[pptp-server] External auth with MS-CHAPv2 and MPPE-128
Bo Byrd
byrdr at corp.earthlink.net
Thu Apr 4 12:41:50 CST 2002
Does anyone know how to make a BSD or Linux POPTOP server externally
authenticate users who are using MSCHAPv2 and MPPE? From what I
understand the Portslave radius client cant do MSCHAPv2 or MPPE. LDAP
would do I think but I dont know how to build it inot POPTOP.
Also I got the FreeBSD POPTOP working but users can never connect as
stateless. I've specified that they should in the config file
/etc/ppp/ppp.conf:
pptp:
load loop
disable chap
disable pap
disable chap80
deny chap
deny pap
ideny chap81
enable chap81
accept chap81
set mppe 128 stateless
#Authenticate against /etc/passwd
##enable passwdauth
enable proxy
accept dns
# DNS Servers to assign client
set dns 207.69.188.187 207.69.188.188
# NetBIOS/WINS Servers to assign client
# set nbns 192.168.0.15 192.168.0.16
# set device !/etc/ppp/secure
If anyone has seen this with BSD please let me know.
Thanks,
Bo
-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org] On Behalf Of R. de Vroede
Sent: Thursday, April 04, 2002 5:47 AM
To: truin at enterprise.truin.com
Cc: pptp-server at lists.schulte.org
Subject: RE: [pptp-server] gre protocol not available - help!
this is indeed somewhat of a firewall problem. It has something to do
with entries in /proc/net/ip_conntrack. Haven't gotten to the bottom of
it, but when you get it, there is allready some GRE connection (or
history thereof) from the client or to the server. Wait until the entry
is gone (5 to 10 mins I think), then you can make a new connection.
Regards,
Richard de Vroede
On Thu, 2002-04-04 at 00:28, truin at enterprise.truin.com wrote:
> IS your test computer behind a NAT'd firewall? I have the GRE
> Protocol
> Not Available error when my Win client is on a private IP being NAT'd
> behind a linux firewall. Perhaps your situation is similar?
>
> -=Jason=-
>
>
> On Wed, 3 Apr 2002, [Windows-1252] Örjan Johansson wrote:
>
> > I just looked through my .config file, and it says
> > CONFIG_NET_IPGRE=y so the line in modules.conf is as vain as I
> > suspected right? The utterly confusing thing is that once or twice
> > I've got it working, without doing anything...... So why is the
> > protocol not available 9 times out of ten? Any ideas at all?
> >
> > Cheers,
> > Örjan
> >
--
Richard de Vroede
(r.devroede at linvision.com)
------------------------------------------------
Linvision BV Provides Linux Solutions
Elektronicaweg 16D
2628 XG Delft
T: +31157502310 info at linvision.com
F: +31157502319 http://devel.linvision.com
------------------------------------------------
_______________________________________________
pptp-server maillist - pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --
More information about the pptp-server
mailing list