You did not mention your rules
file. Have you added appropriate entries to the rules
file to allow TCP port 1723 and GRE (IP protocol 47) traffic to your pptp server? See this page for details.
Response to Update
Try replacing vpn all ACCEPT
with the equivalent set of policies
vpn fw ACCEPT
vpn wan ACCEPT
vpn lan ACCEPT
and test whether everything still works. If so, next try removing each of those policies one by one, testing whether everything still works each time, to get down to the minimal set of policies required. Is it possible that the only policy you really need to add is vpn wan ACCEPT
?
In options.pptp, place the following lines anywhere:
mtu 1490
mru 1490
require-mschap
require-mschap-v2
require-mppe-128
Try the connection again. You may need to restart pppd
EDIT 1
There appears to be a mismatch in settings between the server and client. First, let's add the option to enable debug logging into options.pptp
. Somewhere in that file, add the line: debug dump
.
Next, before starting the connection again, tail the error log: sudo tail -f /var/log/syslog
or /var/log/messages
Finally, start the connection again and see what the errors are in fuller detail.
EDIT 2
Looks like we've got an options dice game going on. Since the debug logging didn't shed any additional light on the problem, here's what should probably be done:
man pppd
Look at all the options available and start analyzing them. Change options using options.pptp and see if any change your situation. The error that's being reported strongly indicates that there is some kind of options mismatch between server and client, but it doesn't give any further information. Sadly, in cases like this, the next step is often to play option bingo.
Best Answer
Your machine is probably using the wrong interface to send out packets to machines in the VPN. After establishing the VPN tunnel, you usually have to set a route for the VPN:
e.g.: