Community discussions

MikroTik App
 
vejce4444
just joined
Topic Author
Posts: 2
Joined: Tue Mar 17, 2020 8:13 am

pptp ppp error someone wanna reach my network?

Tue Mar 17, 2020 8:27 am

Hello,

I am new in to Mikrotik world. I want to ask about one error. Everything work without problem but sometimes I have on my mobile phone/laptop "connected but no internet access". I look in the log and I found there are sometimes these errors:
Time Mar/17/2020 04:47:00
Buffer memory
Topics pptp ppp error
Message <888>: user 123456 authentication failed

There are 3 or 4 daily from different users (user 0, vpn, pptp). I have confinfigured pptp vpn for access on to my server (working without problem). I have susspect someone try reach my network via pptp protocol. Am I right? I configured this protocol because its user friendly to use on new device but If I am right I ll change it on the open VPN (with cert). Thank you so much for answer.

Log error:
Image
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: pptp ppp error someone wanna reach my network?

Tue Mar 17, 2020 9:17 am

Any service you offer to the internet can be compromised. Especially the legacy stuff like PPTP is subject to attacks.
As you are a MikroTik user, please consider using IPSEC of LT2P. This is offloaded (depending on your hardware) and supported by any device without the need of additional components for OpenVPN.
 
vejce4444
just joined
Topic Author
Posts: 2
Joined: Tue Mar 17, 2020 8:13 am

Re: pptp ppp error someone wanna reach my network?

Tue Mar 17, 2020 7:55 pm

Hello,

thank you for your answer. I turned off PPTP and configure L2TP with IPsec. You have right it is better option. I had little bit problem with configure android (some Android bullshit with shared IPsec) but now it is work on PC/Phone. Thank you for your reply
 
erlinden
Forum Guru
Forum Guru
Posts: 1920
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: pptp ppp error someone wanna reach my network?

Wed Mar 18, 2020 8:57 am

Thank you for your reply
Good to hear!
 
Roberto69
just joined
Posts: 23
Joined: Fri Dec 24, 2021 9:09 am
Location: Slovenia
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 11:19 am

I agree PPTP is legacy stuff and we should avoid it. But is there any way to find out (and to block it) ip address, from attacker trying to login?

jan/20/2022 09:59:36 pptp,ppp,error <343>: user an authentication failed

Thank You
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 681
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 3:27 pm

Yes, you can use scripts to read the log file and put them into the address list then you drop that address list.
but as you already moved to L2TP I don't see any reason for that. just disable PPTP and GRE and all is good.
Last edited by own3r1138 on Thu Jan 20, 2022 4:11 pm, edited 1 time in total.
 
Roberto69
just joined
Posts: 23
Joined: Fri Dec 24, 2021 9:09 am
Location: Slovenia
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 3:48 pm

I agree, but still have one link based on PPTP. I know it'll be good to change, but router is remote ...
In meantime I'd like to get rid of "kilo" of messages
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 681
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 4:14 pm

Is the client have a static IP or something that you could allow that client and drop everything else on PPTP, CUZ right now the scripts that I know of work with IPsec fail connection, not a PPTP error.
 
Roberto69
just joined
Posts: 23
Joined: Fri Dec 24, 2021 9:09 am
Location: Slovenia
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 4:29 pm

Yes, client has fixed IP. Good idea, but where can I allow connection only for one IP and drop all other? In firewall?
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 681
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: pptp ppp error someone wanna reach my network?

Thu Jan 20, 2022 4:33 pm

Yes, it's in the firewall but please before adding any drop rules in your firewall use safe mode. make sure you don't get locked out by the same rule.

Who is online

Users browsing this forum: Ahrefs [Bot], GoogleOther [Bot], Luanscps and 54 guests