# PPTP VPN connection failure, no log evidence



## Luke Crooks (Dec 29, 2014)

So I have configured a simple PPTP VPN to access a local intranet for remote users. The server logs show the connection attempt being made, but give no reason as to why it is failing, anyone able to take a glance?

Server local IP: 172.10.10.240
Gateway: 172.10.10.1
Ip Ranges to be used for VPN 172.10.10.150-199

mpd.conf

```
startup:
  set user super foo admin
  set console self 127.0.0.1 5005
  set console open
  set web self 0.0.0.0 5006
  set web open
default:
  load pptp_server
pptp_server:
  set ippool add pool1 172.10.10.150 172.10.10.199
  create bundle template B
  set iface enable proxy-arp
  set iface idle 1800
  set iface enable tcpmssfix
  set iface route 172.10.10.1
  set ipcp yes vjcomp
# Set ranges, as well as address of server
  set ipcp ranges 172.10.10.240/32 ippool pool1 
  set ipcp dns 8.8.8.8
  set ipcp dns 8.8.4.4
  set bundle enable compression
  set ccp yes mppc
  set mppc yes e40
  set mppc yes e128
  set mppc yes stateless
  create link template L pptp
  set link fsm-timeout 5
  set link action bundle B
  set link enable multilink
  set link no pap chap
  set link yes acfcomp protocomp
  set link enable chap
  set link enable chap-msv2
  set link keep-alive 10 60
  set auth enable internal
  set link mtu 1448
# run the server on local IP address
  set pptp self 172.10.10.240
  set link enable incoming
```

mpd.secret

```
super "foo"
joe "bar"
```

rc.conf

```
gateway_enable="YES"
mpd_enable="YES"
```

mpd.log

```
Dec 29 09:16:16 freebsd mpd: process 29904 started, version 5.7 (root@freebsd 14:52 17-Dec-2014)
Dec 29 09:16:16 freebsd mpd: CONSOLE: listening on 127.0.0.1 5005
Dec 29 09:16:16 freebsd mpd: web: listening on 0.0.0.0 5006
Dec 29 09:16:16 freebsd mpd: PPTP: waiting for connection on 172.10.10.240 1723
Dec 29 09:16:23 freebsd mpd: [L-1] Accepting PPTP connection
Dec 29 09:16:23 freebsd mpd: [L-1] Link: OPEN event
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: Open event
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: state change Initial --> Starting
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: LayerStart
Dec 29 09:16:23 freebsd mpd: [L-1] PPTP: attaching to peer's outgoing call
Dec 29 09:16:23 freebsd mpd: [L-1] Link: UP event
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: Up event
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: state change Starting --> Req-Sent
Dec 29 09:16:23 freebsd mpd: [L-1] LCP: SendConfigReq #1
Dec 29 09:16:23 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:23 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:23 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:23 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:23 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:23 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:23 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:23 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:28 freebsd mpd: [L-1] LCP: SendConfigReq #2
Dec 29 09:16:28 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:28 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:28 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:28 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:28 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:28 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:28 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:28 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:33 freebsd mpd: [L-1] LCP: SendConfigReq #3
Dec 29 09:16:33 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:33 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:33 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:33 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:33 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:33 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:33 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:33 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:38 freebsd mpd: [L-1] LCP: SendConfigReq #4
Dec 29 09:16:38 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:38 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:38 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:38 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:38 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:38 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:38 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:38 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:43 freebsd mpd: [L-1] LCP: SendConfigReq #5
Dec 29 09:16:43 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:43 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:43 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:43 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:43 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:43 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:43 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:43 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:48 freebsd mpd: [L-1] LCP: SendConfigReq #6
Dec 29 09:16:48 freebsd mpd: [L-1]  ACFCOMP
Dec 29 09:16:48 freebsd mpd: [L-1]  PROTOCOMP
Dec 29 09:16:48 freebsd mpd: [L-1]  MRU 1500
Dec 29 09:16:48 freebsd mpd: [L-1]  MAGICNUM 16d65a90
Dec 29 09:16:48 freebsd mpd: [L-1]  AUTHPROTO CHAP MSOFTv2
Dec 29 09:16:48 freebsd mpd: [L-1]  MP MRRU 2048
Dec 29 09:16:48 freebsd mpd: [L-1]  MP SHORTSEQ
Dec 29 09:16:48 freebsd mpd: [L-1]  ENDPOINTDISC [802.1] 0c c4 7a 40 c4 ea
Dec 29 09:16:53 freebsd mpd: [L-1] PPTP call terminated
Dec 29 09:16:53 freebsd mpd: [L-1] Link: DOWN event
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: Close event
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: state change Req-Sent --> Closing
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: SendTerminateReq #7
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: Down event
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: LayerFinish
Dec 29 09:16:53 freebsd mpd: [L-1] LCP: state change Closing --> Initial
Dec 29 09:16:53 freebsd mpd: [L-1] Link: SHUTDOWN event
Dec 29 09:16:53 freebsd mpd: [L-1] Link: Shutdown
```


----------



## bra1n (Dec 31, 2014)

This page http://mpd.sourceforge.net/doc/mpd58.html gives some advice.  I'd look at adding 
	
	



```
log +all
```
 to the config file (at least I think that's where it goes) and/or checking out your firewall rules to make sure TCP port 1723 and IP protocol 47 (GRE) are allowed through for PPTP.  It looks like from your logs that at least TCP 1723 is open, but maybe it's dying trying to bring up the GRE tunnel.

NB:  I've never used `mpd` but just from a general perspective these two things seem like logical steps to take.


----------



## J65nko (Dec 31, 2014)

Luke Crooks said:


> So I have configured a simple PPTP VPN to access a local intranet for remote users.



I hope you are aware of the PPTP security issues as stated in Wikipedia's PPTP article:





> PPTP has been the subject of many security analyses and serious security vulnerabilities have been found in the protocol. The known vulnerabilities relate to the underlying PPP authentication protocols used, the design of the MPPE protocol as well as the integration between MPPE and PPP authentication for session key establishment.


----------

