[COLUG] Questions about PopTop VPN configuration

Mark L. Wise mark at alpha2.com
Tue Jan 8 14:33:50 EST 2008 

Thanks all for your help and suggestions....

Where I am at is that I have the software installed and configured, it 
just doesn't work...

It appears from the logs that the Windows client is requesting <callback 
CBCP> in the negotiation, but the Linux (Fedora Core 4) rejects that 
request.  Windows is very persistent that it wants this protocol and 
will not give up trying until it times out.

I have been asking support groups if there is a way to tell Windows to 
stop asking for the callback, or how to configure PopTop pptpd to accept 
this configuration request, but so far no luck.

Some hints that the pptpd may need to be built from source to include 
the CBCP support (or at least provide a proper response to the windows 
client), but so far no hard answers.

I have installed it according to a Red Hat pptpd HOWTO article, 
including the exact version numbers that they list as well as attempting 
to use the latest versions of ppp, pptpd, etc. and they all result in 
the same thing.

I even upgraded the kernel to the latest version so that the MPPE 
support is included without a patch.

Some thought that there may be firewall issues as I am going out of a PC 
behind a Linux firewall (Masqueraded), over the public internet, into a 
Linux firewall to make the connection.  I have port 1723 incoming open 
on the remote firewall...

Anyway, thanks for the thoughts....  I will sort this out eventually.

Scott Merrill wrote:
> On 1/8/08, Duane <duane at e164.org> wrote:
>   
>> It's coming back to me now, I know PPTP can be setup under linux but I
>> was concerned with security, and PPTP isn't secure by most accounts.
>>     
>
> http://en.wikipedia.org/wiki/PPTP
>
> I used the Poptop (www.poptop.org) server at a former job for quite
> some time before switching to OpenVPN.  At the time, a patched kernel
> was required for the MPPE to function correctly.  A quick look at the
> pptpclient (pptpclient.sourceforge.net) page shows MPPE has been a
> loadable kernel module for some time, which should make it easier to
> deploy PPTP.
>
> My experiences with PPTP were acceptable, and it provided enough of
> what we needed that we were comfortable with the security
> implications.  We were also using Windows 98 clients, for which no
> OpenVPN client was available.  When we finally upgraded everyone to
> Win2K and above, we switched to OpenVPN.
> _______________________________________________
> colug432 mailing list colug432 at colug.net
> http://www.colug.net/mailman/listinfo/colug432
>
>   

-- 
Mark L. Wise

Alpha II Service, Inc.
1312 Epworth Ave
Reynoldsburg, Ohio 43068-2116
USA

Office: (614) 868-5033
Fax: (614) 868-1060
Email: mark at alpha2.com
WEB: www.alpha2.com

More information about the colug432 mailing list