[pptp-server] MPPE Encryption not working with 2.4.2-2 Kernel and ppp-2.4.1

George Vieira GeorgeV at citadelcomputer.com.au
Wed Aug 8 20:46:04 CDT 2001 

Can you tell if your ipchains rules are blocking pings?
What's your ipchains rules for the link?
Is there any service that you can use to test like SSHD or something?

thanks,
George Vieira
Network Engineer
Citadel Computer Systems P/L
PH +(61)2 9955 2644
FX +(61)2 9955 2659

-----Original Message-----
From: Chris Turner [mailto:cturner at netcabtec.com]
Sent: Thursday, August 09, 2001 11:49 AM
To: 'pptp-server at lists.schulte.org '
Subject: [pptp-server] MPPE Encryption not working with 2.4.2-2 Kernel
and ppp-2.4.1


Greetings all. I am coming to my wits end and would appreciate any
assistance any of you may be able to provide.

I have a RedHat 7.1 system, running the 2.4.2-2 kernel and ppp 2.4.1. 

After two frustrating weeks, I have been unsuccessful in getting MPPE to
work properly. The ppp_mppe.o module is compiling, and when I connect the
log shows:

amadeus pptpd[1474]: CTRL: Client 172.16.0.61 control connection started
amadeus pptpd[1474]: CTRL: Starting call (launching pppd, opening GRE)
amadeus pppd[1475]: pppd 2.4.1 started by root, uid 0
amadeus pppd[1475]: Using interface ppp0
amadeus pppd[1475]: Connect: ppp0 <--> /dev/pts/1
amadeus pptpd[1474]: GRE: Discarding duplicate packet
amadeus pptpd[1474]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
amadeus pppd[1475]: MSCHAP-v2 peer authentication succeeded for test
amadeus pppd[1475]: found interface eth0 for proxy arp
amadeus pppd[1475]: local  IP address 192.168.1.2
amadeus pppd[1475]: remote IP address 192.168.1.11
amadeus pppd[1475]: MPPE 128 bit, non-stateless compression enabled

The client also shows 128 bit encryption enabled and functioning. I am
however, unable to reach any of the machines inside the network. I cannot
even ping the server address of 192.168.1.2. Running tcpdump on the ppp0
interface shows both the icmp echo request and reply, and a sniffer on the
client machine shows traffic both ways (can't see it because its encrypted).
Nevertheless, the client cannot ping the server, and the server cannot ping
the client.

Where this gets interesting is if I disable encryption, everything works
fine. Client can see server and machines behind it, Server can see client,
and all is well. 

I will attempt now to as briefly as possible cover the steps I used to
compile encryption support in....

Applied the following patches to ppp-2.4.1:
ppp-2.4.1-MSCHAPv2-fix.patch.gz
ppp-2.4.1-openssl-0.9.6-mppe-patch.gz

Both applied with no errors. Performed configure, make, and make install for
ppp-2.4.1. No errors.

Applied the linux-2.4.4-openssl-0.9.6a-mppe.patch.gz patch to the kernel and
recompiled with loadable module support and PPP as module-loadable.

I have also tried the linux-2.4.0-openssl-0.9.6-mppe.patch.gz patch with a
clean source tree with the same results.

All the appropriate modules seem to be loading correctly:
Module                  Size  Used by
ppp_deflate            41664   0  (autoclean)
ppp_mppe               23856   2  (autoclean)
bsd_comp                4416   0  (autoclean)
ppp_async               6640   1  (autoclean)
ppp_generic            14240   4  (autoclean) [ppp_deflate ppp_mppe bsd_comp
ppp_async]
slhc                    5216   0  [ppp_generic]

At this point I am at a total loss, if anyone has any suggestions please let
me know.

Best regards,

Chris
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --

More information about the pptp-server mailing list