[pptp-server] pptpd+chapms+radius

James MacLean macleajb at EDnet.NS.CA
Wed May 31 12:09:30 CDT 2000


On Wed, 31 May 2000, Dragos DOBRE wrote:

> I think I have pinned the bug :)

Excellent :).
 
> instead, it goes like this: 
> user dials to pptp server
> pptp daemon sees incoming call,
> fires up the ppp daemon
> and pppd using radiusclient tries to contact radius server
> with NULL passwd and NULL username,

In auth.c I check to see if client!=NULL and server !=NULL. So I am trying
to figure out where the mistake is :(. It should only actually try to
contact the radius server when it has either a server or a client passwd.

I have tried switching the pppd's client/server order of radius checking
and some other switchies, but it does not show any delay contacting the
radius server... :(.

> because the LCP ConfReq auth chap hasn't been sent yet.
> radiusclient time-out (after the value in radiusclient.conf)
> ppp times out on the client
> the server finally sends auth chap LCP
> but the connection is closed. 
> so, it seems that the problem is that when pppd starts on server,
> it first tries to contact radius instead on trying to negociate chap or
> anything else.

Hmm. It does contact the radius server to see if the machine has a valid
entry to connect with the remote system (it's name field has a valid line
to connect with the remotename) At this time it has only it's own machine
and radius returns no passwd, but since the function in auth.c does not
end with and error, negotiation can proceed. Is this were you are seeing a
stall?

> i made it work reducing the retries-number and time-out in
> radiusclient.conf

I'd like to see if I can understand this better. You are getting a timeout
in that initial radius connect? I do not think I am seeing it happen here.

What I do see is that pptp connects (Linux PPTP) take forever to complete
with the chap requests ping-ponging back and forth over the GRE, but the
Windows connects are fast.

> so, i would help anyone who wants to patch the existing code
> in order to make this function correctly.

I'd like to see it smoothen out :).

> tnx for all the advises received

Thanks for all the feedback.

> respect,
> -- 
> Dragos Adrian DOBRE
> Network Systems Specialist
> Deuroconsult Brasov, Romania
> 

JES
--
James B. MacLean        macleajb at ednet.ns.ca
Department of Education http://www.ednet.ns.ca/~macleajb
Nova Scotia, Canada
B3M 4B2
     




More information about the pptp-server mailing list