[pptp-server] require-mschap-v2 not working

Joshua Nekl jnekl at kc.rr.com
Tue Jun 20 19:26:55 CDT 2000


We are wanting to anyone dialing in through pptp to be forced
to use ms-chapv2 and mppe data encryption.

I have  require-mschap-v2  in the /etc/ppp/options file.

While using NT4.0 sp6a, I forgot to re-apply the service pack
after I added the point to point tunnelling protocol. When I
looked though the logs, I found:

Jun 20 17:12:13 lx1 pppd[8891]: CHAP peer authentication succeeded for
nbartos

It wasn't authenticating using mschap-v2 or mppe. After
I re-applied service pack6a, it authenticated using mschap-v2 and
mppe.

Jun 20 18:57:54 lx1 pppd[9263]: MSCHAP-v2 peer authentication
succeeded for nbartos
Jun 20 18:58:01 lx1 pppd[9263]: MPPE 128 bit, stateless compression
enabled

Is there something else I need to be doing to force the pppd
daemon to use mschap-v2???


Using:
kernel v2.2.14
ppp-2.3.10
ppp-2.3.10-openssl-0.9.4-mppe.patch.gz
poptop-1.0.0




/etc/ppp/options
lock
auth
proxyarp
+chapms-v2
require-chapms-v2
chapms-strip-domain
mppe-40
mppe-128
mppe-stateless
ms-wins 10.8.0.2
netmask 255.0.0.0
ipx
nodefaultroute


-------------------------------------------------
Who would write an Operating System where
you have to press start to shut it off ???




More information about the pptp-server mailing list