MikroTik

Community discussions
https://forum.mikrotik.com/

PPTP And L2tP strange case

https://forum.mikrotik.com/viewtopic.php?t=114379

Page 1 of 1

PPTP And L2tP strange case

Posted: Mon Nov 07, 2016 11:42 am
by ghostman
router board hap lite when i try to make pptp from windows to mikrotik this is the print from log:

11:22:16 pptp,ppp,debug,packet <mru 1450>
11:22:16 pptp,ppp,debug,packet <magic 0x4e98063e>
11:22:16 pptp,ppp,debug,packet <auth mschap2>
11:22:17 pptp,ppp,debug,packet <4>: rcvd LCP ConfReq id=0x6
11:22:17 pptp,ppp,debug,packet <mru 1400>
11:22:17 pptp,ppp,debug,packet <magic 0x2289001e>
11:22:17 pptp,ppp,debug,packet <pcomp>
11:22:17 pptp,ppp,debug,packet <accomp>
11:22:17 pptp,ppp,debug,packet <callback 0x06>
11:22:17 pptp,ppp,debug,packet <4>: sent LCP ConfRej id=0x6
11:22:17 pptp,ppp,debug,packet <pcomp>
11:22:17 pptp,ppp,debug,packet <accomp>
11:22:21 pptp,ppp,debug,packet <4>: rcvd LCP ConfReq id=0x7
11:22:21 pptp,ppp,debug,packet <mru 1400>
11:22:21 pptp,ppp,debug,packet <magic 0x2289001e>
11:22:21 pptp,ppp,debug,packet <pcomp>
11:22:21 pptp,ppp,debug,packet <accomp>
11:22:21 pptp,ppp,debug,packet <callback 0x06>
11:22:21 pptp,ppp,debug,packet <4>: sent LCP ConfRej id=0x7
11:22:21 pptp,ppp,debug,packet <pcomp>
11:22:21 pptp,ppp,debug,packet <accomp>
11:22:25 pptp,ppp,debug,packet <4>: rcvd LCP ConfReq id=0x8
11:22:25 pptp,ppp,debug,packet <mru 1400>
11:22:25 pptp,ppp,debug,packet <magic 0x2289001e>
11:22:25 pptp,ppp,debug,packet <pcomp>
11:22:25 pptp,ppp,debug,packet <accomp>
11:22:25 pptp,ppp,debug,packet <callback 0x06>
11:22:25 pptp,ppp,debug,packet <4>: sent LCP ConfRej id=0x8
11:22:25 pptp,ppp,debug,packet <pcomp>
11:22:25 pptp,ppp,debug,packet <accomp>
11:22:27 pptp,ppp,debug <4>: LCP timer
11:22:27 pptp,ppp,debug,packet <4>: sent LCP ConfReq id=0x8
11:22:27 pptp,ppp,debug,packet <mru 1450>
11:22:27 pptp,ppp,debug,packet <magic 0x4e98063e>
11:22:27 pptp,ppp,debug,packet <auth mschap2>
11:22:30 pptp,ppp,debug,packet <4>: rcvd LCP ConfReq id=0x9
11:22:30 pptp,ppp,debug,packet <mru 1400>
11:22:30 pptp,ppp,debug,packet <magic 0x2289001e>
11:22:30 pptp,ppp,debug,packet <pcomp>
11:22:30 pptp,ppp,debug,packet <accomp>
11:22:30 pptp,ppp,debug,packet <callback 0x06>
11:22:30 pptp,ppp,debug,packet <4>: sent LCP ConfRej id=0x9
11:22:30 pptp,ppp,debug,packet <pcomp>
11:22:30 pptp,ppp,debug,packet <accomp>
11:22:33 pptp,debug,packet rcvd Call-Clear-Request from (windows real ip)
11:22:33 pptp,debug,packet call-id=52746
11:22:33 pptp,ppp,debug <4>: LCP lowerdown
11:22:33 pptp,ppp,debug <4>: LCP lowerdown
11:22:33 pptp,ppp,debug <4>: LCP down event in starting state

and mikrotik config:


ppp profile print
Flags: * - default
0 * name="default" local-address=192.168.110.1 use-mpls=default use-compression=default use-encryption=no only-one=default change-tcp-mss=yes use-upnp=default address-list=""
on-up="" on-down=""

1 * name="default-encryption" use-mpls=default use-compression=default use-encryption=yes only-one=default change-tcp-mss=yes use-upnp=default address-list="" on-up="" on-down=""

interface l2tp-server server print
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: disabled
authentication: pap,chap,mschap1,mschap2
keepalive-timeout: 30
max-sessions: unlimited
default-profile: default-encryption
use-ipsec: no
ipsec-secret:
allow-fast-path: no
interface pptp-server server print
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: disabled
authentication: pap,chap,mschap1,mschap2
keepalive-timeout: 30
default-profile: default-encryption

ppp secret print
# NAME SERVICE CALLER-ID PASSWORD PROFILE REMOTE-ADDRESS
0 test any test default


So where is the problem ?
thanks for your help :)

Re: PPTP And L2tP strange case

Posted: Tue Nov 08, 2016 10:46 am
by ghostman
any help ?

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 10:01 am
by ghostman
any update ?

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 12:09 pm
by cdiedrich
Do you have an accept rule in the input chain for protocol 47 (GRE)?
-Chris

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 1:02 pm
by ghostman
Do you have an accept rule in the input chain for protocol 47 (GRE)?
-Chris
NO showed i have ?

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 1:04 pm
by cdiedrich
Absolutely.
pptp uses tcp/1723 for control only - the actual traffic is encapsulated in GRE.

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 1:21 pm
by ghostman
Absolutely.
pptp uses tcp/1723 for control only - the actual traffic is encapsulated in GRE.

i do it

chain=input action=accept protocol=gre log=no log-prefix=""


and this is the log


13:10:47 pptp,info TCP connection established from My real Ip
13:10:47 pptp,debug,packet rcvd Start-Control-Connection-Request from My Real Ip
13:10:47 pptp,debug,packet protocol-version=0x0100
13:10:47 pptp,debug,packet framing-capabilities=3
13:10:47 pptp,debug,packet bearer-capabilities=3
13:10:47 pptp,debug,packet maximum-channels=1
13:10:47 pptp,debug,packet firmware-revision=0
13:10:47 pptp,debug,packet host-name=anonymous
13:10:47 pptp,debug,packet vendor-name=
13:10:47 pptp,debug,packet sent Start-Control-Connection-Reply to My Real Ip
13:10:47 pptp,debug,packet protocol-version=0x0100
13:10:47 pptp,debug,packet result-code=1
13:10:47 pptp,debug,packet error-code=0
13:10:47 pptp,debug,packet framing-capabilities=2
13:10:47 pptp,debug,packet bearer-capabilities=0
13:10:47 pptp,debug,packet maximum-channels=0
13:10:47 pptp,debug,packet firmware-revision=1
13:10:47 pptp,debug,packet host-name=MikroTik
13:10:47 pptp,debug,packet vendor-name=MikroTik
13:10:47 pptp,debug,packet rcvd Outgoing-Call-Request from My Real Ip
13:10:47 pptp,debug,packet call-id=53934
13:10:47 pptp,debug,packet call-serial-number=8500
13:10:47 pptp,debug,packet minimum-bps=1000
13:10:47 pptp,debug,packet maximum-bps=100000000
13:10:47 pptp,debug,packet bearer-type=3
13:10:47 pptp,debug,packet framing-type=3
13:10:47 pptp,debug,packet packet-recv-window-size=8192
13:10:47 pptp,debug,packet packet-processing-delay=0
13:10:47 pptp,debug,packet phone-number-length=0
13:10:47 pptp,debug,packet phone-number=
13:10:47 pptp,debug,packet subaddress=
13:10:47 pptp,ppp,debug <0>: LCP lowerup
13:10:47 pptp,ppp,debug <0>: LCP open
13:10:47 pptp,debug,packet sent Outgoing-Call-Reply to My Real Ip
13:10:47 pptp,debug,packet call-id=0
13:10:47 pptp,debug,packet peers-call-id=53934
13:10:47 pptp,debug,packet result-code=1
13:10:47 pptp,debug,packet error-code=0
13:10:47 pptp,debug,packet cause-code=0
13:10:47 pptp,debug,packet connect-speed=100000
13:10:47 pptp,debug,packet packet-recv-window-size=100
13:10:47 pptp,debug,packet packet-processing-delay=0
13:10:47 pptp,debug,packet physical-channel-id=0
13:10:47 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:10:47 pptp,ppp,debug,packet <mru 1400>
13:10:47 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:47 pptp,ppp,debug,packet <magic 0x10580168>
13:10:47 pptp,ppp,debug,packet <pcomp>
13:10:47 pptp,ppp,debug,packet <accomp>
13:10:47 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x1
13:10:47 pptp,ppp,debug,packet <mru 1450>
13:10:47 pptp,ppp,debug,packet <magic 0xfd4586e>
13:10:47 pptp,ppp,debug,packet <auth mschap2>
13:10:47 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:10:47 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:47 pptp,ppp,debug,packet <pcomp>
13:10:47 pptp,ppp,debug,packet <accomp>
13:10:48 pptp,ppp,debug <0>: LCP timer
13:10:48 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x2
13:10:48 pptp,ppp,debug,packet <mru 1450>
13:10:48 pptp,ppp,debug,packet <magic 0xfd4586e>
13:10:48 pptp,ppp,debug,packet <auth mschap2>
13:10:50 pptp,ppp,debug <0>: LCP timer
13:10:50 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x3
13:10:50 pptp,ppp,debug,packet <mru 1450>
13:10:50 pptp,ppp,debug,packet <magic 0xfd4586e>
13:10:50 pptp,ppp,debug,packet <auth mschap2>
13:10:50 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:10:50 pptp,ppp,debug,packet <mru 1400>
13:10:50 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:50 pptp,ppp,debug,packet <magic 0x10580168>
13:10:50 pptp,ppp,debug,packet <pcomp>
13:10:50 pptp,ppp,debug,packet <accomp>
13:10:50 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:10:50 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:50 pptp,ppp,debug,packet <pcomp>
13:10:50 pptp,ppp,debug,packet <accomp>

13:10:52 pptp,ppp,debug <0>: LCP timer
13:10:52 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x4
13:10:52 pptp,ppp,debug,packet <mru 1450>
13:10:52 pptp,ppp,debug,packet <magic 0xfd4586e>
13:10:52 pptp,ppp,debug,packet <auth mschap2>
13:10:53 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:10:53 pptp,ppp,debug,packet <mru 1400>
13:10:53 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:53 pptp,ppp,debug,packet <magic 0x10580168>
13:10:53 pptp,ppp,debug,packet <pcomp>
13:10:53 pptp,ppp,debug,packet <accomp>
13:10:53 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:10:53 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:53 pptp,ppp,debug,packet <pcomp>
13:10:53 pptp,ppp,debug,packet <accomp>
13:10:56 pptp,ppp,debug <0>: LCP timer
13:10:56 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x5
13:10:56 pptp,ppp,debug,packet <mru 1450>
13:10:56 pptp,ppp,debug,packet <magic 0xfd4586e>
13:10:56 pptp,ppp,debug,packet <auth mschap2>
13:10:56 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:10:56 pptp,ppp,debug,packet <mru 1400>
13:10:56 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:56 pptp,ppp,debug,packet <magic 0x10580168>
13:10:56 pptp,ppp,debug,packet <pcomp>
13:10:56 pptp,ppp,debug,packet <accomp>
13:10:56 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:10:56 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:56 pptp,ppp,debug,packet <pcomp>
13:10:56 pptp,ppp,debug,packet <accomp>
13:10:59 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:10:59 pptp,ppp,debug,packet <mru 1400>
13:10:59 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:59 pptp,ppp,debug,packet <magic 0x10580168>
13:10:59 pptp,ppp,debug,packet <pcomp>
13:10:59 pptp,ppp,debug,packet <accomp>
13:10:59 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:10:59 pptp,ppp,debug,packet <asyncmap 0x0>
13:10:59 pptp,ppp,debug,packet <pcomp>
13:10:59 pptp,ppp,debug,packet <accomp>
13:11:01 pptp,ppp,debug <0>: LCP timer
13:11:01 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x6
13:11:01 pptp,ppp,debug,packet <mru 1450>
13:11:01 pptp,ppp,debug,packet <magic 0xfd4586e>
13:11:01 pptp,ppp,debug,packet <auth mschap2>
13:11:02 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:11:02 pptp,ppp,debug,packet <mru 1400>
13:11:02 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:02 pptp,ppp,debug,packet <magic 0x10580168>
13:11:02 pptp,ppp,debug,packet <pcomp>
13:11:02 pptp,ppp,debug,packet <accomp>
13:11:02 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:11:02 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:02 pptp,ppp,debug,packet <pcomp>
13:11:02 pptp,ppp,debug,packet <accomp>

13:11:05 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:11:05 pptp,ppp,debug,packet <mru 1400>
13:11:05 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:05 pptp,ppp,debug,packet <magic 0x10580168>
13:11:05 pptp,ppp,debug,packet <pcomp>
13:11:05 pptp,ppp,debug,packet <accomp>
13:11:05 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:11:05 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:05 pptp,ppp,debug,packet <pcomp>
13:11:05 pptp,ppp,debug,packet <accomp>
13:11:08 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:11:08 pptp,ppp,debug,packet <mru 1400>
13:11:08 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:08 pptp,ppp,debug,packet <magic 0x10580168>
13:11:08 pptp,ppp,debug,packet <pcomp>
13:11:08 pptp,ppp,debug,packet <accomp>
13:11:08 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:11:08 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:08 pptp,ppp,debug,packet <pcomp>
13:11:08 pptp,ppp,debug,packet <accomp>
13:11:09 pptp,ppp,debug <0>: LCP timer
13:11:09 pptp,ppp,debug,packet <0>: sent LCP ConfReq id=0x7
13:11:09 pptp,ppp,debug,packet <mru 1450>
13:11:09 pptp,ppp,debug,packet <magic 0xfd4586e>
13:11:09 pptp,ppp,debug,packet <auth mschap2>
13:11:11 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:11:11 pptp,ppp,debug,packet <mru 1400>
13:11:11 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:11 pptp,ppp,debug,packet <magic 0x10580168>
13:11:11 pptp,ppp,debug,packet <pcomp>
13:11:11 pptp,ppp,debug,packet <accomp>
13:11:11 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:11:11 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:11 pptp,ppp,debug,packet <pcomp>
13:11:11 pptp,ppp,debug,packet <accomp>
13:11:14 pptp,ppp,debug,packet <0>: rcvd LCP ConfReq id=0x1
13:11:14 pptp,ppp,debug,packet <mru 1400>
13:11:14 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:14 pptp,ppp,debug,packet <magic 0x10580168>
13:11:14 pptp,ppp,debug,packet <pcomp>
13:11:14 pptp,ppp,debug,packet <accomp>
13:11:14 pptp,ppp,debug,packet <0>: sent LCP ConfRej id=0x1
13:11:14 pptp,ppp,debug,packet <asyncmap 0x0>
13:11:14 pptp,ppp,debug,packet <pcomp>
13:11:14 pptp,ppp,debug,packet <accomp>
13:11:17 pptp,ppp,debug <0>: LCP lowerdown
13:11:17 pptp,ppp,debug <0>: LCP lowerdown
13:11:17 pptp,ppp,debug <0>: LCP down event in starting state
13

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 1:29 pm
by Caci99
Are you trying to connect via l2tp a windows device? If I recall it correctly, windows does not support l2tp without ipsec.

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 1:33 pm
by ghostman
Are you trying to connect via l2tp a windows device? If I recall it correctly, windows does not support l2tp without ipsec.
No with Android but as i know windows support l2tp

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 2:04 pm
by Caci99
as i know windows support l2tp
Windows does support l2tp, but only with ipsec. You have to change something in windows register to be able to connect to a l2tp server without ipsec. Maybe the same goes for android.

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 2:44 pm
by cdiedrich
Just not to get confused:
The logs you're posting are showing pptp debug packets, not l2tp.

And, is there a reason why you don't specify a remote-address (ideally from a seperate pool) and have encryption explicitly disabled in the used profile?

-Chris

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 3:43 pm
by ghostman
Just not to get confused:
The logs you're posting are showing pptp debug packets, not l2tp.

And, is there a reason why you don't specify a remote-address (ideally from a seperate pool) and have encryption explicitly disabled in the used profile?

-Chris
i test with remote address and with encryption and the last i test to downgrade to 6.35.4 becuse i have another router work fine with 3.35.4 but with another kind the work router with the same config and 3.35.4 but its rb951ui-h2nd and the other type hap lite

Re: PPTP And L2tP strange case

Posted: Thu Nov 10, 2016 3:50 pm
by cdiedrich
Luckily, the model doesn't matter in this case.
It can't be the same config - one is working, the other isn't.

post an export of both routers and we can compare.
-Chris

Re: PPTP And L2tP strange case

Posted: Fri Aug 30, 2019 3:06 pm
by Valdis
Hello.
I have similar situation, but I cant understand why one windows machine can log with same VPN username but other machine can not connect?
Log from MikroTik is at attachment.
What could be wrong at Windows machine? Both machines are Win10 with up to date updates...

Re: PPTP And L2tP strange case

Posted: Fri Sep 06, 2019 3:07 pm
by Valdis
Hello.
I have similar situation, but I cant understand why one windows machine can log with same VPN username but other machine can not connect?
Log from MikroTik is at attachment.
What could be wrong at Windows machine? Both machines are Win10 with up to date updates...
Hello again, following tutorial solved the problem with MSchap2 on windows machine:
https://superuser.com/questions/1298513 ... ine-on-ios
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/