PPTP error 619 when accessed externally

0

I set up a PPTPD server on Arch Linux. If I connect to the VPN using the server's local IP (192.168.1.107), it works, but if I connect to the VPN using the external IP address, then the client results in error 619. Any help would be greatly appreciated!

Output of tcpdump port 1723 when connecting using external IP:

[root@EthanServer ~]# tcpdump port 1723
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlp0s26f7u5, link-type EN10MB (Ethernet), capture size 262144 bytes
21:11:29.628860 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [S], seq 2563111310, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
21:11:29.628944 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [S.], seq 4238964418, ack 2563111311, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
21:11:29.681978 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [.], ack 1, win 256, length 0
21:11:29.682728 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [P.], seq 1:157, ack 1, win 256, length 156: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(0) HOSTNAME() VENDOR(Microsoft)
21:11:29.682758 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [.], ack 157, win 237, length 0
21:11:29.684101 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [P.], seq 1:157, ack 157, win 237, length 156: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
21:11:29.708106 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [P.], seq 157:325, ack 157, win 256, length 168: pptp CTRL_MSGTYPE=OCRQ CALL_ID(50872) CALL_SER_NUM(3) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
21:11:29.708875 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [P.], seq 157:189, ack 325, win 245, length 32: pptp CTRL_MSGTYPE=OCRP CALL_ID(3072) PEER_CALL_ID(50872) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(100000000) RECV_WIN(64) PROC_DELAY(0) PHY_CHAN_ID(0)
21:11:29.738730 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [P.], seq 325:349, ack 189, win 255, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(3072) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
21:11:29.788018 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [.], ack 349, win 245, length 0
21:11:30.057607 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [P.], seq 325:349, ack 189, win 255, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(3072) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
21:11:30.057642 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [.], ack 349, win 245, options [nop,nop,sack 1 {325:349}], length 0
21:11:59.762429 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [F.], seq 189, ack 349, win 245, length 0
21:11:59.938132 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [.], ack 190, win 255, length 0
21:11:59.941496 IP c-[REDACTED].hsd1.va.comcast.net.50872 > EthanMiner.pptp: Flags [F.], seq 349, ack 190, win 255, length 0
21:11:59.941532 IP EthanMiner.pptp > c-[REDACTED].hsd1.va.comcast.net.50872: Flags [.], ack 350, win 245, length 0

Output of journalctl -xe when connecting using external IP:

Feb 19 21:22:14 EthanServer pptpd[16355]: MGR: Maximum of 100 connections reduced to 16, not enough IP addresses given
Feb 19 21:22:14 EthanServer pptpd[16355]: MGR: Manager process started
Feb 19 21:22:14 EthanServer pptpd[16355]: MGR: Maximum of 16 connections available
Feb 19 21:22:14 EthanServer polkitd[12139]: Unregistered Authentication Agent for unix-process:16339:52723033 (system bus name :1.43, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale C) (disconnected from bus)
Feb 19 21:22:47 EthanServer pptpd[16366]: CTRL: Client 73.132.19.146 control connection started
Feb 19 21:22:47 EthanServer pptpd[16366]: CTRL: Starting call (launching pppd, opening GRE)
Feb 19 21:22:47 EthanServer pppd[16367]: pppd 2.4.7 started by root, uid 0
Feb 19 21:22:47 EthanServer pppd[16367]: Using interface ppp0
Feb 19 21:22:47 EthanServer pppd[16367]: Connect: ppp0 <--> /dev/pts/1
Feb 19 21:23:17 EthanServer pppd[16367]: LCP: timeout sending Config-Requests
Feb 19 21:23:17 EthanServer pppd[16367]: Connection terminated.
Feb 19 21:23:17 EthanServer pppd[16367]: Modem hangup
Feb 19 21:23:17 EthanServer pppd[16367]: Exit.
Feb 19 21:23:17 EthanServer pptpd[16366]: GRE: read(fd=6,buffer=611740,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Feb 19 21:23:17 EthanServer pptpd[16366]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Feb 19 21:23:17 EthanServer pptpd[16366]: CTRL: Reaping child PPP[16367]
Feb 19 21:23:17 EthanServer pptpd[16366]: CTRL: Client 73.132.19.146 control connection finished
Feb 19 21:23:17 EthanServer kernel: device wlp0s26f7u5 entered promiscuous mode
Feb 19 21:23:23 EthanServer kernel: device wlp0s26f7u5 left promiscuous mode

Contents of /etc/pptpd.conf:

[root@EthanServer ~]# cat /etc/pptpd.conf
# Read man pptpd.conf, see samples in /usr/share/doc/pptpd
# and write your pptpd configuration here

option /etc/ppp/options.pptpd
localip 192.168.1.107
remoteip 192.168.1.240-255

Contents of /etc/ppp/options.pptpd

[root@EthanServer ~]# cat /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nolog
ms-dns 8.8.8.8
ms-dns 8.8.4.4
linux
networking
vpn
arch-linux
pptp
asked on Super User Feb 20, 2016 by etnguyen03

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0