pfsense IkeV2 Server Windows 10 VPN Client 809 Error - vpn

I have a pfSense router with Ipsec vpn setup using EAP-MSChapV2 per the guide here: pfSense IKEv2 with EAP-MSCHAPv2
Android and iOS clients connect fine, however ironically the Windows 10 client does not.
I have set the client connection under Security to IKEv2, Require encryption, Use Extensible Authenitcation Protocol (EA) and chosen Microsoft; Secured password (EAP-MSCHAP v2) (encrypted) from the list.
When I connect it tries to connect but comes back with an 809 error in the logs.
On the pfSense server I get the following:
Time Process PID Message
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 4a:81:0c:de:f0:c0:90:0f:19:06:42:31:35:a2:a2:8d:d3:44:fd:08
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid d5:2e:13:c1:ab:e3:49:da:e8:b4:95:94:ef:7c:38:43:60:64:66:bd
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 59:79:12:de:61:75:d6:6f:c4:23:b7:77:13:74:c7:96:de:6f:88:72
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 6c:ca:bd:7d:b4:7e:94:a5:75:99:01:b6:a7:df:d4:5d:1c:09:1c:cc
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 42:32:b6:16:fa:04:fd:fe:5d:4b:7a:c3:fd:f7:4c:40:1d:5a:43:af
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid a5:06:8a:78:cf:84:bd:74:32:dd:58:f9:65:eb:3a:55:e7:c7:80:dc
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid e2:7f:7b:d8:77:d5:df:9e:0a:3f:9e:b4:cb:0e:2e:a9:ef:db:69:77
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 5f:f3:24:6c:8f:91:24:af:9b:5f:3e:b0:34:6a:f4:2d:5c:a8:5d:cc
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 6d:aa:9b:09:87:c4:d0:d4:22:ed:40:07:37:4d:19:f1:91:ff:de:d3
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 83:31:7e:62:85:42:53:d6:d7:78:31:90:ec:91:90:56:e9:91:b9:e3
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 7e:95:9f:ed:82:8e:2a:ed:c3:7c:0d:05:46:31:ef:53:97:cd:48:49
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 3e:22:d4:2c:1f:02:44:b8:04:10:65:61:7c:c7:6b:ae:da:87:29:9c
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 55:e4:81:d1:11:80:be:d8:89:b9:08:a3:31:f9:a1:24:09:16:b9:70
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid b1:81:08:1a:19:a4:c0:94:1f:fa:e8:95:28:c1:24:c9:9b:34:ac:c7
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 21:0f:2c:89:f7:c4:cd:5d:1b:82:5e:38:d6:c6:59:3b:a6:93:75:ae
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 23:4b:71:25:56:13:e1:30:dd:e3:42:69:c9:cc:30:d4:6f:08:41:e0
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid bb:c2:3e:29:0b:b3:28:77:1d:ad:3e:a2:4d:bd:f4:23:bd:06:b0:3d
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid b0:19:89:e7:ef:fb:4a:af:cb:14:8f:58:46:39:76:22:41:50:e1:ba
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid ee:e5:9f:1e:2a:a5:44:c3:cb:25:43:a6:9a:5b:d4:6a:25:bc:bb:8e
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 17:4a:b8:2b:5f:fb:05:67:75:27:ad:49:5a:4a:5d:c4:22:cc:ea:4e
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 68:33:0e:61:35:85:21:59:29:83:a3:c8:d2:d2:e1:40:6e:7a:b3:c1
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 9c:a9:8d:00:af:74:0d:dd:81:80:d2:13:45:a5:8b:8f:2e:94:38:d6
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 4f:9c:7d:21:79:9c:ad:0e:d8:b9:0c:57:9f:1a:02:99:e7:90:f3:87
Jan 20 16:28:21 charon 07[IKE] <17> received cert request for unknown ca with keyid 3f:4e:08:69:dd:28:07:34:54:85:fe:19:cf:4f:d3:71:86:9a:c0:32
Jan 20 16:28:21 charon 07[IKE] <17> received 46 cert requests for an unknown ca
Right after the selected peer config and then looking for peer configs matching xxx.xxx.xxx.xxx[%any] ... [
Any ideas what is failing?


This seems to be bug in Windows 10.
I am in the exact same boat. Running pfSense 2.3.2 and IKEv2 will not work with Win 10. At the same, with the exact same settings, Win 7 will connect with no problems.
https://social.technet.microsoft.com/Forums/en-US/a77c6ff5-8a8b-465d-bd09-f862a7c6aa13/ikev2-vpn-routing-bugs?forum=win10itpronetworking
Edit:
Interesting, running Set-VpnConnection -Name 'NameOfVpnConnection' -SplitTunneling $false from powershell fixed the VPN on my home win 10 machine, but it didn't work on my work PC. Need to retest that, but there does seem to be workaround at least.

Related

SFTP works over linux command line but filezilla fails

I have set up an ftp user on my ubuntu server. I can sftp in to ftp_user#ip, am asked for my password, and get connected fine.
Filezilla (which worked 3 months ago), doesn't connect. This is a redacted version of the ssh logs:
Jul 19 14:18:33 sshd[14275]: Invalid user user from port 47990
Jul 19 14:18:33 sshd[14275]: Received disconnect from port 47990:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:33 sshd[14275]: Disconnected from invalid user user port 47990 [preauth]
Jul 19 14:18:44 sshd[14277]: Invalid user user from port 48558
Jul 19 14:18:44 sshd[14277]: Received disconnect from port 48558:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:44 sshd[14277]: Disconnected from invalid user user port 48558 [preauth]
Jul 19 14:18:55 sshd[14282]: Invalid user user from port 49142
Jul 19 14:18:55 sshd[14282]: Received disconnect from port 49142:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:55 sshd[14282]: Disconnected from invalid user user port 49142 [preauth]
This sounds like Filezilla is trying user "user", which is not correct, but my settings has:
EDIT: it works if I use the quickconnect bar, but not the above main settings.
What am I doing wrong?

pfSense 2.5.0 upgrade broke my NordVPN gateway

Ever since I upgraded to pfSense 2.5.0, my NordVPN interface does not work anymore. Traffic does not get routes to the NordVPN gateway, as pfSense reports it as "down" with 100% package loss. When checking "Status -> OpenVPN" the connection is reported as UP, but the gateway is DOWN. I don't understand how this is possible, but the log provides some clues, although I don't understand what goes wrong when reading the log.
OpenVPN Log (private IPs removed):
Feb 19 07:42:59 openvpn 79266 Initialization Sequence Completed
Feb 19 07:43:58 openvpn 79266 Authenticate/Decrypt packet error: missing authentication info
Feb 19 07:44:58 openvpn 79266 Authenticate/Decrypt packet error: missing authentication info
Feb 19 07:45:58 openvpn 79266 [nl852.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Feb 19 07:45:58 openvpn 79266 SIGUSR1[soft,ping-restart] received, process restarting
Feb 19 07:45:58 openvpn 79266 Restart pause, 10 second(s)
Feb 19 07:46:08 openvpn 79266 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 19 07:46:08 openvpn 79266 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:08 openvpn 79266 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:08 openvpn 79266 TCP/UDP: Preserving recently used remote address: [AF_INET]194.127.172.103:1194
Feb 19 07:46:08 openvpn 79266 Socket Buffers: R=[42080->524288] S=[57344->524288]
Feb 19 07:46:08 openvpn 79266 UDPv4 link local (bound): [AF_INET]x.x.x.x:0
Feb 19 07:46:08 openvpn 79266 UDPv4 link remote: [AF_INET]y.y.y.y:1194
Feb 19 07:46:08 openvpn 79266 TLS: Initial packet from [AF_INET]y.y.y.y.z:1194, sid=2ce7940f f02613d1
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=0, unable to get certificate CRL: CN=nl852.nordvpn.com
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=1, unable to get certificate CRL: C=PA, O=NordVPN, CN=NordVPN CA5
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=2, unable to get certificate CRL: C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5
Feb 19 07:46:08 openvpn 79266 VERIFY KU OK
Feb 19 07:46:08 openvpn 79266 Validating certificate extended key usage
Feb 19 07:46:08 openvpn 79266 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Feb 19 07:46:08 openvpn 79266 VERIFY EKU OK
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=0, CN=nl852.nordvpn.com
Feb 19 07:46:08 openvpn 79266 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1582', remote='link-mtu 1634'
Feb 19 07:46:08 openvpn 79266 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA512'
Feb 19 07:46:08 openvpn 79266 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Feb 19 07:46:08 openvpn 79266 [nl852.nordvpn.com] Peer Connection Initiated with [AF_INET]194.127.172.103:1194
Feb 19 07:46:09 openvpn 79266 SENT CONTROL [nl852.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 19 07:46:09 openvpn 79266 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway z.z.z.z,topology subnet,ping 60,ping-restart 180,ifconfig g.g.g.g 255.255.255.0,peer-id 3'
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: timers and/or timeouts modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: explicit notify parm(s) modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: compression parms modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Feb 19 07:46:09 openvpn 79266 Socket Buffers: R=[524288->524288] S=[524288->524288]
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --ifconfig/up options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: route options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: route-related options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: peer-id set
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: adjusting link_mtu to 1657
Feb 19 07:46:09 openvpn 79266 Using peer cipher 'AES-256-CBC'
Feb 19 07:46:09 openvpn 79266 Data Channel: using negotiated cipher 'AES-256-CBC'
Feb 19 07:46:09 openvpn 79266 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 19 07:46:09 openvpn 79266 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:09 openvpn 79266 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 19 07:46:09 openvpn 79266 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:09 openvpn 79266 Preserving previous TUN/TAP instance: ovpnc8
Feb 19 07:46:09 openvpn 79266 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Feb 19 07:46:09 openvpn 79266 Closing TUN/TAP interface
Feb 19 07:46:09 openvpn 79266 /usr/local/sbin/ovpn-linkdown ovpnc8 1500 1637 a.b.c.d 255.255.255.0 init
Feb 19 07:46:10 openvpn 79266 ROUTE_GATEWAY a.b.c.d/255.255.254.0 IFACE=re0 HWADDR=00:e2:6c:68:07:be
Feb 19 07:46:10 openvpn 79266 TUN/TAP device ovpnc8 exists previously, keep at program end
Feb 19 07:46:10 openvpn 79266 TUN/TAP device /dev/tun8 opened
Feb 19 07:46:10 openvpn 79266 /sbin/ifconfig ovpnc8 x.x.x.x y.y.y.y mtu 1500 netmask 255.255.255.0 up
Feb 19 07:46:10 openvpn 79266 /sbin/route add -net x.x.x.x x.x.x.x 255.255.255.0
Feb 19 07:46:10 openvpn 79266 /usr/local/sbin/ovpn-linkup ovpnc8 1500 1637 x.x.x.x 255.255.255.0 init
Feb 19 07:46:10 openvpn 79266 Initialization Sequence Completed
And the gateway log:
Feb 19 04:16:02 dpinger 68141 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "NORDVPN_VPNV4 "
Feb 19 04:16:04 dpinger 68141 NORDVPN_VPNV4 x.x.x.x: Alarm latency 0us stddev 0us loss 100%
Feb 19 04:19:13 dpinger 16894 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "WAN_DHCP "
Feb 19 04:19:13 dpinger 17398 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "NORDVPN_VPNV4 "
Feb 19 04:19:15 dpinger 17398 NORDVPN_VPNV4 x.x.x.x: Alarm latency 0us stddev 0us loss 100%
In Firewall -> Rules -> LAN I adjusted the "default allow LAN to any rule" to the gateway "NordVPN". Outbound NAT is set to manual, with the top rule taking the LAN net as source and the NORDVPN interface.
Any help is appreciated. As said, the current configuration worked fine in 2.4.5 -- the latest release before upgrading to 2.5.0. I'm considering downgrading at this point.

Changed fallback DEA to AES-256-CBC from AES-256-GCM, and it's working fine
Go to VPN/OpenVPN/Client, and edit the setting "Fallback Data Encryption Algorithm"

NordVPN has posted updated documentation for pfSense 2.5.0, titled: pfSense 2.5 Setup with NordVPN.
As #NDK has mentioned in their A'er the updated docs show that you need to change the Fallback Data Encryption Algorithm to AES-256-CBC.

Changed wordpress_http.conf for SSL, nginx won't start now

I'm using Vultr VPS and I followed this tutorial -https://www.vultr.com/docs/install-lets-encrypt-ssl-on-one-click-wordpress-app
Everything seemed to install correctly and I changed both (http & https) config files from:
listen 80 default_server;
server_name_;
#server_name wordpress.example.com;
to
listen 80 default_server;
server_name www.mywebsite.com;
#server_name wordpress.example.com;
and finally adding this to http
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
Whenever I try to restart nginx I get this error stating that the authentication for root is incorrect? I wasn't prompted for a password and I am already logged in as root.
> -- Unit nginx.service has failed.
> --
> -- The result is RESULT. Nov 08 16:14:48 Above-Media-Team sshd[10921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0
> tty=ssh ruser= rhost=2 Nov 08 16:14:51 Above-Media-Team sshd[10921]:
> Failed password for root from 218.92.0.203 port 57531 ssh2 Nov 08
> 16:14:53 Above-Media-Team sshd[10921]: Failed password for root from
> 218.92.0.203 port 57531 ssh2 Nov 08 16:14:56 Above-Media-Team sshd[10921]: Failed password for root from 218.92.0.203 port 57531
> ssh2 Nov 08 16:14:56 Above-Media-Team sshd[10921]: Received disconnect
> from 218.92.0.203 port 57531:11: [preauth] Nov 08 16:14:56
> Above-Media-Team sshd[10921]: Disconnected from authenticating user
> root 218.92.0.203 port 57531 [preauth] Nov 08 16:14:56
> Above-Media-Team sshd[10921]: PAM 2 more authentication failures;
> logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.2 Nov 08 16:15:03
> Above-Media-Team sshd[10936]: Invalid user yp from 103.10.30.204 port
> 50794 Nov 08 16:15:03 Above-Media-Team sshd[10936]:
> pam_unix(sshd:auth): check pass; user unknown Nov 08 16:15:03
> Above-Media-Team sshd[10936]: pam_unix(sshd:auth): authentication
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1
I can't seem to figure this out, any help is greatly appreciated.

It looks like you are running nginx as a service (upstart?). And it looks like this service is initially running as an unprivileged user, yp. It's trying to raise its privileges, but it can't because the password is not set properly.
I can't tell you specifically what's wrong without seeing the full config for your service, but I would look in the configuration for anything that sets the username to be something other than root.

Reset username and password for JFrog

I installed JFrog standalone version on Ubuntu. I dont know my JFrog username and password. I also checked /usr/lib/apache-tomcat-8.5.16/conf/server.xml file but it is does not have any username and password. I also clicked on set me up, but the commandline interface to push an artifact is also prompting for username and password.
ravi#ravi-Inspiron-5537:~$ systemctl status artifactory.service
● artifactory.service - Setup Systemd script for Artifactory in Tomcat Servlet E
Loaded: loaded (/lib/systemd/system/artifactory.service; enabled; vendor pres
Active: active (running) since Fri 2017-08-11 10:11:41 EDT; 37min ago
Process: 16482 ExecStart=/opt/jfrog/artifactory/bin/artifactoryManage.sh start
Main PID: 16532 (java)
CGroup: /system.slice/artifactory.service
‣ 16532 /usr/bin/java -Djava.util.logging.config.file=/opt/jfrog/arti
Aug 11 10:11:17 ravi-Inspiron-5537 su[16508]: Successful su for artifactory by r
Aug 11 10:11:17 ravi-Inspiron-5537 su[16508]: + ??? root:artifactory
Aug 11 10:11:17 ravi-Inspiron-5537 su[16508]: pam_unix(su:session): session open
Aug 11 10:11:18 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Max number of op
Aug 11 10:11:18 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Using ARTIFACTOR
Aug 11 10:11:18 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Using ARTIFACTOR
Aug 11 10:11:18 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Creating directo
Aug 11 10:11:18 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Tomcat started.
Aug 11 10:11:41 ravi-Inspiron-5537 artifactoryManage.sh[16482]: Artifactory Tomc
Aug 11 10:11:41 ravi-Inspiron-5537 systemd[1]: Started Setup Systemd script for
lines 1-18/18 (END)

The default username and password of Artifactory are:
User: admin
Pass: password

how to setup pptp vpn server on archlinux?

I followed the instruction on https://wiki.archlinux.org/index.php/PPTP_Server to setup the pptp vpn server with pptpd.
After everything is done, I cannot connect to the server. I found that there is not any ppp virtual adapter in ifconfig's output. But there is no error in log of pptpd service, and pptpd process is running.
The log of client is below:
Apr 06 09:31:34 root pppd[540]: Using interface ppp1
Apr 06 09:31:34 root pppd[540]: Connect: ppp1 <--> /dev/pts/3
Apr 06 09:31:34 root pptp[541]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Apr 06 09:31:35 root pptp[546]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Apr 06 09:31:35 root pptp[546]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Apr 06 09:31:35 root pptp[546]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Apr 06 09:31:36 root pptp[546]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Apr 06 09:31:36 root pptp[546]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Apr 06 09:31:36 root pptp[546]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 0).
Apr 06 09:31:36 root pptp[546]: anon log[pptp_read_some:pptp_ctrl.c:544]: read returned zero, peer has closed
Apr 06 09:31:36 root pptp[546]: anon log[callmgr_main:pptp_callmgr.c:258]: Closing connection (shutdown)
Apr 06 09:31:36 root pptp[546]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
Apr 06 09:31:36 root pptp[546]: anon log[pptp_read_some:pptp_ctrl.c:544]: read returned zero, peer has closed
Apr 06 09:31:36 root pptp[546]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
Apr 06 09:31:36 root pppd[540]: Modem hangup
Apr 06 09:31:36 root pppd[540]: Connection terminated.
Apr 06 09:31:36 root pppd[540]: Exit.
Could anyone tell me what's wrong with it? THX!

I found a typo in /etc/ppp/option.pptpd. After correcting it, the server worked.

Resources