[ALUG] Connecting Ubuntu to a 'Microsoft' VPN

Paul Grenyer paul at nakedelement.co.uk
Thu Jul 20 18:56:31 BST 2017


Hi All

I'm trying to use OpenVPN to connect to what our client tells us is a
'Microsoft' VPN. There's no certificate, just a url, username and
password. All works fine from a Windows desktop, so I know the VPN is
working.

This is the configuration I've tried:

# config.ovpn
dev tun0
client
proto tcp
capath .
remote remote.xxx.org.uk 1723
auth-user-pass pass.txt

# pass.txt
<username>
<password>

openvpn --config config.opvn

gives me:

Wed Jul 19 11:15:50 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Wed Jul 19 11:15:50 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Wed Jul 19 11:15:50 2017 WARNING: file 'pass.txt' is group or others accessible
Wed Jul 19 11:15:50 2017 WARNING: No server certificate verification
method has been enabled.  See http://openvpn.net/howto.html#mitm for
more info.
Wed Jul 19 11:15:50 2017 WARNING: experimental option --capath .
Wed Jul 19 11:15:50 2017 Attempting to establish TCP connection with
[AF_INET]81.138.76.148:1723 [nonblock]
Wed Jul 19 11:15:51 2017 TCP connection established with
[AF_INET]81.138.76.148:1723
Wed Jul 19 11:15:51 2017 TCPv4_CLIENT link local: [undef]
Wed Jul 19 11:15:51 2017 TCPv4_CLIENT link remote: [AF_INET]81.138.76.148:1723
Wed Jul 19 11:16:20 2017 Connection reset, restarting [0]
Wed Jul 19 11:16:20 2017 SIGUSR1[soft,connection-reset] received,
process restarting
Wed Jul 19 11:16:25 2017 WARNING: No server certificate verification
method has been enabled.  See http://openvpn.net/howto.html#mitm for
more info.
Wed Jul 19 11:16:25 2017 WARNING: experimental option --capath .
Wed Jul 19 11:16:25 2017 Attempting to establish TCP connection with
[AF_INET]81.138.76.148:1723 [nonblock]
Wed Jul 19 11:16:26 2017 TCP connection established with
[AF_INET]81.138.76.148:1723
Wed Jul 19 11:16:26 2017 TCPv4_CLIENT link local: [undef]
Wed Jul 19 11:16:26 2017 TCPv4_CLIENT link remote: [AF_INET]81.138.76.148:1723

And with:

sudo tcpdump -i enp0s25 host remote.xxxx.org.uk

at the same time, I get:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s25, link-type EN10MB (Ethernet), capture size 262144 bytes
15:56:05.845738 IP 192.168.1.31.50766 > remote.xxxx.org.uk.1723: Flags
[S], seq 1706890924, win 29200, options [mss 1460,sackOK,TS val 441917
ecr 0,nop,wscale 7], length 0
15:56:05.864738 IP remote.xxxx.org.uk.1723 > 192.168.1.31.50766: Flags
[S.], seq 737349215, ack 1706890925, win 8192, options [mss
1402,nop,wscale 8,sackOK,TS val 792826942 ecr 441917], length 0
15:56:05.864773 IP 192.168.1.31.50766 > remote.xxxx.org.uk.1723: Flags
[.], ack 1, win 229, options [nop,nop,TS val 441922 ecr 792826942],
length 0
15:56:06.845981 IP 192.168.1.31.50766 > remote.wlma.org.uk.1723: Flags
[P.], seq 1:17, ack 1, win 229, options [nop,nop,TS val 442167 ecr
792826942], length 16: pptp UNEXPECTED Magic-Cookie!!(c587905e)
Magic-Cookie=c587905e UNKNOWN_CTRL_MSGTYPE(62247)
15:56:06.925259 IP remote.xxxx.org.uk.1723 > 192.168.1.31.50766: Flags
[.], ack 17, win 260, options [nop,nop,TS val 792828002 ecr 442167],
length 0
15:56:08.932319 IP 192.168.1.31.50766 > remote.xxxx.org.uk.1723: Flags
[P.], seq 17:33, ack 1, win 229, options [nop,nop,TS val 442689 ecr
792828002], length 16: pptp UNEXPECTED Magic-Cookie!!(c587905e)
Magic-Cookie=c587905e UNKNOWN_CTRL_MSGTYPE(62247)
15:56:09.012049 IP remote.xxxx.org.uk.1723 > 192.168.1.31.50766: Flags
[.], ack 33, win 260, options [nop,nop,TS val 792830089 ecr 442689],
length 0
15:56:12.061655 IP 192.168.1.31.50766 > remote.xxxx.org.uk.1723: Flags
[P.], seq 33:49, ack 1, win 229, options [nop,nop,TS val 443471 ecr
792830089], length 16: pptp UNEXPECTED Magic-Cookie!!(c587905e)
Magic-Cookie=c587905e UNKNOWN_CTRL_MSGTYPE(62247)
15:56:12.130397 IP remote.xxxx.org.uk.1723 > 192.168.1.31.50766: Flags
[.], ack 49, win 260, options [nop,nop,TS val 792833208 ecr 443471],
length 0
15:56:20.745268 IP 192.168.1.31.50766 > remote.xxxx.org.uk.1723: Flags
[P.], seq 49:65, ack 1, win 229, options [nop,nop,TS val 445642 ecr
792833208], length 16: pptp UNEXPECTED Magic-Cookie!!(c587905e)
Magic-Cookie=c587905e UNKNOWN_CTRL_MSGTYPE(62247)
15:56:20.823394 IP remote.xxx.org.uk.1723 > 192.168.1.31.50766: Flags
[.], ack 65, win 260, options [nop,nop,TS val 792841900 ecr 445642],
length 0

I'm really not sure what I'm looking at. Can anyone guide me in the
right direction?

Thanks
Paul



More information about the main mailing list