Thought this deserved its own thread. I have modified the original Tomato firmware to include a PPTP client (PPTP server included but not active, can be compiled) and a SNMP server. Been running that firmware for many months and just upgraded it to be in sync with the latest tomato version: 1.21 It's available there: http://www.avenard.org/wrt54-tomato/tomato-121-vpn.zip For sources and documentation: http://www.avenard.org/wrt54-tomato/ Note that for the sources, you need to install 1.18 sources then apply the 118-121 patch... Much easier for me to release it as patches against 1.18 rather than the full sources. Jean-Yves
Documentation I haven't changed the web interface. The following nvram values are used: SNMP: "snmpd_run" - if 1 will start the snmp daemon. Can't change the settings for snmp (stored in /etc/snmpd.conf) Log to the WRT54 using either ssh or telnet and at the prompt type: # nvram set snmpd_run=1 Now you need to save the nvram: # nvram commit Then reboot the WRT54. Check that the WRT54 responds to snmp command: if you have a mac or a unix/linux machine % snmpwalk -v2c -c public 192.168.10.1 (assuming the IP address of the WRT54 is 192.168.10.1). --- PPTP Client: "pptp_client_enable" : start the vpn if set to 1 "pptp_client_peerdns" : if not defined or 0, automatically retrieve the DNS settings from the VPN server "pptp_client_mtu : set the mtu value, default is 1450 "pptp_client_mru : set the mru value, default is 1450 "pptp_client_nat" : allows to share the VPN connection over NAT "pptp_client_srvip : IP / hostname of the PPTP VPN server "pptp_client_srvsub" : Subnet of the VPN network like 192.168.0.0 "pptp_client_srvsubmsk" : Mask of the VPN network like 255.255.254.0 "pptp_client_username" : username "pptp_client_passwd" : password Set additional pppd / mppe settings: "pptp_client_mppeopt" Like "require-mppe" (check man pppd to see the available option) The crypto / mppe kernel modules are extracted from kernel 2.4.35 in dd-wrt 2.23 sp2, back ported to the 2.4.20 tomato kernel pppd, pptp_client etc is extracted from dd-wrt v24 and http://pptpclient.sourceforge.net/ and http://sourceforge.net/projects/poptop It also includes the code to make it a VPN server, not linked in though The script to start and stop the vpn is also from dd-wrt, modified for tomato I've only tested it on my WRT54GS v1.1 (with 32MB of RAM/Flash), I believe it will fit without problem in the WRT54GL as it's still smaller than dd-wrt. snmpd is rather memory hungry though I'd like to know what toolchain dd-wrt is using, cause they manage much shorter binaries than what I compiled (though I didn't try to optimise) Been running this firmware for 3 days straight, it's been rock solid. To configure the DNS to resolve a specific domain using the DNS server on the VPN side, in Advanced -> DHCP/DNS) the DNSMasq add something like: server=/private.hydrix.com/192.168.0.1 All domain finishing by private.hydrix.com will resolve using the DNS 192.168.0.1 ---- How to compile: Create the tomato source code following the original instructions then: %cd tomato/release/src Remove the linux and router directory %rm -rf linux router Extract the source %tar jxvf /path/tomato-118.vpn.tar.bz2 Build the linux. %cd linux/linux the original .config is also saved as config.vpn %make menuconfig quit and save when asked make depend %cd ../.. (to go back in src) %make
I suggest you look at OpenWRT compilers (dd-wrt kernel forked from a version of OpenWRT), gcc 4.x has potential to make smaller binaries than the old Linksys one. Its a dark art building a toolchain though, for Tomato you'd have to check all the kernel headers and pre-compiled binaries...
Looking at openwrt right now ; the toolchain that comes with it is based on gcc 3.4.6 ; not gcc 4.x Is that what you meant when you mentioned 4.x ? 3.4 ? JY
No I do mean gcc 4, I have some linux 2.4 AR7 mipsel binaries that were compiled with a patched OpenWRT gcc 4.1.2, which work even though the kernel was compiled with gcc2.95 Looks like all these are possible:- root/trunk/toolchain/gcc/Config.version Code: config GCC_VERSION 2 string 3 default "3.4.6" if GCC_VERSION_3_4_6 4 default "4.1.2" if GCC_VERSION_4_1_2 5 default "4.2.0" if GCC_VERSION_4_2_0 6 default "4.2.1" if GCC_VERSION_4_2_1 7 default "4.2.2" if GCC_VERSION_4_2_2 8 default "4.2.3" if GCC_VERSION_4_2_3 9 default "4.2.4" if GCC_VERSION_4_2_4 10 default "4.1.2" 11 12 if !TOOLCHAINOPTS 13 config GCC_VERSION_3_4_6 14 default y if LINUX_2_4 15 16 config GCC_VERSION_4_2_0 17 default y if TARGET_magicbox 18 19 config GCC_VERSION_4_2_3 20 default y if TARGET_avr32 21 endif so 3.4.6 is default for Linux 2.4
Unfortunately, it's no trivial task to switch compiler to build Tomato. Tomato provides its own uclibc (came with Linksys original source code) so the toolchain compiled for openwrt is conflicting when used with tomato... well, I will give this a rest for the time being , this pptp+snmp firmware runs very well on both my WRT54 ...
Hi I haven't tried as the ND version never worked on my wrt54 (even with official tomato binaries) ... The ND version only adds new drivers which my patch has nothing to do with. So I see no reason why the patch wouldn't work with the ND version.
PPTP server now compiled in Hi Following various demands, I have compiled the pptp server in. Available there: http://www.avenard.org/wrt54-tomato/tomato-121-vpn-server.zip Mind you, this isn't tested and the server won't be started automatically. You need to log on the router, write the configuration by hand and start the daemon manually too. If someone got it to work properly, I would appreciate if you could send me an example then I can write the various hooks to have the server starting automatically and make the configuration more automatic. Cheers Jean-Yves
I think you best bet would be to ask on the ppptp distribution list. The main developer is very active on this list. Personally, I have no use for a PPTP server on my router so I haven't spent the time investigating on how to actually run it
Thanks a lot for this firmware, Tomato with a PPTP client was exactly what I’m looking for. I have a question however: is it possible to only route one single IP or MAC behind the router through the PPTP client and have all other clients use the “pure†WAN as usual? I ask this because I’d like to have a stable/constant connection to my work VPN (all data from that computer should be tunneled through PPTP and not through the normal WAN at all) without granting my family access to it. Thanks!
Updated mods for Tomato 1.22 Hi I have updated my mods (pptp client/server and snmp) for Tomato 1.22 This wasn't a simple effort unfortunately as a lot of things have been changed in 1.22.. Luckily, the mods and now even cleaner and much easier to compile should you want to... available at the usual place: http://www.avenard.org/wrt54-tomato/
Don't set the default rules to be through the VPN tunnel ; only for the network behind the VPN Then set a firewall rule to only allow traffic from your IP address to the VPN subnet
Now with Vegas. I've modified it to include Vegas congestion control algorithm... http://www.avenard.org/wrt54-tomato/tomato-122-vpn-vegas.zip
Hi, jyavenard I'm so impressed with the feature introduced by your MOD. It took me a long time to search a universal (for various client, Windows Mobile, Symbian, even OS default VPN client) VPN server. Now here it is, without OpenVPN client... Thank you!:biggrin:
Thanks for the kind comments. Would appreciate if you post your configurations so I can add it to the documentation.. Cheers JY
Hi, jyavenard Is this build including PPTP server? http://www.avenard.org/wrt54-tomato/tomato-122-vpn-vegas.zip Or would you mind to let us know how to enable it? Thanks.
Hi Yes it is. All my builds now include the pptp server. Main reason being I can't be bothered maintaining more than one version ... Cheers Jean-Yves
Hi, Jean-Yves I'm wondering if PPTP has enough security to be crackable, or just wait someone to get OpenSwan/FreeSwan implemented into Tomato. Thank you anyway.
Pptp isn't secure. If you have control of both the client and the server, you shouldn't use pptp as there are much better alternative like OpenVPN The only usefulness of pptp is that it's very common and is supported natively by most OS. Windows, macos even the iPhone have native client. So the use of pptp is easy. My work uses a windows server for VPN an it's pptp. That's why I modified tomato to support it.
Your best bet would be to check the PPTP distribution list and ask your question there. I do not use the pptp server myself... I'd like to hear about your progress and your configuration files.
Hi, jyavenard Tomato 1.23 is out now, Vegas is added now. Would you build a new PPTP server MOD and add some instructions (at least tell us where the conf files are, and the bin/sh file to start daemon)? Thank you in advance.
There's very little difference between tomato 1.22 with vegas patches and tomato 1.23. The ebtables mod have been removed. As such you could say that the 1.23 does less than my previous 1.22 mod. Currently compiling the new version, I will put it online when it's done. To start the pptp server, run pptpd which is located in /usr/sbin Configuration goes into /etc/pptpd.conf Read this poptop HOWTO: http://poptop.sourceforge.net/dox/debian-howto.phtml Again, I do not use pptpd, I only use the WRT54 as a pptp client.
I added the 1.23 modified binary (With source code). Again , the pptp server is included. I haven't tested those mods as I'm at work right now. But provided my patches applied without a single hitch, I'm fairly confident they will work just fine. Tomato 1.23 is fairly similar to 1.21 with vegas.. Will test them when I get home in about 1 hour
Hi, jyavenard So glad to see the new one comes so quickly. I'm going to take a try and see if PPTP server works fine or not. Thank you.
Ok. Following the steps describe here: http://www.dd-wrt.com/wiki/index.php/PPTP_Server_Configuration And here: http://wiki.openwrt.org/PPTPDHowto In /etc/pptpd.conf I had: localip 192.168.20.1 remoteip 192.168.20.234-238,192.168.20.245 In /etc/ppp/chap-secrets I had: username pptpd password * To connect remotely I added: ### Allow PPTP control connections from WAN WAN=ppp0 iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 1723 -j ACCEPT iptables -A input_rule -i $WAN -p tcp --dport 1723 -j ACCEPT ### Allow GRE protocol (used by PPTP data stream) iptables -A output_rule -p 47 -j ACCEPT iptables -A input_rule -p 47 -j ACCEPT I connected using the MacOS X client, no using any encryption.. My mac got an IP address just fine and could communicate. You may want to change the default ppp connection. I did this with starting pptpd with: pptpd -o /etc/pptpd/options.pptpd Fit whatever you need there. Cheers Jean-Yves
Hi, jyavenard Would you provide more details? Here is the thing, pptpd on DD-WRT/OpenWRT/Poptop wiki pages are different, which one should i follow? /etc/pptpd.conf and /etc/ppp/chap-secrets are not exist on router (1.23 your VPN MOD), should i create one just by "vi"? Even the files are created, how to keep them on server after reboot. (these 2 files will lost after i restart router, need a nvram commit?) Would you seprate client and server configuration in thread #30? http://www.linksysinfo.org/forums/showpost.php?p=336714&postcount=30 Thank you and have a good day.
I posted earlier where to put the configuration. You can follow either page, you don't need to worry about loading a kernel module as the MPPE is compiled in the kernel directly. The files will be deleted after a reboot but you can create a script that will create those entries and store that script in /jffs
I am having problems with the configuration of the server. Here is the error message I am getting. The poptop authors say this error points to a configuration error. The issue seems to be with pppd. Jan 7 17:30:48 unknown daemon.err pptpd[436]: GRE: read(fd=8,buffer=10000570,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs Here are my configuration files. I did not make a /etc/modules.conf, because jyavenard said the mppe module is compiled directly into the kernel. I think the issue is somehow related to that and/or my options.pptpd file. I would have listed the module explicitly in the modules.conf, but I do not see the correct module when I run lsmod (I am assuming that is because it is compiled directly into the kernel). I am not familiar with the sylogd that Busy Box runs, and I can't figure out how to view the pppd logs without a syslog.conf. Any insight into my configuration or some help getting to the pppd logs would be much appreciated. contents of - /etc/pptpd.conf localip 10.10.0.1 remoteip 10.10.0.2-101 contents of /etc/ppp/options.pptpd name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 proxyarp lock nobsdcomp novj novjccomp nologfd contents of /etc/ppp/chap-secrets username pptpd password * iptables entries iptables -t nat -A PREROUTING -i vlan1 -p tcp --dport 1723 -j ACCEPT iptables -A INPUT -i vlan1 -p tcp --dport 1723 -j ACCEPT iptables -A OUTPUT -p 47 -j ACCEPT iptables -A INPUT -p 47 -j ACCEPT running the pptpd daemon with -o /etc/ppp/options.pptpd Thanks, Aaron
Pardon my ignorance, but while I'm running Tomato since 2007, I haven't messed with Telnet yet So could you please give some hints how _exactly_ to set / execute the above commands and then start and stop the VPN connection to the other side (manually, preferably)? Can all those settings compiled into a script that would survive a reboot? I'd like to connect to a Draytek Router running as PPTP server on the other side. I'm fairly fluent in setting up LAN-to-LAN VPNs between two Draytek Routers, easy stuff of course as it's all in the Web Interface. But at home I'm using a WRT54GL and being able to connect with this to those Drayteks would be really nice... Thanks!
has anyone been able to solve that error? i found another thread with no solution: http://wl500g.info/showthread.php?p=136124 i'm having same issue.. it connects 1 out of 4 times if i disable encryption, rest times throws same input output error..
All those settings are located in nvram (non-volatile) ; they will survive a reboot. No need to use a script. just set the settings in nvram
Hi, I'm trying to make the firmware mod Tomato + VPN PPTP work with "iPredator VPN" and my WRT54GL, but I don't succeed. I tried to modify options.vpn, add a "chap-secrets" file ... with some options found on the net, but it does not work. I have constantly 2 errors : read returned zero, peer has closed or short read (-1): Input/output error My NVRAM settings are : pptp_client_enable=1 pptp_client_passwd=MOTDEPASSE pptp_client_srvip=vpn.ipredator.se pptp_client_username=NOM pptp_get_ip= pptp_server_ip= The generated options.vpn is : lock noauth nodetach refuse-eap lcp-echo-failure 3 lcp-echo-interval 2 persist usepeerdns idle 0 ip-up-script /etc/vpn/ip-up ip-down-script /etc/vpn/ip-down ipparam kelokepptpd mtu 1450 mru 1450 name NOM password MOTDEPASSE unit 1 The logs are : Jan 1 01:01:18 unknown daemon.notice pptp[256]: pptp-client log[mainptp.c:267]: The synchronous pptp option is NOT activated Jan 1 01:01:19 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_repptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' Jan 1 01:01:19 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_dispptp_ctrl.c:738]: Received Start Control Connection Reply Jan 1 01:01:19 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_dispptp_ctrl.c:772]: Client connection established. Jan 1 01:01:20 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_repptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' Jan 1 01:01:20 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_dispptp_ctrl.c:857]: Received Outgoing Call Reply. Jan 1 01:01:20 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_dispptp_ctrl.c:896]: Outgoing call established (call ID 0, peer's call ID 53504). Jan 1 01:01:21 unknown daemon.notice pppd[256]: pppd 2.4.4 started by root, uid 0 Aug 16 17:38:01 unknown daemon.notice pptp[259]: pptp-client log[pptp_read_someptp_ctrl.c:543]: read returned zero, peer has closed Aug 16 17:38:01 unknown daemon.notice pptp[259]: pptp-client log[callmgr_mainptp_callmgr.c:255]: Closing connection (shutdown) Aug 16 17:38:01 unknown daemon.notice pptp[259]: pptp-client log[ctrlp_repptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request' Aug 16 17:38:01 unknown daemon.notice pptp[259]: pptp-client log[pptp_read_someptp_ctrl.c:543]: read returned zero, peer has closed Aug 16 17:38:01 unknown daemon.notice pptp[259]: pptp-client log[call_callbackptp_callmgr.c:78]: Closing connection (call state) Aug 16 17:38:05 unknown daemon.info pppd[256]: Exit. Aug 16 17:38:05 unknown daemon.warn pptp[330]: pptp-client warn[decaps_hdlcptp_gre.c:197]: short read (-1): Input/output error Aug 16 17:38:05 unknown daemon.warn pptp[330]: pptp-client warn[decaps_hdlcptp_gre.c:209]: pppd may have shutdown, see pppd log Aug 16 17:38:11 unknown daemon.notice pptp[511]: pptp-client log[mainptp.c:267]: The synchronous pptp option is NOT activated Aug 16 17:38:11 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_repptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' Aug 16 17:38:11 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_dispptp_ctrl.c:738]: Received Start Control Connection Reply Aug 16 17:38:11 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_dispptp_ctrl.c:772]: Client connection established. Aug 16 17:38:12 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_repptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' Aug 16 17:38:12 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_dispptp_ctrl.c:857]: Received Outgoing Call Reply. Aug 16 17:38:12 unknown daemon.notice pptp[514]: pptp-client log[ctrlp_dispptp_ctrl.c:896]: Outgoing call established (call ID 0, peer's call ID 31744). Aug 16 17:38:12 unknown daemon.notice pppd[511]: pppd 2.4.4 started by root, uid 0 Aug 16 17:38:14 unknown daemon.notice pptp[517]: pptp-client log[decaps_greptp_gre.c:407]: buffering packet 3 (expecting 2, lost or reordered) Aug 16 17:38:14 unknown daemon.notice pptp[514]: pptp-client log[pptp_read_someptp_ctrl.c:543]: read returned zero, peer has closed Aug 16 17:38:14 unknown daemon.notice pptp[514]: pptp-client log[callmgr_mainptp_callmgr.c:255]: Closing connection (shutdown) Thank you very much
I have the same issue...do you run PPPoE on the WAN interface? It looks to me that it cannot start the pppd daemon since it's already in use...so PPP negotiation cannot proceed. If that's the case, PPTP only works if PPP is not running already...I hope I'm wrong.
A bit of an update. I have updated the core code to tomato 1.27. I've also merged with the OpenVPN 1.25vpn3.4 image to include OpenVPN client and server. The image still fits within 4MB. The newbies: -Add username/password authentication support the OpenVPN -Clean up the openvpn client configuration page, some settings didn't make much sense (in particular the HMAC related settings) -Added PPTP client web configuration finally -Added SNMP server web configuration... -For the developer, I greatly reworked the makefiles... I'll be running the image over the next day or so and publish. I also need to send the mod back to the author of the Tomato's OpenVPN author as part of the distribution license.. Version will be numbered 1.27vpn4.0.0000 Jean-Yves
I have been using PPPoE and the PPTP client for over a year ; with months of uptime (actually, last time I rebooted was in December 08 when I last flashed it!)
Hi there.. For anyone willing to try... New version based on tomato 1.27 is available for trial. http://www.avenard.org/wrt54-tomato/tomato-127vpn4.0.beta.zip For the previous users of my previous firmware mode, the most newsworthy item is the ability to configure and control snmp and the pptp client via the web interface directly. No need to play with the nvram variables. It is a merge of the OpenVPN version by SGTPepperKSU and my earlier PPTP/SNMP image... So you know also get an OpenVPN client/server I then added: -PPTP client support and configuration GUI -PPTP server support, but this needs to be ran be hand. -Full rewrite of the start/stop control. Far more elegant now... -OpenVPN (client side only) * Username/Password support * Connect using Username/Password only (no need for private/public keys) * Ability to test the server certificate common name (check http://openvpn.net/index.php/open-source/documentation/howto.html#secnotes) for more info -wanuptime utility, returns the uptime of the wan connection in seconds (I use it for datalogging) -Various fixes here and there. Let me know how it works for you... Jean-Yves
I updated this beta to beta 3: http://www.avenard.org/wrt54-tomato/tomato-127vpn4.0.beta3.zip Includes some of the fixes put in the OpenVPN 3.5 build (though many of the issues fixed weren't in the original beta to start with)
CPU load is > 5.0 when I do not use pptp client .. Hi, First I like to say thank you for the build it is exactly what I need Snmp and vpn. Though when I run it without the pptp client setup the cpu load on the router is very high. So I go to the GUI and stop it then things go down for a while and then the the client gets restarted .... and router is busy ... how do I stop that? Thanks in advance.
Hi, I have a few questions about your mod that I'm not clear on: 1. I see it says "OpenVPN (client side only)" - does this mean it does not have the OpenVPN Server functionality of SgtPpepper's mod? 2. Am I right in saying there is GUI only for PPTP Client, not PPTP Server? Many thanks....
This is what I have ... Feb 19 06:18:57 unknown daemon.notice pptp[5061]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5065]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5069]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5073]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5077]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5081]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5085]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:57 unknown daemon.notice pptp[5089]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5093]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5097]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5101]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5105]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5109]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5113]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5117]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:58 unknown daemon.notice pptp[5121]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5125]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5129]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5133]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5137]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5141]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5145]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5149]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:18:59 unknown daemon.notice pptp[5153]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5157]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5161]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5165]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5169]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5173]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5177]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5181]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5185]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:00 unknown daemon.notice pptp[5189]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:01 unknown daemon.notice pptp[5193]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:01 unknown daemon.notice pptp[5197]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:01 unknown daemon.notice pptp[5201]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:01 unknown daemon.notice pptp[5205]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:02 unknown daemon.notice pptp[5209]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:02 unknown daemon.notice pptp[5213]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:02 unknown daemon.notice pptp[5217]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:02 unknown daemon.notice pptp[5221]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:02 unknown daemon.notice pptp[5225]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:04 unknown daemon.notice pptp[5229]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:11 unknown daemon.notice pptp[5239]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:15 unknown daemon.notice pptp[5243]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:17 unknown daemon.notice pptp[5247]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:20 unknown daemon.notice pptp[5251]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:22 unknown daemon.notice pptp[5255]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:24 unknown daemon.notice pptp[5259]: pptp-client log[usageptp.c:94]: pptp called with wrong arguments, program not started. Feb 19 06:19:25 unknown daemon.info pppd[31853]: Exit. Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: started, version 2.51 cachesize 150 Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: compile time options: no-IPv6 GNU-getopt no-RTC no-DBus no-I18N DHCP no-scripts no-TFTP Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: reading /etc/resolv.dnsmasq Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: using nameserver 216.58.97.20#53 Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: using nameserver 216.58.97.21#53 Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: read /etc/hosts - 0 addresses Feb 19 06:19:26 unknown daemon.info dnsmasq[5266]: read /etc/hosts.dnsmasq - 1 addresses
The client side only refers to the username/password authentication... I haven't implemented the support on the server side... And as for 2, yes, you are correct
It means you started the pptp client with the wrong arguments funnily enough Make sure you delete any previous settings you may have had in the nvram
How to disable PPTP Client? Hello, I've installed this mod because of SNMP, so I don't need PPTP. The question is, how do I completely disable PPTP Client? I have Start with WAN unchecked in VPN Tunneling -> PPTP Client, but on every reboot or reconnection to WAN it starts, so I get a lot of messages and very high CPU load. Code: # nvram get pptp_client_enable 0 I use v1.27vpn4.0.0003.beta.
Yes... There is a bug there. I've fixed it. http://www.avenard.org/wrt54-tomato/tomato-127vpn4.0.zip Removed the beta tag too as I've had no other report of problems...
First, thank you for taking the time to add PPTP server support to Tomato. I think it's great you've done this. I'd prefer not to use PPTP but I want my iPhone to get on a home VPN without setting up a dedicated server. I'm having the exact same problem that user Big Fork is having as described in his post. I have the same config files, same options, same everything. I even get the same error: Mar 21 19:01:24 ? daemon.err pptpd[507]: GRE: read(fd=8,buffer=10000570,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs How do I confirm that the mppe module is in the kernel you've provided? I'm trying to use MPPE and and GRE and it's failing. Most folks reference the use of ip_gre but I only see ip_conntrack_proto_gre and ip_nat_proto_gre but no ip_gre. When I do get this figured out, do I need to use nvram settings to make what I did persistent? Thank you, Brian
some questions about pptp on tomatovpn4 Hia, i'm struggeling with a problem which i'm facing as a real challenge. My router hardware is a linksys wrt54gs-tm, and i installed tomato 1.27. After a while, i installed tomato 1.27 vpn4 mod. I do need pptp because i could not find an openvpn client for my symbian nokia. my linux box has 2 nics (eth0 and eth1) being eth1 the internal network and eth0 the external, connected my tomato linksys router (pppoe). After installing pptp on my linux box, i was able to use the pptp vpn with my nokia (symvpn) via wifi and with my windows xp box wired AND wifi. All works, no problems, no issues. The real problem is when trying to make the pptp vpn connection thru the tomato box. First, i "borrowed" my neighbors wifi signal and tried, from my nokia and also from my windows to make the pptp vpn connection. No luck, even after defining the iptables rules for forwarding, including the p 47. So i thought it could be some problem with the any of the ISP providers (mine or from my neighbor), and so i plugged my windows xp box to the tomato router. No luck. It seams that tomato drops or blocks something that i'm not being able to identify. Other services (http, ssh, etc) all works flawlessly on the internal network, extenal, from the internet, etc..... The ONLY exception is pptp. Is there someone who could give me a hint in how to make it work? THX in advance, Paulo
Error by using the pptp server Hia, after creating the configuration files below, i did run the pptp server (pptpd -o /etc/pptpd/options.pptpd) /etc/ppp/chap-secrets pw44 pptpd xxxxxxxxx * /etc/pptpd.conf localip 192.168.20.1 remoteip 192.168.20.234-238,192.168.20.245 /etc/pptpd/options.pptpd lock noauth refuse-pap refuse-eap refuse-chap refuse-mschap nobsdcomp nodeflate # http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras # ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o # {{{ # Require MPPE 128-bit encryption #require-mppe-128 # }}} # http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec # ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o # {{{ # Require MPPE 128-bit encryption #mppe required,stateless # }}} But am getting the following error when trying to connect from my windows xp box plugged on of the tomato vpn 4 router ports. Could someone explain what is wrong? Best regards, Paulo
How to reach the snmpd via ppp0? Hi Jean-Yves, tomatovpn-Users, Thanks for extending tomato in such a great way! I'm especially interested in the inclusion of the snmp daemon. Everything works fine when probing snmp from the inside, i.e. on the local address (br0). But I would like to probe the snmp daemon as well from the outside. According to snmpd.conf's man page, the daemon should listen on all IPv4 devices by default. This should include ppp0, shouldn't it? However, I get no response on port 161 from the outside. Also playing with the firewall settings (a port forward from ppp0:161 to br0:161) didn't help. Has anyone figured this out? Cheers, Martin
Hi, great work on this! As a new user I am still getting to grips with my RT-N16, currently running the latest Tomato USB, I wonder if your PPTP Server/Client will be included in the main Tomato tree, which will then also include it in Tomato USB?
Can I use this build on a Asus WL-500gP v2 ? Is there a ND version ? I'm currently running the VPN (ND) Tomato : Tomato Firmware v1.27vpn3.6.4b6645f6(ND) I'd like to try the PPTP client.
Sorry for the late reply. As I got myself an asus rt-n16, I needed to get my code upgraded.. So I ported all those changes (and more) to the tomatoUSB-RT branch. Im hoping to push those changes to the original git repository, in the mean time, if someone is interested send me a message. Cheers jean-Yves
Hello, i want to use the pptp vpn client. I have fill in the pptp vpn server settings in the webinface and the log says that it is conencted: I think the problem ist the Routing Table: I don't know how to configure the route to my vpn provider, i only have the data: Server: steinsel.perfect-privacy.com PPTP VPN: 10.0.60.1 if i connect with windows pptp vpn i get the follwing data automatically from the dhcp server ip: 10.0.60.3 subnet: 255.255.255.255 gateway: 0.0.0.0 dns: 195.24.72.6 83.243.8.6 I think the problem is, that tomato doesn't get the data automatically so i have to write the data myself in the routingtable. Can somone help me please? regards
Hello, do you mean one of this versions: http://www.4shared.com/dir/v1BuINP3/Toastman_Builds.html#dir=79263771 because i have installed one of the vpn version 1.28 - there is a open vpn client on it but not a pptp vpn client. Can you send me the link to the right version, i have a wrt54gs v1.1 Edit: I have installed the Version: Tomato Firmware v1.28.7628 -Toastman ND VPN - Linux kernel 2.4.37.11 and Broadcom Wireless Driver 4.150.10.29 updates - Support for additional router models, dual-band and Wireless-N mode But i can't see the pptp vpn client do i have to configure this by console? regards
I do believe that the NON-VPN builds have a pptp client in them. My remote router has it in the menu under VPN tunneling menu.
Oh sorry i didn't see that. Now i have installed the newest vpn version and the pptp client is avaiiable. I have only the problem, that the tunnel not work: The log says: Here are my Vpn Settings. The log says using interface pp1 but at the bandwith menü i cant find interface pp1 - if i use openvpn it works fine with tun11. What can i do?
I recently installed Tomato 1.28 base on my Linksys router, and it is running without problems. But I also need SNMP support to provide data bandwidth usage directly from the router. If I read this thread correctly, I can install WRT54G_WRT54GL.bin directly from the tomato-127vpn4.0.zip package, as simply as I did with the 1.28 bin, then perhaps configure the interface through the GUI, and I’m on my way. My skills in this area are minimal. The environment: XP SP3; Linksys WRT54G V1.1; NetWorx app that monitors and reports non-local traffic through the Linksys (WAN traffic only). I do this today with NetWorx’s option to install on each PC and collect the data bandwidth usage and synchronize among the systems, but this doesn’t collect my Android tablet data usage. NetWorx provides an option to communicate directly with the router via SNMP, which would get it all but, of course, I need SNMP support at the router to do so. Questions: It looks like my WRT54G V1.1 router is supported, per the chart at http://en.wikibooks.org/wiki/Tomato_Firmware/Distributions ? Is this SNMP support going to do it for me? Am I correct about the ease of install, or is it more difficult than that? It looks like Tomato 1.28, the version I’m running, doesn’t offer much in the way of enhancements from 1.27, the version upon which this package is based, so my bandwidth data collection support within Tomato should not change. Anything else I need to know? Thanks, DaveD
Never mind the above append. Couldn’t wait for a response so I installed it, and it works… But a problem. The WRT54G reboots itself several times a day. I did all of the right things, unless I’m missing something—I cleared NVRAM, wrote set wl_reg_mode=off to NVRAM (and committed it), per http://en.wikibooks.org/wiki/Tomato_Firmware/Installation_and_Configuration. Since reboot loses log information, I started logging to the desktop and capturing with WallWatcher. So here were are. It didn't take long: out of memory. 2012/03/14 17:56:58.15 M kernel: out of memory: killed process 80 (dnsmasq). 2012/03/14 17:57:04.68 M kernel: out of memory: killed process 46 (telnetd). 2012/03/14 17:57:06.59 M kernel: out of memory: killed process 278 (udhcpc). 2012/03/14 17:57:07.39 M kernel: vm: killing process udhcpc 2012/03/14 17:57:12.78 M kernel: out of memory: killed process 550 (crond). 2012/03/14 18:01:29.11 M kernel: klogd started: busybox v1.14.4 (2010-03-01 21:11:33 est) What are my options? Can I save some memory by configuring certain features on/off? Can I get a bin file with only the SNMP, not the PPTP support? Do I need to include additional log information? Is there something else going on? I need to get this working without failure. Please help. Dave D
If anyone is watching this thread and even vaguely interested, after turning off everything I didn't need and still experiencing constant reboots, I had to back off to the non-SNMP vanilla Tomato version. Then I bought a 32MB WRT54GS V2.1 and installed the latest v1.28.7633 -Toastman-VLAN-IPT-ND ND VPN. This mod also has it's problems, but at least it has SNMP and is stable. I'll be posting any future questions or observations elsewhere.
