[TriLUG] PPTP VPN issues -- wha??

MG mgmonza at gmail.com
Tue Apr 24 18:12:30 EDT 2007


Me or Mohammed?     Unfortunately, mine was leased so no updates for me :(


MG


Warren Myers wrote:
> Might a firmware update help?
>
> WMM
>
> On 4/24/07, MG <mgmonza at gmail.com> wrote:
>>
>> Might be totally irrelevant, and I'm no router guru (or Linux guru, for
>> that matter) but I've had a successfully resolved VPN/router issue
>> recently.
>>
>>
>> My problem was that the older version (BEFCMUH4) of the linksys router I
>> had had too high an MTU rate for Cisco VPN - it needed to be 1300 for
>> VPN not to fragment the packets and the default MTU was 1500.  It
>> couldn't be reset on the old router Roadrunner had given me so I
>> exchanged it for a Motorola surfboard modem for single use, and then a
>> Netgear router, both of which seem to have cured the VPN fragmenting
>> problem.
>>
>>
>> FWIW -
>>
>>
>> MG
>>
>>
>> mcoovadia at nc.rr.com wrote:
>> > I was wondering if anyone had any issues running a PPTP VPN server at
>> > their site, and the linksys (BEFSR11) not allowing incoming GRE 
>> traffic.
>> >  I was successfully running a vpn server at home, when verizon decided
>> > that my DSL had to go from Frame Relay to ATM.  At the same time, my
>> > Linksys BEFSR11 (about 5 years old) died on me.
>> >
>> > After purchasing a new router (newer firmware), i could no longer
>> > initiate a vpn connection to my site.  I can however, initiate pptp 
>> vpn
>> > connections outbound (to work and such).  Yes, I do forward the
>> > appropriate ports (1723) and although there is no setting to forward
>> > GRE, pptp passthru is enabled (which I guess allows the outbound 
>> pptp to
>> > be created).
>> >
>> > tested using MS w2k3 server pptp vpn server.  Logs show that no GRE
>> > packets are received inbound.  decided to bypass the server, flashed
>> > openwrt on the router, made it the pptp server, and still no luck.  
>> log
>> > files show that no GRE inbound.
>> >
>> > All this leads me to believe that it is a verizon issue, since it 
>> worked
>> > fine before Frame to ATM switch.  (2 changes at same time, dsl line
>> > change and dead router = troubleshooting sucks).  However, they swear
>> > that they dont block anything, and try to keep telling me that vpn is
>> > IMPOSSIBLE without their static IP package, which is $40 more.  
>> "Dyndns
>> > works fine for me, thx!  VPN does work without static, thx".  I can
>> > never speak to anyone with any tech knowledge, I just get read the
>> > manual..."have you tried rebooting..."
>> >
>> > My next step is to run tcpdump on my openwrt linksys and see if I see
>> > any GRE traffic inbound.  Modem from verizon is in bridged mode...so
>> > that should not be a problem...I think.
>> >
>> > Does anybody have any advice?  See anything that I missed?  Does 
>> verizon
>> > block any GRE (remember, I have outbound vpn sessions, just not
>> > inbound)!!  Does the newer firmaware versions of linksys not 
>> support it?
>> >  Does openwrt not support it?
>> >
>> > I am so lost right now....HELP!!
>> >
>> > Mohammed Coovadia
>> >
>> -- 
>> TriLUG mailing list        : 
>> http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG Organizational FAQ  : http://trilug.org/faq/
>> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>>
>
>
>



More information about the TriLUG mailing list