Alex Kuklin (alexkuklin) wrote in ru_root,
Alex Kuklin
alexkuklin
ru_root

Давно я не брал в руки шашки. Потребовалось помочь настроить удаленный доступ с виндов до рабочего сервера.
Из виндов соединение устанавливается, но не работает.

UPD: из линукса заработало, почему-то iptables перекосило и пакеты GRE продолжали пролетать на внутренний адрес через DNAT.

Пробую из линукса через pptp server --nolaunchpppd и вижу вот что:

09:56:08.920864 IP client.37749 > server.1723: Flags [S], seq 889156044, win 5840, options [mss 1460,sackOK,TS val 18939878 ecr 0,nop,wscale 6], length 0
09:56:08.953084 IP server.1723 > client.37749: Flags [S.], seq 3256228442, ack 889156045, win 65535, options [mss 1460,nop,wscale 1,nop,nop,TS val 153206093 ecr 18939878,sackOK,eol], length 0
09:56:08.953215 IP client.37749 > server.1723: Flags [.], ack 1, win 92, options [nop,nop,TS val 18939886 ecr 153206093], length 0
09:56:08.953968 IP client.37749 > server.1723: Flags [P.], seq 1:157, ack 1, win 92, options [nop,nop,TS val 18939886 ecr 153206093], length 156: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(AS) BEARER_CAP(DA) MAX_CHAN(65535) FIRM_REV(1) HOSTNAME(local) VENDOR(cananian)
09:56:08.986676 IP server.1723 > client.37749: Flags [P.], seq 1:157, ack 157, win 33304, options [nop,nop,TS val 153206155 ecr 18939886], length 156: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP(S) BEARER_CAP(DA) MAX_CHAN(0) FIRM_REV(257) HOSTNAME(elbrus-soft.com) VENDOR(FreeBSD mpd-3.18)
09:56:08.986794 IP client.37749 > server.1723: Flags [.], ack 157, win 108, options [nop,nop,TS val 18939894 ecr 153206155], length 0
09:56:09.954331 IP client.37749 > server.1723: Flags [P.], seq 157:325, ack 157, win 108, options [nop,nop,TS val 18940136 ecr 153206155], length 168: pptp CTRL_MSGTYPE=OCRQ CALL_ID(0) CALL_SER_NUM(0) MIN_BPS(2400) MAX_BPS(10000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(3) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
09:56:09.987646 IP server.1723 > client.37749: Flags [P.], seq 157:189, ack 325, win 33304, options [nop,nop,TS val 153208024 ecr 18940136], length 32: pptp CTRL_MSGTYPE=OCRP CALL_ID(28057) PEER_CALL_ID(0) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(64000) RECV_WIN(16) PROC_DELAY(1) PHY_CHAN_ID(0)
09:56:09.987756 IP client.37749 > server.1723: Flags [.], ack 189, win 108, options [nop,nop,TS val 18940145 ecr 153208024], length 0
09:56:09.988086 IP server > client: GREv1, call 0, seq 0, length 39: LCP, Conf-Request (0x01), id 137, length 25
09:56:09.989809 IP client.37749 > server.1723: Flags [P.], seq 325:341, ack 189, win 108, options [nop,nop,TS val 18940145 ecr 153208024], length 16: pptp CTRL_MSGTYPE=CCRQ CALL_ID(0)
09:56:09.990294 IP client.37749 > server.1723: Flags [F.], seq 341, ack 189, win 108, options [nop,nop,TS val 18940145 ecr 153208024], length 0
09:56:10.022586 IP server.1723 > client.37749: Flags [P.], seq 189:205, ack 341, win 33304, options [nop,nop,TS val 153208089 ecr 18940145], length 16: pptp CTRL_MSGTYPE=StopCCRQ REASON(3)
09:56:10.022739 IP client.37749 > server.1723: Flags [R], seq 889156385, win 0, length 0
09:56:10.022765 IP server.1723 > client.37749: Flags [P.], seq 205:353, ack 341, win 33304, options [nop,nop,TS val 153208089 ecr 18940145], length 148: pptp CTRL_MSGTYPE=CDN CALL_ID(28057) RESULT_CODE(4) ERR_CODE(0) CAUSE_CODE(0) CALL_STATS()
09:56:10.022811 IP client.37749 > server.1723: Flags [R], seq 889156385, win 0, length 0


При этом,

The StopCCRQ packet fields of significance are as follows:

* The Control Message Type field is set to 3 to indicate that this is a StopCCRQ.
* The Reason field conveys the reason for the control connection termination. There are three legal values: 1 = general request to clear the control connection, 2 = cannot support the peer's PPTP version, and 3 = this machine is being shut down.


У кого (с чьей стороны) не едут лыжи?
Subscribe

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 5 comments