scturtle
Reputation: 17
PPTP server on archlinux, KVM VPS, client never received packages
I'm trying to set up PPTP server on KVM VPS of DigitalOcean. My configurations are following.
/etc/iptables/iptables.rules:
*nat
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
/etc/pptpd.conf (the localip is server IP, 45.55.20.125 or 104.236.158.120 in following servers):
option /etc/ppp/pptpd-options
logwtmp
localip SERVER_IP
remoteip 10.1.0.1-10
/etc/ppp/pptpd-options:
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4
/etc/sysctl.conf:
net.ipv4.ip_forward=1
It works with Debian OS (server IP: 45.55.20.125). Informations are following when I ping 8.8.8.8 on client:
root@test:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 45.55.0.1 0.0.0.0 UG 0 0 0 eth0
10.1.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
10.134.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
45.55.0.0 0.0.0.0 255.255.224.0 U 0 0 0 eth0
root@test:~# tcpdump -n -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
04:37:22.566596 IP 45.55.20.125 > 8.8.8.8: ICMP echo request, id 64781, seq 0, length 64
04:37:22.569073 IP 8.8.8.8 > 45.55.20.125: ICMP echo reply, id 64781, seq 0, length 64
04:37:23.570903 IP 45.55.20.125 > 8.8.8.8: ICMP echo request, id 64781, seq 1, length 64
04:37:23.573515 IP 8.8.8.8 > 45.55.20.125: ICMP echo reply, id 64781, seq 1, length 64
04:37:24.571255 IP 45.55.20.125 > 8.8.8.8: ICMP echo request, id 64781, seq 2, length 64
04:37:24.573913 IP 8.8.8.8 > 45.55.20.125: ICMP echo reply, id 64781, seq 2, length 64
root@test:~# tcpdump -n -i ppp0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
04:37:22.566558 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 64781, seq 0, length 64
04:37:22.569095 IP 8.8.8.8 > 10.1.0.1: ICMP echo reply, id 64781, seq 0, length 64
04:37:23.570871 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 64781, seq 1, length 64
04:37:23.573543 IP 8.8.8.8 > 10.1.0.1: ICMP echo reply, id 64781, seq 1, length 64
04:37:24.571224 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 64781, seq 2, length 64
But after I converted one Debian into Archlinux (server IP: 104.236.158.120) with digitalocean-debian-to-arch. When I ping 8.8.8.8 on client:
> ip route
default via 104.236.128.1 dev eth0 proto static
10.1.0.1 dev ppp0 proto kernel scope link src 104.236.158.120
104.236.128.0/18 dev eth0 proto kernel scope link src 104.236.158.120
> sudo tcpdump -n -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:55:28.352582 IP 104.236.158.120 > 8.8.8.8: ICMP echo request, id 51470, seq 10, length 64
16:55:28.354295 IP 8.8.8.8 > 104.236.158.120: ICMP echo reply, id 51470, seq 10, length 64
16:55:29.357393 IP 104.236.158.120 > 8.8.8.8: ICMP echo request, id 51470, seq 11, length 64
16:55:29.359129 IP 8.8.8.8 > 104.236.158.120: ICMP echo reply, id 51470, seq 11, length 64
16:55:30.361901 IP 104.236.158.120 > 8.8.8.8: ICMP echo request, id 51470, seq 12, length 64
16:55:30.363614 IP 8.8.8.8 > 104.236.158.120: ICMP echo reply, id 51470, seq 12, length 64
> sudo tcpdump -n -i ppp0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
16:55:24.338226 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 51470, seq 6, length 64
16:55:25.343537 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 51470, seq 7, length 64
16:55:26.347889 IP 10.1.0.1 > 8.8.8.8: ICMP echo request, id 51470, seq 8, length 64
There are no "8.8.8.8 > 10.1.0.1" packages and I cannot figure out why. What could be the problem?
Upvotes: -2
Views: 285
Answers (1)
scturtle
Reputation: 17
Oh, I get it now. Forwarding of interface eth0 need to be enabled.
# echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
Upvotes: 0
Related Questions
- pptpsetup meet error: "EAP: unknown authentication type 26; Naking"
- Cannot determine ethernet address for proxy ARP (PPTP VPN)
- PPTP connection error: GRE: Bad checksum from pppd
- Packet Sent but cannot Received Packets
- connect to connect to pptp vpn just using terminal
- pptp connection was terminated after it was started for a while
- How to create VPN (pptp) connection using nmcli in Linux
- Connecting PPTP-VPN in Linux [UBUNTU, Python]
- PPTPD VPN Connects but no Internet access
- Connect pptp vpn with android vpnservice