PPTP Server/Client nightmares

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page 1, 2  Next
Author Message
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Mon Feb 13, 2012 21:56    Post subject: PPTP Server/Client nightmares Reply with quote
I'm attempting to link my home router and my office router with a PPTP connection so make accessing files and doing remote backups easier.

I'm running an Asus RT-N16 with v24-sp2 8/7/10 mega at home, hooked up to a cable modem with a public IP. It's configured for DDNS. This is configured as the server.

The office has a Buffalo WHR-HP-G54, running v24-sp2 8/7/10 standard. It's behind a Comcast SMC8013 which I've set to forward ports 1723, 1792, and GRE to the Buffalo's IP address. This is configured as the client.

I'm able to establish a VPN connection between the two, but it doesn't behave as expected. From home, I can ping the office router, and access its configuration page in my browser. I cannot ping any of the remote computers or their hostnames, let alone access their shares.

From the office, I cannot ping the router, but, for whatever reason, I CAN access its configuration page from within my web browser. I cannot ping any of the remote computers or their hostnames, or access shares.

My basic config details:

Home/Server
PPTP settings:
Server IP: 192.168.1.1
Client IPs: 192.168.25-39 (do not overlap with any local IPs)

Kernel routing table:
Code:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.11.1    *               255.255.255.255 UH    0      0        0 ppp0
69.14.16.1      *               255.255.255.255 UH    0      0        0 vlan2
192.168.1.0     *               255.255.255.0   U     0      0        0 br0
192.168.11.0    192.168.11.1    255.255.255.0   UG    0      0        0 ppp0
69.14.16.0      *               255.255.240.0   U     0      0        0 vlan2
169.254.0.0     *               255.255.0.0     U     0      0        0 br0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         d14-69-1-16.try 0.0.0.0         UG    0      0        0 vlan2



Office/Client
PPTP settings:
Remote subnet: 192.168.1.0
Remote Subnet mask: 255.255.255.0
MPPE: mppe required
MTU/MRU @ Defaults
NAT Enabled

Kernel routing table:
Code:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.1     *               255.255.255.255 UH    0      0        0 ppp0
10.1.10.1       *               255.255.255.255 UH    0      0        0 vlan1
192.168.1.0     *               255.255.255.0   U     0      0        0 ppp0
10.1.10.0       *               255.255.255.0   U     0      0        0 vlan1
192.168.11.0    *               255.255.255.0   U     0      0        0 br0
169.254.0.0     *               255.255.0.0     U     0      0        0 br0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         10.1.10.1       0.0.0.0         UG    0      0        0 vlan1




I'll be happy to post additional configuration details or screenshots for whatever info is needed to help me figure this darn thing out.

Thanks in advance.


Last edited by RyanMM on Mon Feb 13, 2012 23:40; edited 1 time in total
Sponsor
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany

PostPosted: Mon Feb 13, 2012 22:17    Post subject: Reply with quote
network layout?! i bet its a routing problem
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Mon Feb 13, 2012 23:29    Post subject: Reply with quote
Home:

Wideopenwest cable modem -- true bridge, DHCP --> Asus RT-N16 WAN port

Office:

Comcast SMC8013 Turdbox -- static IP --> Buffalo WHR-HP-G54 WAN port
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Tue Feb 14, 2012 18:48    Post subject: Reply with quote
The more I think about it, the more I'm concerned it's due to the double-NATing from the SMC turdbox. Even if I DMZ the office router, I'm not sure if that'll get me out from behind its nonsense.

Has anyone had success with a router's PPTP client working behind an SMC8013 without a static IP?
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Tue Feb 14, 2012 22:53    Post subject: Reply with quote
Looks like both subnets are 192.168.1.0/24

Change your home network to 192.168.2.0/24 and see if that fixes things...
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Wed Feb 15, 2012 0:11    Post subject: Reply with quote
pjg61 wrote:
Looks like both subnets are 192.168.1.0/24

Change your home network to 192.168.2.0/24 and see if that fixes things...


The office is 192.168.11.1. The home is 192.168.1.1.
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Fri Feb 17, 2012 20:08    Post subject: Reply with quote
Just tried setting this up from another location with a public IP, hoping to eliminate the Comcast equipment from the equation. No joy. Still totally unworkable, except for the odd fact I can ping and access the routers from the other sites but none of the shared systems (except for the ones that I CAN ping by IP but can't ping by hostname).

Is there anybody running PPTP on two routers and getting it to work? If so, I'd really like to know how the hell you did it.
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Fri Feb 17, 2012 21:57    Post subject: Reply with quote
Ryan,

I don't have quite the same config but I created a configuration similar to yours where the CLIENT must go through 2 outbound routers, in my case, an E4200 (internal fw) running stock firmware and a CellPIPE 7130 (VDSL firewall) connecting to a Windows 7 running the PPTP server. I was able to connect successfully and see devices on the other end. I did *not* add any special forwarding to the CellPIPE router.

I wondering if you remove the forwards that you put in the Comcast router ? As long as it has the PPTP option enabled, then it should work...

As Sash said, I'm sure it is a routing issue...
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Sat Feb 18, 2012 14:31    Post subject: Reply with quote
Thanks for the reply.

When testing the client config at the other location yesterday, that eliminated the Comcast stuff from the equation, and I basically had the same issues, unfortunately.

It seems like the PPTP connection is establishing but any ability to route is stopped at the DD-WRT devices.

I've reset both of these things and reconfigured from scratch using the PPTP Tunnel wiki guide. Absolutely no joy.

Is there any sort of routing on the ISP side that could be causing this? My server site is serviced by Wideopenwest (WOW) and so was the test location I was at yesterday.

I'm about 10 hours deep in trying to get this to work and I'm pulling my hair out. If anyone would like to compare screenshots of config pages, I'm wondering if there's settings beyond what's described in the wiki that are either necessary or detrimental to a functioning PPTP setup.
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Sat Feb 18, 2012 15:12    Post subject: Reply with quote
What are you using as the client ? dd-wrt ? if so, then try using a windows 7 client instead. It is very easy to setup and it works (this I use everyday). See if that works...
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Sat Feb 18, 2012 15:17    Post subject: Reply with quote
Another idea. If you have a spare hub, then disconnect from your internet provider and config your server router with a static IP. Then connect this router's WAN port to a hub. On that hub, connect a PC with another static IP. See if you can VPN to the router. YOu should be able to given that both devices are on the same hub. Then, expand on the test...
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Sat Feb 18, 2012 19:05    Post subject: Reply with quote
If I use Windows 7 or Windows XP VPN client to connect to the home server, things work fine. I can ping via hostname and IP address any computer on the network.

So the problem must be the client side code on the DD-WRT routers I'm using.

So far I've tried a Buffalo WHR-HP-G54, WHR-HP-G300N, and a Linksys WRT54G. I don't have the version numbers of the routers or the DD-WRT version they were running, so I'll have to double-check that. I'm aware there's some client problems on DD-WRT above 149xx, so I think they were all running 14929 or below, but I wasn't sure if that was inclusive to 149xx or only beginning at the 15xxx mark.
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Sat Feb 18, 2012 19:21    Post subject: Reply with quote
Then, I think you have a routing problem. Have you tried to ping from the client router ? (not from a device on the client router side but from the client router interface ) ???
RyanMM
DD-WRT Novice


Joined: 14 Sep 2010
Posts: 28

PostPosted: Sun Feb 19, 2012 17:09    Post subject: Reply with quote
I would do that but I have absolutely no idea how. I've tried running a ping command from the web interface in the command shell box and hitting run command, but every syntax for pinging that I've tried has resulted in no feedback.

I've done my Google diligence, getting absolutely nowhere closer to finding out how to ping within dd-wrt using a number of search attempts. "ping within ddwrt" "ddwrt command ping" "ddwrt ping syntax" and a half-dozen other combinations lead to no useful results. Most of the stuff is about setting up a command line ping to aid with debricking.

I need a handhold here, how the hell do you ping within DDWRT?
pjg61
DD-WRT Novice


Joined: 27 Sep 2010
Posts: 37

PostPosted: Sun Feb 19, 2012 19:36    Post subject: Reply with quote
Ryan,

In the Administration / Management page, enable "Telnet Management" and leave the port set to 23.

Then, if telnet to your router's internal ip address, probably, 192.168.1.1. For the login name, enter root, and enter the administrative password you set when you installed dd-wrt. Note that you must be on the internal network. The telnet server does not accept connections from the wan interface.

You will then be in a shell on your router.

Use the standard ping command to check connectivity. Or any linux command such as traceroute, ...

If you have a Windows 7 client, the telnet program is no longer installed by default. Go to Control Panel / Programs and Features and select 'Turn Windows features on or off'. In the dialog box which shows up, check the Telnet Client line and click OK. Then open a Command Prompt to use the command.
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum