[pptp-server] Is encryption of PPP with MPPE sufficient to encrypt PPTP?
Bitt Faulk
wfaulk at totalsports.net
Wed Jun 9 21:35:02 CDT 1999
On Wed, 9 Jun 1999, Matthew Ramsay wrote:
>
> I've tried to get that working.. but failed. :-) Also have a look at
> this link:
> ftp://ftp.east.telecom.kz/pub/src/networking/ppp/multilink/ppp-2.3.5-mp.tgz
>
> apparently this is a modified ppp-2.3.5 with MSCHAPv2 and MPPE support.
>
> I am actually hoping someone will email me tomorrow telling me they
> tried the above ppp patches and successfully got poptop working with
> microsoft encryption :-)
I tried the above ppp daemon, and it doesn't work. From his
README.MSCHAP80 file:
I've managed to get a client-only
implementation of MS-CHAP working; it will authenticate itself to
another system using MS-CHAP, but if you're using PPPD as a dial-in
server, you won't be able to use MS-CHAP to authenticate the clients.
This would not be a lot of extra work given that the framework is in
place, but I didn't need it myself so I didn't implement it.
Of course, this just means that MSCHAP80 won't work. CHAP should still
work, and MPPE might not, but....
He managed to break IP Address wildcards in chap-secrets. It looks like a
bug, but I can't imagine how it happened. After I fixed that (removed
lines 1286,7 from pppd/auth.c), I never could get MPPE working.
Sorry.
-Bitt
More information about the pptp-server
mailing list