[pptp-server] pptp client problems

Cowles, Steve Steve.Cowles at gte.net
Fri Feb 18 23:46:54 CST 2000 

I just went through this night-mare last week with basically the same setup
as yours. e.g. RH6.1 and all the patches. Had Win98/WinNT clients working
just fine. After many tests with a friend (in debug mode) we discovered that
Windows Dialup Networking is also operating in "noauth" mode. <groan>. In
fact the pppd documentation is a little confusing with regards to the
name/user/remotename options. One thing we discovered during out testing was
when we connected to an NT based RAS server using the pptp client, the NT
RAS server returned "name" as NULL. We had to specify our login name for the
"name" parameter on the pptp command line. PPPD on the other hand, returned
the name correctly. e.g. the hostname. This caused all kinds of problems
when pppd scanned the chap-secrets file looking for a match. Talk about
consistency!!!

Anyway, to make a long story short... I had to set the server side up
(options) with "auth" and the client side with "noauth". Your chap-secrets
file looks OK. Also, I don't use the name parameter in the either options
file. This seems to make it a little more universal when connecting between
a linux based and an NT based PPTP servers. e.g. specify these parameters on
the command line.

================================
/etc/ppp/options on client side
lock
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless

/etc/ppp/chap-secrets
scowles  * password *
COWLES\\scowles  * password *

I invoked pptp as follows:

pptp enterprise name enterpise user COWLES\\scowles
  or
pptp enterprise name enterpise user scowles

enterprise is my poptop/pppd server's hostname.


Your milege may vary, but the above worked for me. Good luck.

Steve Cowles


-----Original Message-----
From: Andrew F. Nelson [mailto:anelso1 at isd.net]
Sent: Friday, February 18, 2000 9:48 PM
To: pptp-server at lists.schulte.org
Subject: [pptp-server] pptp client problems


I am trying to connect two linux boxes together to link two different
private subnets.  I have the server working with a Win98 VPN client with
MSCHAP and encrption just fine.  I am trying to get the same thing working
with a Linux client.

I am running RedHat-6.1 on both machines.  The server is an intel box and
the client is a sparc.  Both machines are running ppp-2.3.10 with the mppe
patch and SSLeay-0.9.0b.  The client is using pptp-linux-1.0.2 and the
server is running PopTop 1.0.0

If I turn both machines to "noauth" things work just fine, but that is a bit
ugly.  It does prove that my networking is kosher between the two boxes
though.  I have tried doing noauth on one of the two in both combos to no
avail.  I included debug output for both machines below.  Pap does not work
either, but I have that turned off in the configs I pasted here.  What am I
missing?  /etc/ppp/option

/etc/ppp/options on client:
lock
auth
debug
refuse-pap
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless

/etc/ppp/options on server:
name EGC
debug
lock
noauth
refuse-pap
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
ms-wins 192.168.1.254
ms-dns 192.168.1.254
ms-dns 208.153.200.254
proxyarp

/etc/ppp/chap-secrets on both:
nelson 		*	MYPASSWD            	*

The client was started with:
pptp <server ip> user nelsonnet2

CLIENT:
Feb 18 13:51:25 nelsonnet2 pppd[6717]: pppd 2.3.10 started by root, uid 0
Feb 18 13:51:25 nelsonnet2 pppd[6717]: Using interface ppp0
Feb 18 13:51:25 nelsonnet2 pppd[6717]: Connect: ppp0 <--> /dev/ttya0
Feb 18 13:51:25 nelsonnet2 pppd[6717]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <auth chap 81> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:25 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: rcvd [LCP ConfReq id=0x1 <asyncmap
0x0> <auth chap 81> <magic 0x4a2ee0e5> <pcomp> <accomp>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: lcp_reqci: returning CONFACK.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: sent [LCP ConfAck id=0x1 <asyncmap
0x0> <auth chap 81> <magic 0x4a2ee0e5> <pcomp> <accomp>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <auth chap 81> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: rcvd [LCP ConfRej id=0x1 <auth chap
81>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: Untimeout 0x18904:0x54560.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: sent [LCP ConfReq id=0x2 <asyncmap
0x0> <auth chap m$oft> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: rcvd [LCP ConfRej id=0x2 <auth chap
m$oft>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: Untimeout 0x18904:0x54560.
Feb 18 13:51:28 nelsonnet2 pppd[6717]: sent [LCP ConfReq id=0x3 <asyncmap
0x0> <auth chap MD5> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: rcvd [LCP ConfRej id=0x3 <auth chap
MD5>]Feb 18 13:51:29 nelsonnet2 pppd[6717]: Untimeout 0x18904:0x54560.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: sent [LCP ConfReq id=0x4 <asyncmap
0x0> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:29 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: rcvd [LCP ConfAck id=0x4 <asyncmap
0x0> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:29 nelsonnet2 pppd[6717]: Untimeout 0x18904:0x54560.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: peer refused to authenticate:
terminating link
Feb 18 13:51:29 nelsonnet2 pppd[6717]: sent [LCP TermReq id=0x5 "peer
refused to authenticate"]
Feb 18 13:51:29 nelsonnet2 pppd[6717]: Timeout 0x18904:0x54560 in 3 seconds.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: rcvd [CHAP Challenge id=0x1
<78af634d1b856555d5da7fef07ac90f5>, name = "EGC"]
Feb 18 13:51:29 nelsonnet2 pppd[6717]: get_input: Received non-LCP packet
when LCP not open.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: rcvd [LCP TermAck id=0x5]
Feb 18 13:51:29 nelsonnet2 pppd[6717]: Untimeout 0x18904:0x54560.
Feb 18 13:51:29 nelsonnet2 pppd[6717]: Connection terminated.
Feb 18 13:51:30 nelsonnet2 pppd[6717]: Exit.

SERVER:
Feb 18 13:51:25 fw pppd[25486]: pppd 2.3.10 started by root, uid 0
Feb 18 13:51:25 fw pppd[25486]: Using interface ppp0
Feb 18 13:51:25 fw pppd[25486]: Connect: ppp0 <--> /dev/pts/4
Feb 18 13:51:25 fw pppd[25486]: sent [LCP ConfReq id=0x1 <asyncmap 0x0>
<auth chap 81> <magic 0x4a2ee0e5> <pcomp> <accomp>]
Feb 18 13:51:25 fw pppd[25486]: Timeout 0x8050164:0x8077400 in 3 seconds.
Feb 18 13:51:27 fw pptpd[25485]: GRE: Discarding duplicate packet
Feb 18 13:51:28 fw pppd[25486]: sent [LCP ConfReq id=0x1 <asyncmap 0x0>
<auth chap 81> <magic 0x4a2ee0e5> <pcomp> <accomp>]
Feb 18 13:51:28 fw pppd[25486]: Timeout 0x8050164:0x8077400 in 3 seconds.
Feb 18 13:51:28 fw pppd[25486]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0>
<auth chap 81> <magic 0x4a2ee0e5> <pcomp> <accomp>]
Feb 18 13:51:28 fw pppd[25486]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0>
<auth chap 81> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 fw pppd[25486]: lcp_reqci: returning CONFREJ.
Feb 18 13:51:28 fw pppd[25486]: sent [LCP ConfRej id=0x1 <auth chap 81>]
Feb 18 13:51:28 fw pppd[25486]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0>
<auth chap m$oft> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 fw pppd[25486]: lcp_reqci: returning CONFREJ.
Feb 18 13:51:28 fw pppd[25486]: sent [LCP ConfRej id=0x2 <auth chap m$oft>]
Feb 18 13:51:28 fw pppd[25486]: rcvd [LCP ConfReq id=0x3 <asyncmap 0x0>
<auth chap MD5> <magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:28 fw pppd[25486]: lcp_reqci: returning CONFREJ.
Feb 18 13:51:28 fw pppd[25486]: sent [LCP ConfRej id=0x3 <auth chap MD5>]
Feb 18 13:51:29 fw pppd[25486]: rcvd [LCP ConfReq id=0x4 <asyncmap 0x0>
<magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:29 fw pppd[25486]: lcp_reqci: returning CONFACK.
Feb 18 13:51:29 fw pppd[25486]: sent [LCP ConfAck id=0x4 <asyncmap 0x0>
<magic 0x21353157> <pcomp> <accomp>]
Feb 18 13:51:29 fw pppd[25486]: Untimeout 0x8050164:0x8077400.
Feb 18 13:51:29 fw pppd[25486]: sent [CHAP Challenge id=0x1
<78af634d1b856555d5da7fef07ac90f5>, name = "EGC"]
Feb 18 13:51:29 fw pppd[25486]: Timeout 0x8055870:0x80776e0 in 3 seconds.
Feb 18 13:51:29 fw pppd[25486]: rcvd [LCP TermReq id=0x5 "peer refused to
authenticate"]
Feb 18 13:51:29 fw pppd[25486]: LCP terminated by peer (peer refused to
authenticate)
Feb 18 13:51:29 fw pppd[25486]: Untimeout 0x8055870:0x80776e0.
Feb 18 13:51:29 fw pppd[25486]: Timeout 0x8050164:0x8077400 in 3 seconds.
Feb 18 13:51:29 fw pppd[25486]: sent [LCP TermAck id=0x5]
Feb 18 13:51:32 fw pppd[25486]: Connection terminated.
Feb 18 13:51:32 fw pptpd[25427]: MGR: Reaped child 25485
Feb 18 13:51:32 fw pptpd[25485]: GRE: read(fd=4,buffer=804d7e0,len=8196)
from PTY failed: status = -1 error = Input/output error
Feb 18 13:51:32 fw pptpd[25485]: CTRL: PTY read or GRE write failed
(pty,gre)=(4,5)
Feb 18 13:51:32 fw pptpd[25485]: CTRL: Client 198.144.0.22 control
connection finished
Feb 18 13:51:32 fw pptpd[25485]: CTRL: Exiting now
Feb 18 13:51:32 fw pppd[25486]: Exit.



_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulte.org!

More information about the pptp-server mailing list