[pptp-server] Trouble using mppe-128

[Justin Kreger]

try putting the encrption stuff into /etc/ppp/options, also, are you using
chapms-v2 on the client?

Justin Kreger, MCP MCSE CCNA
jkreger at earthling.2y.net jwkreger at uncg.edu jkreger at aristotle.wss.net


On Fri, 8 Jun 2001, Stefan Tomanek wrote:

> 
> 
> I am trying to use pptp with 128bit encryption, and applied the
> corresponding patches to pppd as well as to the kernel.
> The ppp_mppe module is loaded, and if I only activate mppe-40, I can
> connect flawlessly.
> But if I try to use 128bit encryption and put mppe-128 in the
> pptpd-option file of client and server, strange things happen:
> These are the options on the server:
> auth
> deflate 0
> nobsdcomp
> +chapms-v2
> mppe-40
> mppe-128
> mppe-stateless
> debug
> ###
> 
> Now I try to connect using the pptp linuxclient (I applied the same
> patches to the client):
> /usr/local/sbin/pptp 212.23.134.13 user stefan mppe-128 mppe-stateless
> 
> The log on the server shows the following:
> 
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [CHAP Success id=0x1 "Welcome
> to kabel2
> ."]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [IPCP ConfReq id=0x1 <addr
> 192.168.192.
> 253> <compress VJ 0f 01>]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [CCP ConfReq id=0x1 <mppe 1 0 0
> 60>]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [IPCP ConfReq id=0x1 <addr
> 212.23.134.1
> 34> <compress VJ 0f 01>]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [IPCP ConfNak id=0x1 <addr
> 192.168.192.
> 192>]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x1 <mppe 1 0 0
> 40>]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [CCP ConfRej id=0x1 <mppe 1 0 0
> 40>]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [IPCP ConfAck id=0x1 <addr
> 192.168.192.
> 253> <compress VJ 0f 01>]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [CCP ConfNak id=0x1 <mppe 1 0 0
> 40>]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [CCP ConfReq id=0x2]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [IPCP ConfReq id=0x2 <addr
> 192.168.192.
> 192> <compress VJ 0f 01>]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [IPCP ConfAck id=0x2 <addr
> 192.168.192.
> 192> <compress VJ 0f 01>]
> Jun  8 08:12:11 kabel2 pppd[18526]: Script /etc/ppp/ip-up started (pid
> 18528)
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x2]
> Jun  8 08:12:11 kabel2 pppd[18526]: sent [CCP ConfAck id=0x2]
> Jun  8 08:12:11 kabel2 pppd[18526]: rcvd [CCP ConfAck id=0x2]
> Jun  8 08:12:11 kabel2 pppd[18526]: Script /etc/ppp/ip-up finished (pid
> 18528),
> status = 0x0
> Jun  8 08:12:14 kabel2 pppd[18526]: sent [CCP ConfReq id=0x2]
> Jun  8 08:12:14 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x3 <mppe 1 0 0
> 40>]
> Jun  8 08:12:14 kabel2 pppd[18526]: sent [CCP ConfRej id=0x3 <mppe 1 0 0
> 40>]
> Jun  8 08:12:14 kabel2 pppd[18526]: rcvd [CCP ConfAck id=0x2]
> Jun  8 08:12:14 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x4]
> Jun  8 08:12:14 kabel2 pppd[18526]: sent [CCP ConfAck id=0x4]
> Jun  8 08:12:17 kabel2 pppd[18526]: sent [CCP ConfReq id=0x2]
> Jun  8 08:12:17 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x5 <mppe 1 0 0
> 40>]
> Jun  8 08:12:17 kabel2 pppd[18526]: sent [CCP ConfRej id=0x5 <mppe 1 0 0
> 40>]
> Jun  8 08:12:17 kabel2 pppd[18526]: rcvd [CCP ConfAck id=0x2]
> Jun  8 08:12:17 kabel2 pppd[18526]: rcvd [CCP ConfReq id=0x6]
> 
> So in fact, no encryption is enabled and server and client continue to
> negotiate abount <mppe 1 0 0 40>.
> How can I get it working?
> What is the differenz between <mppe 1 0 0 40>,<mppe 1 0 0 60> and <mppe 1 0 0 20>?
> 
> Thank for your help.
> -- 
>    /stefan_tomanek at web.de | ICQ:1177934 | PGP:finger stefan at localhost.ruhr.de /
>   /        Spielen unter Linux: http://spiele.freepage.de/linux-zocker/     /
>  /      "Wer Header fälscht oder verfälschte Header in Umlauf bringt      /
> /      wird mit Scorefile nicht unter -500 Punkten bestraft."            /
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>