10.7 pptp VPN drops after a few minutes.

Our new users in the building that are using Lion are running into a problem with their VPN staying connected. After a short time being connected, they get kicked off. I took a look at some of the logs and it seems to be related the this chunk of the log(from a newer MBP with Lion) :

Wed Oct 19 17:21:52 2011 : no echo-reply, start ppp_auxiliary_probe!

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: starting

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: found goog-dns address

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: sent to goog-dns over scope 5

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: found peer address

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: sent to peer over scope 5

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: no alternate peer address

Wed Oct 19 17:21:52 2011 : ppp_ip_probe_send: 2 probes sent

Wed Oct 19 17:21:52 2011 : ppp_auxiliary_probe[0] response!

Wed Oct 19 17:21:52 2011 : ppp_auxiliary_probe[1] response!

Wed Oct 19 17:22:12 2011 : no echo-reply, despite successful ppp_auxiliary_probe!

Wed Oct 19 17:22:12 2011 : No response to 3 echo-requests

Wed Oct 19 17:22:12 2011 : Serial link appears to be disconnected.

After several searches and reading other peoples posts about similar problems, I was wondering the following:

The serial Link seems to relate to the MPPE encryption, and from what I've read, OS X uses MS-CHAPv2. The VPN server may be running version 1 for this handshake. Does anyone know if it would be possible to switch OS x to an older version to test if this is the root of the problem?

(This might be limited to newer models for some strange reason. When I did the connection using a 3rd generation MBP, there were handshake failures immidiately, but it never dropped the connection)

*Things already tested:

- Changing the MTU

- Multiple locations

- Multiple accounts

- Multiple Lion MBP

- Changed the service order

- Tried different domained usernames, e.g domain\username vs just username

- Tried setting the Encryption to set levels, not just Automatic

PPP.log(replaced public IP with ###) :

Wed Oct 19 17:02:02 2011 : PPTP connecting to server '###.###.###.#' (###.###.###.#)...

Wed Oct 19 17:02:02 2011 : PPTP connection established.

Wed Oct 19 17:02:02 2011 : PPTP set port-mapping for en1, interface: 5, protocol: 0, privatePort: 0

Wed Oct 19 17:02:02 2011 : using link 0

Wed Oct 19 17:02:02 2011 : Using interface ppp0

Wed Oct 19 17:02:02 2011 : Connect: ppp0 <--> socket[34:17]

Wed Oct 19 17:02:02 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x13576b0c> <pcomp> <accomp>]

Wed Oct 19 17:02:02 2011 : rcvd [LCP ConfReq id=0x0 <mru 1400> <auth eap> <magic 0x2f0438d0> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint 13 17 01 aa 1b 17 2a 44 ea 44 8c a8 e4 57 f6 e1 b8 7c 6c 00 00 00 00> < 17 04 01 48>]

Wed Oct 19 17:02:02 2011 : lcp_reqci: rcvd unknown option 13

Wed Oct 19 17:02:02 2011 : lcp_reqci: rcvd unknown option 23

Wed Oct 19 17:02:02 2011 : lcp_reqci: returning CONFREJ.

Wed Oct 19 17:02:02 2011 : sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 01 48>]

Wed Oct 19 17:02:02 2011 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x13576b0c> <pcomp> <accomp>]

Wed Oct 19 17:02:02 2011 : rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x2f0438d0> <pcomp> <accomp> <endpoint 13 17 01 aa 1b 17 2a 44 ea 44 8c a8 e4 57 f6 e1 b8 7c 6c 00 00 00 00>]

Wed Oct 19 17:02:02 2011 : lcp_reqci: returning CONFNAK.

Wed Oct 19 17:02:02 2011 : sent [LCP ConfNak id=0x1 <auth chap MS-v2>]

Wed Oct 19 17:02:02 2011 : rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x2f0438d0> <pcomp> <accomp> <endpoint 13 17 01 aa 1b 17 2a 44 ea 44 8c a8 e4 57 f6 e1 b8 7c 6c 00 00 00 00>]

Wed Oct 19 17:02:02 2011 : lcp_reqci: returning CONFACK.

Wed Oct 19 17:02:02 2011 : sent [LCP ConfAck id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x2f0438d0> <pcomp> <accomp> <endpoint 13 17 01 aa 1b 17 2a 44 ea 44 8c a8 e4 57 f6 e1 b8 7c 6c 00 00 00 00>]

Wed Oct 19 17:02:02 2011 : sent [LCP EchoReq id=0x0 magic=0x13576b0c]

Wed Oct 19 17:02:02 2011 : rcvd [CHAP Challenge id=0x0 <b83997c79eb77e904d9a11aecc8f25e4>, name = "BUNKERHILL"]

Wed Oct 19 17:02:02 2011 : sent [CHAP Response id=0x0 <38d7ef75ac908b4779043cda7210ab7b0000000000000000c94e70ad5ddbfbdf043c31f642d776 dcf3844fadd11749dd00>, name = "nsc\\nsmith"]

Wed Oct 19 17:02:02 2011 : rcvd [LCP EchoRep id=0x0 magic=0x2f0438d0]

Wed Oct 19 17:02:02 2011 : rcvd [CHAP Success id=0x0 "S=14337DE94BDAF4713F2B2FBCAAE7FB10E11BC83E"]

Wed Oct 19 17:02:02 2011 : sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]

Wed Oct 19 17:02:02 2011 : rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]

Wed Oct 19 17:02:02 2011 : sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : rcvd [IPCP ConfReq id=0x5 <addr 10.23.25.67>]

Wed Oct 19 17:02:02 2011 : sent [IPCP TermAck id=0x5]

Wed Oct 19 17:02:02 2011 : rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]

Wed Oct 19 17:02:02 2011 : MPPE 128-bit stateless compression enabled

Wed Oct 19 17:02:02 2011 : sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins1 0.0.0.0> <ms-wins3 0.0.0.0>]

Wed Oct 19 17:02:02 2011 : sent [IPV6CP ConfReq id=0x1 <addr fe80::c62c:03ff:fe30:1121>]

Wed Oct 19 17:02:02 2011 : rcvd [LCP ProtRej id=0x7 80 57 01 01 00 0e 01 0a c6 2c 03 ff fe 30 11 21]

Wed Oct 19 17:02:02 2011 : rcvd [IPCP ConfRej id=0x1 <ms-wins1 0.0.0.0> <ms-wins3 0.0.0.0>]

Wed Oct 19 17:02:02 2011 : sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]

Wed Oct 19 17:02:02 2011 : rcvd [IPCP ConfNak id=0x2 <addr 10.23.20.84> <ms-dns1 10.23.1.18> <ms-dns3 10.23.1.19>]

Wed Oct 19 17:02:02 2011 : sent [IPCP ConfReq id=0x3 <addr 10.23.20.84> <ms-dns1 10.23.1.18> <ms-dns3 10.23.1.19>]

Wed Oct 19 17:02:02 2011 : rcvd [IPCP ConfAck id=0x3 <addr 10.23.20.84> <ms-dns1 10.23.1.18> <ms-dns3 10.23.1.19>]

Wed Oct 19 17:02:04 2011 : rcvd [IPCP ConfReq id=0x8 <addr 10.23.25.67>]

Wed Oct 19 17:02:04 2011 : ipcp: returning Configure-ACK

Wed Oct 19 17:02:04 2011 : sent [IPCP ConfAck id=0x8 <addr 10.23.25.67>]

Wed Oct 19 17:02:04 2011 : ipcp: up

Wed Oct 19 17:02:04 2011 : local IP address 10.23.20.84

Wed Oct 19 17:02:04 2011 : remote IP address 10.23.25.67

Wed Oct 19 17:02:04 2011 : primary DNS address 10.23.1.18

Wed Oct 19 17:02:04 2011 : secondary DNS address 10.23.1.19

Wed Oct 19 17:02:04 2011 : pptp_wait_input: Address added. previous interface setting (name: en1, address: 192.168.1.113), current interface setting (name: ppp0, family: PPP, address: 10.23.20.84, subnet: 255.255.255.0, destination: 10.23.25.67).

Wed Oct 19 17:02:08 2011 : PPTP port-mapping update for en1 ignored: VPN is the Primary interface. Public Address: 0, Protocol: None, Private Port: 0, Public Port: 0

Wed Oct 19 17:02:08 2011 : PPTP clearing port-mapping for en1

Wed Oct 19 17:06:02 2011 : no echo-reply, start ppp_auxiliary_probe!

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: starting

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: found goog-dns address

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: sent to goog-dns over scope 5

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: found peer address

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: sent to peer over scope 5

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: no alternate peer address

Wed Oct 19 17:06:02 2011 : ppp_ip_probe_send: 2 probes sent

Wed Oct 19 17:06:02 2011 : ppp_auxiliary_probe[0] response!

Wed Oct 19 17:06:02 2011 : ppp_auxiliary_probe[1] response!

Wed Oct 19 17:06:22 2011 : no echo-reply, despite successful ppp_auxiliary_probe!

Wed Oct 19 17:06:22 2011 : No response to 3 echo-requests

Wed Oct 19 17:06:22 2011 : Serial link appears to be disconnected.

Wed Oct 19 17:06:22 2011 : ipcp: down

Wed Oct 19 17:06:22 2011 : MPPE disabled

Wed Oct 19 17:06:22 2011 : sent [LCP TermReq id=0x2 "MPPE disabled"]

Wed Oct 19 17:06:22 2011 : Connection terminated.

Wed Oct 19 17:06:22 2011 : sent [LCP TermReq id=0x3 "MPPE disabled"]

Wed Oct 19 17:06:22 2011 : Connect time 4.4 minutes.

Wed Oct 19 17:06:22 2011 : Sent 6447 bytes, received 7988 bytes.

Wed Oct 19 17:06:22 2011 : PPTP disconnecting...

Wed Oct 19 17:06:22 2011 : PPTP clearing port-mapping for en1

Wed Oct 19 17:06:22 2011 : PPTP disconnected