Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alex2011-01-07 01:29:39
VPN
Alex, 2011-01-07 01:29:39

VPN - a large number of TCP errors and then no connection?

I installed pptpd on a VPS with Debian Lenny and I'm testing access to it with different devices.
Installed like this (based on several how-to):

# apt-get install pptpd<br/>
# vi /etc/pptpd.conf<br/>
localip 10.60.60.1 <br/>
remoteip 10.60.60.50-150<br/>
# vi /etc/ppp/pptpd-options - добавил<br/>
ms-dns [DNS1 IP]<br/>
ms-dns [DNS2 IP]<br/>
mtu 1000 &lt;- исправило соединение с iPad. <br/>
mru 1200 &lt;-<br/>
# vi /etc/ppp/chap-secrets<br/>
myusername pptpd mypasswd *<br/>
# mknod /dev/ppp c 108 0 &lt;- ликвидировало ошибку 619 с закрытием соединения.<br/>
# /etc/init.d/pptpd restart<br/>
# vi /etc/sysctl.conf<br/>
net.ipv4.ip_forward=1<br/>
# sysctl net.ipv4.ip_forward=1<br/>
# iptables -t nat -A POSTROUTING -s 10.60.60.0/24 -o eth0 -j MASQUERADE<br/>

Created a pptp connection in Windows XP - within half an hour everything works fine. Additional tests showed that this was lucky - if you open maps.google.com in the browser, it stops delivering packets almost immediately (many requests?).
Android (HTC Desire) - connects, works for several minutes, then starts flooding /var/log/messages on the server with messages like "Protocol-Reject for unsupported protocol ..." Doesn't disconnect, but doesn't browse either.
iPAD - connects, pings google.com in zTools, but Safari and other programs do not see the Internet. Fixed by adding mtu 1000 and mru 1200 to /etc/ppp/pptpd-options. It began to work normally.
Tried tcpdump after connection was established:
# tcpdump -A -s0 -n -i ppp0 host 10.60.60.50 -w dump.txt<br/>

and see what's going on in Wireshark. Shows a large block of normal packets, and then a lot of [TCP Dup ACK] and [TCP Retransmission] errors. Up to 10 pieces in a row.
Run Wireshark on the Windows client and open map.google.com, run tcpdump on the server. Several packets passed, because a bunch of garbage Dup ACK, Retramsmission, then solid SYNs on the client from different ports:
10.60.60.50 74.125.87.99 TCP ecnp > http [SYN] Seq=0 Win=16384 Len=0 MSS=1160
And on the server
tcpdump -A -s0 -n -i ppp0 host 10.60.60.50
writes 0 packets.
If you have any ideas, tell me how to deal with this whole thing or where else to ask.
Thank you!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
andoriyu, 2011-01-07
@andoriyu

iPad'u must be told to let all traffic through vpn'y, the default VPN in iOS is used, who would have thought, to a private network. cl.ly/2T0o1d0m1d3w1P1Y2F2O Even if it doesn't climb with the checkbox checked, the gateway default is not transmitted.

Report
W
withlove, 2012-02-24
@withlove

For Android: code.google.com/p/android/issues/detail?id=4706
This is a bug and hasn't been fixed yet. Unless in the 4th version.
Use L2TP/IPSec.

Similar questions
I
impressive172019-12-04 00:39:50
What is the difference between the structure of projects in Obj C and Swift languages? 6Reply
S
Spotegg2019-04-24 22:10:16
How to register a route from a VPN to a server behind two mikrotik? 1Reply
A
Alexander Zakharov2021-01-07 21:22:30
How to set up routing on a PPTP server? 2Reply
K
Kwad2021-01-07 23:50:09
VPN connections to every Windows interface? 6Reply
4
4goya2014-12-07 01:10:13
How to setup openVPN client in Ubuntu? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question