Active Topics

 



Notices
Page 3 of 8 12 3 45 Last »
Reply
Thread Tools
Matan is offline Matan
2009-12-23 , 13:05
Posts: 1,224 | Thanked: 1,763 times | Joined on Jul 2007
#21
Add the options debug nodetach to the command line on the N900. On the PC you probably have the messages in /var/log/messages and /var/log/ppp-connection-errors (or similar).
 
rcs1000 is offline rcs1000
2010-01-12 , 23:11
Posts: 89 | Thanked: 131 times | Joined on Oct 2009
#22
Call me a VPN n00b, but I'm struggling to get into our coporate VPN. I could ask IT, but then the N900 would be specifically banned.

It is better to beg forgiveness than to ask permission, and all that.

I get the following in my debug:

Code:
sent [LCP EchoReq id=0x0 magic=0xdb492de1]
rcvd [EAP Request id=0x2 Identity <No message>]
sent [EAP Response id=0x2 Identity <Name "NT_NETWORK\r_smithson">]
rcvd [LCP EchoRep id=0x0 magic=0x281e6239]
rcvd [LCP TermReq id=0x3 "(\036b9\000<\315t\000\000\002\263"]
LCP terminated by peer ((^^b9^@<M-Mt^@^@^BM-3)
sent [LCP TermAck id=0x3]
I'm connecting - I think - to a Microsoft VPN.

Thanks, Robert
 
Big Phat Jan is offline Big Phat Jan
2010-01-14 , 17:42
Posts: 134 | Thanked: 91 times | Joined on Nov 2009 @ Imperial College London
#23
Originally Posted by rcs1000 View Post
Call me a VPN n00b, but I'm struggling to get into our coporate VPN. I could ask IT, but then the N900 would be specifically banned.

It is better to beg forgiveness than to ask permission, and all that.

I get the following in my debug:

Code:
sent [LCP EchoReq id=0x0 magic=0xdb492de1]
rcvd [EAP Request id=0x2 Identity <No message>]
sent [EAP Response id=0x2 Identity <Name "NT_NETWORK\r_smithson">]
rcvd [LCP EchoRep id=0x0 magic=0x281e6239]
rcvd [LCP TermReq id=0x3 "(\036b9\000<\315t\000\000\002\263"]
LCP terminated by peer ((^^b9^@<M-Mt^@^@^BM-3)
sent [LCP TermAck id=0x3]
I'm connecting - I think - to a Microsoft VPN.

Thanks, Robert
It sounds like maybe you aren't using mppe. Have you followed the instructions in my post on page 2? If so, what options are you using? They should be listed near the top of the debug output.

Maybe it's best to just post all of the output, but make sure you remove any IP addresses, usernames, domains etc. first!

Cheers,
Jan
 
joilet is offline joilet
2010-01-18 , 12:01
Posts: 4 | Thanked: 1 time | Joined on Jan 2010
#24
Originally Posted by Big Phat Jan View Post
Assuming you have a connection, you now need to set up your routing to use it. This doesn't work by default because we are missing /sbin/ip. You could probably fix this with the "route" command, but the easiest way is to install iproute by following Christoph's instructions in this post.
Hi. Many thanks for the time and effort you put in to provide us with these instructions. I followed the instructions without any issues, although i was unable to establish a connection. Having looked at my VPN server logs it appears i was attempting to use a protocol not authorised at the group policy level - probably not ms-chav-v2. I suspect i just need the right options in the config file. I'll have another play with that tonight.

Would you care to elaborate (or anyone for that matter) how to setup routing? I take it i need to install iproute but i can't find it in any of the repositories except for iptables.

Thanks

James
 
Big Phat Jan is offline Big Phat Jan
2010-01-18 , 12:30
Posts: 134 | Thanked: 91 times | Joined on Nov 2009 @ Imperial College London
#25
Originally Posted by joilet View Post
Hi. Many thanks for the time and effort you put in to provide us with these instructions. I followed the instructions without any issues, although i was unable to establish a connection. Having looked at my VPN server logs it appears i was attempting to use a protocol not authorised at the group policy level - probably not ms-chav-v2. I suspect i just need the right options in the config file. I'll have another play with that tonight.

Would you care to elaborate (or anyone for that matter) how to setup routing? I take it i need to install iproute but i can't find it in any of the repositories except for iptables.

Thanks

James
Hi James.

iproute is not available in the maemo.org repositories. The easiest way to install it is by using Christoph's repository (as detailed here). This comes with the usual caveats! Though iproute is optified and has worked without a problem for me.

As with any development repository I would suggest you disable the it immediately after installing iproute.

Here are the details:

Catalog name: kluenter
Web Address: http://maemo.kluenter.de/packages
Distribution: fremantle
Components: main

Cheers,
Jan
 
joilet is offline joilet
2010-01-18 , 22:21
Posts: 4 | Thanked: 1 time | Joined on Jan 2010
#26
Thanks Jan

I didn't see the link to the repository the first time. I guess i got distracted by the argument going on towards the end of the thread!

I managed to get it connecting to our Microsoft VPN. It looked like it was attempting to authenticate over EAP even with require-mppe-128. I added the following:

refuse-pap
refuse-eap
refuse-chap
refuse-mschap

To guarantee it only used the correct method of authentication.

I also managed to create a tunnel to Giganews VyprVPN service using a slightly different setup.

Now to tackle iproute. Hopefully this will go smoothly!
 

The Following User Says Thank You to joilet For This Useful Post:
max_power is offline max_power
2010-01-19 , 14:22
Posts: 37 | Thanked: 52 times | Joined on Aug 2005 @ Bremen, Germany
#27
i worte a little script that automatically connects the tunnel based on the essid of the wlan.

Code:
#!/bin/sh
iw=`iwconfig wlan0 | grep -rc Uni-Bremen`
if [ $iw = 1 ]; then
        pon uni
        route del default
        route add default ppp0
fi
put this in /etc/network/if-up.d/vpn, change the "Uni-Bremen" to your ESSID and make it executable with chmod +x /etc/network/if-up.d/vpn .
the downside is, that this script is executed everytime a networkinterface goes up. would be nicer if this only gets executed if you are in this network... but it gets the job done
 
rcs1000 is offline rcs1000
2010-01-20 , 16:09
Posts: 89 | Thanked: 131 times | Joined on Oct 2009
#28
Thanks everyone: joilet nailed the problem.
 
joilet is offline joilet
2010-01-20 , 21:24
Posts: 4 | Thanked: 1 time | Joined on Jan 2010
#29
Thanks rcs1000. Luckily for me i'm the admin to the windows server i was attempting to connect to. I could see the logs at both ends!

We should be thankful to Big Phat Jan for taking the time to document the procedure.

max_power - That is a useful script especially considering my network vodafone uk block VPN access and i can only get on via wifi.

Has anyone actually made this a working solution? I find my n900 is unusable whilst connected to the VPN. I can't even multi task - i get this weird overlay problem with the menu and any other app i attempt to switch to is immediately sent to the background.
 
Big Phat Jan is offline Big Phat Jan
2010-01-20 , 21:46
Posts: 134 | Thanked: 91 times | Joined on Nov 2009 @ Imperial College London
#30
Originally Posted by joilet View Post
Has anyone actually made this a working solution? I find my n900 is unusable whilst connected to the VPN. I can't even multi task - i get this weird overlay problem with the menu and any other app i attempt to switch to is immediately sent to the background.
It's working flawlessy for me. Not sure how to help with your problems, but if you post a log of your connection and / or your config files (minus any personal data) I can compare to my lworking config and make suggestions.

Cheers,
Jan
 
Reply
Page 3 of 8 12 3 45 Last »

Tags
vpn pptp mppe n900

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 13:29.

Contact Us - Home - Archive - Top