VPN over GPRS not working?

Archived from groups: comp.dcom.vpn (More info?)

I'm trying to establish a VPN tunnel from my laptop over GPRS to my office
LAN. VPN works fine from broadband or dialup, but GPRS fails.

Client is Windows XP, Server is pptpd/pppd on a Snapgear appliance, mobile
provider is O2 Germany.
It seems the GPRS connection works via NAT and that this may be the cause
of the problem. The log shows "LCP: timeout sending Config-Requests" which
might also indicate that my side couldn't answer because of NAT.

Is there anything I can do about that concerning the server configuration?
I do have good knowledge about Linux and partly about networking but
exactly none about pptpd/pppd, I just use the web interface provided by
the router. I can edit configuration files (pptpd.conf and options.pptp as
I understand) directly if necessary.

Other possible causes might be MTU or the GPRS gateway not allowing highly
encrypted authentication. I tried everything down to even no
authentication, nothing worked over GPRS. MTU seems to be at normal 1500.
So, I think both are not relevant here.

Kai
6 answers Last reply
More about gprs working
  1. Archived from groups: comp.dcom.vpn (More info?)

    Kai Schaetzl wrote:
    > I'm trying to establish a VPN tunnel from my laptop over GPRS to my office
    > LAN. VPN works fine from broadband or dialup, but GPRS fails.
    >
    > Client is Windows XP, Server is pptpd/pppd on a Snapgear appliance, mobile
    > provider is O2 Germany.
    > It seems the GPRS connection works via NAT and that this may be the cause
    > of the problem. The log shows "LCP: timeout sending Config-Requests" which
    > might also indicate that my side couldn't answer because of NAT.
    >
    > Is there anything I can do about that concerning the server configuration?
    > I do have good knowledge about Linux and partly about networking but
    > exactly none about pptpd/pppd, I just use the web interface provided by
    > the router. I can edit configuration files (pptpd.conf and options.pptp as
    > I understand) directly if necessary.
    >
    > Other possible causes might be MTU or the GPRS gateway not allowing highly
    > encrypted authentication. I tried everything down to even no
    > authentication, nothing worked over GPRS. MTU seems to be at normal 1500.
    > So, I think both are not relevant here.
    >
    > Kai
    >

    Nothing you can do but complain to the GPRS service provider.


    --
    WARNING! Email address has been altered for spam resistance.
    Please remove the -deletethispart-. section before replying directly.
    Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)
  2. Archived from groups: comp.dcom.vpn (More info?)

    Mike Drechsler - SPAM PROTECTED EMAIL schrieb am Thu, 29 Sep 2005 19:29:00
    GMT:

    > Nothing you can do but complain to the GPRS service provider.

    Figured that, thanks!

    Kai
  3. set your mtu down to 1300 and try the connection again.

    I would think your mtu size is the most likely cause of your connection issues.
  4. hmmm, VPN sucks alot of bandwidth, when it needs encryption (full tunneling) and GPRS uses packet-switching, thats 160 kbits maximum, i would be surprised if it works in anyway?
  5. My 2 cents worth: (regarding IPSec VPN)

    From my experience, most GPRS connections will give a PRIVATE ip address. This means that we are connected to an internal network which uses a gateway to access the real Internet. Most gateways "break" the IPSec protocol (unless the gateway is setup to allow IPSec passthru).

    I have noticed that some GPRS provider have packages that provide a Public IP address (I *** that these will be directly connected to the Internet). These packages (e.g. from cingular of US) MIGHT support IPSec VPN
  6. P.S.
    I have managed to get VPN working via GSM (by dial-up into a normal ISP) which then gives me a Public IP. BUT this GSM connection is 9.6kbps - which is OK only for light messaging services.
Ask a new question

Read More

VPN Configuration Networking