What's new

PPTP not working..

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Steffe

Regular Contributor
I cannot get my pptp working correctly. My settings are more or less the default once provided my the firmware: 378.54_1.

The syslog says this:

Jul 10 15:37:40 pptpd[4624]: MGR: Config file not found!
Jul 10 15:37:40 pptpd[4624]: MGR: Maximum of 100 connections reduced to 10, not enough IP addresses given
Jul 10 15:37:40 pptpd[4624]: accel-pptpd-0.8.5 compiled for pppd-2.4.5, linux-2.6.36.4
Jul 10 15:37:40 pptpd[4625]: MGR: Manager process started
Jul 10 15:37:40 pptpd[4625]: MGR: Maximum of 10 connections available
Jul 10 15:37:40 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Jul 10 15:37:40 bcrelay[4626]: Running as child


Can anyone help me? Let me know if you need more information.
 
Just clarify a couple of things:

Which model of router?

Did you ever have PPTP working eg before you recently upgraded or is this the first time?

What is your setup, for example, you have the PPTP server running on your router and you have a remote client, such as a smartphone or laptop and you're trying to remotely log into your home network? Or are you trying to do something else?

Someone is bound to tell you - so I'll get in first - that PPTP is not very secure and that you should be using OpenVPN instead. So you might also want to consider if this snag is worth fretting over and perhaps your time might be better invested in a more secure vpn setup.
 
Ac68U.

I had it working on my ac56u unit before - identical setup

Router is running PPTP server and trying connect with my smartphone from 4g network.

Yes, I know PPTP is very insecure, but for compatibility and ease of usage i'm using that.
 
I've not upgraded from 378.53; nevertheless, I connected to my home network from public wifi using PPTP and my syslog looks nothing like yours, especially the first line of yours: config file not found.

Jul 11 10:47:56 pptpd[23359]: CTRL: Client 94.118.8.4 control connection started
Jul 11 10:47:56 pptpd[23359]: CTRL: Starting call (launching pppd, opening GRE)
Jul 11 10:47:56 pptp[23360]: Plugin pptp.so loaded.
Jul 11 10:47:56 pptp[23360]: PPTP plugin version 0.8.5 compiled for pppd-2.4.7, linux-2.6.36.4
Jul 11 10:47:56 pptp[23360]: pppd 2.4.7 started by ##%%## [removed for security], uid 0
Jul 11 10:47:56 pptp[23360]: Using interface ppp10
Jul 11 10:47:56 pptp[23360]: Connect: ppp10 <--> pptp (94.118.8.4)
Jul 11 10:47:57 pptp[23360]: MPPE 128-bit stateless compression enabled
Jul 11 10:48:00 pptp[23360]: found interface br0 for proxy arp
Jul 11 10:48:00 pptp[23360]: local IP address 192.168.10.1
Jul 11 10:48:00 pptp[23360]: remote IP address 192.168.10.2
Jul 11 10:48:09 pptp[23360]..........




My only thought is for someone far smarter than I to provide the code that would allow you to SSH/Telnet in and erase from nvram all the PPTP data and to set it up from scratch again. It's hard to imagine what's gone wrong because PPTP is so quick and simple to set up, there seems to be hardly any scope for anything to go wrong (not that setting up OpenVPN is any more difficult).
 
Yes, looks completely different. I agree that, that approach migth be the next steps i should try.

I had a look for the config in its default location /etc/pptp/.... or /etc/pptpd.conf, but that directory or file didn't exits. It may be missing in the newer firmwares??

Edit: An upgrade to 55beta1 did not change anything.
 
Last edited:
Yes, looks completely different. I agree that, that approach migth be the next steps i should try.

I had a look for the config in its default location /etc/pptp/...., but that directory didn't exits.

/tmp/pptpd ??

...I modify

Code:
/tmp/pptpd/ip-up

to append the statement /jffs/scripts/GMailPPTP.sh so that whilst I always prefer to use OpenVPN, it is sometimes necessary to allow the insecure PPTP connection for 'emergency / ad-hoc temporary access' and I wanted to be immediately informed by email to my phone for every successful PPTP connection - just in case of unexpected visitors! ;)
 
Ah the locations from an ordinary linux installation is not used..

/tmp/pptpd# ls
chap-secrets ip-down ip-up options.pptpd pptpd.conf
jasj@RT-AC68U:/tmp/pptpd# cat pptpd.conf
localip 192.168.2.1
remoteip 192.168.2.100-109
bcrelay br0,ppp1[0-9].*

cat ip-up
#!/bin/sh
startservice set_routes
echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected
iptables -I INPUT -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination 192.168.2.255

Does these file content resembles yours? If yes, then the fault is probably pptpd not invoking the correct config file...?


Good idea to use some sort of notification. I might add a script to send a push notification :)
 
Ah the locations from an ordinary linux installation is not used..

/tmp/pptpd# ls
chap-secrets ip-down ip-up options.pptpd pptpd.conf
jasj@RT-AC68U:/tmp/pptpd# cat pptpd.conf
localip 192.168.2.1
remoteip 192.168.2.100-109
bcrelay br0,ppp1[0-9].*

cat ip-up
#!/bin/sh
startservice set_routes
echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected
iptables -I INPUT -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination 192.168.2.255

Does these file content resembles yours? If yes, then the fault is probably pptpd not invoking the correct config file...?


Good idea to use some sort of notification. I might add a script to send a push notification :)

Not sure why U have the bcrelay directive, but apart from the obvious custom I/P differences (and my custom email script) then they appear the same?

Code:
admin@RT-AC56U:/tmp/pptpd# ls
chap-secrets   ip-down        ip-up          options.pptpd  pptpd.conf


admin@RT-AC56U:/tmp/pptpd# cat pptpd.conf
localip 10.88.8.1
remoteip 10.88.8.80-89


admin@RT-AC56U:/tmp/pptpd# cat ip-up
#!/bin/sh
startservice set_routes
echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected
iptables -I INPUT -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination 10.88.8.255
/jffs/scripts/GMailPPTP.sh
 
I found this in my processes:
1821 xxxx 664 S pptpd -c /tmp/pptpd/pptpd.conf -o /tmp/pptpd/options.pptpd

So it does seem like it opens the correct config file. I think the bcrelay is due to "Broadcast Support" is enabled in advanced settings due to networkplaces being enabled. [NOT TRUE]

Edit: Ok, tried manually running: pptpd -c /tmp/pptpd/pptpd.conf. Still says config not found...

I managed to get this information when running pptpd in debug.

Code:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=9956,dp=9956) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=9956,dp=9956) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=9956,dp=9956) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=9956,dp=9956) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:25 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:26 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:28 bcrelay[22591]: UDP_BroadCast(sp=17500,dp=17500) from: br0 relayed to:
Jul 11 16:15:28 bcrelay[22591]: UDP_BroadCast(sp=17500,dp=17500) from: br0 relayed to:
Jul 11 16:15:28 bcrelay[22591]: UDP_BroadCast(sp=17500,dp=17500) from: br0 relayed to:
Jul 11 16:15:28 bcrelay[22591]: UDP_BroadCast(sp=17500,dp=17500) from: br0 relayed to:
Jul 11 16:15:28 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:
Jul 11 16:15:29 bcrelay[22591]: UDP_BroadCast(sp=5353,dp=5353) from: br0 relayed to:

And finally tried to comment the bcrelay out and done UDP broadcast lines dissapeared. Except from that no change.
 
Last edited:
How did you appended GMailPPTP.sh to ip-up?

Thank you!

As per the Wiki

https://github.com/RMerl/asuswrt-merlin/wiki/Custom-config-files

Code:
Jul 11 16:06:15 custom script: Running /jffs/scripts/pptpd.postconf (args: /tmp/pptpd/pptpd.conf)
Jul 11 16:06:15 (pptpd.postconf): 1616 Post-conf Starting ..... [/tmp/pptpd/pptpd.conf]
Jul 11 16:06:15 (pptpd.postconf): 1616 Modifying PPTP /tmp/pptpd/ip-up script.....
Jul 11 16:06:15 (pptpd.postconf): 1616 Post-conf complete .....

EDIT: Actually it is also actually called by init-start 150 seconds after a reboot.
 
Sorry, I start to learn.

So I put in /jffs/scripts/pptpd.postconf with

Code:
#!/bin/sh

CONFIG=$1
source /usr/sbin/helper.sh

pc_append "/jffs/scripts/up.sh" "$CONFIG"

My GMailPPTP.sh is called up.sh

It is ok?


Thank you!

Sorry, here is my script, but clearly you can see that this script physically has nothing to do with the pptpd.conf file so should really be called something like modify_up_ip.sh to avoid confusion! :oops: and will need to be manually called from either init-start or services-start once /tmp/pptpd/ip-up has been created.


Code:
#!/bin/sh

/usr/bin/logger -t "($(basename $0))" $$ "Post-conf Starting ..... [$@]"

MYROUTER=$(nvram get computer_name)

CONFIG=$1

# Actually we don't want to edit the pptpd.conf file, but the associated PPTP script
#
#          ip-up

# to track PPTP connections with an e-mail

/usr/bin/logger -t "($(basename $0))" $$ "Modifying PPTP /tmp/pptpd/ip-up script....."

echo "/jffs/scripts/GMailPPTP.sh" >> /tmp/pptpd/ip-up

/usr/bin/logger -t "($(basename $0))" $$ "Post-conf complete ....."
 
Last edited:
Sorry, here is my script, but clearly you can see that this script physically has nothing to do with the pptpd.conf file so should really be called something like modify_up_ip.sh to avoid confusion! :oops: and will need to be manually called from either init-start or services-start once /tmp/pptpd/ip-up has been created.


Code:
#!/bin/sh

/usr/bin/logger -t "($(basename $0))" $$ "Post-conf Starting ..... [$@]"

MYROUTER=$(nvram get computer_name)

CONFIG=$1

# Actually we don't want to edit the pptpd.conf file, but the associated PPTP script
#
#          ip-up

# to track PPTP connections with an e-mail

/usr/bin/logger -t "($(basename $0))" $$ "Modifying PPTP /tmp/pptpd/ip-up script....."

echo "/jffs/scripts/GMailPPTP.sh" >> /tmp/pptpd/ip-up

/usr/bin/logger -t "($(basename $0))" $$ "Post-conf complete ....."


Can you post also the GMailPPTP.sh script?

It is possible to restrict PPTP connections by MACs in firewall-start?

Thank you for your help!
 
You really should spend time reading the information in the Wiki

e.g.

https://github.com/RMerl/asuswrt-merlin/wiki/Sending-Email

or learn to search the forum for GMAIL threads....

e.g.

http://www.snbforums.com/threads/monitoring-web-usage-with-asuswrt-merlin.15558/page-2#post-171698
Well, I have a Gmail Notification script that works OK with OpenVPN server when a connection is made by a OpenVPN client, and a Gmail notification script when the router is started.

I've tried to use these scripts with PPTP server, but it doesn't work.

I've checked the Log information and the /tmp/pptpd/ip-up and the "/jffs/scripts/up.sh" is appended, but for some reason I don't get any notification.

Sorry and thank you!
 
Well, I have a Gmail Notification script that works OK with OpenVPN server when a connection is made by a OpenVPN client, and a Gmail notification script when the router is started.

I've tried to use these scripts with PPTP server, but it doesn't work.

I've checked the Log information and the /tmp/pptpd/ip-up and the "/jffs/scripts/up.sh" is appended, but for some reason I don't get any notification.

Sorry and thank you!

Just tried a 4G PPTP connection to my router....

Code:
Jul 12 09:12:20 RT-AC56U daemon.info pptpd[29794]: CTRL: Client xxx.xxx.xxx.xxx control connection started
Jul 12 09:12:34 RT-AC56U daemon.info pptpd[29794]: CTRL: Starting call (launching pppd, opening GRE)
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: Plugin pptp.so loaded.
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: PPTP plugin version 0.8.5 compiled for pppd-2.4.7, linux-2.6.36.4
Jul 12 09:12:34 RT-AC56U daemon.notice pptp[29805]: pppd 2.4.7 started by admin, uid 0
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: Using interface ppp10
Jul 12 09:12:34 RT-AC56U daemon.notice pptp[29805]: Connect: ppp10 <--> pptp (xxx.xxx.xxx.xxx)
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: MPPE 128-bit stateless compression enabled
Jul 12 09:12:36 RT-AC56U daemon.info pptp[29805]: found interface br0 for proxy arp
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: local  IP address 10.88.8.1
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: remote IP address 10.88.8.80
Jul 12 09:12:36 RT-AC56U user.warn (GMailPPTP.sh): 29816 Notification PPTP connection Gmail SSL (non-certificate) SMTP e-mail running....
Jul 12 09:12:36 RT-AC56U user.warn (GMailPPTP.sh): 29816 PPTP connection: 29805 ppp10 10.88.8.80 xxx.xxx.xxx.xxx zzzzzzzzzzzzzzzzzzzzzzzzzz

and received an email as expected identifying which Userid has just connected:

Code:
From: Martineau RT-AC56U

Subject: Martineau PPTP connection state notification v3.1

PPTP connection detected
29805 ppp10 10.88.8.80 xxx.xxx.xxx.xxx zzzzzzzzzzzzzzzzzzzzzzzzzz

---

Your friendly RT-AC56U router.  :-)

Build v378.55
Sun Jul 12 09:12:36 DST 2015

You will need to add appropriate debugging statements to your PPTP email script to ensure it is actually getting called (assuming that a PPTP client has actually connected).
 
Just tried a 4G PPTP connection to my router....

Code:
Jul 12 09:12:20 RT-AC56U daemon.info pptpd[29794]: CTRL: Client xxx.xxx.xxx.xxx control connection started
Jul 12 09:12:34 RT-AC56U daemon.info pptpd[29794]: CTRL: Starting call (launching pppd, opening GRE)
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: Plugin pptp.so loaded.
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: PPTP plugin version 0.8.5 compiled for pppd-2.4.7, linux-2.6.36.4
Jul 12 09:12:34 RT-AC56U daemon.notice pptp[29805]: pppd 2.4.7 started by admin, uid 0
Jul 12 09:12:34 RT-AC56U daemon.info pptp[29805]: Using interface ppp10
Jul 12 09:12:34 RT-AC56U daemon.notice pptp[29805]: Connect: ppp10 <--> pptp (xxx.xxx.xxx.xxx)
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: MPPE 128-bit stateless compression enabled
Jul 12 09:12:36 RT-AC56U daemon.info pptp[29805]: found interface br0 for proxy arp
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: local  IP address 10.88.8.1
Jul 12 09:12:36 RT-AC56U daemon.notice pptp[29805]: remote IP address 10.88.8.80
Jul 12 09:12:36 RT-AC56U user.warn (GMailPPTP.sh): 29816 Notification PPTP connection Gmail SSL (non-certificate) SMTP e-mail running....
Jul 12 09:12:36 RT-AC56U user.warn (GMailPPTP.sh): 29816 PPTP connection: 29805 ppp10 10.88.8.80 xxx.xxx.xxx.xxx zzzzzzzzzzzzzzzzzzzzzzzzzz

and received an email as expected identifying which Userid has just connected:

Code:
From: Martineau RT-AC56U

Subject: Martineau PPTP connection state notification v3.1

PPTP connection detected
29805 ppp10 10.88.8.80 xxx.xxx.xxx.xxx zzzzzzzzzzzzzzzzzzzzzzzzzz

---

Your friendly RT-AC56U router.  :-)

Build v378.55
Sun Jul 12 09:12:36 DST 2015

You will need to add appropriate debugging statements to your PPTP email script to ensure it is actually getting called (assuming that a PPTP client has actually connected).

The script works.

I added to GmailNotificationScript.sh a line "touch /tmp/000GmailNotification-Event" and I've checked the tmp folder after the a PPTP VPN connection and everything is ok.

If I reboot the router and I make a VPN connection in the first 2 minutes after restart I actually receive the email notification, but after 10 minutes I can see only the "000GmailNotification-Event" in tmp folder, but no email notification.

Thank you!
 
The script works.

I added to GmailNotificationScript.sh a line "touch /tmp/000GmailNotification-Event" and I've checked the tmp folder after the a PPTP VPN connection and everything is ok.

If I reboot the router and I make a VPN connection in the first 2 minutes after restart I actually receive the email notification, but after 10 minutes I can see only the "000GmailNotification-Event" in tmp folder, but no email notification.

Thank you!

Glad that my script was vindicated! ;)

It does seem strange that after 10mins the PPTPD connection emails fail to be sent/received.

Do all of your other email scripts also fail to send an email when called manually 10mins after a router reboot?

NOTE: Before using Gmail, I had to modify the sending email credentials depending if I was using the SMTP server of my main ISP or the 3G modem provider SMTP in DUAL WAN failover mode.
 
Glad that my script was vindicated! ;)

It does seem strange that after 10mins the PPTPD connection emails fail to be sent/received.

Do all of your other email scripts also fail to send an email when called manually 10mins after a router reboot?

NOTE: Before using Gmail, I had to modify the sending email credentials depending if I was using the SMTP server of my main ISP or the 3G modem provider SMTP in DUAL WAN failover mode.
Thank you very much for your help!

After a lot of testing I think the problem is DNSCRYPT with OpenDNS resolver. I use DNSCRYPT with two resolvers: if I don't use OpenDNS everything works as supposed.

I wonder if it is a solution to put the two resolvers in strict order.

Thank you!
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top