PPTP VPN: Unknown GRE version 5

[Gustavo Michels <gustavo.michels@gmail.com>]

Greetings to all,

I'm experiencing some problems while trying to connect to a PPTP VPN server. 
Here's the scenario:

   Clients ------->------- WRT54GL router ------->------- PPTP VPN Server
172.16.0.0/24              172.16.0.1                          66.150.105.18

The Linksys WRT54GL router is running a custom firmware (DD-WRT v24 [1]) which 
is essentially Linux (dmesg attached) with netfilter and iptables (not sure 
which iptables version, but it's 1.2.9 or later). The WAN connection is DHCP 
cable modem.

# uname -a
Linux gateway 2.4.34 #753 Thu Feb 15 16:56:46 CET 2007 mips unknown

The router has PPTP VPN passthrough enabled which, in essence, loads the 
ip_nat_pptp, ip_conntrack_pptp, ip_conntrack_proto_gre and ip_nat_proto_gre 
modules and adds these two rules to the FORWARD chain (full iptables output 
also attached):

ACCEPT     gre  --  172.16.0.0/24        anywhere
ACCEPT     tcp  --  172.16.0.0/24        anywhere            tcp dpt:1723

So far, so good, I'm able to connect to the VPN and everything is ok. The 
problem is, whenever I start a network intensive application (such as the 
bittorrent client Azureus [2]), the connection dies after a couple of minutes. 
By "dead" I mean no more traffic, though the VPN remains connected (not "hung 
up"). I can still ping the VPN gateway, but that's all I can do. I need to 
manually disconnect and reconnect in order to use the VPN resources again.

When I lose VPN connectivity, the router's log get flooded by these messages:

Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:16 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:17 gateway user.warn kernel: unknown GRE version 5
Feb 26 01:59:17 gateway user.warn kernel: unknown GRE version 5

I do get a quick burst of the above messsages even when I still have 
connectivity. This quick burst usually happens once or twice, but short 
after, the connectivity is gone.

Just doing low traffic stuff such as web browsing does not yield any issues 
and I stay connected normally.

Now the bad part: if I remove the router and connect the cable modem directly 
to the computer, I get zero problems. So, it looks like the problem lies on 
the router.

Does anyone know what these "unknown GRE version 5" mean? Some have said the 
router doesn't seem to support GRE version 5, but how can I be sure of that?

I also asked for help in two places: in the VPN forum [3] and in the DD-WRT 
forum [4]. There's also another thread on another forum [5], where other 
WRT54G users have the same issue, though on different firmware (Tomato, but 
still Linux). You may look at those threads for further reference of this 
issue.

Any help is greatly welcomed.

Thanks
Gustavo

[1] http://www.dd-wrt.com
[2] http://azureus.sourceforge.net
[3] http://www.secureix.com/phpBB2/viewtopic.php?p=453
[4] http://www.dd-wrt.com/phpBB2/viewtopic.php?t=11641
[5] http://www.linksysinfo.org/forums/showthread.php?t=51331
[6] http://www.polarcloud.com/tomato

dmesg.txt
Description: Text document

iptables.txt
Description: Text document