What's new

VPN PPTP Client does not work

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

vrapp

Senior Member
VPN PPTP Client does not work

When I connect to the PPTP VPN server at work from the home computer running Windows 10, everything works OK.
When I connect there from the router (AC68U/384.19), having configured VPN client, the connection succeeds, but name resolution of anything from a home workstation fails with "server failed" - whether I try work computer or anything on internet. But nslookup from router's page "network tools" works.

Is this something to check in the VPN server at work, or it's router's fault? The log is at http://www.mediafire.com/file/d70gxiqdw5y6eub/router_log.txt/file (this website did not allow to neither paste the contents of it in the post, nor to attach it).
 
Disabled, and the message about rebind attack disappeared from the log, but everything else is the same: as soon as VPN client is activated, there's no DNS resolution for the computers on the home network. It works when querying DNS server on the remote network VPN is connected to, but not by querying the router - it returns "Server failed" to everything.
 
It works when querying DNS server on the remote network VPN is connected to, but not by querying the router - it returns "Server failed" to everything.
Sorry, I'm not sure I'm following what you're saying here. Can you paste the output of the failed and working DNS queries please. Also post the output of ipconfig /all from the PC.

Do you have any other DNS-related features enabled on the router like DNSFilter, Diversion, Skynet, etc.?
 
Windows VPN disconnected, router's VPN disconnected:
C:\Users\myusername>nslookup www.facebook.com
Server: UnKnown
Address: 2601:241:100:13aa::1

Non-authoritative answer:
Name: star-mini.c10r.facebook.com
Addresses: 2a03:2880:f127:83:face:b00c:0:25de
157.240.18.35
Aliases: www.facebook.com



Windows VPN connected, router's VPN disconnected:

C:\Users\myusername>ipconfig

Windows IP Configuration


PPP adapter mycompany:

Connection-specific DNS Suffix . : inter.mycompany.com
IPv4 Address. . . . . . . . . . . : 10.1.0.150
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi 2:

Connection-specific DNS Suffix . : myname.home
IPv6 Address. . . . . . . . . . . : 2601:241:100:13aa:e82c:86cd:70c6:667a
Temporary IPv6 Address. . . . . . : 2601:241:100:13aa:297e:c7e1:dc93:5365
Link-local IPv6 Address . . . . . : fe80::e82c:86cd:70c6:667a%6
IPv4 Address. . . . . . . . . . . : 192.168.1.237
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::1eb7:2cff:feda:4b20%6
192.168.1.1


C:\Users\myusername>nslookup psvm-sql12.inter.mycompany.com
Server: psc-dc8.inter.mycompany.com
Address: 10.1.0.9

Name: psvm-sql12.inter.mycompany.com
Address: 10.1.0.13



Windows VPN disconnected, router's VPN connected:

C:\Users\myusername>nslookup
Default Server: UnKnown
Address: 2601:241:100:13aa::1

> www.facebook.com
Server: UnKnown
Address: 2601:241:100:13aa::1
*** UnKnown can't find www.facebook.com: Server failed

> psvm-sql12.inter.mycompany.com
Server: UnKnown
Address: 2601:241:100:13aa::1

*** UnKnown can't find psvm-sql12.inter.mycompany.com: Server failed

> server 10.1.0.9 <----- this is DNS server at the remote VPN site
Default Server: [10.1.0.9]
Address: 10.1.0.9

> psvm-sql12.inter.mycompany.com
Server: [10.1.0.9]
Address: 10.1.0.9

Name: psvm-sql12.inter.mycompany.com
Address: 10.1.0.13
 
Showing the output of ipconfig /all as requested would be more useful. But the problem appears to be that your PC is using your ISP's (Comcast?) IPv6 DNS server (2601:241:100:13aa::1) directly and not using the router's DNS server.
 
ipconfig/all with Windows VPN connected:

Windows IP Configuration

Host Name . . . . . . . . . . . . : MYCOMPUTERNAME
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : inter.mycompany.com
myusername.home

PPP adapter MyCompany:

Connection-specific DNS Suffix . : inter.mycompany.com
Description . . . . . . . . . . . : PolyScience
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.0.184(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.1.0.7
10.1.0.21
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1E-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : 1C-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

Connection-specific DNS Suffix . : myusername.home
Description . . . . . . . . . . . : Realtek 8811CU Wireless LAN 802.11ac USB NIC
Physical Address. . . . . . . . . : 1C-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:241:100:13aa:e82c:86cd:70c6:667a(Preferred)
Temporary IPv6 Address. . . . . . : 2601:241:100:13aa:297e:c7e1:dc93:5365(Preferred)
Link-local IPv6 Address . . . . . : fe80::e82c:86cd:70c6:667a%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.237(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 18, 2020 9:41:07 AM
Lease Expires . . . . . . . . . . : Wednesday, August 19, 2020 9:42:13 PM
Default Gateway . . . . . . . . . : fe80::1eb7:2cff:feda:4b20%6
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 68992974
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-26-66-06-1C-74-D4-35-B3-33-1F
DNS Servers . . . . . . . . . . . : 2601:241:100:13aa::1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
myusername.home


Without Windows VPN connected:

Windows IP Configuration

Host Name . . . . . . . . . . . . : MYCOMPUTERNAME
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : myusername.home

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1E-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : 1C-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

Connection-specific DNS Suffix . : myusername.home
Description . . . . . . . . . . . : Realtek 8811CU Wireless LAN 802.11ac USB NIC
Physical Address. . . . . . . . . : 1C-BF-CE-E3-99-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:241:100:13aa:e82c:86cd:70c6:667a(Preferred)
Temporary IPv6 Address. . . . . . : 2601:241:100:13aa:297e:c7e1:dc93:5365(Preferred)
Link-local IPv6 Address . . . . . : fe80::e82c:86cd:70c6:667a%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.237(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 18, 2020 9:41:07 AM
Lease Expires . . . . . . . . . . : Wednesday, August 19, 2020 9:42:13 PM
Default Gateway . . . . . . . . . : fe80::1eb7:2cff:feda:4b20%6
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 68992974
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-26-66-06-1C-74-D4-35-B3-33-1F
DNS Servers . . . . . . . . . . . : 2601:241:100:13aa::1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
myusername.home


> your PC is using your ISP's (Comcast?) IPv6 DNS server (2601:241:100:13aa::1) directly and not using the router's DNS server.

If I understand correctly, 2601:241:100:13aa::1 is router's address:
1597806868959.png


...and it does resolve local names:

C:\Users\myusername>nslookup printer
Server: UnKnown
Address: 2601:241:100:13aa::1

Name: printer
Address: 192.168.1.42

There's no dnsfilter, or any other addons.
 
Last edited:
Thanks for the extra info. Yes it does look like 2601:241:100:13aa::1 is your local DNS server. Unfortunately I don't really know much about native IPv6 setups.

I suspect the problem is because the VPN only supports IPv4 and that is messing up the dnsmasq configuration somehow. I would imagine that if you turned off IPv6 on the router and rebooted your PC it would work.

When the router is connected to the VPN what does /etc/dnsmasq.conf contain? Also, does nslookup www.goole.com 192.168.1.1 work?
 
I disabled IPV6 on the router and on the PC. Nothing changed.

C:\Users\myusername>nslookup
Default Server: RT-AC68P-4B20.myusername.home
Address: 192.168.1.1

> psvm-sql12.inter.mycompany.com
Server: RT-AC68P-4B20.myusername.home
Address: 192.168.1.1

*** RT-AC68P-4B20.myusername.home can't find psvm-sql12.inter.mycompany.com: Server failed
> server 10.1.0.21
Default Server: [10.1.0.21]
Address: 10.1.0.21

> psvm-sql12.inter.mycompany.com
Server: [10.1.0.21]
Address: 10.1.0.21

Name: psvm-sql12.inter.mycompany.com
Address: 10.1.0.13

(i.e. there's access to the remote network and its DNS server 10.1.0.21, and it works if queried directly; but the router can't )

> When the router is connected to the VPN what does /etc/dnsmasq.conf contain?
Same as when it's not connected; nothing that would reflect remote VPN site.
==============================================
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=myusername.home
expand-hosts
bogus-priv
domain-needed
local=/myusername.home/
dhcp-range=lan,192.168.1.2,192.168.1.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.1.1
dhcp-option=lan,15,myusername.home
dhcp-option=lan,252,"\n"
dhcp-option=lan,42,0.0.0.0
dhcp-authoritative
quiet-dhcp
quiet-dhcp6
trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC6834571042>
dnssec
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
dhcp-script=/sbin/dhcpc_lease
script-arp
==============================================
(myusername.home above is " RT-AC68P's Domain Name " specified at LAN/LAN IP page)

From the log when VPN connects:

Aug 19 10:15:02 dnsmasq[12482]: read / etc / hosts - 7 addresses (inserted spaces because the post was blocked otherwise)
Aug 19 10:15:02 dnsmasq[12482]: using nameserver 10.1.0.21#53
Aug 19 10:15:02 dnsmasq[12482]: using nameserver 10.1.0.7#53
Aug 19 10:15:02 dnsmasq[12482]: using only locally-known addresses for domain myusername.home

telnet 10.1.0.21 53 connected, telnet 10.1.0.7 53 connected.

> Also, does nslookup www.goole.com 192.168.1.1 work?
No. When router's VPN client is connected, dns queries to the router of internet names and of the names on the remote network result in "server failed". However, queries of the names on the home network do succeed, i.e. it looks like it's "using only locally-known addresses " for everything, not just "for domain myusername.home"
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top