Forum Discussion
Giles_2071
Nimbostratus
NimbostratusLinux/pppd/Connection dropped
I am trying to connect to my work network using firepass but am getting "Waiting for 127.0.0.1" followed by "Connection dropped"
Can someone advise?
pppd messages are:
========================================================
Aug 30 12:15:26 agander pppd[28308]: pppd 2.4.4 started by gander, uid 500
Aug 30 12:15:26 agander pppd[28308]: Using interface ppp0
Aug 30 12:15:26 agander pppd[28308]: Connect: ppp0 <--> /dev/pts/3
Aug 30 12:15:26 agander pppd[28308]: not replacing existing default route via
192.168.0.1
Aug 30 12:15:26 agander pppd[28308]: local IP address 10.-.0.13
Aug 30 12:15:26 agander pppd[28308]: remote IP address 10.-.0.1
Aug 30 12:15:43 agander pppd[28308]: Terminating on signal 15
Aug 30 12:15:43 agander pppd[28308]: Connect time 0.3 minutes.
Aug 30 12:15:43 agander pppd[28308]: Sent 4 bytes, received 0 bytes.
Aug 30 12:15:49 agander pppd[28308]: Connection terminated.
Aug 30 12:15:49 agander pppd[28308]: Modem hangup
Aug 30 12:15:49 agander pppd[28308]: Exit.
========================================================
I have added the user trying to make the connection to the same group as the executables under /usr/local.
And defined an entry in sudoers for the same group giving perms for /usr/sbin/pppd.
I am running Fedora 8 x86-64.
Thanks
19 Replies
joncombe_46145I get this in the "ppp.dbg" file:-
using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 ]
rcvd [LCP ConfReq id=0x1 ]
sent [LCP ConfAck id=0x1 ]
rcvd [LCP ConfAck id=0x1 ]
sent [LCP EchoReq id=0x0 magic=0xaa56e48e]
sent [CCP ConfReq id=0x1 ]
sent [IPCP ConfReq id=0x1 ]
rcvd [LCP EchoReq id=0x0 magic=0xccb0a05d]
sent [LCP EchoRep id=0x0 magic=0xaa56e48e]
rcvd [LCP EchoRep id=0x0 magic=0xccb0a05d]
rcvd [IPCP ConfReq id=0x1 ]
sent [IPCP ConfRej id=0x1 ]
rcvd [CCP ConfReq id=0x1 ]
sent [CCP ConfRej id=0x1 ]
rcvd [CCP ConfRej id=0x1 ]
sent [CCP ConfReq id=0x2]
rcvd [IPCP ConfAck id=0x1 ]
rcvd [IPCP ConfReq id=0x2 ]
sent [IPCP ConfAck id=0x2 ]
not replacing existing default route via 86.2.64.1
Cannot determine ethernet address for proxy ARP
local IP address 10.182.0.106
remote IP address 10.182.0.1
Script /etc/ppp/ip-up started (pid 5870)
Script /etc/ppp/ip-up finished (pid 5870), status = 0x0
rcvd [CCP ConfReq id=0x2]
sent [CCP ConfAck id=0x2]
rcvd [CCP ConfAck id=0x2]
And from svpn.dbg I just keep getting messages like this
Wed, 29 Oct 2008 22:42:08 GMT [5845]: wrote 49 bytes to plug-in
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: waiting in select
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: accepted
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: read: "GET /vpn.php?INFO&z=193 HTTP/1.1\r\nHost: 127.0.0.1:44444\r\nUser-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.8.1.6) Gecko/20071008 Ubuntu/7.10 (gutsy) Firefox/2.0.0.6\r\nAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Language: en-gb,en;q=0.5\r\nAccept-Encoding: gzip,deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nKeep-Alive: 300\r\nConnection: keep-alive\r\n\r\n"
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: `"INFO"'
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: waiting for answer
Wed, 29 Oct 2008 22:42:08 GMT [5847]: INFO request
Wed, 29 Oct 2008 22:42:08 GMT [5847]: internal loop: 45 44
Wed, 29 Oct 2008 22:42:08 GMT [5845]: control server: msg: "&settraffic,428,434,0,0&appsetsendrecv,v1,428,434"
Does it help at all?
Jon
mal_57091Hey Jon,
Are you using a 3G card for FirePass access? Or any kind of mobile carrier card?
Cheers,
Mal- joncombe_46145Mai,
No I'm using a standard Ethernet network card to a fixed network (wired) connection via a cable modem.
Jon. - mal_57091Hey Jon,
Can i ask..are you using IPTables (or any other packet filter/firewall) on your Linux box? I just ran through the FirePass Admin Guide and it says that on a Linux box you must have port 44444 open to 127.0.0.1 (page 9-14 of the 6.0.3 admin guide). Perhaps your local FW is blocking this?
Cheers,
Mal - Frenchy77_30714Hi Jon, did you find a solution ?
It seems that I have the same problem.
I succesfully connect to Firepass and get a correct IP address, but then I can't ping any machine on my enterprise network.
This succesfully worked when I used Fedora 10, but I can't manage to ping the network resources since I installed Ubuntu 8.10
I wonder if these two lines in ppdb.dbg could explain the problem :
not replacing existing default route via 192.168.1.254
Cannot determine ethernet address for proxy ARP - joncombe_46145No I still have not solved the issue. Per the previous post above I have verified that port 4444 is open to local host by doing telnet localhost 4444. It connects so the port is open but when that occurs it causes Firepass to report the connection was lost. So the port is not blocked by any firewall, but it is still not working.
I'll check the log I have in ppdb.dbg to see if that has anything in.
Jon - joncombe_46145Sorry I see from my previous post I get the same messages as you in ppdb.dbg (other than differing IP address) so yes I think that could be the issue.
- Frenchy77_30714Thank you for your quick reponse, Jon.
I'm still looking for a solution and will post it if I find how to connect. - Frenchy77_30714My problem was solved on the server side. F5 VPN server was updated with last version by the technical team of my enterprise, and now it works. The new plug-in was automatically detected and updated by Firefox 3.
Very strange, because the old plug-in worked fine on Fedora 10 with Firefox 3.
Now the connection works, and it is very stable.
