[pptp-server] /etc/ppp/options file

Bo Byrd byrdr at corp.earthlink.net
Tue Mar 19 09:18:41 CST 2002


debug
lock
mtu 1490
mru 1490
proxyarp
auth
refuse-pap
refuse-chap
refuse-chapms
require-chapms-v2
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
deflate 0
mppe-128
mppe-stateless


This is what I'm using for my options file, but users can still connect
with CHAP.  MS-CHAP doesn't work, but MS-CHAPv2 does work...
I also tried adding "require-mppe-128" and "require-mppe-stateless" (I
found these commands in a file on the internet, there is a lot of
commands out on the internet that arent in the pppd man page) but those
give errors when users try to connect.

If I set up my client to use MS-CHAPv2 and MPPE-128 then everything
works, but I am wanting to have poptop refuse anything else but that
combination.

Im using RH71 with stock rh71 2.4.2-2 kernel and I've downloaded the
pppd-2.4.1 source and the pptpd-1.1.2 src and the
ppp-2.4.1-openssl-0.9.6-mppe-patch and the
linux-2.4.4-openssl-0.9.6a-mppe.patch.

Im not sure if I did all the patches and recompiled the kernel in the
exactly correct order, but I can now connect with mppe-128 and mschapv2,
so I think I did it right.  The only thing is I can connect but I cant
ping the other interface on the linux poptop server with a client after
its connected.  Previously when I was trying Mandrake I had only
installed pptpd and hadnt done any patches or recompiles and clients
could connect with chap and could ping the other interface on the poptop
server....so how critical was the order in which I did everything?  The
reason I switched to rh71 from mandrake was Ive never been able to do a
successful kernel recompile with anything other than rh71.  Actually
when I just did rh71 yesterday it was flawless with no missing module
deps or any other error msgs during a reboot.


Thanks,
Bo

-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org] On Behalf Of Charlie Brady
Sent: Tuesday, March 19, 2002 9:59 AM
To: Bo Byrd
Cc: pptp-server at lists.schulte.org
Subject: Re: [pptp-server] /etc/ppp/options file



On Tue, 19 Mar 2002, Bo Byrd wrote:

> Ive been studying poptop for about 3 weeks now and havent found a file

> describing all the options available for this file, especially since 
> after adding mppe and mschapv2 support....basically I want to only 
> allow clients to connect using mschapv2 with 128bit mppe....but the 
> instructions would be best to have.  Anyone know where they are?

The options available are descibed in the pppd man page, after the
various 
patches are applied.

--
Charlie Brady                         charlieb at e-smith.com
Lead Product Developer
Network Server Solutions Group        http://www.e-smith.com/
Mitel Networks Corporation            http://www.mitel.com/
Phone: +1 (613) 368 4376 or 564 8000  Fax: +1 (613) 564 7739


_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --






More information about the pptp-server mailing list