• May 22, 2018, 10:00:55 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DFL-210 PPTP over Dynamic WAN - Solved  (Read 4496 times)

timberline1

  • Level 1 Member
  • *
  • Posts: 13
DFL-210 PPTP over Dynamic WAN - Solved
« on: August 21, 2009, 05:52:17 AM »

I have another location where the modem ip is not static. i need to set up a pptp server on that dfl-210.

i have followed the online guide (several Times) i have even reset the dfl back to default and started over no go.
in the guide it says "if the wan is dynamic use ip_wan instead of wan_ip" ... O.o ??  i have reset the dfl-210 and started from scratch several times and i have never got a ip_wan. my wan_ip always says 0.0.0.0. same as the gateway and the other addresses associated to it.

so, if i follow the guide to the letter and i try to pptp in, from off site, it gets to verifying username and password and then stops. so i thought maybe the username and password is incorrect. i redid those several times too and no go.

OH! and in the log when i am looking up errors as to why it is not connecting, the errors have a proto ID of GRE, i dont have a GRE set up. ???

i am currently at that location so i cant PPTP in to get the exact error but when i get to my next site i will try again and post here the error if you would like.
« Last Edit: August 22, 2009, 08:23:46 AM by timberline1 »
Logged
________________________________________
Steel is hard because it had felt the hammer
and seen the fire.
________________________________________

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: DFL-210 PPTP over Dynamic WAN
« Reply #1 on: August 21, 2009, 08:42:24 AM »

GRE is the protocol used for PPTPs traffic.

I think the mentions of ip_wan are made during PPPoE connections where you will have a different IP object which represents your WAN's IP.

I think we are going to need those errors, though I can tell you the most common error I see is missing the user authentication rule.
Logged
non progredi est regredi

timberline1

  • Level 1 Member
  • *
  • Posts: 13
Re: DFL-210 PPTP over Dynamic WAN
« Reply #2 on: August 21, 2009, 09:51:39 AM »

ok.. so i double checked at all my locations these are the setups for all 5 dfl-210's, and i cannot pptp into any of them.

ip rules:
(above default lan to wan rule folder)
from_pptp
allow
pptp_server
pptp_ippool
lan
lannet
all services

to_pptp
allow
lan
lannet
pptp_server
pptp_ippool
all services

interfaces
pptp_server
inner_ip: lan_ip
tunnel: pptp
outer interface: wan
server ip: wan_ip

ppp parameters:
Use User Authentication Rules
ip pool: pptp_ippool

add route:
all nets
Always select ALL interfaces, including new ones.

local user database
remoteusers
username
password

user authentication rules
pptp_rule
ppp
local
pptp_server
all-nets
wan_ip

authentication options:
local user DB: remoteusers


ok, so all of my dfl's are set up this way (4 on static IP and 1 on Dynamic IP) and i cannot pptp into any of them.

windows side:
new connection
connect to workplace
use my internet connection (VPN)
name it
ip address
username
password
no domain
connect

...
The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly.
...
tried with both "use remote gateway" and with out.

gets past verifying username and password then goes to connecting to "ip address" using wan miniport
 (PPTP)
then on the remote dfl i am trying to get to i get these in the log:
="Invalid exchange type for the first packet" ike_invalid_payload
Logged
________________________________________
Steel is hard because it had felt the hammer
and seen the fire.
________________________________________

Fatman

  • Level 9 Member
  • ****
  • Posts: 1675
Re: DFL-210 PPTP over Dynamic WAN
« Reply #3 on: August 21, 2009, 02:44:10 PM »

Do the security settings match on the client and server?
Logged
non progredi est regredi

timberline1

  • Level 1 Member
  • *
  • Posts: 13
Re: DFL-210 PPTP over Dynamic WAN
« Reply #4 on: August 22, 2009, 05:40:12 AM »

Do the security settings match on the client and server?

yeah i checked the security settings so many times i felt like i was going to vomit. i even rebuilt the pptp over and over. and as i was sitting there frustrated to all get-out, something dawned on me... i was trying to pptp into another network hosted on a dfl-210 from a network hosted on a dfl-210. considering how militant these firewalls are i thought maybe i am being blocked by the local dfl-210. i mean everything else is set up just fine. so i set the local dfl-210 up for pptp-passthrough and BAMF~! it worked...

dont you hate it when the obvious beats you in the face?!?

Logged
________________________________________
Steel is hard because it had felt the hammer
and seen the fire.
________________________________________