pptp vpn connects but doesnt work

Discussion in 'Sveasoft Firmware' started by sjen5, Aug 9, 2004.

  1. sjen5

    sjen5 Network Guru Member

    I've got the pptp server to connect using Satori-4.0 v2.07.1.7sv, this connects fine, it gives me an ip address and i can ping computers on the lan side of the wrt54g.

    I cannot get data from the other computers though.

    My setup is as follows

    My wrt54g lan side network card ip is
    My lan uses a range
    The pptp server gives me an ip address of as its meant to.

    I then try and access the web server within my network running on

    The browser just waits and waits.

    I have my wrt54g running in access point. Previously when i had the wrt54g running wifi box firmware and running in router mode it used to work, BUT NAT and the internet from within my network would not work.

    Ive tried running the wrt54g with pptp passthrough enabled, and disabled, ive also tried port forwarding 1723 back to, but it wouldnt authorise the user then.

    anyone got this to work ok, any ideas???

    Can i run the wrt54g in router mode and still have access to the internet internally?
  2. cyrusuncc

    cyrusuncc Network Guru Member

    1. try running internet explorer's connection wizard after the vpn is setup.

    Tools --> Internet Options --> Connections --> Setup

    sometimes this helps even though it was already setup in the first place..

    2. goto the command prompt and type "ipconfig" to see how the ip addresses are setup.

    3. Is the computer you're trying to connect from in a different workgroup/domain?

    4. Try accessing network shares on other pc's "\\NameOfComp\"

    5. is this how your network is setup?

    internet ---> some other router ----> linksys router
  3. aznoohwee

    aznoohwee Network Guru Member

    Try going to \\ipofcomputer\ if that works then its most likely the inability of the hostname to be resolved

    there is a bug in the firmware in which when the local loopback is enabled, hostnames or netbios id's can't be resolved over the wireless portion of the router.

    disable the local loopback and it should work. you might lose nntp functionality but you can easily use something like time.windows.com to sycronise your clocks.
  4. sjen5

    sjen5 Network Guru Member

    Hey guys,

    Thanks for the replies.

    My setup is like this.

    client -> internet ......... -> wrt54g -> LAN (with multiple computers)

    I tihnk my problem is related to the following.

    IF anyone has got this working can you please tell me what IP address range you are using for pptp server, what ip address range you are using within your lan, and what mode your wrt54g is on "access point", "rip router" or "ospf router", and whether you have anything in "advanced routing" screen.


    cyrusuncc :
    1. Ive run the network connection setup thing from "settings -> network connections" to establish the connection to the vpn. It currently connects fine and i can ping other computers on the LAN using ip addresses.

    2. If i go to cmd and type ipconfig it shows:
    IP Address :
    Default gateway : ????

    3. Im using ipaddresses for now, so the workgroup/domain shouldnt really matter should it?

    4. The network shares are available, but again explorer will crash if i try and copy anything because it waits indefinately for the data to be returned.

    5. My wrt54g is plugged directly into my cable modem.

    Im not sure about the bug in the firmware. I use ip addresses as it removes that possibility. And then i just add the static ip of my lan machine to the windows hosts file.

    How do i disable local loopback??
  5. Couledouce

    Couledouce Network Guru Member

    aznoohwee maybe referring to loopback in the "Administration/Management" menu, about half way down.
  6. schmark

    schmark Network Guru Member

    After connecting to your VPN, you have to tell your router what traffic to send over the VPN. For me, I chose to send only certain subnets to the vpn. If you create a script called /tmp/ppp/ip-up

    with similar commands:
    /sbin/route add -host <put your vpn server here> gw <default gateway here>
    /sbin/route del -host <put your vpn server here> dev ppp0
    $IPT -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
    $IPT -A FORWARD --protocol tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu
    $IPT -I INPUT -i ppp0 -j ACCEPT
    # Subnet x.x.0.0/
    /sbin/route add -net x.x.0.0 netmask dev ppp0
    $IPT -I OUTPUT -d $SUBNET -j ACCEPT -o ppp0
    $IPT -I INPUT  -s $SUBNET -j ACCEPT -i ppp0
    $IPT -I FORWARD -d $SUBNET -j ACCEPT -o ppp0
    $IPT -I FORWARD -s $SUBNET -j ACCEPT -i ppp0
    Repeat for each subnet that you want to send traffic to. This creates the appropriate routing and firewall rules.

    To clean up your firewall after the link goes down create:
    # Subnet x.x.0.0/
    /sbin/route add -net x.x.0.0 netmask dev ppp0
    $IPT -D OUTPUT -d $SUBNET -j ACCEPT -o ppp0
    $IPT -D INPUT  -s $SUBNET -j ACCEPT -i ppp0
    $IPT -D FORWARD -d $SUBNET -j ACCEPT -o ppp0
    $IPT -D FORWARD -s $SUBNET -j ACCEPT -i ppp0
    Make sure to chmod 755 ip-up and ip-down after you create them.
  7. sjen5

    sjen5 Network Guru Member

    Im sorry you will have to excuse my ignorance as im more of a developer than a network guy.

    My vpn server ip and my default gateway are the same thing. Hence the ip address is

    So i assume those first lines will read

    /sbin/route add -host gw
    /sbin/route del -host dev ppp0

    Im a little unsure of what you mean here however.

    # Subnet x.x.0.0/
    /sbin/route add -net x.x.0.0 netmask dev ppp0

    My pptp server is giving out ip address of the range Does that mean for this section i put

    # Subnet
    /sbin/route add -net netmask dev ppp0


    are you saying my pptp server should be giving out ip address of the range and it should read something like

    # Subnet
    /sbin/route add -net netmask dev ppp0


    does # Subnet x.x.0.0/ really mean the ip address of my pptp client as given to it by its dhcp server. So not related to my pptp server or LAN.

    Apart from that what you are saying makes sense even if i dont understand the commands :)


  8. schmark

    schmark Network Guru Member

    I think that I'm confused about what you're trying to do. The steps that I oulined are for connecting one network (home) to another network (work) with a VPN. Plus, the router automatically sends work traffic over the VPN.

    If your router/gateway/vpn server are the same thing, I don't know what you're trying to do......

    What is the end goal? Securing wireless?
  9. sjen5

    sjen5 Network Guru Member

    I am trying to set up a vpn so that when i am at work i can connect to home (The wrt54g) and use my home network as though i was at home. ie, network shares etc.

    Everything connects i just cant get data back.

    I will try your routing post and see if that fixes my problems.

  10. schmark

    schmark Network Guru Member

    Do you have admin privs at work? It's likely that you will need to modify network settings on your work computer.

    Also, when you are connected, everything on the network will go to home, i.e. you won't be able to access home and work network shares at the same time.
