PPTP VPN tunnel unable to load some websites

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Wed Feb 02, 2011 21:09    Post subject: Reply with quote
xtort14 wrote:
in phuzi0n's other post his mentioned echoing it to the tmp directory also (which is how I found it in the first place)... you have /etc/ listed, maybe you need to echo it into /tmp/pptpd/ip-up

Good catch. FYI /etc isn't writable, it's part of the squashfs. Your ip-up script can be stored wherever you want (JFFS, a USB drive, etc.) as long as you update your PPTP config to point to it. I think you'll also need to chmod it to make it executable but I don't actually use PPTP so I'm just going off what I know about it and linux in general.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Sponsor
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Wed Feb 02, 2011 21:16    Post subject: Reply with quote
I can't get the command to work automatically from the Cron window in the GUI.
The funny thing is:
echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up

works perfectly from the console. It's not to hard to enter this line when te router is rebooted but is has to work somehow automatically.

I've tried also:

@reboot root echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up

and

root echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up

Any suggestions?
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Wed Feb 02, 2011 21:23    Post subject: Reply with quote
maybe you need to add the config rule to the startup script of the DDWRT, Administration -> Commands
and then save as startup script.
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Wed Feb 02, 2011 21:45    Post subject: Reply with quote
Like I said, read the cron wiki because you need to use the full path to commands you use or modify the PATH variable if you want to use cron.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 7:29    Post subject: Reply with quote
in the startup maybe this syntax will work

Code:

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Thu Feb 03, 2011 9:37    Post subject: Reply with quote
lightman wrote:
in the startup maybe this syntax will work

Code:

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up


Hmm, no it doesn't. I did not had the time to look in the DDWRT Cron wiki and test settings. Maybe today, if I find anything I will post is here. Untill then, still interested in suggestions. Very Happy
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 11:41    Post subject: Reply with quote
maybe running it without the -n statement after the echo command

Code:

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
echo 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up


i think its better to run it as an start up script, better than a cron job.
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Thu Feb 03, 2011 13:34    Post subject: Reply with quote
lightman wrote:
maybe running it without the -n statement after the echo command

Code:

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
echo 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up


i think its better to run it as an start up script, better than a cron job.


Yes! Cool Thanks to lightman I tried to put the script once again in the commands as startup script. This time it works! The previous time I tried this option I used the /etc instead of the /tmp folder location... that aint gonna work Rolling Eyes After that I did not try this option again and began focussing on the cron job part.

Exclamation For everyone that needs to fix this problem do the following (it's the only thing needed, at least in my experience):

1) In the DDWRT GUI go to "Administration"
2) Click "commands"
3) Paste this code in the white command box (-n means newline):

echo -n 'iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' >> /tmp/pptpd/ip-up

4) Choose "Save Startup".

When you reboot you router now, connect with telnet, login with root and your GUI password and type "cd /tmp/pptpd"
Then type "cat ip-up"

You will see that the line pasted in the command box before is now actually added on the bottom of the ip-up script. Very Happy

Problem completely solved! Thanks all for your valuable input! Very Happy
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 13:39    Post subject: Reply with quote
great to hear :-)

you don't need to kill the PPTP daemon after editing the ip-up script?

did you tested the VPN after the reboot with the startup script?

can we ask to add this to the newer firmware build? if yes, how to do?
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 13:49    Post subject: Reply with quote
i was checking the /tmp/pptpd/ip-up script

and i was amazed about it, yesterday i updated my Linksys E2000 with the latest EKO build for this unit
DD-WRT v24-sp2 (12/19/10) mega - build 15943M NEWD-2 K2.6 Eko

it seems to be fixed already in this build, ive never edited the script before
Code:

#!/bin/sh
startservice set_routes
echo $PPPD_PID $1 $5 $6 $PEERNAME >> /tmp/pptp_connected
iptables -I FORWARD -i $1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -I INPUT -i $1 -j ACCEPT
iptables -I FORWARD -i $1 -j ACCEPT
iptables -t nat -I PREROUTING -i $1 -p udp -m udp --sport 9 -j DNAT --to-destination 192.168.xx.xxx


??? Question
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Thu Feb 03, 2011 13:51    Post subject: Reply with quote
lightman wrote:
great to hear :-)

you don't need to kill the PPTP daemon after editing the ip-up script?

did you tested the VPN after the reboot with the startup script?

can we ask to add this to the newer firmware build? if yes, how to do?


Hmm... looks like I yelled a bit too early. The rule is indeed in the file, but I have no internet connection over the VPN... do you know how to restart the PPTP deamon?

It is strange though.. when you manually add the line in the ip-up script, there is no restart of the deamon needed... why is it needed when it automatically is inserted...?

But.. we are almost there.. Very Happy
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Thu Feb 03, 2011 13:57    Post subject: Reply with quote
Rebooted the router again, and now it looks to work fine.. I would like te look at the options op restarting the deamon.

Go looking in to it now.
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 14:01    Post subject: Reply with quote
did you see my previous post? about the latest build?
zonnebril
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Thu Feb 03, 2011 14:11    Post subject: Reply with quote
lightman wrote:
did you see my previous post? about the latest build?


No I did not, interesting. Can you give me a link to this build so I can see if there is one for my hardware? (I now have a brainslayer FW)

P.s. : Anyone who knows where the pptp daemon lives on the filesystem?
lightman
DD-WRT Novice


Joined: 17 Dec 2006
Posts: 29

PostPosted: Thu Feb 03, 2011 14:14    Post subject: Reply with quote
the location to download it for my router linksys with the broadcom chipset is overhere
ftp://ftp.dd-wrt.com/others/eko/V24-K26/svn15943-snow/
Goto page Previous  1, 2, 3, 4, 5, 6  Next Display posts from previous:    Page 4 of 6
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum