your work environment?
Also you can give us a call @ 1-866-606-1866 and open a support case. We can test your connection from our lab and verify if it's the router or configuration settings.
Jasbryan
01-05-2012 09:13 AM
I called in this AM and got "Tori" and she tried from the lab. She was going to write up her findings here, but she tried to connect to antoehr person and we got disconnected. I hope she gets her info back to us
01-05-2012 10:46 AM
Steve,
I was able to consult with tori shortly and notice that you have a private IP address on your wan port (which usually needs to be public). I have had customer get PPTP to work with this type of configuration but it all dependant on your gateway routers configuration. With your current topology, since the RV110W isn't your gateway router we can't guarantee that your PPTP connection will be successful. In this type of configuration you will have to forwarding proper traffic inbound to the WAN address of the RV110w. The WAN address of the RV110w doesn’t need to be DHCP .If the WAN address of RV110W gets renewed then any forwarded traffic will not make it to its destination. Once you have the proper configuration in your gateway router. You should be able to initialize a PPTP connection to the RV110w.
NOTE: Since RV110W isn’t your GATEWAY ROUTER we can’t guarantee that PPTP connection will function as expected.
If you are able to modify gateway router forwarding settings and then test PPTP connections and let me know if you are successful in getting connected via PPTP
Thanks,
Jasbryan
01-05-2012 11:11 AM
My ISP (http://www.hbci.com/residential/data/air ) uses this (http://ubnt.com/rocketdish) on my roof to provide our broadband connection. The RV110W is behind it. I have had a heck of a time convincing them that port forwarding cannot be done via DHCP for the very reason you say, how can you know the server will always get the IP that the port is forwarded to? They counter that you can forward a single port (like 22) to multiple IPs. [I did not think so either, despite providing Wikipedia links on port forwarding that say what you say.]
However, when I nmap the ISP provided public IP I get the below. Since ssh, http and https all work (Tori used Remote Admin) why does pptp fail? Does 1723 have to be forwarded to a different IP then the ssh and http stuff?
Interesting ports on 8.24.106.38:
Not shown: 1649 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp filtered smtp
53/tcp open domain
80/tcp open http
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
443/tcp open https
445/tcp filtered microsoft-ds
554/tcp open rtsp
1214/tcp filtered fasttrack
1433/tcp filtered ms-sql-s
1720/tcp open H.323/Q.931
1723/tcp open pptp
1755/tcp open wms
01-05-2012 12:12 PM
Steve,
Normally depending on the situation- I would set up a static-DHCP map - In our router this is the binding of IP Address and Mac address that you want the DHCP server to give to a certain device. So when the RV110W asked the DHCP server for an address it would give the same address you assigned in the static-dhcp-map section. Now the other way is to set up the STATIC IP address in the RV110W so you would basically pick a address that you want the RV110W to have and assign it(ip-address,subnet-mask,default-gateway,and dns servers). This should be able to communicate with the gateway router. That being said you would need company who manages the Gateway router and have the forward all port to the address you specific on the RV110W Wan interface.
Example:
Gateway router
Public IP address 86.456.21.51 (giving by ISP)
Local Lan (private) address of gateway router
192.168.100.1
RV110W
Wan address
IP - 192.168.100.50--- Subnet -255.255.255.0--- Gateway – 192.168.100.1
In your gateway router you would have them to forward all ports or specified ports to wan interface of our router @ 192.168.100.50 (This address is what i specified as an example)
address will reflect actual ip address you set.
This is an example of how sending all service ports to an internal private address of the RV110W
Hope this helps,
Jasbryan
01-05-2012 12:21 PM
OK, the ISP must be doing something like this already. As I point out, ssh/http/https all work and we can use Remote Admin on the RV110W (as Tori did). The ISP claims 1723 is also sent to the same IP as the former ports. Since I have no access to their device, I have to believe them. Yet PPTP fails, while everything else works.
???
01-05-2012 02:46 PM
Steve,
They will need to make sure that PPTP pass-through enabled
usually on routers we have vpn pass-through group together like example below.
this is the last thing we can check,
Jasbryan
01-06-2012 08:34 AM
Jason;
I found this page for the ISP's router http://wiki.ubnt.com/AirOS_5.3
There are several places they mention pptp pass through in it. Where do you think the real setting shoud be changed?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: