[TriLUG] PPTP VPN issues -- wha??

Warren Myers volcimaster at gmail.com
Tue Apr 24 18:00:43 EDT 2007 

Might a firmware update help?

WMM

On 4/24/07, MG <mgmonza at gmail.com> wrote:
>
> Might be totally irrelevant, and I'm no router guru (or Linux guru, for
> that matter) but I've had a successfully resolved VPN/router issue
> recently.
>
>
> My problem was that the older version (BEFCMUH4) of the linksys router I
> had had too high an MTU rate for Cisco VPN - it needed to be 1300 for
> VPN not to fragment the packets and the default MTU was 1500.  It
> couldn't be reset on the old router Roadrunner had given me so I
> exchanged it for a Motorola surfboard modem for single use, and then a
> Netgear router, both of which seem to have cured the VPN fragmenting
> problem.
>
>
> FWIW -
>
>
> MG
>
>
> mcoovadia at nc.rr.com wrote:
> > I was wondering if anyone had any issues running a PPTP VPN server at
> > their site, and the linksys (BEFSR11) not allowing incoming GRE traffic.
> >  I was successfully running a vpn server at home, when verizon decided
> > that my DSL had to go from Frame Relay to ATM.  At the same time, my
> > Linksys BEFSR11 (about 5 years old) died on me.
> >
> > After purchasing a new router (newer firmware), i could no longer
> > initiate a vpn connection to my site.  I can however, initiate pptp vpn
> > connections outbound (to work and such).  Yes, I do forward the
> > appropriate ports (1723) and although there is no setting to forward
> > GRE, pptp passthru is enabled (which I guess allows the outbound pptp to
> > be created).
> >
> > tested using MS w2k3 server pptp vpn server.  Logs show that no GRE
> > packets are received inbound.  decided to bypass the server, flashed
> > openwrt on the router, made it the pptp server, and still no luck.  log
> > files show that no GRE inbound.
> >
> > All this leads me to believe that it is a verizon issue, since it worked
> > fine before Frame to ATM switch.  (2 changes at same time, dsl line
> > change and dead router = troubleshooting sucks).  However, they swear
> > that they dont block anything, and try to keep telling me that vpn is
> > IMPOSSIBLE without their static IP package, which is $40 more.  "Dyndns
> > works fine for me, thx!  VPN does work without static, thx".  I can
> > never speak to anyone with any tech knowledge, I just get read the
> > manual..."have you tried rebooting..."
> >
> > My next step is to run tcpdump on my openwrt linksys and see if I see
> > any GRE traffic inbound.  Modem from verizon is in bridged mode...so
> > that should not be a problem...I think.
> >
> > Does anybody have any advice?  See anything that I missed?  Does verizon
> > block any GRE (remember, I have outbound vpn sessions, just not
> > inbound)!!  Does the newer firmaware versions of linksys not support it?
> >  Does openwrt not support it?
> >
> > I am so lost right now....HELP!!
> >
> > Mohammed Coovadia
> >
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



-- 
http://warrenmyers.com
"God may not play dice with the universe, but something strange is going on
with the prime numbers." --Paul Erdős
"It's not possible. We are the type of people who have everything in our
favor going against us." --Ben Jarhvi, Short Circuit 2

More information about the TriLUG mailing list