+ Post New Thread
Results 1 to 8 of 8
*nix Thread, Advice on setting up a VPN client (Xubuntu) in Technical; I'm running Xubuntu on a HP nc8000 laptop and I want to set up a VPN into work (although the ...
  1. #1

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Advice on setting up a VPN client (Xubuntu)

    I'm running Xubuntu on a HP nc8000 laptop and I want to set up a VPN into work (although the reason that I needed to do this escapes me cos I've been arsing about with it for so long!).

    I have followed the instructions on setting up a PPTP VPN client from the Ubuntu forums and have also seen the exact same instructions elsewhere on the web. They all say that it should just work! (see http://pptpclient.sourceforge.net/howto-ubuntu.phtml for example).

    I cannot see anything untoward in the output (even in debugging mode). The standard output follows:
    Using interface ppp0pptpconfig: monitoring interface ppp0

    Connect: ppp0 <--> /dev/pts/1
    CHAP authentication succeeded
    MPPE 128-bit stateless compression enabled
    Cannot determine ethernet address for proxy ARP
    local IP address 10.187.4.30
    remote IP address 212.219.207.52
    pptpconfig: pppd process exit status 0 (started)
    ip route replace 212.219.207.52 via 80.192.176.1 dev eth0 src 80.192.180.189
    ip route add '10.74.4.0/22' dev 'ppp0'
    Cannot find device "ppp0"

    pptpconfig: command failed, exit code 255
    pptpconfig: connected
    Please help!

    BTW - I'm trying to get into CLEO if that makes any difference

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: Advice on setting up a VPN client (Xubuntu)

    Looks like it can't add a route to ppp0 because ppp0 doesn't exist.
    do you have /dev/ppp0 ?
    'ls /dev/ppp0'
    is pppd installed? running?

  3. #3

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Re: Advice on setting up a VPN client (Xubuntu)

    if you monitor the output from ifconfig whilst the connection is initiated, ppp0 is created but then disappears when the connection fails (for obvious reasons).

  4. #4


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339

    Re: Advice on setting up a VPN client (Xubuntu)

    can you manuallyu add the route when ppp0 is connected
    ip route add 10.74.4.0/22 dev ppp0

  5. #5

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Re: Advice on setting up a VPN client (Xubuntu)

    i did try that to no avail... will continue having a go.

  6. #6

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Re: Advice on setting up a VPN client (Xubuntu)

    OK... a little more success... the options.pptp had some options that were overriding pptpconfig.

    I have removed that file and now I get the following output with the debug info turned on...
    pptpconfig: debug information dump begins
    WARNING: security sensitive information follows
    pptpconfig 1.12 2006/08/21 06:19:12
    # pptp --version
    pptp: unrecognized option `--version'
    pptp version 1.7.0
    Usage:
    pptp <hostname> [<pptp options>] [[--] <pppd options>]

    Or using pppd's pty option:
    pppd pty "pptp <hostname> --nolaunchpppd <pptp options>"

    Available pptp options:
    --phone <number> Pass <number> to remote host as phone number
    --nolaunchpppd Do not launch pppd, for use as a pppd pty
    --quirks <quirk> Work around a buggy PPTP implementation
    Currently recognised values are BEZEQ_ISRAEL only
    --debug Run in foreground (for debugging with gdb)
    --sync Enable Synchronous HDLC (pppd must use it too)
    --timeout <secs> Time to wait for reordered packets (0.01 to 10 secs)
    --nobuffer Disable packet buffering and reordering completely
    --idle-wait Time to wait before sending echo request
    --max-echo-wait Time to wait before giving up on lack of reply
    --logstring <name> Use <name> instead of 'anon' in syslog messages
    --localbind <addr> Bind to specified IP address instead of wildcard
    --loglevel <level> Sets the debugging level (0=low, 1=default, 2=high)
    # pppd --version
    pppd version 2.4.4
    # uname -a
    Linux laptop-hp03 2.6.17-10-generic #2 SMP Tue Dec 5 22:28:26 UTC 2006 i686 GNU/Linux
    # modinfo ppp_mppe || modinfo ppp_mppe_mppc
    filename: /lib/modules/2.6.17-10-generic/kernel/drivers/net/ppp_mppe.ko
    author: Frank Cusack <fcusack@fcusack.com>
    description: Point-to-Point Protocol Microsoft Point-to-Point Encryption support
    license: Dual BSD/GPL
    alias: ppp-compress-18
    version: 1.0.2
    vermagic: 2.6.17-10-generic SMP mod_unload 586 REGPARM gcc-4.1
    depends: ppp_generic
    srcversion: 6B88E623CA7C4D7FE2F11FA
    # grep mppe /proc/modules
    ppp_mppe 8452 0 - Live 0xe0cda000
    ppp_generic 30612 4 ppp_deflate,bsd_comp,ppp_mppe,ppp_async, Live 0xe0d11000
    Array
    (
    [name] => CLEOVPN
    [server] => REMOVED FOR SECURITY
    [domain] =>
    [username] => REMOVED FOR SECURITY
    [password] => (hidden by pptpconfig)
    [pppd-options] =>
    [pptp-options] =>
    [resolv] =>
    [dns-options] =>
    [routing] => routing_all_to_tunnel
    [usepeerdns] =>
    [require-mppe] => 1
    [nomppe-40] =>
    [nomppe-128] =>
    [refuse-eap] =>
    [mppe-stateful] =>
    [autostart] =>
    [iconify] =>
    [persist] =>
    [debug] => 1
    [client-to-lan] => a:1:{s:12:"10.74.4.0/22";s:6:"Baines";}
    )
    # route -n (before pppd)
    Kernel IP routeing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    80.192.176.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
    0.0.0.0 80.192.176.1 0.0.0.0 UG 0 0 0 eth0
    pptpconfig: debug information dump ends, starting pppd
    pppd options in effect:
    debug # (from /etc/ppp/peers/CLEOVPN)
    updetach # (from command line)
    logfd 1 # (from command line)
    linkname CLEOVPN # (from /etc/ppp/peers/CLEOVPN)
    dump # (from /etc/ppp/peers/CLEOVPN)
    noauth # (from /etc/ppp/peers/CLEOVPN)
    name ric@baines.lancs.sch.uk # (from /etc/ppp/peers/CLEOVPN)
    remotename CLEOVPN # (from /etc/ppp/peers/CLEOVPN)
    # (from /etc/ppp/options)
    pty pptp vpn.cleo.net.uk --nolaunchpppd # (from /etc/ppp/peers/CLEOVPN)
    crtscts # (from /etc/ppp/options)
    # (from /etc/ppp/options)
    asyncmap 0 # (from /etc/ppp/options)
    lcp-echo-failure 4 # (from /etc/ppp/options)
    lcp-echo-interval 30 # (from /etc/ppp/options)
    hide-password # (from /etc/ppp/options)
    ipparam CLEOVPN # (from /etc/ppp/peers/CLEOVPN)
    proxyarp # (from /etc/ppp/options)
    require-mppe # (from /etc/ppp/peers/CLEOVPN)
    noipx # (from /etc/ppp/options)
    using channel 23
    Using interface ppp0pptpconfig: monitoring interface ppp0

    Connect: ppp0 <--> /dev/pts/1
    sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x88ae9974> <pcomp> <accomp>]
    rcvd [LCP ConfReq id=0x0 <auth chap MS-v2>]
    sent [LCP ConfAck id=0x0 <auth chap MS-v2>]
    rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x88ae9974> <pcomp> <accomp>]
    sent [LCP EchoReq id=0x0 magic=0x88ae9974]
    rcvd [CHAP Challenge id=0x1 <164afe6a184068aeec24b32f3bd8c16c>, name = ""]
    sent [CHAP Response id=0x1 <665ab6444594fdd58237ec371bed86c400000000000000001 6d8bae705842c9fe1044002c4b0cc4147f099a4d937818900> , name = "ric@baines.lancs.sch.uk"]
    rcvd [LCP EchoRep id=0x0 magic=0x0]
    rcvd [CHAP Challenge id=0x2 <ddb9e600fe2e21afec24b32f3bd8c16c>, name = ""]
    sent [CHAP Response id=0x2 <1ff169eb55498a9ccd12359e3c97e4a700000000000000008 7c814427f482f797feee493d54a9890aee274213f4a478400> , name = "REMOVED FOR SECURITY"]
    rcvd [CHAP Success id=0x2 "S=D2880CDA91BFE0A2F85F1D6B0A16EB221927FCAA"]
    CHAP authentication succeeded
    sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
    rcvd [IPCP ConfReq id=0x0 <addr 212.219.207.52>]
    sent [IPCP TermAck id=0x0]
    rcvd [CCP ConfReq id=0x0 <mppe +H -M +S +L -D -C>]
    sent [CCP ConfNak id=0x0 <mppe +H -M +S -L -D -C>]
    rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
    sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
    rcvd [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
    sent [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
    rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
    MPPE 128-bit stateless compression enabled
    sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
    rcvd [IPCP ConfReq id=0x1 <addr 212.219.207.52>]
    sent [IPCP ConfAck id=0x1 <addr 212.219.207.52>]
    sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
    rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
    sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
    rcvd [IPCP ConfNak id=0x2 <addr 10.187.4.111>]
    sent [IPCP ConfReq id=0x3 <addr 10.187.4.111>]
    rcvd [IPCP ConfAck id=0x3 <addr 10.187.4.111>]
    Cannot determine ethernet address for proxy ARP
    local IP address 10.187.4.111
    remote IP address 212.219.207.52
    # route -n (after pppd exit)
    Kernel IP routeing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    212.219.207.52 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
    80.192.176.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
    0.0.0.0 80.192.176.1 0.0.0.0 UG 0 0 0 eth0
    pptpconfig: pppd process exit status 0 (started)
    ip route replace 212.219.207.52 via 80.192.176.1 dev eth0 src 80.192.180.189
    ip route add '10.74.4.0/22' dev 'ppp0'
    Cannot find device "ppp0"

    pptpconfig: command failed, exit code 255
    ip route replace default dev 'ppp0'
    Cannot find device "ppp0"

    pptpconfig: command failed, exit code 255
    pptpconfig: default route changed to use tunnel
    pptpconfig: connected
    # route -n (after completion)
    Kernel IP routeing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    212.219.207.52 80.192.176.1 255.255.255.255 UGH 0 0 0 eth0
    80.192.176.0 0.0.0.0 255.255.248.0 U 0 0 0 eth0
    0.0.0.0 80.192.176.1 0.0.0.0 UG 0 0 0 eth0
    pptpconfig: restoring routing and DNS configuration
    ip route del 212.219.207.52 via 80.192.176.1 dev eth0 src 80.192.180.189
    ip route replace default via 80.192.176.1 dev eth0
    pptpconfig: routing and DNS configuration restored
    Any ideas?

  7. #7

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Advice on setting up a VPN client (Xubuntu)

    I have it working here ric. There's a couple of funnies you have to watch for. But anyway here's my config.

    chap-secrets
    Code:
    <myuserid>@carrhill.lancs.sch.uk PPTP <password> *
    PPTP <myuserid>@carrhill.lancs.sch.uk <password> *
    pptp.options
    Code:
    #
    # Lock the port
    #
    lock
    
    #
    # We don't need the tunnel server to authenticate itself
    #
    noauth
    
    #
    # Turn off transmission protocols we know won't be used
    #
    nobsdcomp
    nodeflate
    
    #
    # PPPD  defaults to stateful mppe. This doesn't work at all with the cleo server
    #
    mppe stateless
    
    #
    # We want a sane mtu/mru
    #
    mtu 1500
    #Setting a mru crashes the cleo vpn connection to the server
    #mru 1000
    
    #
    # Time this thing out of it goes poof
    #
    lcp-echo-failure 10
    lcp-echo-interval 10
    Now the gotcha. The vpn server run by cleo is misconfigured. When you connect you'll end up with your default route to the vpn server pointing down the tunnel. This causes an ip loop and it breaks everything horribly. Fix is to setup a static route when your networking comes up.

    Code:
    route add -host <CLEO VPN Server IP>/32 gw <your default route> dev eth0
    Finally, you'll need to setup the routing you need to access your school(s) network.

    Code:
    route add -net <school network id>/24 dev ppp0
    remember to delete afterwards in /etc/ppp/ip-down too.

  8. #8

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,600
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181

    Re: Advice on setting up a VPN client (Xubuntu)

    Right... sorted my problem

    Something was clearly borked in Xubuntu. I have blitzed the laptop to trial Debian v4 RC1 (Debian being my preferred distro anyway and v4 being a MAJOR release).

    Anyway... installed the PPTP stuff in exactly the same way and hey presto! It works like a dream

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 6
    Last Post: 11th July 2007, 03:32 PM
  2. Thin Client Advice
    By Lee_K_81 in forum Thin Client and Virtual Machines
    Replies: 21
    Last Post: 25th April 2007, 07:22 PM
  3. Advice on Setting up a Server 2003 domain at home.
    By Kyle in forum How do you do....it?
    Replies: 6
    Last Post: 14th August 2006, 06:15 AM
  4. Thinking of setting up a Thin Client in on room.
    By tosca925 in forum Thin Client and Virtual Machines
    Replies: 5
    Last Post: 29th June 2006, 07:53 AM
  5. Thin client advice
    By woody in forum Thin Client and Virtual Machines
    Replies: 26
    Last Post: 5th April 2006, 06:36 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •