|
Bugzilla – Full Text Bug Listing |
| Summary: | Unable to connect to VPN using PPTP | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | Graham Freeman <graham> |
| Component: | Network | Assignee: | E-mail List <gnome-bugs> |
| Status: | RESOLVED DUPLICATE | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | bwiedemann, chcao, max, novell.admin |
| Version: | 13.2 | ||
| Target Milestone: | --- | ||
| Hardware: | x86-64 | ||
| OS: | openSUSE 13.2 | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
Tail of journalctl immediately after attempting VPN connection with OpenSUSE
Tail of journalctl from Fedora when the VPN connection has been made successfully |
||
Created attachment 623313 [details]
Tail of journalctl from Fedora when the VPN connection has been made successfully
I am sorry for posting this to the Bugzilla site. I had intended sending it to the forum (which I have since done so). It is good to have a common login for bugzilla and the forum, but it caught me out this time. I have no evidence that this is a bug yet. note: pptp's security is known to be broken and thus the general advice is to not use it anymore The problem I face is that I do contract work for my old employer who have a MS Windows server. The only instructions they have given me to connect to their site is via their VPN using PPTP. Although I would prefer a secure connection to their server, at present the only connection available to me from my Linux box is using NetworkManager. I am still able to use a five-year-old computer with an old version of Fedora, but I am concerned at the machine's reliability. Is PPTP no longer supported with NetworkManager? I will ask my old employer's technical staff if they have an alternative to PPTP, but as I am now an outsider I do not have much influence anymore. Hi Reinhard, would you please kindly help to have a look at here? I'm not quite sure whether it is right to assign it to you, please feel free to reassign whenever necessary, thank you! Looks to me like a problem in the settings that NetworkManager passes to pptp. The problem is that there is a bug in SuSEfirewall2 and if the firewall is activated, it somehow DROPS incoming GRE packages in spite the fact that we are the connection initiating client - not the server. It might be some conntrack / state issue. Adding a line to the INPUT chain seems to help: iptables -I INPUT -p gre -j ACCEPT Disabling the firewall entirely also solves the problem. However, I think the firewall should be fixed in order to allow outgoing GRE communication. https://bugzilla.opensuse.org/show_bug.cgi?id=917967#c7 *** This bug has been marked as a duplicate of bug 930896 *** |
Created attachment 623312 [details] Tail of journalctl immediately after attempting VPN connection with OpenSUSE I have recently installed OpenSUSE on a Toshiba laptop. I have been unable to connect using VPN to an external server machine that uses MS and PPTP for communication. I am able to connect to the same server using my old laptop running Fedora 18, so I am looking for advice on what I need to do differently under OpenSUSE. One problem I encountered on Fedora was the need to set MTU=1200 in the /etc/sysconfig/network-scripts ifcfg-... file I was using. I have tried settkng MTU in the equivalent file in OpenSUSE, but it has not helped. I am able to get the logs from the two machines and the problem seems to be that in OpenSUSE I get the message "The synchronous pptp option is NOT activated" which is absent under Fedora. The settings that I am using on both machines are: PPTP connection type NT Domain: AD PPTP options: Use Point-to-Point encryption (MPPE), MSCHAP and MSCHAP2 I have installed NetworkManager-pptp, NetworkManager-pptp-gnome, NetworkManager-pptp-lang, plasma-nm-pptp, plasma-nm-pptp, pptp, pptpd.