By using AWS re:Post, you agree to the Terms of Use

Connect Ubuntu Lightsail instance to PPTP VPN freezes/crashes instance

0

Hi all,

I've got an ubuntu linux VPS through AWS that I'm trying to connect to a company's VPN via PPTP. My authentication is successful , and the admin of the VPN confirms that I am connected, however I have found the my server then keeps freezing up, and I need to force a reboot via AWS UI.

Running sudo pon PPTP debug dump logfd 2 nodetach gives me the below logs... sometimes (I've added the logs as a pastebin as I couldn't figure out how to format the text with re:Post to make it legible)

https://pastebin.com/u4TCgWs8

Occasionally it will get that far after I try terminate the connection early, but sometimes it will just hang around after sending [IPCP ConfAck id=0x7 <addr 192.168.121.103>], and then will freeze and I need to reboot.

I've seen a few resources online suggesting reducing the MTU, which I'm not sure how to set, as the command for it is apparently sudo ifconfig ppp0 mtu 1300 as an example, but when I do sudo ifconfig ppp0 I get ppp0: error fetching interface information: Device not found.

Is anyone able to shed some light on this?

2 Answers
0

Hello,
Thank you for using Lightsail.

Check the instance burst capacity metrics on your instance management page to see if you're exceeding your allocation https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-viewing-instance-burst-capacity

Upgrading your instance bundle can alleviate problems related to high CPU usage.

Regards,
Gabriel

answered 8 months ago
  • Hi Gabriel,

    Thanks for your answer, I have replicated the issue and then looked at the metrics but this is not the root cause, usage did not leave the sustainable zone.

    Thanks, Dino

0

Hello Dino,

Thank you for reaching out to us and asking your question in Re:Post. Reading your original post, it seems that after a successful connection to a company's VPN using PPTP protocol, the Ubuntu Lightsail instances becomes unresponsive. There could be several reasons for which you are experiencing this, however the first suspicion is modification of existing kernel route tables which can make the Lightsail instance unresponsive over SSH immediately after VPN connection is successful. A snippet from the pasted logs indicate:

replacing old default route to eth0 [172.26.0.1]

<----truncated----->

restoring old default route to eth0 [172.26.0.1]

If this route is not persistent, the issue will resolve after every reboot (and there will be no VPN connection, unless reconnected manually). I will recommend to use a temporary EC2 instance for this use-case so that when the instance becomes unresponsive, you can troubleshoot using Serial Console (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-serial-console.html). Please note only certain instance types and regions support it. From the console, you can login using a local user and check if the primary route has changed.

Another approach could be to check if the company's VPN setup recommends to use PPTP protocol. If yes, if there are any specific guidelines for Ubuntu.

Regarding the error ppp0: error fetching interface information: Device not found.: If the ifconfig command was ran before an established VPN connection, the device ppp0 was probably not yet available.

On a different note, you can add logs in Re:Post using code block to maintain the format.

SUPPORT ENGINEER
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions