pptpd - Verbindung kommt erst nach sehr vielen Versuchen zustande

To: debian-user-german@lists.debian.org
Subject: pptpd - Verbindung kommt erst nach sehr vielen Versuchen zustande
From: tony.blue.mailinglist@gmx.de
Date: Fri, 13 Apr 2012 12:56:00 +0200
Message-id: <[🔎] 4F880640.8090404@gmx.de>

Hallo,

ich habe zuhause einen Debian Router (Firewall per shorewall). Wenn ichunterwegs bin würde ich mich mit meinem iphone gerne per ssh-Tunnel mitmeinem Debian Router verbinden und dann über diesen (geschützt) surfen.

Dazu habe ich PPTP eingerichtet. Leider kommt die Verbindung erst nachsehr vielen Versuchen (10 - 20 Versuche) zustande. In der/var/log/syslog steht:

Apr 13 12:37:11 router pptpd[29646]: CTRL: Client 176.5.82.25 controlconnection startedApr 13 12:37:11 router pptpd[29646]: CTRL: Starting call (launchingpppd, opening GRE)Apr 13 12:37:11 router pppd[29647]: Plugin/usr/lib/pptpd/pptpd-logwtmp.so loaded.

Apr 13 12:37:11 router pppd[29647]: pptpd-logwtmp: $Version$
Apr 13 12:37:11 router pppd[29647]: pppd 2.4.5 started by root, uid 0
Apr 13 12:37:11 router pppd[29647]: using channel 47
Apr 13 12:37:11 router pppd[29647]: Using interface ppp1
Apr 13 12:37:11 router pppd[29647]: Connect: ppp1 <--> /dev/pts/1

Apr 13 12:37:11 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]

Apr 13 12:37:11 router pptpd[29646]: GRE: Bad checksum from pppd.

Apr 13 12:37:14 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:17 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:20 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:23 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:26 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:29 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:32 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:35 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]Apr 13 12:37:38 router pppd[29647]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <auth chap MS-v2> <magic 0x7acc32a4> <pcomp> <accomp>]

Apr 13 12:37:41 router pppd[29647]: LCP: timeout sending Config-Requests
Apr 13 12:37:41 router pppd[29647]: Connection terminated.

Apr 13 12:37:41 router avahi-daemon[2839]: Withdrawing workstationservice for ppp1.

Apr 13 12:37:42 router pppd[29647]: Modem hangup
Apr 13 12:37:42 router pppd[29647]: Exit.

Apr 13 12:37:42 router pptpd[29646]: GRE:read(fd=6,buffer=8058640,len=8196) from PTY failed: status = -1 error =Input/output error, usually caused by unexpected termination of pppd,check option syntax and pppd logsApr 13 12:37:42 router pptpd[29646]: CTRL: PTY read or GRE write failed(pty,gre)=(6,7)

Apr 13 12:37:42 router pptpd[29646]: CTRL: Reaping child PPP[29647]

Apr 13 12:37:42 router pptpd[29646]: CTRL: Client 176.5.82.25 controlconnection finished

Vermutlich liegt es ann der Meldung "GRE: Bad checksum". Leider sagt mirdas gar nichts.


Woran könnte das liegen?

Danke!

Tony

Hier die /etc/ppp/pptpd-options

###############################################################################
# $Id: pptpd-options 4643 2006-11-06 18:42:43Z rene $
#
# Sample Poptop PPP options file /etc/ppp/pptpd-options
# Options used by PPP when a connection arrives from a client.
# This file is pointed to by /etc/pptpd.conf option keyword.
# Changes are effective on the next connection.  See "man pppd".
#
# You are expected to change this file to suit your system.  As
# packaged, it requires PPP 2.4.2 and the kernel MPPE module.
###############################################################################


# Authentication

# Name of the local system for authentication purposes
# (must match the second field in /etc/ppp/chap-secrets entries)
name pptpd

# Optional: domain name to use for authentication
# domain mydomain.net

# Strip the domain prefix from the username before authentication.
# (applies if you use pppd with chapms-strip-domain patch)
#chapms-strip-domain


# Encryption
# Debian: on systems with a kernel built with the package
# kernel-patch-mppe >= 2.4.2 and using ppp >= 2.4.2, ...
# {{{
refuse-pap
refuse-chap
refuse-mschap
# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
# Challenge Handshake Authentication Protocol, Version 2] authentication.
require-mschap-v2
# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
require-mppe-128
# }}}




# Network and Routing

# If pppd is acting as a server for Microsoft Windows clients, this
# option allows pppd to supply one or two DNS (Domain Name Server)
# addresses to the clients.  The first instance of this option
# specifies the primary DNS address; the second instance (if given)
# specifies the secondary DNS address.
# Attention! This information may not be taken into account by a Windows
# client. See KB311218 in Microsoft's knowledge base for more information.

#ms-dns 10.0.0.1
#ms-dns 10.0.0.2
ms-dns 192.168.1.254

# If pppd is acting as a server for Microsoft Windows or "Samba"
# clients, this option allows pppd to supply one or two WINS (Windows
# Internet Name Services) server addresses to the clients.  The first
# instance of this option specifies the primary WINS address; the
# second instance (if given) specifies the secondary WINS address.
#ms-wins 10.0.0.3
#ms-wins 10.0.0.4

# Add an entry to this system's ARP [Address Resolution Protocol]
# table with the IP address of the peer and the Ethernet address of this
# system.  This will have the effect of making the peer appear to other
# systems to be on the local ethernet.
# (you do not need this if your PPTP server is responsible for routing
# packets to the clients -- James Cameron)
proxyarp

# Debian: do not replace the default route
nodefaultroute


# Logging

# Enable connection debugging facilities.
# (see your syslog configuration for where pppd sends to)
debug

# Print out all the option values which have been set.
# (often requested by mailing list to verify options)
#dump


# Miscellaneous

# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
# access.
lock

# Disable BSD-Compress compression
nobsdcomp

Reply to:

Prev by Date: Re: Uhrzeiten ftp-Server
Next by Date: Iceweasel öffnet xterm
Previous by thread: Re: Uhrzeiten ftp-Server
Next by thread: Iceweasel öffnet xterm
Index(es):
- Date
- Thread