VPN large number of TCP errors and then no connection?

0 like 0 dislike
9 views
Installed pptpd on a VPS with Debian Lenny and tested access to it from different devices.


Set so (based on several how-to):
# apt-get install pptpd
# vi /etc/pptpd.conf
localip 10.60.60.1
remoteip 10.60.60.50-150
# vi /etc/ppp/pptpd-options added
ms-dns [DNS1 IP]
ms-dns [DNS2 IP]
mtu 1000 <- fixed connection to the iPad.
mru 1200 <-
# vi /etc/ppp/chap-secrets
myusername pptpd mypasswd *
# mknod /dev/ppp c 108 0 <- eliminated the error 619 a connection is closed.
# /etc/init.d/pptpd restart
# vi /etc/sysctl.conf
net.ipv4.ip_forward=1
# sysctl net.ipv4.ip_forward=1
# iptables-t nat -A POSTROUTING -s 10.60.60.0/24 -o eth0 -j MASQUERADE



Created a pptp connection in Windows XP — within half an hour all works fine. Additional tests showed that this lucky — if you open in the browser maps.google.com I have been unable to deliver the packets almost immediately (many requests?).

Android (HTC Desire) connects, works for a few minutes, then begins to fill up /var/log/messages on the server "Protocol-Reject for unsupported protocol ..." is disconnected, but not browzit.

iPAD — connect, zTools pings google.com but Safari and other apps Internet do not see. Corrected by adding mtu and mru 1000 1200 in /etc/ppp/pptpd-options. Began to work normally.


I tried tcpdump after a connection:
# tcpdump -A-s0-n-i ppp0 host 10.60.60.50 -w dump.txt



and in Wireshark to see what happens. Shows a big block of normal packs, and then lots of errors [TCP Dup ACK] [TCP Retransmission]. Up to 10 pieces in a row.


On the client with Windows launched Wireshark and opened map.google.com on the server launched tcpdump. Several packages are gone, because the pile of garbage Dup ACK, Retramsmission, then on the client solid SYN c different ports:

10.60.60.50 74.125.87.99 ecnp TCP > http [SYN] Seq=0 Win=16384 Len=0 MSS=1160

And on the server

tcpdump -A-s0-n-i ppp0 host 10.60.60.50

says 0 packages.


If you have ideas, tell me how with all this business deal, or where else to ask.


Thank you!
by | 9 views

2 Answers

0 like 0 dislike
iPad have need to say to let all traffic through VPN y, podefault VPN iOS uses who would have thought, to a private network. cl.ly/2T0o1d0m1d3w1P1Y2F2O even If marked with a tick climbs — you have not passed the default gateway.
by
0 like 0 dislike
For Android: code.google.com/p/android/issues/detail?id=4706
This is a bug and its still not fixed. Except in the 4th version.
Use L2TP/IPSec.
by

Related questions

0 like 0 dislike
7 answers
0 like 0 dislike
3 answers
0 like 0 dislike
2 answers
0 like 0 dislike
2 answers
0 like 0 dislike
1 answer
110,608 questions
257,186 answers
0 comments
32,850 users