[TriLUG] PPTP VPN issues -- wha??

MG mgmonza at gmail.com
Tue Apr 24 17:58:06 EDT 2007 

Might be totally irrelevant, and I'm no router guru (or Linux guru, for 
that matter) but I've had a successfully resolved VPN/router issue 
recently. 


My problem was that the older version (BEFCMUH4) of the linksys router I 
had had too high an MTU rate for Cisco VPN - it needed to be 1300 for 
VPN not to fragment the packets and the default MTU was 1500.  It 
couldn't be reset on the old router Roadrunner had given me so I 
exchanged it for a Motorola surfboard modem for single use, and then a 
Netgear router, both of which seem to have cured the VPN fragmenting 
problem. 


FWIW -


MG


mcoovadia at nc.rr.com wrote:
> I was wondering if anyone had any issues running a PPTP VPN server at
> their site, and the linksys (BEFSR11) not allowing incoming GRE traffic.
>  I was successfully running a vpn server at home, when verizon decided
> that my DSL had to go from Frame Relay to ATM.  At the same time, my
> Linksys BEFSR11 (about 5 years old) died on me.  
>
> After purchasing a new router (newer firmware), i could no longer
> initiate a vpn connection to my site.  I can however, initiate pptp vpn
> connections outbound (to work and such).  Yes, I do forward the
> appropriate ports (1723) and although there is no setting to forward
> GRE, pptp passthru is enabled (which I guess allows the outbound pptp to
> be created).
>
> tested using MS w2k3 server pptp vpn server.  Logs show that no GRE
> packets are received inbound.  decided to bypass the server, flashed
> openwrt on the router, made it the pptp server, and still no luck.  log
> files show that no GRE inbound.  
>
> All this leads me to believe that it is a verizon issue, since it worked
> fine before Frame to ATM switch.  (2 changes at same time, dsl line
> change and dead router = troubleshooting sucks).  However, they swear
> that they dont block anything, and try to keep telling me that vpn is
> IMPOSSIBLE without their static IP package, which is $40 more.  "Dyndns
> works fine for me, thx!  VPN does work without static, thx".  I can
> never speak to anyone with any tech knowledge, I just get read the
> manual..."have you tried rebooting..."
>
> My next step is to run tcpdump on my openwrt linksys and see if I see
> any GRE traffic inbound.  Modem from verizon is in bridged mode...so
> that should not be a problem...I think.
>
> Does anybody have any advice?  See anything that I missed?  Does verizon
> block any GRE (remember, I have outbound vpn sessions, just not
> inbound)!!  Does the newer firmaware versions of linksys not support it?
>  Does openwrt not support it?  
>
> I am so lost right now....HELP!!
>
> Mohammed Coovadia
>

More information about the TriLUG mailing list