VPN with PPTP failing

[koto...@gmail.com]

Hi,

I'm trying to setup a VPN connection with PPTP from sys-net (first tried with the ProxyVM but it also didn't work) without success.

Any help is welcome, here below the logs.
I also tried

$ sudo modprobe nf_conntrack_pptp

without success.

I'm using the fedora template.

Plugin /usr/lib64/pppd/2.4.7/nm-pptp-pppd-plugin.so loaded.
using channel 9
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xbdaa77d8> <pcomp> <accomp>]
LCP: timeout sending Config-Requests
Connection terminated.
Modem hangup
Script /sbin/pptp 91.233.116.223 --nolaunchpppd --loglevel 2 --logstring nm-pptp-service-5272 finished (pid 5281), status = 0x0

[Andrew David Wong]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2016-08-13 03:22, koto...@gmail.com wrote:
> Hi,
>
> I'm trying to setup a VPN connection with PPTP from sys-net (first tried
> with the ProxyVM but it also didn't work) without success.
>
> Any help is welcome, here below the logs. I also tried
>
> $ sudo modprobe nf_conntrack_pptp
>
> without success.
>
> I'm using the fedora template.
>

> [...]
>

I'm afraid I don't have any specific help to offer, but you didn't mention
whether you've already had a look at our VPN documentation. In case you
weren't already aware of it, you mind find some useful information:

https://www.qubes-os.org/doc/vpn/

- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXrveoAAoJENtN07w5UDAw95sQAMwNGL/ezWe5XfftkyjV1Ybg
pUSURqDofKjM+aPCi7FGKguJE0Melwt5d/FsgkfglQ9+20TM9nKHdCzNazO+TV/C
65cS5dwMkr0g5shjCqMRhApZ8TlLfHOsckRai+zO/me19ITw2tMfEPIVRFsaxXy9
fiiIAfDvONyXlth0c+aptHKu2HVlH/ntCALfMyHtinPMwymfhcPxuINbsGTB/DRT
fen4MhZvC7n194EJeIF29yBaxai1EuhPXFRwOWrvgi15XjWw8pzmYTd/54R4dk21
OYrG0f1SbktHnmtAM0tKxmPBlQLRkPRiD8sXwTovlvOplgOPOxg1BdDoAr/fUGZ7
UQgIfUhO6GpxVVBKXgULlFiP/LxNxoDgQWNpocoiffVjCoL+32D22AFftGyp8/5+
Bf7XF5U6A+ypZDQGAsmoUywVBSuSpMhQkCJahq2NWoh823OixGoiH8jN/I9GLMUX
R4EJOlu4TNjubBVuwVhaZmEJSwg/6xNf3sK+xRKl6URhFB3PUAAv0oq6XA/nD4xV
LLYAdgXN1R8DQ6DhmLIESQUKgaAYPg1BrBqnBDs9f9N2lyPN1lBdmoqgOSvg6R4s
uAKE05xn2Xvvu3Fcx/l/TfJ0QB3mW2KTO9T2n/VmAyiWQDy56l/VmAbFaXtEe3ZL
4tQcA2752T3O1BHu/K6J
=ccMI
-----END PGP SIGNATURE-----

[Unman]

My guess is that you are blocking the connection from the VPN
server.
PPTP requires you to allow inbound GRE traffic.
If your server is at X.X.X.X, and the VPN client is attached to sys-net
then you want something like this on sys-net:

modprobe ip_conntrack_pptp
modprobe ip_nat_pptp
iptables -I FORWARD -p 47 -s X.X.X.X -J ACCEPT

See if that helps.

u

[koto...@gmail.com]

> modprobe ip_conntrack_pptp
> modprobe ip_nat_pptp
> iptables -I FORWARD -p 47 -s X.X.X.X -J ACCEPT
>

What setup do I need for a ProxyVM?