[pptp-server] Re: Encrypted sessions using NTS Tunnel Builder

Landy Manderson USTS034 at UABDPO.DPO.UAB.EDU
Thu Jun 1 16:11:46 CDT 2000


I traced this problem down to a couple of bugs in the ppp-2.3.10 MPPE patch.
One bug caused the MPPE start key to be malformed for 40-bit encryption,
and the other (totally unrelated) bug caused a bad start key for 128-bit
encryption.  These only manifested themselves when MSChap (v1) authentication
was used, which is why the M$ VPN adapter was working for us (it was using
MSChapV2 auth.)

If this is a documented problem, I'll gladly slink away chastised.  But if
this is news to anyone, I'll be happy to provide the corrections we used.

On Tue, 30 May 00 14:21:07 CDT I said:
>I've been running PoPToP 1.0 for a few weeks, and successfully connecting
>in with Windows 9x and all of the appropriate patches.  Now, we are trying
>out NTS Tunnel Builder so that our Mac clients will be able to connect also.
>The problem I'm having is that the session will connect but not pass traffic
>if encryption is selected.  This is the case for both the PC and Mac versions
>of Tunnel Builder.  It is requesting 40-bit stateless encryption, and the
>log shows that all packets after this is negotiated are essentially garbled.
>It is almost as if the two ends do not agree on how to perform or initialize
>the encryption.
>
>So I guess my question is, is anyone using a similar configuration with
>success?  Is there anything obvious which I could've overlooked?  I would
>think I have one of the patches installed incorrectly if the M$ VPN adapter
>didn't work flawlessly when it requests the very same encryption.



More information about the pptp-server mailing list