Freebsd MPD PPTP

Mihai Tanasescu mihai at duras.ro
Wed Sep 5 09:10:44 PDT 2007 

Mihai Tanasescu wrote:
> Hello,
>
>
> I'm using MPD4 to establish a PPTP VPN from my FreeBSD 6.2 server to 
> some clients and I've started encountering some strange problems.
>
> The connection goes well, everything functions accordingly but after a 
> while (very random, can be 5 minutes, 1 hour, 8 hours) I loose 
> connectivity (the clients' Windows icon show packet are being sent, 
> but nothing is received). A tcpdump on the external interface shows no 
> packets going out and the same for tcpdump on ng0 (although I'm not 
> sure if it should display something here).
>
> For what I've seen the ip address on the ng0 interface disappears.
>
> My config looks like the following:
>
> FreeBSD cs.duras.ro 6.2-RELEASE FreeBSD 6.2-RELEASE #0
>
> - standard kernel
> - rc.conf: mpd_enable="YES"
>
>
> mpd.conf
> pptp1:
>        new -i ng0 pptp1 pptp1
>        set iface disable proxy-arp
>        set ipcp ranges 192.168.1.129/32 192.168.1.130/32
>        set iface route 192.168.1.130/32
>        load pptp_standard
>
> pptp_standard:
>        set iface idle 0
>        set iface disable on-demand
>        set iface enable tcpmssfix
>        set bundle disable multilink
>        set bundle enable compression
>        set bundle enable noretry
>        set bundle max-logins 0
>        set link no pap chap
>        set link enable chap
>        set link keep-alive 0 0 // tried before with 10 and 60 and now 
> I've disabled the keepalives
>        set link max-redial -1
>        set link yes acfcomp protocomp
>        set link enable chap-md5 chap-msv1 chap-msv2 chap
>        set link mtu 1460
>        set link mtu 1460 //here I also tried without these
>        set link mru 1460 // here I also tried without these
>        set link latency 0
>        set ipcp dns dns-ip-address
>        set ipcp yes vjcomp
>        set ccp yes mppc
>        set ccp yes mpp-e40
>        set ccp yes mpp-e128
>        set ccp yes mpp-stateless
>        set pptp disable delayed-ack
>
> mpd.links
>
> pptp1:
>       set link type pptp
>       set pptp self my-server-ip-address
>       set pptp enable incoming
>       set pptp disable originate
>       set pptp disable windowing
>
> I'm also using pf for NAT:
> scrub in all fragment reassemble no-df max-mss 1452
> #nonat = local table with lan ip addresses
> nat on $ext_if from 192.168.1.128/25 to ! <nonat> -> ($ext_if)
>
> I get no packet errors during the communication.
>
> Can anyone help in debugging this ?
>
>
> Thanks,
> Mihai
>
>
>
>
>

Forgot to mention this:

As far as I'm seeing it now, this only happens when 2 users try to be 
simultaneously connected.

I have defined:

pptp1:
        new -i ng0 pptp1 pptp1
        set iface disable proxy-arp
        set ipcp ranges 192.168.1.129/32 192.168.1.130/32
        load pptp_standard
pptp2:
        new -i ng0 pptp2 pptp2
        set iface disable proxy-arp
        set ipcp ranges 192.168.1.131/32 192.168.1.132/32
        load pptp_standard

pptp1:
       set link type pptp
       set pptp self 86.105.56.134
       set pptp enable incoming
       set pptp disable originate
       set pptp disable windowing
pptp2:
       set link type pptp
       set pptp self 86.105.56.134
       set pptp enable incoming
       set pptp disable originate
       set pptp disable windowing

More information about the freebsd-net mailing list