From sliu at secai.com Wed May 1 02:47:27 2002 From: sliu at secai.com (Shu Liu) Date: Wed, 01 May 2002 00:47:27 -0700 Subject: [pptp-server] Solaris PPTP server setup, please help Message-ID: <3CCF9D8F.CE0C4F3B@secai.com> Hi, The below is what I have: - Solaris 8 - Solaris PPTP server source ported by jason.rhoads at sabernet.net Compiled and installed successfully on Solaris 8. - PPPD v 2.3.11 Compiled and installed successfully on Solaris 8. - Win2K as the PPTP client I want to make a PPTP vpn connection on Internet through DSL. I am testing on a local LAN right now. When I tried to connect, the Win2K gave me 651 error always. The Solaris PPTP log says: .......: server connection ESTABLISHED. .......: Socket not accepted: Interrupted system call Does anyone know where I can get some instruction, or can anyone who have experience to set the PPTP Solaris server send me some sample configuration file ? Many thanks in advance, Shu Liu From jasons at NJAQUARIUM.ORG Wed May 1 08:09:34 2002 From: jasons at NJAQUARIUM.ORG (Jason Staudenmayer) Date: Wed, 1 May 2002 09:09:34 -0400 Subject: [pptp-server] PoPToP on RedHat 7.2 Message-ID: Check your FIREWALL rules you need port 47 and 1723 open or forwarded -----Original Message----- From: Michael Jennings [mailto:mej at kainx.org] Sent: Monday, April 29, 2002 2:02 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] PoPToP on RedHat 7.2 Trying to set up PPTP on a brand new Redhat 7.2 installation. The following appears in the syslog when the remote user tries to connect (IP address changed to protect the innocent): pptpd[12788]: CTRL: Client 11.22.33.44 control connection started pptpd[12788]: CTRL: Starting call (launching pppd, opening GRE) pppd[12789]: pppd 2.4.1 started by root, uid 0 pppd[12789]: Using interface ppp0 pppd[12789]: Connect: ppp0 <--> /dev/pts/1 pptpd[12788]: Error writing GRE packet: Operation not permitted pptpd[12788]: CTRL: GRE read or PTY write failed (gre,pty)=(5,4) pptpd[12788]: CTRL: Client 11.22.33.44 control connection finished pppd[12789]: Modem hangup pppd[12789]: Connection terminated. pppd[12789]: Exit. The ip_gre.o module is loaded, as are the relavent PPP modules. Any thoughts as to what I've missed? Thanks, Michael -- Michael Jennings (a.k.a. KainX) http://www.kainx.org/ n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) ----------------------------------------------------------------------- "Love, like a road that never ends. How it leads me back again to heartache, I don't understand." -- Peter Cetera and Amy Grant, "Next Time I Fall" _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From mej at kainx.org Wed May 1 09:36:35 2002 From: mej at kainx.org (Michael Jennings) Date: Wed, 1 May 2002 10:36:35 -0400 Subject: [pptp-server] PoPToP on RedHat 7.2 In-Reply-To: References: Message-ID: <20020501143635.GB3101@kainx.org> On Wednesday, 01 May 2002, at 09:09:34 (-0400), Jason Staudenmayer wrote: > Check your FIREWALL rules you need port 47 and 1723 open or forwarded I believe you mean *protocol* 47 and port 1723. :) Here is the snippit from my iptables configuration pertaining to those two items: $IPTABLES -t nat -A PREROUTING -i ${EXT_IF}+ -p tcp --dport 1723 -j ACCEPT $IPTABLES -A INPUT -i ${EXT_IF}+ -p tcp --dport 1723 -j ACCEPT $IPTABLES -t nat -A OUTPUT -o ${EXT_IF}+ -p 47 -j ACCEPT $IPTABLES -A OUTPUT -o ${EXT_IF}+ -p 47 -j ACCEPT $IPTABLES -A INPUT -i ${EXT_IF}+ -p 47 -j ACCEPT $IPTABLES -A INPUT -i ppp+ -s $INT_NET -d $INT_NET -j ACCEPT $IPTABLES -A OUTPUT -o ppp+ -s $INT_NET -d $INT_NET -j ACCEPT $IPTABLES -A FORWARD -i ppp+ -o ${EXT_IF}+ -p 47 -s $INT_NET -d $INT_NET -j ACCEPT $IPTABLES -A FORWARD -o ppp+ -i ${EXT_IF}+ -p 47 -s $INT_NET -d $INT_NET -j ACCEPT $IPTABLES -A FORWARD -i ppp+ -o ${EXT_IF}+ -s $INT_NET -j ACCEPT $IPTABLES -A FORWARD -o ppp+ -i ${EXT_IF}+ -d $INT_NET -j ACCEPT Are those rules not correct? Michael -- Michael Jennings (a.k.a. KainX) http://www.kainx.org/ n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) ----------------------------------------------------------------------- "God hears them cry. (Thou shalt not kill.) You hear the lie. (Do what you will.) And you simply look the other way." -- Holy Soldier, "See No Evil" (re abortion) From fabio at ipway.com.br Wed May 1 10:05:16 2002 From: fabio at ipway.com.br (Fabio Oliveira) Date: Wed, 1 May 2002 12:05:16 -0300 Subject: RES: [pptp-server] Solaris PPTP server setup, please help In-Reply-To: <3CCF9D8F.CE0C4F3B@secai.com> Message-ID: Hi Liu, Considering the return message 651, it seems any problem in TCP/IP stack of Win2k. Anyway I would check another two points: - By default the Win2K enable the option () data encrypted . Be sure that you have the mppe module installed in Solaris. If I dont mistake you can find the .conf file at /usr/sys/sun/conf. - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 option must be there. good luck. regards, Fabio Oliveira IPWay - Internet Services fabio at ipway.com.br (o- (o- (o- (o- (o- //\ //\ //\ //\ //\ V_/_ V_/_ V_/_ V_/_ V_/_ Live with freedom, choice Linux -----Mensagem original----- De: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu Enviada em: quarta-feira, 1 de maio de 2002 04:47 Para: pptp-server at lists.schulte.org Assunto: [pptp-server] Solaris PPTP server setup, please help Hi, The below is what I have: - Solaris 8 - Solaris PPTP server source ported by jason.rhoads at sabernet.net Compiled and installed successfully on Solaris 8. - PPPD v 2.3.11 Compiled and installed successfully on Solaris 8. - Win2K as the PPTP client I want to make a PPTP vpn connection on Internet through DSL. I am testing on a local LAN right now. When I tried to connect, the Win2K gave me 651 error always. The Solaris PPTP log says: .......: server connection ESTABLISHED. .......: Socket not accepted: Interrupted system call Does anyone know where I can get some instruction, or can anyone who have experience to set the PPTP Solaris server send me some sample configuration file ? Many thanks in advance, Shu Liu _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From sliu at secai.com Wed May 1 12:01:52 2002 From: sliu at secai.com (Shu Liu) Date: Wed, 1 May 2002 10:01:52 -0700 (PDT) Subject: RES: [pptp-server] Solaris PPTP server setup, please help In-Reply-To: Message-ID: Fabio, Thank you very much for your quick response. I can monitor the communication over port 1723, but pptp-server(on Solaris) stopped at function "accept()", to wait data from Win2K. This time, Win2K already reported 651 error, and disconnected. You are right, I didn't don anything about Solaris mppe module. Is this standard Solaris module, or I have to find some software to install ? Do you know where I can find instruction about Solaris mppe ? I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options (without .pptp extention). Do we need to have a "options.pptp" also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. Many thanks, Shu Liu On Wed, 1 May 2002, Fabio Oliveira wrote: > Hi Liu, > > Considering the return message 651, it seems any problem in TCP/IP stack of > Win2k. > > Anyway I would check another two points: > > - By default the Win2K enable the option () data encrypted . Be sure that > you have the mppe module installed in Solaris. If I dont mistake you can > find the .conf file at /usr/sys/sun/conf. > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 > option must be there. > > good luck. > regards, > > Fabio Oliveira > IPWay - Internet Services > fabio at ipway.com.br > > (o- (o- (o- (o- (o- > //\ //\ //\ //\ //\ > V_/_ V_/_ V_/_ V_/_ V_/_ > Live with freedom, choice Linux > > > -----Mensagem original----- > De: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu > Enviada em: quarta-feira, 1 de maio de 2002 04:47 > Para: pptp-server at lists.schulte.org > Assunto: [pptp-server] Solaris PPTP server setup, please help > > > > Hi, > > The below is what I have: > > - Solaris 8 > - Solaris PPTP server source ported by jason.rhoads at sabernet.net > > Compiled and installed successfully on Solaris 8. > - PPPD v 2.3.11 > Compiled and installed successfully on Solaris 8. > > - Win2K as the PPTP client > > I want to make a PPTP vpn connection on Internet through DSL. > I am testing on a local LAN right now. > > > When I tried to connect, the Win2K gave me 651 error always. > The Solaris PPTP log says: > .......: server connection ESTABLISHED. > .......: Socket not accepted: Interrupted system call > > Does anyone know where I can get some instruction, or > can anyone who have experience to set the PPTP Solaris server > send me some sample configuration file ? > > Many thanks in advance, > Shu Liu > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > > From ctooley at amoa.org Wed May 1 21:30:50 2002 From: ctooley at amoa.org (Chris Tooley) Date: 01 May 2002 21:30:50 -0500 Subject: [pptp-server] PoPToP on RedHat 7.2 In-Reply-To: References: Message-ID: <1020306651.4135.0.camel@christooley.cjb.net> I'm not positive this has anything to do with it but I had a similar problem when I wasn't getting the mppe stuff in the kernel correctly. What did you do to compile the kernel modules for your kernel? Chris Tooley On Wed, 2002-05-01 at 08:09, Jason Staudenmayer wrote: > Check your FIREWALL rules you need port 47 and 1723 open or forwarded > > -----Original Message----- > From: Michael Jennings [mailto:mej at kainx.org] > Sent: Monday, April 29, 2002 2:02 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] PoPToP on RedHat 7.2 > > > Trying to set up PPTP on a brand new Redhat 7.2 installation. The > following appears in the syslog when the remote user tries to connect > (IP address changed to protect the innocent): > > pptpd[12788]: CTRL: Client 11.22.33.44 control connection started > pptpd[12788]: CTRL: Starting call (launching pppd, opening GRE) > pppd[12789]: pppd 2.4.1 started by root, uid 0 > pppd[12789]: Using interface ppp0 > pppd[12789]: Connect: ppp0 <--> /dev/pts/1 > pptpd[12788]: Error writing GRE packet: Operation not permitted > pptpd[12788]: CTRL: GRE read or PTY write failed (gre,pty)=(5,4) > pptpd[12788]: CTRL: Client 11.22.33.44 control connection finished > pppd[12789]: Modem hangup > pppd[12789]: Connection terminated. > pppd[12789]: Exit. > > The ip_gre.o module is loaded, as are the relavent PPP modules. Any > thoughts as to what I've missed? > > Thanks, > Michael > > -- > Michael Jennings (a.k.a. KainX) http://www.kainx.org/ > n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) > ----------------------------------------------------------------------- > "Love, like a road that never ends. How it leads me back again to > heartache, I don't understand." > -- Peter Cetera and Amy Grant, "Next Time I Fall" > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From anesthes at cisdi.com Wed May 1 21:58:57 2002 From: anesthes at cisdi.com (Joey Coco) Date: Wed, 1 May 2002 21:58:57 -0500 (EST) Subject: [pptp-server] PoPToP on RedHat 7.2 In-Reply-To: <1020306651.4135.0.camel@christooley.cjb.net> Message-ID: Thats protocol 47, not port 47. Michael, What type of client is connecting to this poptop server, and what does your options file look like?? I haved moved to the /dev/pts system yet. Guess Redhat uses that by default now eh? -- Joe On 1 May 2002, Chris Tooley wrote: > I'm not positive this has anything to do with it but I had a similar > problem when I wasn't getting the mppe stuff in the kernel correctly. > What did you do to compile the kernel modules for your kernel? > > Chris Tooley > > On Wed, 2002-05-01 at 08:09, Jason Staudenmayer wrote: > > Check your FIREWALL rules you need port 47 and 1723 open or forwarded > > > > -----Original Message----- > > From: Michael Jennings [mailto:mej at kainx.org] > > Sent: Monday, April 29, 2002 2:02 PM > > To: pptp-server at lists.schulte.org > > Subject: [pptp-server] PoPToP on RedHat 7.2 > > > > > > Trying to set up PPTP on a brand new Redhat 7.2 installation. The > > following appears in the syslog when the remote user tries to connect > > (IP address changed to protect the innocent): > > > > pptpd[12788]: CTRL: Client 11.22.33.44 control connection started > > pptpd[12788]: CTRL: Starting call (launching pppd, opening GRE) > > pppd[12789]: pppd 2.4.1 started by root, uid 0 > > pppd[12789]: Using interface ppp0 > > pppd[12789]: Connect: ppp0 <--> /dev/pts/1 > > pptpd[12788]: Error writing GRE packet: Operation not permitted > > pptpd[12788]: CTRL: GRE read or PTY write failed (gre,pty)=(5,4) > > pptpd[12788]: CTRL: Client 11.22.33.44 control connection finished > > pppd[12789]: Modem hangup > > pppd[12789]: Connection terminated. > > pppd[12789]: Exit. > > > > The ip_gre.o module is loaded, as are the relavent PPP modules. Any > > thoughts as to what I've missed? > > > > Thanks, > > Michael > > > > -- > > Michael Jennings (a.k.a. KainX) http://www.kainx.org/ > > n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) > > ----------------------------------------------------------------------- > > "Love, like a road that never ends. How it leads me back again to > > heartache, I don't understand." > > -- Peter Cetera and Amy Grant, "Next Time I Fall" > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From r.devroede at linvision.com Thu May 2 03:09:30 2002 From: r.devroede at linvision.com (R. de Vroede) Date: 02 May 2002 10:09:30 +0200 Subject: [pptp-server] PoPToP on RedHat 7.2 In-Reply-To: <20020429180226.GG8957@kainx.org> References: <20020429180226.GG8957@kainx.org> Message-ID: <1020326971.10006.42.camel@richard> Did you get those wonderful RedHat RPM's from http://planetmirror.com/ppp-mppe/ ? On Mon, 2002-04-29 at 20:02, Michael Jennings wrote: > Trying to set up PPTP on a brand new Redhat 7.2 installation. The > following appears in the syslog when the remote user tries to connect > (IP address changed to protect the innocent): > > pptpd[12788]: CTRL: Client 11.22.33.44 control connection started > pptpd[12788]: CTRL: Starting call (launching pppd, opening GRE) > pppd[12789]: pppd 2.4.1 started by root, uid 0 > pppd[12789]: Using interface ppp0 > pppd[12789]: Connect: ppp0 <--> /dev/pts/1 > pptpd[12788]: Error writing GRE packet: Operation not permitted > pptpd[12788]: CTRL: GRE read or PTY write failed (gre,pty)=(5,4) > pptpd[12788]: CTRL: Client 11.22.33.44 control connection finished > pppd[12789]: Modem hangup > pppd[12789]: Connection terminated. > pppd[12789]: Exit. > > The ip_gre.o module is loaded, as are the relavent PPP modules. Any > thoughts as to what I've missed? > > Thanks, > Michael > > -- > Michael Jennings (a.k.a. KainX) http://www.kainx.org/ > n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) > ----------------------------------------------------------------------- > "Love, like a road that never ends. How it leads me back again to > heartache, I don't understand." > -- Peter Cetera and Amy Grant, "Next Time I Fall" > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- -- Richard de Vroede (r.devroede at linvision.com) ------------------------------------------------ Linvision BV Provides Linux Solutions Elektronicaweg 16D 2628 XG Delft T: +31157502310 info at linvision.com F: +31157502319 http://devel.linvision.com ------------------------------------------------ From angelswire at hotmail.com Wed May 1 06:21:51 2002 From: angelswire at hotmail.com (Mark Court) Date: Wed, 01 May 2002 06:21:51 -0500 Subject: [pptp-server] How would you like to earn $500-$1000 a month extra cash with just a little honest effort. Message-ID: <0GVH002RHECWDN@mtaout03.icomcast.net> Subject: BOY, 15, EARNS $71,000 IN 5 WEEKS! $$$"TRUE STORY" SEEN ON ABC 20-20 BOY, 15, MAKES 71 THOUSAND DOLLARS IN 5 WKS!! U CAN 2!! AS SEEN ON NATIONAL TV: This is the one! PARENTS OF 15 YEAR-OLD FINDS $71,000 CASH HIDDEN IN HIS CLOSET Does this headline look familiar? Of course it does. You most likely have just seen this story recently featured on a major nightly news program (USA). His mother was cleaning and putting laundry away when she came across a large brown paper bag that was suspiciously buried beneath some clothes and a skateboard in the back of her 15-year-old son's closet. Nothing could have prepared her for the shock she got when she opened the bag and found it was full of cash. Five-dollar bills, twenties, fifties, and hundreds -- all neatly rubber-banded in labeled piles. "My first thought was that he had robbed a bank," said the 41-year-old woman. "There was over $71,000 dollars in that bag -- that's more than my husband earns in a year." The woman immediately called her husband at the car-dealership where he worked to tell him what she had discovered. He came home right away and they drove together to the boy's school and picked him up. Little did they suspect that where the money came from was more shocking than actually finding it in the closet. As it turns out, the boy had been sending out, via E-mail, a type of "Report" to E-mail addresses that he obtained off of the Internet. Everyday after school for the past two months, he had been doing this right on his computer in his bedroom. "I just got the E-mail one day and I figured what the heck. I put my name on it like the instructions said and I started sending it out," said the clever 15-year-old. The E-mail letter listed 5 addresses and contained instructions to send one $5 dollar bill to each person on the list, then delete the address at the top and move the other addresses Down , and finally to add your name to the top of the list. The letter goes on to state that you would receive several thousand dollars in five-dollar bills within 2 weeks if you sent out the letter with your name at the top of the 5-address list. "I get junk E-mail all the time, and really did not think it was going to work," the boy continued. Within the first few days of sending out the E-mail, the Post Office Box that his parents had gotten him for his video-game magazine subscriptions began to fill up with, not magazines, but envelopes containing $5 bills. "About a week later I rode [my bike] down to the post office and my box had 1 magazine and about 300 envelopes stuffed in it. There was also a yellow slip that said I had to go up to the [post office] counter. I thought I was in trouble or something (laughs)." He went on, "I went up to the counter and they had a whole box of more mail for me. I had to ride back home and empty out my backpack because I could not carry it all." Over the next few weeks, the boy continued sending out the E-mail. "The money just kept coming in and I just kept sorting it and stashing it in the closet. I barely had time for my homework." He had also been riding his bike to several of the banks in his area and exchanging the $5 bills for twenties, fifties, and hundreds. "I didn't want the banks to get suspicious so I kept riding to different banks with like five thousand at a time in my backpack. I would usually tell the lady at the bank counter that my dad had sent me in [to exchange the money] and he was outside waiting for me. One time the lady gave me a really strange look and told me that she would not be able to do it for me and my dad would have to come in and do it, but I just rode to the next bank down the street (laughs)." Surprisingly, the boy did not have any reason to be afraid. The reporting news team examined and investigated the so-called "chain-letter" the boy was sending out and found that it was not a chain-letter at all. In fact, it was completely legal according to; US Postal and Lottery Laws, Title 18, Section 1302 and 1341, or Title 18, Section 3005 in the US code, also in the code of federal regulations, Volume 16, Sections 255 and 436, which state a product or service must be exchanged for money received. Every five-dollar bill that he received contained a little note that read, "Please send me report number XYX." This simple note made the letter legal because he was exchanging a service (a "How-To" Report) for a five-dollar fee. Here is the letter that the 15-year-old was sending out by E-mail. You can do the exact same thing he was doing, simply by following the instructions in this letter! Dear Friends & Future Millionaires: AS SEEN ON NATIONAL TV: Make over a half-million dollars every 4 to 5 months from your home for an investment of only a one-time $25 expense - (U.S. dollars) -- THANKS TO THE COMPUTER AGE AND THE INTERNET ! =================================================== BE A MILLIONAIRE LIKE OTHERS WITHIN A YEAR!! Before you say "Bull," please read the following. This is the letter you have been hearing about on the news lately. Due to the popularity of this letter on the Internet, a national weekly news program recently devoted an entire show to the investigation of this program described below, to see if it really can make people money. The show also investigated whether or not the program was legal. Their findings proved once and for all that there are ''absolutely NO Laws prohibiting participation in the program and if people can follow the simple instructions, they are bound to make some mega-bucks with only $25 out-of-pocket cost. DUE TO THE RECENT INCREASE OF POPULARITY & RESPECT THIS PROGRAM HAS ATTAINED, IT IS CURRENTLY WORKING BETTER THAN EVER. This is what one had to say: ''Thanks to this profitable opportunity, I was approached many times before but each time I passed on it. I am so glad I finally joined just to see what one could expect in return for the minimal effort and money required. To my astonishment, I received a total of $610,470.00 in 21 weeks, with money still coming in." Pam Headland, Fort Lee, New Jersey. ================================================== Here is another testimonial: "This program has been around for a long time but I never believed in it. Yet one day when I received this again in the mail I decided to gamble my $25 on it. I followed the simple instructions and joila ..... 3 weeks later the money started to come in. First month I only made $240.00 but the next 2 months after that I made a total of $290,000.00. So far, in the past 8 months by re-entering the program, I have made over $710,000.00 and I am playing it again. The key to success in this program is to follow the simple steps and NOT change anything.'' More testimonials later but first . ===================================================== PRINT THIS NOW FOR YOUR FUTURE REFERENCE ===================================================== $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ If you would like to make at least $500,000 every 4 to 5 months easily and comfortably, please read the following.. THEN READ IT AGAIN and AGAIN!!! $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ FOLLOW THE SIMPLE INSTRUCTION BELOW AND YOUR FINANCIAL DREAMS WILL COME TRUE, GUARANTEED!!!! INSTRUCTIONS: ============= Order all 5 reports shown on the list below. For each report, send $5 CASH (US $), THE NAME & NUMBER OF THE REPORT YOU ARE ORDERING, and YOUR E-MAIL ADDRESS to the person whose name appears ON THAT LIST next to the report. MAKE SURE YOUR RETURN ADDRESS IS ON YOUR ENVELOPE TOP LEFT CORNER in case of any mail problems. When you place your order, make sure you order each of the 5 reports. You will need all 5 reports so that you can save them on your computer and resell them. YOUR TOTAL COST $5 X 5=$25.00. Within a few days you will receive, via e-mail, each of the 5 reports from these 5 different individuals. Save them on your computer so they will be accessible for you to send to the 1,000s of people who will order them from you. Also make a floppy of these reports and keep it on your desk in case something happen to your computer. IMPORTANT - DO NOT alter the names of the people who are listed next to each report, or their sequence on the list, in any way other than what is instructed below in step ''1 through 6'' or you will lose out on the majority of your profits. Once you understand the way this works, you will also see how it does not work if you change it. Remember, this method has been tested, and if you alter it, it will NOT work!!! People have tried to put their friends' or relatives' names on all five, thinking they could get all the money. But it does not work this way. Believe us, many have tried to be greedy, but then nothing happened. So DO NOT try to change anything other than what is instructed. Because if you do, it will not work for you. Remember, honesty reaps the rewards!!! 1.... After you have ordered all 5 reports, take this advertisement and REMOVE the name & address of the person in REPORT # 5. This person has made it through the cycle and is no doubt counting their fortune. 2.... Move the name & address in REPORT # 4 down TO REPORT # 5. 3.... Move the name & address in REPORT # 3 down TO REPORT # 4. 4.... Move the name & address in REPORT # 2 down TO REPORT # 3. 5.... Move the name & address in REPORT # 1 down TO REPORT # 2 6.... Insert YOUR name & address in the REPORT # 1 Position. PLEASE MAKE SURE you copy every name & address ACCURATELY! ============================================== Take this entire letter, with the modified list of names, and save it on your computer. DO NOT MAKE ANY OTHER CHANGES. Save this on a disk as well, just in case you lose any data. To assist you with marketing your business on the Internet, the 5 reports you purchase will provide you with invaluable marketing information which includes how to send bulk e-mails legally, where to find thousands of free classified ads and much more. There are 2 Primary methods to get this venture going: METHOD #1: BY SENDING BULK E-MAIL LEGALLY =============================================== Let's say that you decide to start small, just to see how it goes, and we will assume You and those involved send out only 5,000 e-mails each (VERY easy to do). Let's also assume that the mailing receive only a 0.2% response (the response could be much better but lets just say it is only 0.2%. Many people will send out hundreds of thousands of e-mails instead of only 5,000 each, and that is just as easy to do). Continuing with this example, you send out only 5,000 e-mails. With a 0.2% response, that is only 10 orders for report # 1. Those 10 people responded by sending out 5,000 e-mail each for a total of 50,000. Out of those 50,000 e-mails only 0.2% responded with orders. That means--100 people responded and ordered Report # 2. Those 100 people mail out 5,000 e-mails each for a total of 500,000 e-mails. The 0.2% response to that is 1000 orders for Report # 3. Those 1000 people send out 5,000 e-mails each for a total of 5 million e-mails sent out. The 0.2% response to that is 10,000 orders for Report # 4. Those 10,000 people send out 5,000 e-mails each for a total of 50,000 (50 million) e-mails. The 0.2% response to that is 100,000 orders for Report # 5 THAT'S 100,000 ORDERS TIMES $5 EACH=$500,000.00 (a half-million dollars!). Your total income in this example is: 1..... $50 + 2..... $500 + 3..... $5,000 + 4..... $50,000 + 5..... $500,000 Grand Total=$555,550.00 NUMBERS DO NOT LIE. GET A PENCIL & PAPER AND FIGURE IT OUT ! THE WORST POSSIBLE RESPONSES AND NO MATTER HOW YOU CALCULATE IT, YOU WILL STILL MAKE A LOT OF MONEY ! ====================================================== REMEMBER FRIEND, THIS ASSUMES ONLY 10 PEOPLE ORDERING OUT OF THE 5,000 WHO YOU MAILED TO. Dare to think for a moment what would happen if everyone, or half, or even one fourth of those people mailed 100,000 e-mails each or more? There are over 150-million people on the Internet worldwide and counting. Believe me, many people will do just that, and more! METHOD # 2: BY PLACING FREE ADS ON THE INTERNET ================================================ Advertising on the net is very inexpensive and there are hundreds of FREE places to advertise. Placing a lot of free ads on the Internet will easily get a larger response. We strongly suggest you start with METHOD # 1 and involve METHOD #2 as you go along. For every $5 you receive, all you Must do is e-mail them the Report they ordered. That's it. Always provide same-day service on all orders. This will guarantee that the e-mail they send out, with your name and address on it, will be prompt because they can not advertise until they receive the report. AVAILABLE REPORTS ================== ORDER EACH REPORT BY ITS NUMBER & NAME ONLY. Notes: Always send $5 cash (U.S. CURRENCY) for each Report. Checks NOT accepted. Make sure the cash is concealed by wrapping it in at least 2 sheets of paper. On one of those sheets of paper, write: -the NUMBER & the NAME of the REPORT you are ordering, -YOUR E-MAIL ADDRESS, -and YOUR NAME AND POSTAL ADDRESS. Hint: If you wrap your $5 bill in card or tag weight paper, light cannot shine through and expose your money and will be less likely to disappear in the mail. PLACE YOUR ORDER FOR THESE REPORTS NOW: ============================================== REPORT #1:"The Insider's Guide to Advertising for Free on the Net" Order Report #1from: Brian Smith 819 Tanninger Dr. Indianapolis, IN 46239 USA ============================================== REPORT # 2: The Insider's Guide to Sending Bulk E-mail on the Net Order Report #2: from: Safecastle Enterprises PO Box 113 Prior Lake, MN 55372 USA ============================================== REPORT #3: Secret to Multilevel Marketing on the Net Order Report #3 from: C Smith 107 Don Allen Rd. Louisville, KY 40207-3901 USA ============================================== REPORT #4: "How to Become a Millionaire Utilizing MLM & the Net" Order Report #4 from: Henry Jones PO Box 69 Glenwood, IL 60425 USA ============================================== REPORT #5: "How to Send Out One-Million E-mails for Free" Order Report #5 from: Michael Hale 3691 South Main Street Marion, NY 14505 USA ============================================== Please remember that your $5 bills are going all around the world and delivery of the report could take as long as 2-4wks. ===================================================== $$$$$$$$$$$$$$$$ YOUR SUCCESS GUIDELINES $$$$$$$$$$$$$$$$ Follow these guidelines to guarantee your success: If you do not receive at least 10 orders for Report #1 within 2 weeks, continue sending e-mails until you do. After you have received 10 orders, 2 to 3 weeks after that you should receive 100 orders or more for REPORT # 2. If you do not, continue advertising or sending e-mails until you do. Once you have received 100 or more orders for Report # 2, YOU CAN RELAX, because the system is already working for you, and the cash will continue to roll in! THIS IS IMPORTANT TO REMEMBER: Every time your name is moved down on the list, you are placed in front of a different report. You can KEEP TRACK of your PROGRESS by watching which report people are ordering from you. IF YOU WANT TO GENERATE MORE INCOME SEND ANOTHER BATCH OF E-MAILS AND START THE WHOLE PROCESS AGAIN. There is NO LIMIT to the income you can generate from this business !!! ======================================================= FOLLOWING IS A NOTE FROM THE ORIGINATOR OF THIS PROGRAM: You have just received information that can give you financial freedom for the rest of your life, with NO RISK and JUST A LITTLE BIT OF EFFORT. You can make more money in the next few weeks and months than you have ever imagined. Follow the program EXACTLY AS INSTRUCTED. DO NOT change it in any way. It works exceedingly well as it is now. Remember to e-mail a copy of this exciting report after you have put your name and address in Report #1 and have moved the others to #2 through # 5 as instructed above. One of the people you send this to may send out 100,000 or more e-mails and your name will be on every one of them. Remember though, the more you send out, the more potential customers you will reach. So my friend, I have given you the ideas, information, materials, and opportunity to become financially independent. IT IS UP TO YOU NOW ! Here are some MORE TESTIMONIALS: "My name is Mitchell. My wife, Jody and I live in Chicago. I am an accountant with a major U.S. corporation and I make pretty good money. When I received this program I grumbled to Jody about receiving 'junk mail.' I made fun of the whole thing, spouting my knowledge of the population and percentages involved. I 'knew' it wouldn't work. Jody totally ignored my supposed intelligence and a few days later she jumped in with both feet. I made merciless fun of her, and was ready to lay the old 'I told you so' on her when the thing didn't work. Well, the laugh was on me! Within 3 weeks she had received 50 responses. Within the next 45 days she had received a total of $147,200.00-all cash! I was shocked. I have joined Jody in her 'hobby.'" -Mitchell Wolf, Chicago, Illinois =========================================================== "Not being the gambling type, it took me several weeks to make up my mind to participate in this plan. But conservative that I am, I decided that the initial investment was so little that there was just no way that I wouldn't get enough orders to at least get my money back. I was surprised when I found my medium-size post office box crammed with orders. I made $319,210.00 in the first 12 weeks. The nice thing about this deal is that it does not matter where people live. There simply isn't a better investment with a faster return and so big." -Dan Sondstrom, Alberta, Canada ======================================================== "I had received this program before. I deleted it, but later I wondered if I should have given it a try. Of course, I had no idea who to contact to get another copy, so I had to wait until I was e-mailed again by someone else. Eleven months passed then it luckily came again. I did not delete this one! I made more than $490,000 on my first try and all the money came within 22 weeks." - Susan De Suza, New York, N.Y. ====================================================== "It really is a great opportunity to make relatively easy money with little cost to you. I followed the simple instructions carefully and within 10 days, the money started to come in. My first month I made $20,560.00, and by the end of the third month my total cash count was $362,840.00. Life is beautiful, thanks to the Internet." - Fred Dellaca, Westport, New Zealand ======================================================== ORDER YOUR REPORTS TODAY AND GET STARTED ON YOUR ROAD TO FINANCIAL FREEDOM! ========================================================= This letter is not intended to be a guarantee, nor does it provide any guaranteed promise of earnings. Your response rate may be different than that of other participants in this program. From fabio at ipway.com.br Thu May 2 08:26:16 2002 From: fabio at ipway.com.br (Fabio Oliveira) Date: Thu, 2 May 2002 10:26:16 -0300 Subject: RES: RES: [pptp-server] Solaris PPTP server setup, please help In-Reply-To: Message-ID: Liu, you are welcome. >I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options >(without .pptp extention). Do we need to have a "options.pptp" >also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. OK. You dont need have exactly that file. When you configure the /etc/pptpd.conf have a line options, so you must type for ex.: options /etc/ppp/, that can be any (options, options.pptp, options.vpn, etc....you choose....) >Is this standard Solaris module, or I have to find some software >to install ? Do you know where I can find instruction about Solaris >mppe ? MPPE means Microsoft Point-to-Point Encryption and that is a patch for the pppd program works with encrypted data. (ref. RFC 3078) You can get the source code to compile at : http://pserver.samba.org/cgi-bin/cvsweb/ppp/pppd/ and search in : www.sunfreeware.com for Sun packages (you know is very easy to install) Certainly there are another places but I remember of these. good luck again Liu. regards, Fabio -----Mensagem original----- De: Shu Liu [mailto:sliu at secai.com] Enviada em: quarta-feira, 1 de maio de 2002 14:02 Para: Fabio Oliveira Cc: pptp-server at lists.schulte.org Assunto: Re: RES: [pptp-server] Solaris PPTP server setup, please help Fabio, Thank you very much for your quick response. I can monitor the communication over port 1723, but pptp-server(on Solaris) stopped at function "accept()", to wait data from Win2K. This time, Win2K already reported 651 error, and disconnected. You are right, I didn't don anything about Solaris mppe module. Is this standard Solaris module, or I have to find some software to install ? Do you know where I can find instruction about Solaris mppe ? I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options (without .pptp extention). Do we need to have a "options.pptp" also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. Many thanks, Shu Liu On Wed, 1 May 2002, Fabio Oliveira wrote: > Hi Liu, > > Considering the return message 651, it seems any problem in TCP/IP stack of > Win2k. > > Anyway I would check another two points: > > - By default the Win2K enable the option () data encrypted . Be sure that > you have the mppe module installed in Solaris. If I dont mistake you can > find the .conf file at /usr/sys/sun/conf. > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 > option must be there. > > good luck. > regards, > > Fabio Oliveira > IPWay - Internet Services > fabio at ipway.com.br > > (o- (o- (o- (o- (o- > //\ //\ //\ //\ //\ > V_/_ V_/_ V_/_ V_/_ V_/_ > Live with freedom, choice Linux > > > -----Mensagem original----- > De: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu > Enviada em: quarta-feira, 1 de maio de 2002 04:47 > Para: pptp-server at lists.schulte.org > Assunto: [pptp-server] Solaris PPTP server setup, please help > > > > Hi, > > The below is what I have: > > - Solaris 8 > - Solaris PPTP server source ported by jason.rhoads at sabernet.net > > Compiled and installed successfully on Solaris 8. > - PPPD v 2.3.11 > Compiled and installed successfully on Solaris 8. > > - Win2K as the PPTP client > > I want to make a PPTP vpn connection on Internet through DSL. > I am testing on a local LAN right now. > > > When I tried to connect, the Win2K gave me 651 error always. > The Solaris PPTP log says: > .......: server connection ESTABLISHED. > .......: Socket not accepted: Interrupted system call > > Does anyone know where I can get some instruction, or > can anyone who have experience to set the PPTP Solaris server > send me some sample configuration file ? > > Many thanks in advance, > Shu Liu > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > > From mej at kainx.org Thu May 2 10:44:54 2002 From: mej at kainx.org (Michael Jennings) Date: Thu, 2 May 2002 11:44:54 -0400 Subject: [pptp-server] PoPToP on RedHat 7.2 In-Reply-To: <1020326971.10006.42.camel@richard> <1020306651.4135.0.camel@christooley.cjb.net> References: <20020429180226.GG8957@kainx.org> <1020326971.10006.42.camel@richard> <1020306651.4135.0.camel@christooley.cjb.net>

<1020306651.4135.0.camel@christooley.cjb.net> Message-ID: <20020502154454.GA5338@kainx.org> On Wednesday, 01 May 2002, at 10:42:37 (-0400), Jason Staudenmayer wrote: > input > ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 * -> > 1723 > ACCEPT gre ------ 0.0.0.0/0 0.0.0.0/0 n/a > > output > ACCEPT tcp ------ 0.0.0.0/0 0.0.0.0/0 1723 -> > * > ACCEPT gre ------ 0.0.0.0/0 0.0.0.0/0 n/a Using these rules, or the iptables equivalents to be precise, I get the following: pptpd[12125]: CTRL: Client 11.22.33.44 control connection started pptpd[12125]: CTRL: Starting call (launching pppd, opening GRE) kernel: CSLIP: code copyright 1989 Regents of the University of California kernel: PPP generic driver version 2.4.1 pppd[12126]: pppd 2.4.1 started by root, uid 0 pppd[12126]: Using interface ppp0 pppd[12126]: Connect: ppp0 <--> /dev/pts/0 kernel: PPP BSD Compression module registered kernel: PPP Deflate Compression module registered pppd[12126]: CCP terminated by peer pppd[12126]: Compression disabled by peer. pppd[12126]: LCP terminated by peer pppd[12126]: Modem hangup pppd[12126]: Connection terminated. pppd[12126]: Exit. pptpd[12125]: GRE: read error: Bad file descriptor pptpd[12125]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) pptpd[12125]: CTRL: Client 11.22.33.44 control connection finished Looking better, at least.... :-) On Wednesday, 01 May 2002, at 21:30:50 (-0500), Chris Tooley wrote: > I'm not positive this has anything to do with it but I had a similar > problem when I wasn't getting the mppe stuff in the kernel > correctly. What did you do to compile the kernel modules for your > kernel? It's the stock RH 7.2 kernel. Here are the PPP options from the config: CONFIG_PPP=m CONFIG_PPP_MULTILINK=y CONFIG_PPP_FILTER=y CONFIG_PPP_ASYNC=m CONFIG_PPP_SYNC_TTY=m CONFIG_PPP_DEFLATE=m CONFIG_PPP_BSDCOMP=m # CONFIG_PPPOE is not set # CONFIG_SYNCLINK_SYNCPPP is not set CONFIG_WANPIPE_PPP=y CONFIG_WANPIPE_MULTPPP=y CONFIG_ISDN_PPP=y CONFIG_ISDN_PPP_VJ=y CONFIG_ISDN_PPP_BSDCOMP=m On Wednesday, 01 May 2002, at 21:58:57 (-0500), Joey Coco wrote: > What type of client is connecting to this poptop server, and what > does your options file look like?? It's the Microsoft VPN client. I don't know anything more specific than that, but I could find out.... > I haved moved to the /dev/pts system yet. Guess Redhat uses that by > default now eh? All Linux distros should, for many reasons, not the least of which is pty ownerships and permissions. :) On Thursday, 02 May 2002, at 10:09:30 (+0200), R. de Vroede wrote: > Did you get those wonderful RedHat RPM's from > http://planetmirror.com/ppp-mppe/ ? Nope, I got the pptpd RPM from rpmfind (Mandrake) and rebuilt it. Thanks for all your help, fellas. :-) Michael -- Michael Jennings (a.k.a. KainX) http://www.kainx.org/ n+1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) ----------------------------------------------------------------------- "Oh Rosie, tout est blanc; tes yeux m'eclairent. De t'avoir eue un instant, j'etais tellement fier. Tout ce qu'il me reste a present; l'envie de tout foutre en l'air, et de recommencer la nuit...." -- Francis Cabrel From sliu at secai.com Thu May 2 11:31:40 2002 From: sliu at secai.com (Shu Liu) Date: Thu, 02 May 2002 09:31:40 -0700 Subject: RES: RES: [pptp-server] Solaris PPTP server setup, please help References: Message-ID: <3CD169EB.7E06FE11@secai.com> Fabio, Thank you so much for your kind response. I will try it today and then send you the report. Many thanks. m(..)m Regards, Shu Liu Fabio Oliveira wrote: > Liu, > > you are welcome. > >I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > >(without .pptp extention). Do we need to have a "options.pptp" > >also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > OK. You dont need have exactly that file. When you configure the > /etc/pptpd.conf have a line options, so you must type for ex.: options > /etc/ppp/, that can be any (options, options.pptp, > options.vpn, etc....you choose....) > > >Is this standard Solaris module, or I have to find some software > >to install ? Do you know where I can find instruction about Solaris > >mppe ? > > MPPE means Microsoft Point-to-Point Encryption and that is a patch for the > pppd program works with encrypted data. (ref. RFC 3078) > > You can get the source code to compile at : > http://pserver.samba.org/cgi-bin/cvsweb/ppp/pppd/ > > and search in : www.sunfreeware.com for Sun packages (you know is very easy > to install) > Certainly there are another places but I remember of these. > > good luck again Liu. > regards, > > Fabio > > -----Mensagem original----- > De: Shu Liu [mailto:sliu at secai.com] > Enviada em: quarta-feira, 1 de maio de 2002 14:02 > Para: Fabio Oliveira > Cc: pptp-server at lists.schulte.org > Assunto: Re: RES: [pptp-server] Solaris PPTP server setup, please help > > Fabio, > Thank you very much for your quick response. > > I can monitor the communication over port 1723, but > pptp-server(on Solaris) stopped at function "accept()", to wait data > from Win2K. This time, Win2K already reported 651 error, > and disconnected. > You are right, I didn't don anything about Solaris mppe module. > Is this standard Solaris module, or I have to find some software > to install ? Do you know where I can find instruction about Solaris > mppe ? > > I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > (without .pptp extention). Do we need to have a "options.pptp" > also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > Many thanks, > Shu Liu > > On Wed, 1 May 2002, Fabio Oliveira wrote: > > > Hi Liu, > > > > Considering the return message 651, it seems any problem in TCP/IP stack > of > > Win2k. > > > > Anyway I would check another two points: > > > > - By default the Win2K enable the option () data encrypted . Be sure that > > you have the mppe module installed in Solaris. If I dont mistake you can > > find the .conf file at /usr/sys/sun/conf. > > > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 > > option must be there. > > > > good luck. > > regards, > > > > Fabio Oliveira > > IPWay - Internet Services > > fabio at ipway.com.br > > > > (o- (o- (o- (o- (o- > > //\ //\ //\ //\ //\ > > V_/_ V_/_ V_/_ V_/_ V_/_ > > Live with freedom, choice Linux > > > > > > -----Mensagem original----- > > De: pptp-server-admin at lists.schulte.org > > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu > > Enviada em: quarta-feira, 1 de maio de 2002 04:47 > > Para: pptp-server at lists.schulte.org > > Assunto: [pptp-server] Solaris PPTP server setup, please help > > > > > > > > Hi, > > > > The below is what I have: > > > > - Solaris 8 > > - Solaris PPTP server source ported by jason.rhoads at sabernet.net > > > > Compiled and installed successfully on Solaris 8. > > - PPPD v 2.3.11 > > Compiled and installed successfully on Solaris 8. > > > > - Win2K as the PPTP client > > > > I want to make a PPTP vpn connection on Internet through DSL. > > I am testing on a local LAN right now. > > > > > > When I tried to connect, the Win2K gave me 651 error always. > > The Solaris PPTP log says: > > .......: server connection ESTABLISHED. > > .......: Socket not accepted: Interrupted system call > > > > Does anyone know where I can get some instruction, or > > can anyone who have experience to set the PPTP Solaris server > > send me some sample configuration file ? > > > > Many thanks in advance, > > Shu Liu > > > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From alex at morrison.king.net.nz Fri May 3 00:07:00 2002 From: alex at morrison.king.net.nz (Alex King) Date: Fri, 3 May 2002 17:07:00 +1200 Subject: [pptp-server] 2.4.19-pre7 mppe problems Message-ID: <20020503050700.GA751@morrison.king.net.nz> I am trying to set up poptop, but running into problems. I am testing on a debian woody system, with the debian pptpd package installed (PoPToP v1.1.2) I got the latest ppp sources by cvs from pserver.samba.org. This pppd seems to already have support for mppe, and it has kernel patches for 2.4.18. I applied the patches (which seemed to apply cleanly) Has anyone tried this ppp versin? When I try to connect with a win95 client with the DUN 1.3 update, it gets as far as authenticating, but the client gives an error as soon as it gets this from the server: pppd[720]: sent [CCP ConfReq id=0x1 ] Has anyone got this version of pppd/mppe working? /etc/ppp/pptpd-options: debug name morrison domain itspace auth require-mschap-v2 require-mppe-128 ms-dns 10.0.0.1 ms-wins 10.0.0.1 netmask 255.255.255.0 nodefaultroute proxyarp lock logfile attached -------------- next part --------------

Difficulties I have with World Vision:

1. They are an evangelical Christian organisation

2. They are a multinational corporation

3. They are a child sponsorship organisation.

4.

From alex at morrison.king.net.nz Fri May 3 00:10:29 2002 From: alex at morrison.king.net.nz (Alex King) Date: Fri, 3 May 2002 17:10:29 +1200 Subject: [pptp-server] Re: 2.4.19-pre7 mppe problems In-Reply-To: <20020503050700.GA751@morrison.king.net.nz> References: <20020503050700.GA751@morrison.king.net.nz> Message-ID: <20020503051029.GB751@morrison.king.net.nz> On Fri, May 03, 2002 at 05:07:00PM +1200, Alex King wrote: > I am trying to set up poptop, but running into problems. > ...... > logfile attached oops, wrong file. Here is the real file.... -------------- next part -------------- May 3 16:29:01 morrison pptpd[720]: CTRL (PPPD Launcher): Connection speed = 115200 May 3 16:29:01 morrison pptpd[720]: CTRL (PPPD Launcher): local address = 10.0.0.1 May 3 16:29:01 morrison pptpd[720]: CTRL (PPPD Launcher): remote address = 10.0.0.128 May 3 16:29:01 morrison pppd[720]: pppd 2.4.2b1 started by root, uid 0 May 3 16:29:01 morrison pppd[720]: using channel 6 May 3 16:29:01 morrison pppd[720]: Using interface ppp1 May 3 16:29:01 morrison pppd[720]: Connect: ppp1 <--> /dev/pts/5 May 3 16:29:01 morrison pppd[720]: sent [LCP ConfReq id=0x1 ] May 3 16:29:04 morrison pppd[720]: sent [LCP ConfReq id=0x1 ] May 3 16:29:04 morrison pppd[720]: rcvd [LCP ConfReq id=0x1 ] May 3 16:29:04 morrison pppd[720]: sent [LCP ConfAck id=0x1 ] May 3 16:29:04 morrison pppd[720]: rcvd [LCP ConfAck id=0x1 ] May 3 16:29:04 morrison pppd[720]: sent [CHAP Challenge id=0x1 , name = "morrison"] May 3 16:29:04 morrison pppd[720]: rcvd [LCP ConfReq id=0x2 ] May 3 16:29:04 morrison pppd[720]: sent [LCP ConfReq id=0x2 ] May 3 16:29:04 morrison pppd[720]: sent [LCP ConfAck id=0x2 ] May 3 16:29:04 morrison pppd[720]: rcvd [LCP ConfAck id=0x2 ] May 3 16:29:04 morrison pppd[720]: sent [CHAP Challenge id=0x2 , name = "morrison"] May 3 16:29:04 morrison pppd[720]: rcvd [CHAP Response id=0x2 <121c76e06da3c2a1fbdbf98954159aa400000000000000000899ead59253b6d0d22252eea7a80a8ebab0fcfe8f22adac04>, name = "workgroup\\alex"] May 3 16:29:04 morrison pppd[720]: sent [CHAP Success id=0x2 "S=C6E9118A05A0E61C8479D4D402A3CB651FD7CF39 M=Welcome to morrison.itspace."] May 3 16:29:04 morrison pppd[720]: sent [IPCP ConfReq id=0x1 ] May 3 16:29:04 morrison pppd[720]: sent [CCP ConfReq id=0x1 ] May 3 16:29:04 morrison pppd[720]: CHAP peer authentication succeeded for workgroup\\alex May 3 16:29:05 morrison pppd[720]: rcvd [LCP TermReq id=0x3] May 3 16:29:05 morrison pppd[720]: LCP terminated by peer May 3 16:29:05 morrison pppd[720]: sent [LCP TermAck id=0x3] May 3 16:29:05 morrison pppd[720]: Modem hangup May 3 16:29:05 morrison pppd[720]: Connection terminated. May 3 16:29:05 morrison pppd[720]: Connect time 0.1 minutes. May 3 16:29:05 morrison pppd[720]: Sent 26 bytes, received 0 bytes. May 3 16:29:05 morrison pppd[720]: Connect time 0.1 minutes. May 3 16:29:05 morrison pppd[720]: Sent 26 bytes, received 0 bytes. May 3 16:29:05 morrison pppd[720]: Exit. From alex at morrison.king.net.nz Fri May 3 04:24:42 2002 From: alex at morrison.king.net.nz (Alex King) Date: Fri, 3 May 2002 21:24:42 +1200 Subject: [pptp-server] 2.4.19-pre7 mppe problems In-Reply-To: <20020503050700.GA751@morrison.king.net.nz> References: <20020503050700.GA751@morrison.king.net.nz> Message-ID: <20020503092441.GA11321@morrison.king.net.nz> I have now found and loaded a MS DUN 1.4 update for win95, and loaded that. With the encryption settings relaxed it makes a connection, but with "Require data encryption" ticked it craps out saying the erver is not capable. from the log now: rcvd [CCP ConfReq id=0x1 < 11 05 00 01 04>] sent [CCP ConfRej id=0x1 < 11 05 00 01 04>] I've done a bit of reading and rfc3078 says: The 'D' bit is obsolete; although some older peers may attempt to negotiate this option, it SHOULD NOT be accepted. So is Win95 incapable of using an up-to-date protocol, or is there some other prblem? I'm going to load a linux client on another machine and test that. On Fri, May 03, 2002 at 05:07:00PM +1200, Alex King wrote: > I am trying to set up poptop, but running into problems. > > I am testing on a debian woody system, with the debian pptpd package > installed (PoPToP v1.1.2) > > I got the latest ppp sources by cvs from pserver.samba.org. This pppd > seems to already have support for mppe, and it has kernel patches for > 2.4.18. I applied the patches (which seemed to apply cleanly) > > Has anyone tried this ppp versin? > > When I try to connect with a win95 client with the DUN 1.3 update, it > gets as far as authenticating, but the client gives an error as soon as > it gets this from the server: > > pppd[720]: sent [CCP ConfReq id=0x1 ] > > Has anyone got this version of pppd/mppe working? > From rseaman at mergic.com Fri May 3 12:01:05 2002 From: rseaman at mergic.com (Rob Seaman) Date: Fri, 3 May 2002 10:01:05 -0700 Subject: [pptp-server] Wireless Palm Pilot and PPTP?? In-Reply-To: <3C9F5F9D.9FE80E3C@alliedbuilding.com> Message-ID: <001b01c1f2c4$1d1d0f00$023210ac@T500> If your still looking then there is a beta version of a Palm OS PPTP client at http://www.mergic.com. It won't run over the Palm.net service that the i705 uses because that's a Mobitex network (not TCP/IP), but it should work with any of the other wireless networking options for Palm devices. Rob Seaman Mergic -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Clint Fast Sent: Monday, March 25, 2002 9:34 AM To: pptp-server at lists.schulte.org Subject: [pptp-server] Wireless Palm Pilot and PPTP?? Has anyone seen/used a wireless palm pilot (like the i705, etc.) software that can run PPTP?? I've seen movianVPN software that allows an IPSec connection from a Palm, but not PPTP. Any help? Sorry if this is too off-topic, but someone here might know. Thanks, --Clint Fast cfast at alliedbuilding.com _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From asaenz at Found-Tech.com Fri May 3 13:04:38 2002 From: asaenz at Found-Tech.com (Al Saenz) Date: Fri, 3 May 2002 14:04:38 -0400 Subject: [pptp-server] I am new just testing Message-ID: Thanks From asaenz at Found-Tech.com Fri May 3 13:11:41 2002 From: asaenz at Found-Tech.com (Al Saenz) Date: Fri, 3 May 2002 14:11:41 -0400 Subject: [pptp-server] Help Please Message-ID: Hello, I have successfully connected to my poptop server using a windows 2000 laptop. I have no firewall in the path nor NAT. This is in a lab environment. After establishing a connection with the VPN server I can ping my (laptop) i/f address and the virtual i/f address of the VPN server I cannot ping any ip address on its internal i/f. The range of ipaddress issued from the vpn server are on the same network as the internal i/f on the server. I also have the same netmask setup in my options file and I have proxyarp in that same file. Any help would be greatly appreciated Thanks al From asaenz at Found-Tech.com Fri May 3 15:22:32 2002 From: asaenz at Found-Tech.com (Al Saenz) Date: Fri, 3 May 2002 16:22:32 -0400 Subject: [pptp-server] Help Please Message-ID: Ok everyone I can ping the internal i/f of my VPN server and ip forwarding is turned on. Any other ideas? I still cannot ping past the VPN server into my network client------------ext vpn int--------------Lan 10.10.10.180 .179 .101 10.10.10.0 I can ping the .101 internal i/f, just can't get past it Thanks al -----Original Message----- From: Vodo Baas [mailto:vodo_baas at hotmail.com] Sent: Friday, May 03, 2002 4:06 PM To: asaenz at Found-Tech.com Subject: Re: [pptp-server] Help Please You may need to enable packet forwarding on the VPN server to get from the virtual connection to the NIC. >From: Al Saenz >To: "'pptp-server at lists.schulte.org'" >Subject: [pptp-server] Help Please >Date: Fri, 3 May 2002 14:11:41 -0400 > >Hello, > >I have successfully connected to my poptop server using a windows 2000 >laptop. >I have no firewall in the path nor NAT. This is in a lab environment. > >After establishing a connection with the VPN server I can ping my (laptop) >i/f address and the virtual i/f address of the VPN server I cannot ping any >ip address on its internal i/f. > >The range of ipaddress issued from the vpn server are on the same network >as >the internal i/f on the server. I also have the same netmask setup in my >options file and I have proxyarp in that same file. > >Any help would be greatly appreciated > >Thanks > >al >_______________________________________________ >pptp-server maillist - pptp-server at lists.schulte.org >http://lists.schulte.org/mailman/listinfo/pptp-server >--- To unsubscribe, go to the url just above this line. -- _________________________________________________________________ Join the world's largest e-mail service with MSN Hotmail. http://www.hotmail.com From sliu at secai.com Sun May 5 06:00:54 2002 From: sliu at secai.com (Shu Liu) Date: Sun, 05 May 2002 04:00:54 -0700 Subject: RES: RES: [pptp-server] Solaris PPTP server setup, please help References: Message-ID: <3CD510E6.F39A3D2A@secai.com> Fabio, Thank you for your info again. Right now, I am using PPPD 2.4.1 and PPTP 1.1.2 on Solaris 2.8. After worked very hard to look into the source code, search the net and fix the problems, I finally made the Win2K can connect with the Solaris server via MSCHAP-v2. I think the only thing left is that MPPE support on Solaris. I don't know whether it is supported. I merged the source code you pointed me to the v2.4.1 PPPD source, the situation is still same. Without encryption, I can communcate freely between Win2K and Solaris server. The below is the debug output: ==================== May 5 03:33:35 grape pptpd[3464]: [ID 625166 local2.debug] CTRL: local address = 192.168.0.1 May 5 03:33:35 grape pptpd[3464]: [ID 507593 local2.debug] CTRL: pppd speed = 460800 May 5 03:33:35 grape pptpd[3464]: [ID 680658 local2.debug] CTRL: pppd options file = /etc/ppp/options.pptp May 5 03:33:35 grape pptpd[3464]: [ID 899243 local2.info] CTRL: Client 10.20.99.85 control connection started May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 1) May 5 03:33:35 grape pptpd[3464]: [ID 185080 local2.debug] CTRL: Made a START CTRL CONN RPLY packet May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 156 bytes to the client. May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to client May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 7) May 5 03:33:35 grape pptpd[3464]: [ID 660210 local2.debug] CTRL: 300 min_bps, 100000000 max_bps, 32 window size May 5 03:33:35 grape pptpd[3464]: [ID 592640 local2.debug] CTRL: Made a OUT CALL RPLY packet May 5 03:33:35 grape pptpd[3464]: [ID 652591 local2.info] CTRL: Starting call (launching pppd, opening GRE) May 5 03:33:35 grape pptpd[3464]: [ID 341784 local2.debug] CTRL: Allocating pty/tty pair May 5 03:33:35 grape pptpd[3464]: [ID 884817 local2.info] CTRL: Allocated pty/tty pair (/dev/ptyp0,/dev/ttyp0) May 5 03:33:35 grape pptpd[3464]: [ID 478701 local2.debug] CTRL: pty_fd = 4 May 5 03:33:35 grape pptpd[3464]: [ID 544237 local2.debug] CTRL: tty_fd = 5 May 5 03:33:35 grape pptpd[3465]: [ID 201917 local2.debug] CTRL (PPPD Launcher): Connection speed = 460800 May 5 03:33:35 grape pptpd[3465]: [ID 408294 local2.debug] CTRL (PPPD Launcher): local address = 192.168.0.1 May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 32 bytes to the client. May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to client May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 15) May 5 03:33:35 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK INFO packet with standard ACCMs May 5 03:33:35 grape pppd[3465]: [ID 168393 daemon.notice] pppd 2.4.2b1 started by root, uid 0 May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.info] Using interface ppp0 May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.notice] Connect: ppp0 <--> /dev/ttyp0 May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq id=0x1 ] May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak id=0x0 ] May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak id=0x1 ] May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq id=0x2 ] May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfAck id=0x2 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq id=0x1 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfRej id=0x1 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq id=0x2 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfAck id=0x2 ] May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 15) May 5 03:33:37 grape pptpd[3464]: [ID 457954 local2.error] CTRL: Ignored a SET LINK INFO packet with real ACCMs! May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP EchoReq id=0x0 magic=0x737e2ee5] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Challenge id=0x1 <37f95ce14cad773086799c570af0be6a>, name = "*"] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc id=0x3 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej id=0x3 0c 03 00 12 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc id=0x4 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej id=0x4 0c 04 00 16 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP EchoRep id=0x0 magic=0x54b062e5] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CHAP Response id=0x1 <888cf908b1492c497944af9704a808e50000000000000000b513f080d2269d869ab0adb0a0af6b7d385222afd1d761c100>, name = "sliu"] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Success id=0x1 "S=357D69EE848CF47461C25FFF4D21EF93C15099E7 M=Welcome to grape."] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [IPCP ConfReq id=0x1 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.error] MPPE required, but kernel has no support. May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP TermReq id=0x5 "MPPE required but not available"] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] CHAP peer authentication succeeded for sliu May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CCP ConfReq id=0x5 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfReq id=0x6 ] May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfRej id=0x1 ] May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 15) May 5 03:33:37 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK INFO packet with standard ACCMs May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP Control Message (type: 12) May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL DISCONNECT RPLY packet May 5 03:33:37 grape pptpd[3464]: [ID 992900 local2.debug] CTRL: Received CALL CLR request (closing call) May 5 03:33:37 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 148 bytes to the client. May 5 03:33:37 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to client May 5 03:33:37 grape pptpd[3464]: [ID 476834 local2.error] GRE: read error: Bad file number May 5 03:33:37 grape pptpd[3464]: [ID 675644 local2.error] CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) May 5 03:33:37 grape pptpd[3464]: [ID 601161 local2.info] CTRL: Client 10.20.99.85 control connection finished May 5 03:33:37 grape pptpd[3464]: [ID 222597 local2.debug] CTRL: Exiting with active call May 5 03:33:37 grape pptpd[3464]: [ID 440380 local2.error] CTRL: Asked to free call when no call open, not handled well May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL DISCONNECT RPLY packet May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write packet to client. May 5 03:33:37 grape pptpd[3464]: [ID 455850 local2.debug] CTRL: Made a STOP CTRL REQ packet May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write packet to client. May 5 03:33:37 grape pptpd[3464]: [ID 142720 local2.debug] CTRL: Exiting now May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Modem hangup May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Connection terminated. May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1 minutes. May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes, received 522 bytes. May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1 minutes. May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes, received 522 bytes. May 5 03:33:37 grape pppd[3465]: [ID 834084 daemon.info] Exit. ========================== Do you know the MPPE Solaris support status ? If it is supported, where can I find it ? Thank you very much in advance, Shu Liu Fabio Oliveira wrote: > Liu, > > you are welcome. > >I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > >(without .pptp extention). Do we need to have a "options.pptp" > >also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > OK. You dont need have exactly that file. When you configure the > /etc/pptpd.conf have a line options, so you must type for ex.: options > /etc/ppp/, that can be any (options, options.pptp, > options.vpn, etc....you choose....) > > >Is this standard Solaris module, or I have to find some software > >to install ? Do you know where I can find instruction about Solaris > >mppe ? > > MPPE means Microsoft Point-to-Point Encryption and that is a patch for the > pppd program works with encrypted data. (ref. RFC 3078) > > You can get the source code to compile at : > http://pserver.samba.org/cgi-bin/cvsweb/ppp/pppd/ > > and search in : www.sunfreeware.com for Sun packages (you know is very easy > to install) > Certainly there are another places but I remember of these. > > good luck again Liu. > regards, > > Fabio > > -----Mensagem original----- > De: Shu Liu [mailto:sliu at secai.com] > Enviada em: quarta-feira, 1 de maio de 2002 14:02 > Para: Fabio Oliveira > Cc: pptp-server at lists.schulte.org > Assunto: Re: RES: [pptp-server] Solaris PPTP server setup, please help > > Fabio, > Thank you very much for your quick response. > > I can monitor the communication over port 1723, but > pptp-server(on Solaris) stopped at function "accept()", to wait data > from Win2K. This time, Win2K already reported 651 error, > and disconnected. > You are right, I didn't don anything about Solaris mppe module. > Is this standard Solaris module, or I have to find some software > to install ? Do you know where I can find instruction about Solaris > mppe ? > > I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > (without .pptp extention). Do we need to have a "options.pptp" > also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > Many thanks, > Shu Liu > > On Wed, 1 May 2002, Fabio Oliveira wrote: > > > Hi Liu, > > > > Considering the return message 651, it seems any problem in TCP/IP stack > of > > Win2k. > > > > Anyway I would check another two points: > > > > - By default the Win2K enable the option () data encrypted . Be sure that > > you have the mppe module installed in Solaris. If I dont mistake you can > > find the .conf file at /usr/sys/sun/conf. > > > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 > > option must be there. > > > > good luck. > > regards, > > > > Fabio Oliveira > > IPWay - Internet Services > > fabio at ipway.com.br > > > > (o- (o- (o- (o- (o- > > //\ //\ //\ //\ //\ > > V_/_ V_/_ V_/_ V_/_ V_/_ > > Live with freedom, choice Linux > > > > > > -----Mensagem original----- > > De: pptp-server-admin at lists.schulte.org > > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu > > Enviada em: quarta-feira, 1 de maio de 2002 04:47 > > Para: pptp-server at lists.schulte.org > > Assunto: [pptp-server] Solaris PPTP server setup, please help > > > > > > > > Hi, > > > > The below is what I have: > > > > - Solaris 8 > > - Solaris PPTP server source ported by jason.rhoads at sabernet.net > > > > Compiled and installed successfully on Solaris 8. > > - PPPD v 2.3.11 > > Compiled and installed successfully on Solaris 8. > > > > - Win2K as the PPTP client > > > > I want to make a PPTP vpn connection on Internet through DSL. > > I am testing on a local LAN right now. > > > > > > When I tried to connect, the Win2K gave me 651 error always. > > The Solaris PPTP log says: > > .......: server connection ESTABLISHED. > > .......: Socket not accepted: Interrupted system call > > > > Does anyone know where I can get some instruction, or > > can anyone who have experience to set the PPTP Solaris server > > send me some sample configuration file ? > > > > Many thanks in advance, > > Shu Liu > > > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From steve at netwaynetworks.com.au Sun May 5 08:21:39 2002 From: steve at netwaynetworks.com.au (Steven Evans) Date: Sun, 5 May 2002 23:21:39 +1000 Subject: [pptp-server] Help Please Message-ID: <118DC586DF4FD311948800A0247C044D01638D43@NTSVR1> You need to turn on ip forwarding on your Linux box, then include an ipchains/iptables rule on your Linux box to forward the traffic on. I would use: /sbin/ipchains -A forward -b -s 10.0.0.2/32 -d 0.0.0.0/0 -j ACCEPT -b = bidirectional, I do it out of habit -s = source (i.e. the vpn laptop) -d = destination. The example is to send it to everybody that is if your Linux box is the default gateway of your other boxes, or they remember a route to your laptop. Otherwise they will not know how to send traffic back to your laptop. If that is the case, change ACCEPT to MASQ whichwill masquerade your traffic. Cheers, Steve -----Original Message----- From: Al Saenz [mailto:asaenz at Found-Tech.com] Sent: Saturday, 4 May 2002 4:12 AM To: 'pptp-server at lists.schulte.org' Subject: [pptp-server] Help Please Hello, I have successfully connected to my poptop server using a windows 2000 laptop. I have no firewall in the path nor NAT. This is in a lab environment. After establishing a connection with the VPN server I can ping my (laptop) i/f address and the virtual i/f address of the VPN server I cannot ping any ip address on its internal i/f. The range of ipaddress issued from the vpn server are on the same network as the internal i/f on the server. I also have the same netmask setup in my options file and I have proxyarp in that same file. Any help would be greatly appreciated Thanks al _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From manoj.rana at tatainfotech.com Sun May 5 21:29:57 2002 From: manoj.rana at tatainfotech.com (MANOJ KUMAR RANA) Date: Mon, 6 May 2002 07:59:57 +0530 (IST) Subject: [pptp-server] A newbie query ... In-Reply-To: Message-ID: Hi, I have a test environment setup using poptop server. My server is installed at a linux box which is connected to my LAN, and dials out to isp to get a outside recognisable IP. My client is on windows m/c and dials out to ISP. So both machines connect to internet through dialup, and Linux server is hooked to the LAN through its only network card. So far I have been able to dial up and successfully made the VPN connection ( As the server m/c created another PPP device for this connection ), but could not ping the server machine. Where I am going wrong. Any help will be appreciated. My intention is to connect to the server machine and then telnet to some local machine in the LAN from dialup windows client. So what are the normal steps for such a configuration. Any help will be greatly appreciated. With Best Regards, MKR From sliu at secai.com Mon May 6 03:25:58 2002 From: sliu at secai.com (Shu Liu) Date: Mon, 06 May 2002 01:25:58 -0700 Subject: RES: RES: [pptp-server] Solaris PPTP server setup, please help References: <3CD510E6.F39A3D2A@secai.com> Message-ID: <3CD63E16.13615C62@secai.com> Fabio, I found that probably I have to use Slirp to get the MPPE 128 encryption working on my Solaris and Win2K combination. I actually made it work. So at this moment, I can use MSCHAP-v2 and MPPE-128 between Solaris and Win2K client. But the problem is that, the Slirp solution is not bidirection. I can connect to the Server from Win2k Client, but I can not access the client from Solaris server since all IP addresses is not valid on the server end. So the Slirp is not real VPN solution, but one way VPN. Hope Slirp can support bi-direction in the near future. I don't think it is difficult if we already came to this point. Best regards, Shu Liu Shu Liu wrote: > Fabio, > > Thank you for your info again. > > Right now, I am using PPPD 2.4.1 and PPTP 1.1.2 on > Solaris 2.8. > > After worked very hard to look into > the source code, search the net and fix the problems, > I finally made the Win2K can connect with the Solaris > server via MSCHAP-v2. > > I think the only thing left is that MPPE support on > Solaris. I don't know whether it is supported. I merged > the source code you pointed me to the v2.4.1 PPPD > source, the situation is still same. > Without encryption, I can communcate freely > between Win2K and Solaris server. > > The below is the debug output: > > ==================== > May 5 03:33:35 grape pptpd[3464]: [ID 625166 local2.debug] CTRL: local address > = 192.168.0.1 > May 5 03:33:35 grape pptpd[3464]: [ID 507593 local2.debug] CTRL: pppd speed = > 460800 > May 5 03:33:35 grape pptpd[3464]: [ID 680658 local2.debug] CTRL: pppd options > file = /etc/ppp/options.pptp > May 5 03:33:35 grape pptpd[3464]: [ID 899243 local2.info] CTRL: Client > 10.20.99.85 control connection started > May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 1) > May 5 03:33:35 grape pptpd[3464]: [ID 185080 local2.debug] CTRL: Made a START > CTRL CONN RPLY packet > May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 156 > bytes to the client. > May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to > client > May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 7) > May 5 03:33:35 grape pptpd[3464]: [ID 660210 local2.debug] CTRL: 300 min_bps, > 100000000 max_bps, 32 window size > May 5 03:33:35 grape pptpd[3464]: [ID 592640 local2.debug] CTRL: Made a OUT > CALL RPLY packet > May 5 03:33:35 grape pptpd[3464]: [ID 652591 local2.info] CTRL: Starting call > (launching pppd, opening GRE) > May 5 03:33:35 grape pptpd[3464]: [ID 341784 local2.debug] CTRL: Allocating > pty/tty pair > May 5 03:33:35 grape pptpd[3464]: [ID 884817 local2.info] CTRL: Allocated > pty/tty pair (/dev/ptyp0,/dev/ttyp0) > May 5 03:33:35 grape pptpd[3464]: [ID 478701 local2.debug] CTRL: pty_fd = 4 > May 5 03:33:35 grape pptpd[3464]: [ID 544237 local2.debug] CTRL: tty_fd = 5 > May 5 03:33:35 grape pptpd[3465]: [ID 201917 local2.debug] CTRL (PPPD > Launcher): Connection speed = 460800 > May 5 03:33:35 grape pptpd[3465]: [ID 408294 local2.debug] CTRL (PPPD > Launcher): local address = 192.168.0.1 > May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 32 > bytes to the client. > May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to > client > May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 15) > May 5 03:33:35 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK > INFO packet with standard ACCMs > May 5 03:33:35 grape pppd[3465]: [ID 168393 daemon.notice] pppd 2.4.2b1 started > by root, uid 0 > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.info] Using interface ppp0 > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.notice] Connect: ppp0 <--> > /dev/ttyp0 > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq > id=0x1 > ] > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak > id=0x0 ] > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak > id=0x1 ] > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq > id=0x2 ] > May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfAck > id=0x2 ] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq > id=0x1 13 17 01 4f 8b 3d 48 97 cc 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfRej > id=0x1 ] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq > id=0x2 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfAck > id=0x2 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>] > May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 15) > May 5 03:33:37 grape pptpd[3464]: [ID 457954 local2.error] CTRL: Ignored a SET > LINK INFO packet with real ACCMs! > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP EchoReq > id=0x0 magic=0x737e2ee5] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Challenge > id=0x1 <37f95ce14cad773086799c570af0be6a>, name = "*"] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc > id=0x3 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej > id=0x3 0c 03 00 12 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc > id=0x4 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej > id=0x4 0c 04 00 16 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP EchoRep > id=0x0 magic=0x54b062e5] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CHAP Response > id=0x1 > <888cf908b1492c497944af9704a808e50000000000000000b513f080d2269d869ab0adb0a0af6b7d385222afd1d761c100>, > name = "sliu"] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Success > id=0x1 "S=357D69EE848CF47461C25FFF4D21EF93C15099E7 M=Welcome to grape."] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [IPCP ConfReq > id=0x1 ] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.error] MPPE required, but > kernel has no support. > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP TermReq > id=0x5 "MPPE required but not available"] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] CHAP peer > authentication succeeded for sliu > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CCP ConfReq > id=0x5 ] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfReq > id=0x6 > ] > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfRej > id=0x1 ] > May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 15) > May 5 03:33:37 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK > INFO packet with standard ACCMs > May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP > Control Message (type: 12) > May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL > DISCONNECT RPLY packet > May 5 03:33:37 grape pptpd[3464]: [ID 992900 local2.debug] CTRL: Received CALL > CLR request (closing call) > May 5 03:33:37 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 148 > bytes to the client. > May 5 03:33:37 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to > client > May 5 03:33:37 grape pptpd[3464]: [ID 476834 local2.error] GRE: read error: Bad > file number > May 5 03:33:37 grape pptpd[3464]: [ID 675644 local2.error] CTRL: PTY read or > GRE write failed (pty,gre)=(-1,-1) > May 5 03:33:37 grape pptpd[3464]: [ID 601161 local2.info] CTRL: Client > 10.20.99.85 control connection finished > May 5 03:33:37 grape pptpd[3464]: [ID 222597 local2.debug] CTRL: Exiting with > active call > May 5 03:33:37 grape pptpd[3464]: [ID 440380 local2.error] CTRL: Asked to free > call when no call open, not handled well > May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL > DISCONNECT RPLY packet > May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write > packet to client. > May 5 03:33:37 grape pptpd[3464]: [ID 455850 local2.debug] CTRL: Made a STOP > CTRL REQ packet > May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write > packet to client. > May 5 03:33:37 grape pptpd[3464]: [ID 142720 local2.debug] CTRL: Exiting now > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Modem hangup > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Connection > terminated. > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1 > minutes. > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes, > received 522 bytes. > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1 > minutes. > May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes, > received 522 bytes. > May 5 03:33:37 grape pppd[3465]: [ID 834084 daemon.info] Exit. > ========================== > > Do you know the MPPE Solaris support status ? If it is supported, > where can I find it ? > > Thank you very much in advance, > Shu Liu > > Fabio Oliveira wrote: > > > Liu, > > > > you are welcome. > > >I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > > >(without .pptp extention). Do we need to have a "options.pptp" > > >also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > > > OK. You dont need have exactly that file. When you configure the > > /etc/pptpd.conf have a line options, so you must type for ex.: options > > /etc/ppp/, that can be any (options, options.pptp, > > options.vpn, etc....you choose....) > > > > >Is this standard Solaris module, or I have to find some software > > >to install ? Do you know where I can find instruction about Solaris > > >mppe ? > > > > MPPE means Microsoft Point-to-Point Encryption and that is a patch for the > > pppd program works with encrypted data. (ref. RFC 3078) > > > > You can get the source code to compile at : > > http://pserver.samba.org/cgi-bin/cvsweb/ppp/pppd/ > > > > and search in : www.sunfreeware.com for Sun packages (you know is very easy > > to install) > > Certainly there are another places but I remember of these. > > > > good luck again Liu. > > regards, > > > > Fabio > > > > -----Mensagem original----- > > De: Shu Liu [mailto:sliu at secai.com] > > Enviada em: quarta-feira, 1 de maio de 2002 14:02 > > Para: Fabio Oliveira > > Cc: pptp-server at lists.schulte.org > > Assunto: Re: RES: [pptp-server] Solaris PPTP server setup, please help > > > > Fabio, > > Thank you very much for your quick response. > > > > I can monitor the communication over port 1723, but > > pptp-server(on Solaris) stopped at function "accept()", to wait data > > from Win2K. This time, Win2K already reported 651 error, > > and disconnected. > > You are right, I didn't don anything about Solaris mppe module. > > Is this standard Solaris module, or I have to find some software > > to install ? Do you know where I can find instruction about Solaris > > mppe ? > > > > I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options > > (without .pptp extention). Do we need to have a "options.pptp" > > also ? I have mppe-40 and mppe-128 i /etc/ppp/options file. > > > > Many thanks, > > Shu Liu > > > > On Wed, 1 May 2002, Fabio Oliveira wrote: > > > > > Hi Liu, > > > > > > Considering the return message 651, it seems any problem in TCP/IP stack > > of > > > Win2k. > > > > > > Anyway I would check another two points: > > > > > > - By default the Win2K enable the option () data encrypted . Be sure that > > > you have the mppe module installed in Solaris. If I dont mistake you can > > > find the .conf file at /usr/sys/sun/conf. > > > > > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128 > > > option must be there. > > > > > > good luck. > > > regards, > > > > > > Fabio Oliveira > > > IPWay - Internet Services > > > fabio at ipway.com.br > > > > > > (o- (o- (o- (o- (o- > > > //\ //\ //\ //\ //\ > > > V_/_ V_/_ V_/_ V_/_ V_/_ > > > Live with freedom, choice Linux > > > > > > > > > -----Mensagem original----- > > > De: pptp-server-admin at lists.schulte.org > > > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu > > > Enviada em: quarta-feira, 1 de maio de 2002 04:47 > > > Para: pptp-server at lists.schulte.org > > > Assunto: [pptp-server] Solaris PPTP server setup, please help > > > > > > > > > > > > Hi, > > > > > > The below is what I have: > > > > > > - Solaris 8 > > > - Solaris PPTP server source ported by jason.rhoads at sabernet.net > > > > > > Compiled and installed successfully on Solaris 8. > > > - PPPD v 2.3.11 > > > Compiled and installed successfully on Solaris 8. > > > > > > - Win2K as the PPTP client > > > > > > I want to make a PPTP vpn connection on Internet through DSL. > > > I am testing on a local LAN right now. > > > > > > > > > When I tried to connect, the Win2K gave me 651 error always. > > > The Solaris PPTP log says: > > > .......: server connection ESTABLISHED. > > > .......: Socket not accepted: Interrupted system call > > > > > > Does anyone know where I can get some instruction, or > > > can anyone who have experience to set the PPTP Solaris server > > > send me some sample configuration file ? > > > > > > Many thanks in advance, > > > Shu Liu > > > > > > > > > > > > _______________________________________________ > > > pptp-server maillist - pptp-server at lists.schulte.org > > > http://lists.schulte.org/mailman/listinfo/pptp-server > > > --- To unsubscribe, go to the url just above this line. -- > > > > > > > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From kelphon at mic.com.tw Mon May 6 04:16:58 2002 From: kelphon at mic.com.tw (=?GB2312?B?a2VscGhvbiDMxszssfg=?=) Date: Mon, 6 May 2002 17:16:58 +0800 Subject: [pptp-server] *****SPAM***** unsubscribe Message-ID: SPAM: -------------------- Start SpamAssassin results ---------------------- SPAM: This mail is probably spam. The original message has been altered SPAM: so you can recognise or block similar unwanted mail in future. SPAM: See http://spamassassin.org/tag/ for more details. SPAM: SPAM: Content analysis details: (5 hits, 5 required) SPAM: Hit! (0.2 points) BODY: Correct for MIME 'null block' SPAM: Hit! (0.0 points) BODY: Includes a URL link to send an email SPAM: Hit! (1.8 points) A foreign language charset used in headers SPAM: Hit! (3.0 points) Received: says mail bounced all around the world SPAM: SPAM: -------------------- End of SpamAssassin results --------------------- This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01C1F4DE.C5F59E50 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C1F4DE.C5F59E50" ------_=_NextPart_001_01C1F4DE.C5F59E50 Content-Type: text/plain; charset="GB2312" unsubscribe kelphon at 263.net Tel:021-62479332-2106(Office) 021-62224128 (Home) ------_=_NextPart_001_01C1F4DE.C5F59E50 Content-Type: text/html; charset="GB2312" Content-Transfer-Encoding: quoted-printable

unsubscribe

kelphon at 263.net

Tel:021-62479332-2106(Office= )

= 021-62224128 (Home)

------_=_NextPart_001_01C1F4DE.C5F59E50-- ------_=_NextPart_000_01C1F4DE.C5F59E50 Content-Type: image/gif; name="image001.gif" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="image001.gif" Content-ID: R0lGODlhNQBGAMQaAFw/B4hfAal6AcyQATUlCdmmAQAAAPz67+q5AP6f8P/JFf/toP/VPf/gZf2+ Rf7SJf+1gKGUcYp5V8y9kP7UAP/AAPujAP+1ABAMCf/HAP///wAAAAAAAAAAAAAAAAAAACH/C05F VFNDQVBFMi4wAwEAAAAh+QQJFAAaACwAAAAANQBGAAAF/6AmjmRpnmiqrmzrvnAsj1hdzzhaA4Fg Y7mgBhOwVC6VyuAmlNWMyUqGUmE2XxgAUspYLB5VIFaMI24Vi8NhQSlYVb83zMxVqxkZN6tWmFLk LnQZDXYHDRV/ZCc1iBlTek4BSYOFh1OAIjUXjpwZiliSSAx2CwqciSY1A1IZDw0PqDFmF5sNCw2m nZ5xqqyjaxQ+kbSsk44MeBkVAB8fGARFSMdqDcGfLbOsnBUPamAUCMwABRa0nQqmbdd7AbSbugoN uI7gBBgCxrqP6ytZ7tr6Tg2ARiEgPUhzokkzqKsAAoaOELrwoRAgxIIXJbYIcM9CuXcQQwrkl8Le gI8gRf+GtCaLgEd3KlVS4CirCEqLMfVRAEDyhA8BF27mvEggRgACJ4UONVglBgEAHlEuNahOloCo MKfqXGIV60KGUURyfeEj6T+DDgsIWDugD8OxLo6+PKurggAAeAno1StggL4KanuaeDr3a6eBH/AG WMzzWSfAd+3NgeouZScBBCloxlgAQKfOep3NGVCZIYIBGP8e1jvgwxwMlXF2Sh3yNGrBJDTRFemg NwQHEBHgzoTBiLmYDhIoVw7B1FkFDuDCwbDKMu/ly4EfkQZBOe5eF7rkitl9eXN4ywWD79JgKnQH DwyWV++3wihLWiEqgCABE3FHaOA3lGYiLePMOow4Yov/LghYF9BatOmUATNLfNIMSAswoE0AUIm0 0wcCREhPG+Fg4JCFGHTCQC4IBPCBS7LNhoA9IdKmGWaYEdDHGx9YoItmiAFAmoM/FkDABwEgsFkb zCCllxG70JDiZnlwRMRLMRZ5JDSMYZAYAm5QhoQVNSzGoZcEXIVlTOAc1YwzaU4hAJJRlaMILzbN NWAba/WlpCMuAhWVdCVQF5RUSy1JYAYzvsiDDz3dcygx+elTYRz95ElppZ34l8ITc2WZUxLDpWKW YX+JeoQSpRYKG6IBbbfFX8R42o9XrIzniKz/RLFdBRa0mkpxiDLQXieVJZusrXsU95wX4/GqLC3B NkHshVmjLKDMruZI6xGz2Fy7UBqlaFNAAAUcOqiw02FVxxpgyPliUlGBi4WQaxJyhxThJFanvVi8 eNVxXVAzxYRIXmDDFbm5KSSlD6RhyD72sBvuBQMw01E5GaCxBj1WMuzqR5glNrAUD+RCAaEiD1HD U7xASWAsLbv6Rpl9hlzzGJju7DMLIQAAIfkECRQAGgAsAAAAADUARgAABf+gJo5kaZ5oqq5s675w LM90jN1YrZd3EOC5WbB2K2Qql8vgBgMyaZhB5lLJKCiZJ+smKHi1TYylmmksFo8s+HRDUN6UwrBJ MGYeh/ziHfjMTWIZgmR/LgB1ggx5eQxYAmsjNxeCGQwPFJAsABh2iosNFY6QNxaCCgsHaI8yP3Z4 iwtkb044Y1Wee3KsUaaLBwxVChlYAB9+BAG2pgwMggiFLD8DFbcLDWkZZw+hCAQfBAMWSZRHlM+7 05PkgqjAwwXeAHbr5NAr0tT0Vs2UFN11WPQJsqfihzgq+sj0QzBPYBYZSw4qdCjoDcVhBFMIkDfx oseKGVEEkPexZL+QJ0b/Fuho0mEFlCZGImzp8WWMAQACzKRJ8RyMjQHy8aR4ASaJPjpZDiVXNEYf ATuX0vP5QlpUqUyNjjg04KpABAPCNlxXQMCPGAAAiFNKrmwAAocICBBAdiMOG2q9mhvwAwPcTUXI PfKbSQWGvOr04Ty0TgAywQQE+cG71mGBACUvC9pEWS/WJZ3Z0nPgAAIEB5SEmlrVBMC4jw4SyJYN QVAShBBkaxWBQWfifvpyz5YtjBoVBbN3a+hNZSJYBPQUCKcdPbmNpI0xCAhITgFp0gJLR1CuPWqF YtuXKjjbBOpEeJy4k5PvkP0L7aozLAEAnV4BKfT1g4V9LuBHBjVI6UPB/yPbBciHD+TRxVQxAzgI zwcNCphBHzlFuM4SBPRHjz/FyAOHfiUiQGALUShUAYcUkehHWodg8AF/FHDW3oEXoCfaMAtu4odf dFFwAQHkuUZNBRYQUMePQIIlQFhuvFNYClzchlR+DsFx4jCg2fBNWJs8CWWMrMHwDQ43rnRml+cp t9xcTiaDBFZxXIklVBb0+dpnci6nk5+emfRioJIQ+iZFFuhpGKG/DVVBmjJEcVCkNCHhqGECEIqV EoFGksxti9JzQaOh8qbWpUMlsekKpFzKI6lcDgLqDrzxmUQVSNyWhAUFRIrEEqmSECupvlqw0SEk GQdqsTyEc+ltqDpBRTASxOJqrBjTnrpGi6fqqG0k3FI7ihgXDDYuDxic2mdhTqwLiBhyZPTqDkDI q++6IQAAIfkECRQAGgAsAAAAADUARgAABf+gJo5kaZ5oqq5s675wLM80jN13rZM3EAS4Xe0WuGQu yKBNOcMQLMdKRkEpYJYEQK4JqEgfi0WDsmXdCggKomwDQDONg5xBZp9uGYqeAuRCFXFyC1RWVyg3 CBkZXhQDhjEYblOBcxVVdiMYAooZDA0PFY9tb5QHDFKXoiI3UnByY5hmBEadcgeDnKk4OBetgXR9 kLNegGIKrQp5BQQfH5ECFr2KCg/HFAKqLZEWXpycxQ/KzG7Rrd6WjjLb3ecKC6aoyx9F3vWXMlm9 5t4P4bnLAfLU+5eNBYEiSPYpYpcLQaKBDQuuOIhEGsSBei5yWoMPIRKNIDVKVAFAQEVaIVP/chqJ YgCAARaiWVQJUg3LEy5hykRJ8+I9GAJexqzYs6aVGAHI7VRYNFc6GEljLm0K0WYMAAAuDE1IFWKo q1m3zoRYYIDZhwMRCAj2AqvWqQMrDEhKoG4AAWgzqNUSi6RSogMLCCDQAwBhTa2uET4cI4tUrvUQ BKgrgIKiKlkKXB5AIE3fFAcfj1WktnLKAgHSsHVBcSvTrhmeviBgcujrrtdumiAw4K3FjBAVOIAA wUGyhd8cSNBdAkNvmZbUFrBcz0GC69chJKsoBcJ15pkwiEYXSaA379ivO1hUoZcC7OBXhR0qzjn1 b+izHz//3UaRxxX0E8AHAJiXXHHrBQdB/wTxaYDBf7Y1sAAChA1wX1F8NKjJWzEFeMuAAQCXi0rY 2FDbY644QNh03iAwQBo+UVBBiS9sGJMAvQUYBojANZKFgbnw8YOGtWGTlRRxTLAidWoAQGAaTOox YEka6uSIc+69I8A8PWYwIG0PyeUkAGpVKdWUHz3wiRYsXpbhB1kYhsGTGdpQgFSczfObIwCIqEcB fN1Am0Ba2CmVBVeahAoFWlhoTwZlDYBGRhcQZuihAz4IhR7YhHihm3twUogNz2E6JwDTqVEXjCk1 0qCDJz7mEpybZGhaq6tpM59temEDZ1KafHpRBYUucahMpAE6J50gtQfpZynYuFM9guEl48ZtR1yQ 26sOQoisPZadNFZ7RnDGrYPiiTasuOz2YgEz52rwgU7cQdRuu0BAq4JzovG00L0VSeVkvLD2GxcS x8ZUFp767guNWPsgnHBQcwYwlKU0aNKvORxqNZdhzUQCkxH5ZvzwSZxUgCewIZdErxEUnnvDc/Uu EpNLu/QQTb+5NfHETh8dMRcT6L7k20ejCgN0QhYMFgsOFmv1UczqPCFue/myhAM0SGO8hABeBFyy NkQIsFbDd2iMKDZo85DzEHDKSTALIQAAIfkEBRQAGgAsAAAAADUARgAABf+gJo5kaZ5oqq5s675w LM90jN1YrZd3EOC5WbB2K2Qql8vgBgMyaZhB5lLJKCiZJ+smKHi1TYylmmksFo8s+HRDUN6UwrBJ MGYeh/ziHfjMTWIZgmR/LgB1ggx5eQxYAmsjNxeCGQwPFJAsABh2iosNFY6QNxaCCgsHaI8yP3Z4 iwtkb044Y1Wee3KsUaaLBwxVChlYAB9+BAG2pgwMggiFLD8DFbcLDWkZZw+hCAQfBAMWSZRHlM+7 05PkgqjAwwXeAHbr5NAr0tT0Vs2UFN11WPQJsqfihzgq+sj0QzBPYJZdBxU6FPRm4jCCKQLIk2ix I0WMKDQ29OgRE6uNJFP/VgB5QiPClB5XxhgAIMBLmBbPwaAZIB9OixdYlhBQ8+ZPgUFj9BFg9Cg9 nS+kNXVKLimMAOCm6kMwoOtIcgUE/IgBAIA4jvTCYj1EQICAdWE3ZVJR9qxDrj8wECiLo+EjvXNT 1B0nkOahdQKQkUssyI8Ns1oFFQhAcrKgTY/tUtW3JHNkeg4cQIDggJJPU6uaACDc0UGC168hCEqC EMJroSQw2FRHLuA627BfC6NGRQFs3JFsns7AFQE9BcBjPz9uQzliDAJ8U1IQOrRA0RGQi8ButEKx 7E4VjG3CVCI8Ttr7eVz/AvvyJQCcp5USvx8W+i7YRwY1fVBGDwWPZNcf/x8+iKcBdutcUMwAC8Lz gYL+ZdBHTQ5CSM4SBOh3IALFyANHBjR9kB+ALUShUAUbTuRPMRiUdQgGKrqBGXsDSnghWr0huIkf er1FwQUEdLgaNRVYQEAdQAbJlQBdufFOYChwQVuByzkEx4nDdGbDN11tAmWUJaVGBw4qFtAlTBSY 56AGFyaGzBi8HRUHllkyZcGfrFElZnUXAPoZSTDO+SAGhUa0WQYW8JmCGAfleVQFasoQRaWbISHp pAIYupkSiiZXKZpARVrqeGZx+lMSn6pAyqmD0EbFm0eQusN4fiZRBRK2FlqApUgssWpulNIGbBIW EHWIPEcAa+yukYRTKTNtqjpBRRLTUjtesraqykM6Fuzo7beGFjqKGBf8dS6yjYrLBhDv8iCGHBjF qgO99fa7awgAOw== ------_=_NextPart_000_01C1F4DE.C5F59E50-- From asaenz at Found-Tech.com Mon May 6 12:15:30 2002 From: asaenz at Found-Tech.com (Al Saenz) Date: Mon, 6 May 2002 13:15:30 -0400 Subject: [pptp-server] Help Please Message-ID: Thanks for your help Steve. This might be a stupid question but how do you know you are even running ipchains/iptables or not? THanks al -----Original Message----- From: Steven Evans [mailto:steve at netwaynetworks.com.au] Sent: Sunday, May 05, 2002 9:22 AM To: 'Al Saenz' Cc: 'pptp-server at lists.schulte.org' Subject: RE: [pptp-server] Help Please You need to turn on ip forwarding on your Linux box, then include an ipchains/iptables rule on your Linux box to forward the traffic on. I would use: /sbin/ipchains -A forward -b -s 10.0.0.2/32 -d 0.0.0.0/0 -j ACCEPT -b = bidirectional, I do it out of habit -s = source (i.e. the vpn laptop) -d = destination. The example is to send it to everybody that is if your Linux box is the default gateway of your other boxes, or they remember a route to your laptop. Otherwise they will not know how to send traffic back to your laptop. If that is the case, change ACCEPT to MASQ whichwill masquerade your traffic. Cheers, Steve -----Original Message----- From: Al Saenz [mailto:asaenz at Found-Tech.com] Sent: Saturday, 4 May 2002 4:12 AM To: 'pptp-server at lists.schulte.org' Subject: [pptp-server] Help Please Hello, I have successfully connected to my poptop server using a windows 2000 laptop. I have no firewall in the path nor NAT. This is in a lab environment. After establishing a connection with the VPN server I can ping my (laptop) i/f address and the virtual i/f address of the VPN server I cannot ping any ip address on its internal i/f. The range of ipaddress issued from the vpn server are on the same network as the internal i/f on the server. I also have the same netmask setup in my options file and I have proxyarp in that same file. Any help would be greatly appreciated Thanks al _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From asaenz at Found-Tech.com Mon May 6 13:19:33 2002 From: asaenz at Found-Tech.com (Al Saenz) Date: Mon, 6 May 2002 14:19:33 -0400 Subject: [pptp-server] Help Please Message-ID: Thanks again everyone This is my output Chain input, forward, output (policy ACCEPT): For all three in/for/out. This means I need to add the chain rules as described below by Steve, right? al -----Original Message----- From: Jorge Santos [mailto:jorgesantos at valnetsado.pt] Sent: Monday, May 06, 2002 2:00 PM To: 'Al Saenz' Subject: RE: [pptp-server] Help Please 'iptables -L' or 'ipchains -L' -- \_/ Jorge Alexandre Santos 'v' jorgesantos at valnetsado.pt // \\ Tel : 212327300 /( )\ Fax : 212327301 ^`~?^ Valnet Sado S.A. -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org] On Behalf Of Al Saenz Sent: segunda-feira, 6 de Maio de 2002 18:16 To: 'Steven Evans' Cc: 'pptp-server at lists.schulte.org' Subject: RE: [pptp-server] Help Please Thanks for your help Steve. This might be a stupid question but how do you know you are even running ipchains/iptables or not? THanks al -----Original Message----- From: Steven Evans [mailto:steve at netwaynetworks.com.au] Sent: Sunday, May 05, 2002 9:22 AM To: 'Al Saenz' Cc: 'pptp-server at lists.schulte.org' Subject: RE: [pptp-server] Help Please You need to turn on ip forwarding on your Linux box, then include an ipchains/iptables rule on your Linux box to forward the traffic on. I would use: /sbin/ipchains -A forward -b -s 10.0.0.2/32 -d 0.0.0.0/0 -j ACCEPT -b = bidirectional, I do it out of habit -s = source (i.e. the vpn laptop) -d = destination. The example is to send it to everybody that is if your Linux box is the default gateway of your other boxes, or they remember a route to your laptop. Otherwise they will not know how to send traffic back to your laptop. If that is the case, change ACCEPT to MASQ whichwill masquerade your traffic. Cheers, Steve -----Original Message----- From: Al Saenz [mailto:asaenz at Found-Tech.com] Sent: Saturday, 4 May 2002 4:12 AM To: 'pptp-server at lists.schulte.org' Subject: [pptp-server] Help Please Hello, I have successfully connected to my poptop server using a windows 2000 laptop. I have no firewall in the path nor NAT. This is in a lab environment. After establishing a connection with the VPN server I can ping my (laptop) i/f address and the virtual i/f address of the VPN server I cannot ping any ip address on its internal i/f. The range of ipaddress issued from the vpn server are on the same network as the internal i/f on the server. I also have the same netmask setup in my options file and I have proxyarp in that same file. Any help would be greatly appreciated Thanks al _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- From GeorgeV at citadelcomputer.com.au Mon May 6 18:15:49 2002 From: GeorgeV at citadelcomputer.com.au (George Vieira) Date: Tue, 7 May 2002 09:15:49 +1000 Subject: [pptp-server] Live IP logging. Redesigned.. Message-ID: <200FAA488DE0D41194F10010B597610D2B9F5F@jupiter.citadelcomputer.com.au> Hi all, I haven't been on the list for a long time and currently still not on the list but I've made changes to the PPPD ip-up.local script which logs the live IP to a log file and thought you guys may like it as it doesn't use GREP which is messy and slower. With little more effort, I could write it to log the authenticated username against the Live IP as well.. Here's my script, I didn't bother with the output being as eg. [203.0.100.23] [root at firewall bin]# cat /etc/ppp/ip-up.local #!/bin/bash DATE=`date +\"%d/%m/%y\"` PPPLCK="/var/run/$1.pid" PPPPID=`cat $PPPLCK` PPPPAR=`ps -h \`ps -lh $PPPPID | awk '{print $4}'\`` PPPIP=`echo "$PPPPAR" | awk '{print $6}'` echo "$PPPIP" # $PPPIP appears as [A.B.C.D] echo "[$DATE] $PPPIP " >>/var/log/pppd.log thanks, George Vieira Systems Manager Citadel Computer Systems P/L http://www.citadelcomputer.com.au From neale at lowendale.com.au Mon May 6 19:15:50 2002 From: neale at lowendale.com.au (Neale Banks) Date: Tue, 7 May 2002 10:15:50 +1000 (EST) Subject: [pptp-server] Live IP logging. Redesigned.. In-Reply-To: <200FAA488DE0D41194F10010B597610D2B9F5F@jupiter.citadelcomputer.com.au> Message-ID: On Tue, 7 May 2002, George Vieira wrote: > I haven't been on the list for a long time and currently still not on the > list but I've made changes to the PPPD ip-up.local script which logs the > live IP to a log file and thought you guys may like it as it doesn't use > GREP which is messy and slower. With little more effort, I could write it to > log the authenticated username against the Live IP as well.. Either I've missed something here, or the existence of "Local IP number" as param $4 to ip-up allows us to reduce this to something like: #!/bin/bash DATE=`date +\"%d/%m/%y\"` PPPIP=$4 echo "$PPPIP" echo "[$DATE] $PPPIP " >>/var/log/pppd.log Or is having the "Local IP number" a Debianism (surely not?)? HTH, Neale. From GeorgeV at citadelcomputer.com.au Mon May 6 18:35:33 2002 From: GeorgeV at citadelcomputer.com.au (George Vieira) Date: Tue, 7 May 2002 09:35:33 +1000 Subject: [pptp-server] Live IP logging. Redesigned.. Message-ID: <200FAA488DE0D41194F10010B597610D2B9F61@jupiter.citadelcomputer.com.au> You are talking about the VPN IP address not the Internet IP that the user connects on. thanks, George Vieira Systems Manager Citadel Computer Systems P/L http://www.citadelcomputer.com.au -----Original Message----- From: Neale Banks [mailto:neale at lowendale.com.au] Sent: Tuesday, 07 May 2002 10:16 AM To: George Vieira Cc: PPTP List (E-mail) Subject: Re: [pptp-server] Live IP logging. Redesigned.. On Tue, 7 May 2002, George Vieira wrote: > I haven't been on the list for a long time and currently still not on the > list but I've made changes to the PPPD ip-up.local script which logs the > live IP to a log file and thought you guys may like it as it doesn't use > GREP which is messy and slower. With little more effort, I could write it to > log the authenticated username against the Live IP as well.. Either I've missed something here, or the existence of "Local IP number" as param $4 to ip-up allows us to reduce this to something like: #!/bin/bash DATE=`date +\"%d/%m/%y\"` PPPIP=$4 echo "$PPPIP" echo "[$DATE] $PPPIP " >>/var/log/pppd.log Or is having the "Local IP number" a Debianism (surely not?)? HTH, Neale. From manoj.rana at tatainfotech.com Tue May 7 02:21:56 2002 From: manoj.rana at tatainfotech.com (MANOJ KUMAR RANA) Date: Tue, 7 May 2002 12:51:56 +0530 (IST) Subject: [pptp-server] A newbie query ... In-Reply-To: <118DC586DF4FD311948800A0247C044D01638D4B@NTSVR1> Message-ID: Hi, I tried looking into the archieves for the problem and even reinstalled the entire list of softwares ... as was there in posting "Ready to help pptpd newbies" at this mailing list( including upgrading linux kernel from 2.2.14 to 2.2.17) .... but to no help ?? By now I am able to make the VPN connection ( could see another device ppp1 in the 'ifconfig' entry ). But could neither ping to client from server nor to server from win98 client. 1. ipchains all permission ALLOWED. my routing entries are: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 203.124.240.35 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp1 163.122.23.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 203.124.240.35 0.0.0.0 UG 0 0 0 ppp0 through ppp0 I am connecting to ISP. And ppp1 is device for VPN connection ends. eth0 is my local network's (163.122.23.0) connection point Where should I look from here ... any help? Anything else required With Best Regards, MKR > I replied to something like this yesterday. Search the archives. > > Cheers, > Steve > > -----Original Message----- > From: MANOJ KUMAR RANA [mailto:manoj.rana at tatainfotech.com] > Sent: Monday, 6 May 2002 12:30 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] A newbie query ... > > Hi, > I have a test environment setup using poptop server. > My server is installed at a linux box which is connected to my LAN, and > dials out to isp to get a outside recognisable IP. My client is on windows > m/c and dials out to ISP. > > So both machines connect to internet through dialup, and Linux server is > hooked to the LAN through its only network card. > > So far I have been able to dial up and successfully made the VPN > connection ( As the server m/c created another PPP device for this > connection ), but could not ping the server machine. > > Where I am going wrong. Any help will be appreciated. > > My intention is to connect to the server machine and then telnet to some > local machine in the LAN from dialup windows client. > > So what are the normal steps for such a configuration. > > > Any help will be greatly appreciated. > > > With Best Regards, > MKR > > > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From haidang79 at yahoo.com Tue May 7 20:02:09 2002 From: haidang79 at yahoo.com (HaiDang) Date: Tue, 7 May 2002 18:02:09 -0700 (PDT) Subject: [pptp-server] dialin and pptp stuck at pppd Message-ID: <20020508010209.67464.qmail@web10407.mail.yahoo.com> Hello group, I'm trying to set up dial-up and pptp for RH 7.2 kernel 2.4.7-10. I'm able to dial to or make a vpn connection to the point where pppd is brought up. Then it's killed somehow. Now I am testing just pppd by dialing out to an ISP. I'm able to get an IP assigned, but the routing table does not use the new connection as the default route, not matter that I have the line "defaultroute" in the ppp/options file. Can anyone give me any suggestions?? Thank you __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com From kelphon at mic.com.tw Tue May 7 21:28:11 2002 From: kelphon at mic.com.tw (=?gb2312?B?a2VscGhvbiDMxszssfg=?=) Date: Wed, 8 May 2002 10:28:11 +0800 Subject: [pptp-server] *****SPAM***** unsubscribe Message-ID: SPAM: -------------------- Start SpamAssassin results ---------------------- SPAM: This mail is probably spam. The original message has been altered SPAM: so you can recognise or block similar unwanted mail in future. SPAM: See http://spamassassin.org/tag/ for more details. SPAM: SPAM: Content analysis details: (5 hits, 5 required) SPAM: Hit! (0.2 points) BODY: Correct for MIME 'null block' SPAM: Hit! (1.8 points) A foreign language charset used in headers SPAM: Hit! (3.0 points) Received: says mail bounced all around the world SPAM: Hit! (-0.0 points) AWL: Auto-whitelist adjustment SPAM: SPAM: -------------------- End of SpamAssassin results --------------------- This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1F637.FFC26A50 Content-Type: text/plain; charset="gb2312" ------_=_NextPart_001_01C1F637.FFC26A50 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

------_=_NextPart_001_01C1F637.FFC26A50-- From alex at morrison.king.net.nz Wed May 8 03:59:15 2002 From: alex at morrison.king.net.nz (Alex King) Date: Wed, 8 May 2002 20:59:15 +1200 Subject: [pptp-server] poptop, mppe, and ppp cvs Message-ID: <20020508085915.GA8251@morrison.king.net.nz> I'm getting nowhere fast in my attempt to set up poptop with debian linux :( to recap, I run: Debian woody, with pptpd 1.1.2 (standard woody package) pppd pulled from CVS at www.samba.org. kernel 2.4.19-pre8, patched with the three patches for 2.4.18 in the pppd cvs sources. It's not that I necessarily WANT to run the latest of everything, but there seems to be a whole lot of conflicting info out there about where to obtain and how to set up poptop. I thought that the latest would be most likely to work the best, perhaps I'm wrong.... Where I'm at - I can connect using a win95/DUN1.4 client with CHAP and no encryption. If tick "Require encrypted password" on the cient, I can still connect: sent [LCP ConfReq id=0x1 ] ... rcvd [LCP ConfAck id=0x1 ] sent [CHAP Challenge id=... rcvd [CHAP Response... sent [CHAP Success... and the connection succeeds When I configure the server with require-mschap-v2 I get: sent [LCP ConfReq id=0x1 ] ... rcvd [LCP ConfAck id=0x1 ] sent [CHAP Challenge... rcvd [CHAP Response... sent [CHAP Success... sent [IPCP ConfReq id=0x1 ] sent [CCP ConfReq id=0x1 ] CHAP peer authentication succeeded for workgroup\\alex rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f] rcvd [LCP TermReq id=0x3] and the connection fails (note I have workgroup\\alex in the chap secrets) Here is my main question: What should I do to get a working setup? Should I go back to 2.4.18, or an earlier 2.4 with other patches, or even back to 2.2 kernel? Is my configuration worng? Is it a client issue? (I tried the linux pptp client, but I found mail list notes saying this does not work with later 2.4 kernels, and I could not get it going even unencrypted.) It is more difficult for me to test against win98, but I would do that if I thought I'd have a better chance. What is the significance of the ProtRej line second to last in the above log? Has anyone got a poptop to work in a similar setup (ie, kernel 2.4.18 or 2.4.19 with mschap-v2 and mppe encryption?) I intend to solve this problem tonight...... :^P Alex From floydianfan at hotmail.com Wed May 8 08:30:04 2002 From: floydianfan at hotmail.com (Denilson Amaral Zimmermann) Date: Wed, 08 May 2002 13:30:04 +0000 Subject: [pptp-server] MPD how-to Message-ID: Hello all im new here and i making a vpn with dial-up connection, and i would like to know if theres a good MPD how-to in the web and where i can get! Thanks for while Denilson Iju? - RS - Brazil UNIJUI _________________________________________________________________ Converse com amigos on-line, conhe?a o MSN Messenger: http://messenger.msn.com From info at bofest.de Wed May 8 11:01:47 2002 From: info at bofest.de (info) Date: Wed, 08 May 2002 18:01:47 +0200 Subject: [pptp-server] VPN under Suse Linux 7.2 through SMC Barricade Message-ID: <3CD94BEB.2070506@bofest.de> Hi together, I try to get a VPN established with the following conditions: VPN Server Suse Linux 7.2 Kernel 2.4.4, VPN with PPTPD 2.4.0 To access the server, the clients have to go throuh a SMC Barricade DSL-Router (PPTP-Port is enabled in the router) Clients are under W2K So up to now, it doesn't work so here you get my configs and my messages from the linux box: pptpd .conf: > localip 192.168.123.1 > > remoteip 192.168.123.100-199 > > option /etc/ppp/options > > > etc/ppp/options: > > name dagobert > > debug > > auth > > +chap > > +chapms > > +chapms-v2 > > crtscts > > lock > > local > > asyncmap 0 > > nodetach > > lcp-echo-interval 30 > > lcp-echo-failure 4 > > lcp-max-configure 60 > > lcp-restart 2 > > idle 600 > > noipx > > proxyarp > > and part of the messages > > May 7 16:15:29 dagobert pptpd[19849]: MGR: Launching /usr/sbin/pptpctrl to > handle client > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: local address = 192.168.123.1 > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: remote address = 192.168.123.100 > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: pppd speed = 115200 > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: pppd options file = > /etc/ppp/options > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Client 217.82.29.66 control > connection started > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Received PPTP Control Message > (type: 1) > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Made a START CTRL CONN RPLY > packet > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: I wrote 156 bytes to the client. > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Sent packet to client > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Received PPTP Control Message (type: 7) > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: 0 min_bps, 1525 max_bps, 32 > window size > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Made a OUT CALL RPLY packet > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Starting call (launching pppd, > opening GRE) > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: pty_fd = 5 > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: tty_fd = 6 > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: I wrote 32 bytes to the client. > > May 7 16:15:29 dagobert pptpd[19850]: CTRL (PPPD Launcher): Connection speed > = 115200 > > May 7 16:15:29 dagobert pptpd[19850]: CTRL (PPPD Launcher): local address = > 192.168.123.1 > > May 7 16:15:29 dagobert pptpd[19850]: CTRL (PPPD Launcher): remote address = > 192.168.123.100 > > May 7 16:15:29 dagobert pppd[19850]: pppd 2.4.0 started by root, uid 0 > > May 7 16:15:29 dagobert pppd[19850]: using channel 6 > > May 7 16:15:29 dagobert pppd[19850]: Using interface ppp0 > > May 7 16:15:29 dagobert pppd[19850]: Connect: ppp0 <--> /dev/pts/1 > > May 7 16:15:29 dagobert pppd[19850]: sent [LCP ConfReq id=0x1 > ] > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Sent packet to client > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Received PPTP Control Message > (type: 15) > > May 7 16:15:29 dagobert pptpd[19849]: CTRL: Got a SET LINK INFO packet with > standard ACCMs > > May 7 16:15:31 dagobert pppd[19850]: sent [LCP ConfReq id=0x1 > ] > > May 7 16:16:03 dagobert last message repeated 16 times > > May 7 16:16:05 dagobert pppd[19850]: sent [LCP ConfReq id=0x1 > ] > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Received PPTP Control Message > (type: 12) > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Made a CALL DISCONNECT RPLY > packet > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Received CALL CLR request > (closing call) > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: I wrote 148 bytes to the client. > > May 7 16:16:06 dagobert pppd[19850]: Modem hangup > > May 7 16:16:06 dagobert pppd[19850]: Connection terminated. > > May 7 16:16:06 dagobert pppd[19850]: Exit. > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Sent packet to client > > May 7 16:16:06 dagobert pptpd[19849]: GRE: read error: Bad file descriptor > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: PTY read or GRE write failed > (pty,gre)=(-1,-1) > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Client 217.82.29.66 control > connection finished > > May 7 16:16:06 dagobert pptpd[19849]: CTRL: Exiting now > > May 7 16:16:06 dagobert pptpd[19817]: MGR: Reaped child 19849 > > > > So what s going wrong ? I just can't figure out. Thanx in advance Uwe From alex at morrison.king.net.nz Wed May 8 19:06:29 2002 From: alex at morrison.king.net.nz (Alex King) Date: Thu, 9 May 2002 12:06:29 +1200 Subject: [pptp-server] Debugging link In-Reply-To: <20020508085915.GA8251@morrison.king.net.nz> References: <20020508085915.GA8251@morrison.king.net.nz> Message-ID: <20020509000629.GA11968@morrison.king.net.nz> On Wed, May 08, 2002 at 08:59:15PM +1200, Alex King wrote: > I'm getting nowhere fast in my attempt to set up poptop with debian > linux :( > ... > > I intend to solve this problem tonight...... :^P > Well, I'n no further along, I gave up... %-| How can I dump all the packets that go over the link? I tried kdebug 7 in the pptp-options, but that didn't work If I use tcpdump on the link the result is simply "gre-proto-0x880B (gre encap)", tcpdump does not decode the gre packets. I have no way of launching a tcpdump on the ppp interface early enough to capture the interaction. Alex From fcusack at fcusack.com Thu May 9 05:16:20 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Thu, 9 May 2002 03:16:20 -0700 Subject: [pptp-server] poptop, mppe, and ppp cvs In-Reply-To: <20020508085915.GA8251@morrison.king.net.nz>; from alex@morrison.king.net.nz on Wed, May 08, 2002 at 08:59:15PM +1200 References: <20020508085915.GA8251@morrison.king.net.nz> Message-ID: <20020509031620.A11051@google.com> On Wed, May 08, 2002 at 08:59:15PM +1200, Alex King wrote: > Where I'm at - I can connect using a win95/DUN1.4 client with CHAP and no > encryption. If tick "Require encrypted password" on the cient, I can > still connect: > > sent [LCP ConfReq id=0x1 > ] > ... > rcvd [LCP ConfAck id=0x1 > ] > sent [CHAP Challenge id=... > rcvd [CHAP Response... > sent [CHAP Success... > > and the connection succeeds > > When I configure the server with require-mschap-v2 I get: > sent [LCP ConfReq id=0x1 > ] > ... > rcvd [LCP ConfAck id=0x1 > ] > sent [CHAP Challenge... > rcvd [CHAP Response... > sent [CHAP Success... > sent [IPCP ConfReq id=0x1 ] > sent [CCP ConfReq id=0x1 ] > CHAP peer authentication succeeded for workgroup\\alex > rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f] > rcvd [LCP TermReq id=0x3] > > and the connection fails (note I have workgroup\\alex in the chap > secrets) > > Here is my main question: > > What should I do to get a working setup? Should I go back to 2.4.18, or > an earlier 2.4 with other patches, or even back to 2.2 kernel? Is my > configuration worng? Is it a client issue? (I tried the linux pptp > client, but I found mail list notes saying this does not work with later > 2.4 kernels, and I could not get it going even unencrypted.) It is more > difficult for me to test against win98, but I would do that if I thought > I'd have a better chance. > > What is the significance of the ProtRej line second to last in the above > log? Has anyone got a poptop to work in a similar setup (ie, kernel > 2.4.18 or 2.4.19 with mschap-v2 and mppe encryption?) I've got it working with a win2k client. I am currently aware of win98 problems which I am working on, related to mschap (v1). The ProtRej is worrisome. This is a long shot, but try setting 'novj' and 'nodeflate' in your ppp options. You might also try 'asyncmap a0000'. It does appear that win95 doesn't like your IPCP offering, but normally it should send you an IPCP ConfNak. But it might be broken. /fc From bao at gibbons.com Thu May 9 19:04:43 2002 From: bao at gibbons.com (bao) Date: Thu, 09 May 2002 17:04:43 -0700 Subject: [pptp-server] OT - pppd Message-ID: <3CDB0E9B.521E400B@gibbons.com> Hi list, I try to get pptpd and dial-in run, but fail when they come to pppd. Because both use pppd as the underlying protocol (I think), I guess the problem is at pppd, not dial-in or pptpd. Here is the log when I dialed into the server (RH 72, kernel 2.4.7-10, running ppp 2.4.1-2) and invoked pppd May 9 16:49:34 server_machine pppd[3061]: pppd 2.4.1 started by ppp_user, uid 502 May 9 16:49:34 server_machine pppd[3061]: using channel 3 May 9 16:49:34 server_machine pppd[3061]: Using interface ppp0 May 9 16:49:34 server_machine pppd[3061]: Connect: ppp0 <--> /dev/ttyS0 May 9 16:49:34 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 ] May 9 16:49:49 server_machine last message repeated 5 times May 9 16:49:50 server_machine pppd[3061]: rcvd [LCP ConfReq id=0x1 ] May 9 16:49:50 server_machine pppd[3061]: sent [LCP ConfAck id=0x1 ] May 9 16:49:52 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 ] May 9 16:49:52 server_machine pppd[3061]: rcvd [LCP ConfAck id=0x1 ] May 9 16:49:52 server_machine pppd[3061]: rcvd [PAP AuthReq id=0x1 user="ppp_user" password=] May 9 16:49:52 server_machine pppd[3061]: sent [PAP AuthAck id=0x1 "Login ok"] May 9 16:49:52 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:49:52 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:49:55 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:49:55 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:49:58 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:49:58 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:01 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:01 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:04 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:04 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:07 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:07 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:10 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:10 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:13 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:13 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:16 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:16 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:19 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 ] May 9 16:50:19 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 ] May 9 16:50:22 server_machine pppd[3061]: IPCP: timeout sending Config-Requests May 9 16:50:22 server_machine pppd[3061]: sent [LCP TermReq id=0x2 "No network protocols running"] May 9 16:50:22 server_machine pppd[3061]: rcvd [LCP TermAck id=0x2] May 9 16:50:22 server_machine pppd[3061]: Connection terminated. May 9 16:50:22 server_machine pppd[3061]: Connect time 0.8 minutes. May 9 16:50:22 server_machine pppd[3061]: Sent 310 bytes, received 0 bytes. May 9 16:50:22 server_machine pppd[3061]: Exit. Please give me some suggestions Thanks From fcusack at fcusack.com Thu May 9 19:48:59 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Thu, 9 May 2002 17:48:59 -0700 Subject: [pptp-server] OT - pppd In-Reply-To: <3CDB0E9B.521E400B@gibbons.com>; from bao@gibbons.com on Thu, May 09, 2002 at 05:04:43PM -0700 References: <3CDB0E9B.521E400B@gibbons.com> Message-ID: <20020509174858.Y15133@google.com> Known problem with RH pppd. It's negotiating callback when it can't actually do it. The client is expecting a call back. Upgrade to the latest RH pppd. /fc On Thu, May 09, 2002 at 05:04:43PM -0700, bao wrote: > Hi list, > > I try to get pptpd and dial-in run, but fail when they come to pppd. > > Because both use pppd as the underlying protocol (I think), I guess the > problem is at pppd, not dial-in or pptpd. Here is the log when I dialed > into the server (RH 72, kernel 2.4.7-10, running ppp 2.4.1-2) and > invoked pppd > > > May 9 16:49:34 server_machine pppd[3061]: pppd 2.4.1 started by > ppp_user, uid 502 > May 9 16:49:34 server_machine pppd[3061]: using channel 3 > May 9 16:49:34 server_machine pppd[3061]: Using interface ppp0 > May 9 16:49:34 server_machine pppd[3061]: Connect: ppp0 <--> /dev/ttyS0 > > May 9 16:49:34 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 > ] > May 9 16:49:49 server_machine last message repeated 5 times > May 9 16:49:50 server_machine pppd[3061]: rcvd [LCP ConfReq id=0x1 > ] > May 9 16:49:50 server_machine pppd[3061]: sent [LCP ConfAck id=0x1 > ] ^^^^^^^^^^^^^ From anorman at superdata.com Thu May 9 20:30:56 2002 From: anorman at superdata.com (Andre Normandin) Date: Thu, 9 May 2002 21:30:56 -0400 Subject: [pptp-server] OT - pppd In-Reply-To: <3CDB0E9B.521E400B@gibbons.com> Message-ID: Yes, you are correct.. Update pppd to the latest.. There is a Red Hat notice on this specifically for the LCP stuff!!! You need to update to ppp-2.4.1-3.i386.rpm !!! ------------------------------------------------- Errata: Updated ppp packages available ? Details Systems Affected Advisory: RHBA-2002:037-04 Advisory Type: Bug Fix Advisory Product: Red Hat Linux Relevant Channels: Red Hat Linux 7.2 i386 Red Hat Linux 7.2 ia64 Bugs Fixed: IPCP timeout with MS clients (No network protocols running) Topic: Updated ppp packages are available for Red Hat Linux 7.2. These updates fix a bug which hampered interoperability with other PPP implementations. Description: The version of pppd included in Red Hat Linux 7.2 incorrectly advertised support for CBCP. If a peer attempted to configure use of this protocol, the LCP negotiation and the connection attempt would fail. Verification: Red Hat Linux 7.2 i386: 9021e419ab81d6caad3d6966bdb09aee ppp-2.4.1-3.i386.rpm Red Hat Linux 7.2 ia64: 2f25f59f1281a18c972f5cbcc32081dd ppp-2.4.1-3.ia64.rpm Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Issued Date: 2002-02-27 Update Date: 2002-04-29 Keywords: cbcp, ppp, pppd References: Notes: Copyright C 2001-02 Red Hat, Inc. All rights reserved. Legal statement : Privacy statement > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of bao > Sent: Thursday, May 09, 2002 8:05 PM > To: pptp > Subject: [pptp-server] OT - pppd > > > Hi list, > > I try to get pptpd and dial-in run, but fail when they come to pppd. > > Because both use pppd as the underlying protocol (I think), I guess the > problem is at pppd, not dial-in or pptpd. Here is the log when I dialed > into the server (RH 72, kernel 2.4.7-10, running ppp 2.4.1-2) and > invoked pppd > > > May 9 16:49:34 server_machine pppd[3061]: pppd 2.4.1 started by > ppp_user, uid 502 > May 9 16:49:34 server_machine pppd[3061]: using channel 3 > May 9 16:49:34 server_machine pppd[3061]: Using interface ppp0 > May 9 16:49:34 server_machine pppd[3061]: Connect: ppp0 <--> /dev/ttyS0 > > May 9 16:49:34 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 > ] > May 9 16:49:49 server_machine last message repeated 5 times > May 9 16:49:50 server_machine pppd[3061]: rcvd [LCP ConfReq id=0x1 > ] > May 9 16:49:50 server_machine pppd[3061]: sent [LCP ConfAck id=0x1 > ] > May 9 16:49:52 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 > ] > May 9 16:49:52 server_machine pppd[3061]: rcvd [LCP ConfAck id=0x1 > ] > May 9 16:49:52 server_machine pppd[3061]: rcvd [PAP AuthReq id=0x1 > user="ppp_user" password=] > May 9 16:49:52 server_machine pppd[3061]: sent [PAP AuthAck id=0x1 > "Login ok"] > May 9 16:49:52 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:49:52 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:49:55 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:49:55 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:49:58 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:49:58 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:01 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:01 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:04 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:04 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:07 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:07 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:10 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:10 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:13 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:13 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:16 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:16 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:19 server_machine pppd[3061]: sent [IPCP ConfReq id=0x1 > ] > May 9 16:50:19 server_machine pppd[3061]: sent [CCP ConfReq id=0x1 > ] > May 9 16:50:22 server_machine pppd[3061]: IPCP: timeout sending > Config-Requests > May 9 16:50:22 server_machine pppd[3061]: sent [LCP TermReq id=0x2 "No > network protocols running"] > May 9 16:50:22 server_machine pppd[3061]: rcvd [LCP TermAck id=0x2] > May 9 16:50:22 server_machine pppd[3061]: Connection terminated. > May 9 16:50:22 server_machine pppd[3061]: Connect time 0.8 minutes. > May 9 16:50:22 server_machine pppd[3061]: Sent 310 bytes, received 0 > bytes. > May 9 16:50:22 server_machine pppd[3061]: Exit. > > > Please give me some suggestions > > Thanks > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From sliu at secai.com Fri May 10 01:27:56 2002 From: sliu at secai.com (Shu Liu) Date: Thu, 09 May 2002 23:27:56 -0700 Subject: [pptp-server] Linux version question References: <3CDB0E9B.521E400B@gibbons.com> <20020509174858.Y15133@google.com> Message-ID: <3CDB686C.859F9D54@secai.com> Frank, I want to download a free Linux(not RH) to set up PPTP server, and in the future, I want to try FreeS/WAN on it also. What version is the best and can you give me a pointer ? Many thanks, Shu Liu Frank Cusack wrote: > Known problem with RH pppd. It's negotiating callback when it can't actually > do it. The client is expecting a call back. Upgrade to the latest RH pppd. > > /fc > > On Thu, May 09, 2002 at 05:04:43PM -0700, bao wrote: > > Hi list, > > > > I try to get pptpd and dial-in run, but fail when they come to pppd. > > > > Because both use pppd as the underlying protocol (I think), I guess the > > problem is at pppd, not dial-in or pptpd. Here is the log when I dialed > > into the server (RH 72, kernel 2.4.7-10, running ppp 2.4.1-2) and > > invoked pppd > > > > > > May 9 16:49:34 server_machine pppd[3061]: pppd 2.4.1 started by > > ppp_user, uid 502 > > May 9 16:49:34 server_machine pppd[3061]: using channel 3 > > May 9 16:49:34 server_machine pppd[3061]: Using interface ppp0 > > May 9 16:49:34 server_machine pppd[3061]: Connect: ppp0 <--> /dev/ttyS0 > > > > May 9 16:49:34 server_machine pppd[3061]: sent [LCP ConfReq id=0x1 > > ] > > May 9 16:49:49 server_machine last message repeated 5 times > > May 9 16:49:50 server_machine pppd[3061]: rcvd [LCP ConfReq id=0x1 > > ] > > May 9 16:49:50 server_machine pppd[3061]: sent [LCP ConfAck id=0x1 > > ] > ^^^^^^^^^^^^^ > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From spenneb at spenneberg.de Fri May 10 03:57:34 2002 From: spenneb at spenneberg.de (spenneb at spenneberg.de) Date: Fri, 10 May 2002 10:57:34 +0200 Subject: [pptp-server] RedHat 7.3 packages Message-ID: <20020510105734.C25986@grobi> I just created the kernel packages and a patched pppd for RedHat 7.3. The packages are based on the original Red Hat Kernel and are patched with MPPE Patches FreeS/Wan 1.97 x509 0.9.11 They provide you with everything you need to set up a VPN either based on PPTP/MPPE or IPsec. They are available on http://www.spenneberg.org/VPN Sources are at http://www.spenneberg.org/SRPMS Cheers, Ralf -- Ralf Spenneberg MCSE+I, MCT, RHCE, RHCX, LCP, Linux-Consultant Waldring 34 48565 Steinfurt Fon: +49(0)2552 638 755 Fax: +49(0)2552 638 757 Mobil: +49(0)177 567 27 40 http://www.spenneberg.com/.net/.org/.de From fcusack at fcusack.com Fri May 10 05:55:48 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Fri, 10 May 2002 03:55:48 -0700 Subject: [pptp-server] Re: Linux version question In-Reply-To: <3CDB686C.859F9D54@secai.com>; from sliu@secai.com on Thu, May 09, 2002 at 11:27:56PM -0700 References: <3CDB0E9B.521E400B@gibbons.com> <20020509174858.Y15133@google.com> <3CDB686C.859F9D54@secai.com> Message-ID: <20020510035548.C9922@google.com> On Thu, May 09, 2002 at 11:27:56PM -0700, Shu Liu wrote: > > Frank, > > I want to download a free Linux(not RH) to set up PPTP server, > and in the future, I want to try FreeS/WAN on it also. > > What version is the best and can you give me a pointer ? RH linux is free. It's the only one I've ever used so I'm not a good person to ask what might be better. I tend to think Debian is better (considering the grief RH gives me) but I've never actually used Debian so maybe it has problems also. If I were to try a new distribution, I'd look at either Debian or PLD. Most people that wave Debian flags only talk about apt (apt-get). Those folks don't know what they're talking about. YMMV /fc From jarvis at caiman.co.uk Fri May 10 12:14:21 2002 From: jarvis at caiman.co.uk (Jarvis McKenzie) Date: Fri, 10 May 2002 18:14:21 +0100 Subject: [pptp-server] VPN Message-ID: <000e01c1f846$20d7b050$1a00a8c0@caimanmedia.co.uk> David, Evening ...it's me again - thanks for the pointers. However, I'm still experiencing connection difficulties. The connection is made initially and then thus far has either timed out or prematurely exited before the connection has been established. chap/pap2-secrets have been edited as follows: # client server secret IP addresses NAME SERVERNAME PASSWORD CLIENT_IP:SERVER_IP Has the "IP addresses" field been entered properly ? pap-secrets has apparently been auto-edited (well, at least I didn't put it in there) as follows: caiman ppp0 XXXXXXXXX (what's the "ppp0" about and I'm guessing the random string is a password after encryption ...make that a weak encryption ..it's almost guessable looking at it ..infact I've had to X it out !! :-)) I have copied the sample "options" file supplied and proceeded to systematically comment / uncomment options with no success. I have edited "/etc/ppp/resolv.conf" to reflect the proper name server. Is there anything else I'm missing or should check ??? (AAAAARGGGGH) syslog - last connection attempt: May 10 17:11:52 m pptpd[32599]: CTRL: pppd options file = /etc/ppp/options May 10 17:11:52 m pptpd[32599]: CTRL: Client 192.168.0.26 control connection started May 10 17:11:52 m pptpd[32599]: CTRL: Received PPTP Control Message (type: 1) May 10 17:11:52 m pptpd[32599]: CTRL: Made a START CTRL CONN RPLY packet May 10 17:11:52 m pptpd[32599]: CTRL: I wrote 156 bytes to the client. May 10 17:11:52 m pptpd[32599]: CTRL: Sent packet to client May 10 17:12:57 m pptpd[32599]: CTRL: Sending ECHO REQ id 1 May 10 17:12:57 m pptpd[32599]: CTRL: Made a ECHO REQ packet May 10 17:12:57 m pptpd[32599]: CTRL: I wrote 16 bytes to the client. May 10 17:12:57 m pptpd[32599]: CTRL: Sent packet to client May 10 17:14:02 m pptpd[32599]: CTRL: Session timed out, ending call May 10 17:14:02 m pptpd[32599]: CTRL: Client 192.168.0.* control connection finished May 10 17:14:02 m pptpd[32599]: CTRL: Exiting now May 10 17:14:35 m pptpd[32608]: CTRL: pppd options file = /etc/ppp/options May 10 17:14:35 m pptpd[32608]: CTRL: Client 192.168.0.* control connection started May 10 17:14:35 m pptpd[32608]: CTRL: Received PPTP Control Message (type: 1) May 10 17:14:35 m pptpd[32608]: CTRL: Made a START CTRL CONN RPLY packet May 10 17:14:35 m pptpd[32608]: CTRL: I wrote 156 bytes to the client. May 10 17:14:35 m pptpd[32608]: CTRL: Sent packet to client May 10 17:15:40 m pptpd[32608]: CTRL: Sending ECHO REQ id 1 May 10 17:15:40 m pptpd[32608]: CTRL: Made a ECHO REQ packet May 10 17:15:40 m pptpd[32608]: CTRL: I wrote 16 bytes to the client. May 10 17:15:40 m pptpd[32608]: CTRL: Sent packet to client May 10 17:16:45 m pptpd[32608]: CTRL: Session timed out, ending call May 10 17:16:45 m pptpd[32608]: CTRL: Client 192.168.0.* control connection finished May 10 17:16:45 m pptpd[32608]: CTRL: Exiting now options file: servername SERVER_PPTP_IS_ON #lock #auth #debug #require-chap Thanks for your time and patience. ~ All the best, Jarvis. -- Caiman Technologies http://www.caiman.co.uk/ _____________________________ s/b: +44 1727 840 777 eml: jarvis at caiman.co.uk _____________________________ From wylie at datamaersk.com Mon May 13 20:14:32 2002 From: wylie at datamaersk.com (Wylie Swanson) Date: Mon, 13 May 2002 18:14:32 -0700 Subject: [pptp-server] GRE: Bad checksum from pppd ? Message-ID: <001d01c1fae4$b42314d0$0400a8c0@core.datamaersk.net> I am not sure what is causing this problem or if "GRE: Bad checksum from pppd" is the terminating error. This is running on a 2.4.18 patched kernel with mppe and mschap2 and PoPToP. Authentication appears to be working, but the connection is lost immediately after successful authentication. May 13 17:10:15 myserver pptpd[1658]: MGR: Launching /usr/local/sbin/pptpctrl to handle client May 13 17:10:15 myserver pptpd[1658]: CTRL: local address = 192.168.0.15 May 13 17:10:15 myserver pptpd[1658]: CTRL: remote address = 192.168.0.225 May 13 17:10:15 myserver pptpd[1658]: CTRL: pppd options file = /etc/ppp/options.pptp May 13 17:10:15 myserver pptpd[1658]: CTRL: Client 192.168.0.4 control connection started May 13 17:10:15 myserver pptpd[1658]: CTRL: Received PPTP Control Message (type: 1) May 13 17:10:15 myserver pptpd[1658]: CTRL: Made a START CTRL CONN RPLY packet May 13 17:10:15 myserver pptpd[1658]: CTRL: I wrote 156 bytes to the client. May 13 17:10:15 myserver pptpd[1658]: CTRL: Sent packet to client May 13 17:10:15 myserver pptpd[1658]: CTRL: Received PPTP Control Message (type: 7) May 13 17:10:15 myserver pptpd[1658]: CTRL: 0 min_bps, 1525 max_bps, 32 window size May 13 17:10:15 myserver pptpd[1658]: CTRL: Made a OUT CALL RPLY packet May 13 17:10:15 myserver pptpd[1658]: CTRL: Starting call (launching pppd, opening GRE) May 13 17:10:15 myserver pptpd[1658]: CTRL: pty_fd = 5 May 13 17:10:15 myserver pptpd[1658]: CTRL: tty_fd = 6 May 13 17:10:15 myserver pptpd[1659]: CTRL (PPPD Launcher): Connection speed = 115200 May 13 17:10:15 myserver pptpd[1658]: CTRL: I wrote 32 bytes to the client. May 13 17:10:16 myserver pptpd[1659]: CTRL (PPPD Launcher): local address = 192.168.0.15 May 13 17:10:16 myserver pptpd[1658]: CTRL: Sent packet to client May 13 17:10:16 myserver pptpd[1659]: CTRL (PPPD Launcher): remote address = 192.168.0.225 May 13 17:10:16 myserver pptpd[1658]: GRE: Bad checksum from pppd May 13 17:10:16 myserver pptpd[1658]: CTRL: Received PPTP Control Message (type: 15) May 13 17:10:16 myserver pptpd[1658]: CTRL: Got a SET LINK INFO packet with standard ACCMs May 13 17:10:19 myserver pptpd[1658]: CTRL: Received PPTP Control Message (type: 15) May 13 17:10:19 myserver pptpd[1658]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! May 13 17:10:19 myserver pptpd[1658]: CTRL: Received PPTP Control Message (type: 15) May 13 17:10:19 myserver pptpd[1658]: CTRL: Got a SET LINK INFO packet with standard ACCMs May 13 17:10:22 myserver pptpd[1658]: Error reading from pppd: Input/output error May 13 17:10:22 myserver pptpd[1658]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5) May 13 17:10:22 myserver pptpd[1658]: CTRL: Client 192.168.0.4 control connection finished May 13 17:10:22 myserver pptpd[1658]: CTRL: Exiting now May 13 17:10:22 myserver pptpd[1508]: MGR: Reaped child 1658 Thoughts? Here's some additional /etc/ppp/options.pptp: #debug lock auth +chap +chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless TIA From alex at morrison.king.net.nz Mon May 13 20:49:19 2002 From: alex at morrison.king.net.nz (Alex King) Date: Tue, 14 May 2002 13:49:19 +1200 Subject: [pptp-server] poptop, mppe, and ppp cvs In-Reply-To: <20020509031620.A11051@google.com> References: <20020508085915.GA8251@morrison.king.net.nz> <20020509031620.A11051@google.com> Message-ID: <20020514014919.GB2241@morrison.king.net.nz> On Thu, May 09, 2002 at 03:16:20AM -0700, Frank Cusack wrote: > On Wed, May 08, 2002 at 08:59:15PM +1200, Alex King wrote: > > Where I'm at - I can connect using a win95/DUN1.4 client with CHAP and no ... > > When I configure the server with require-mschap-v2 I get: > > sent [LCP ConfReq id=0x1 > > ] > > ... > > rcvd [LCP ConfAck id=0x1 > > ] > > sent [CHAP Challenge... > > rcvd [CHAP Response... > > sent [CHAP Success... > > sent [IPCP ConfReq id=0x1 ] > > sent [CCP ConfReq id=0x1 ] > > CHAP peer authentication succeeded for workgroup\\alex > > rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f] > > rcvd [LCP TermReq id=0x3] > > > > and the connection fails (note I have workgroup\\alex in the chap > > secrets) > > ... > > I've got it working with a win2k client. I am currently aware of win98 > problems which I am working on, related to mschap (v1). > > The ProtRej is worrisome. This is a long shot, but try setting 'novj' > and 'nodeflate' in your ppp options. You might also try 'asyncmap a0000'. > It does appear that win95 doesn't like your IPCP offering, but normally > it should send you an IPCP ConfNak. But it might be broken. > For the record: setting novj and nodeflate options did not help this problem. Nor did 'asyncmap a0000'. With noccp, no ProtRej packet comes through, but the TermReq still comes through, despite an apparantly successfull MSCHAPv2 login (from the server's perspective), and even if the client is not set up to "Require encrypted passowrd" or to "Require data encryption" The only thing that does fix it is to disable the "require-mschap-v2" option on the server. With just "require-mschap" on the server, the Win95 client can successfully connect (and use MPPE) Alex From alex at morrison.king.net.nz Mon May 13 21:36:15 2002 From: alex at morrison.king.net.nz (Alex King) Date: Tue, 14 May 2002 14:36:15 +1200 Subject: [pptp-server] Continuing adventures with cvs pppd Message-ID: <20020514023615.GD2241@morrison.king.net.nz> OK, I can now get a mschap (v1) and mppe-128 connection between my Win95/DUN1.4 client and my poptop/cvs pppd server. However, the worry is (appart from chap-v2 not working) that mppe encryption is not being enforced. Here are my pppd options for pptpd: auth require-mschap require-mppe-128 require-mppe ms-dns 10.0.0.1 ms-wins 10.0.0.1 netmask 255.255.255.0 nodefaultroute proxyarp lock kdebug 7 With "Require encrypted passowrd" and "Require data encryption" not set on the client, although the server sends CCP requests for MPPE, these are not answered by the client, and the connection continues unencrypted. When "Require encrypted passowrd" and "Require data encryption" are set in the client, MPPE encryption is properly negoiated, and used. I would rather have pppd close the connection if the required encryption is not abvailable...... Alex -------------- next part -------------- May 14 14:17:59 morrison pptpd[2778]: CTRL (PPPD Launcher): Connection speed = 115200 May 14 14:17:59 morrison pptpd[2778]: CTRL (PPPD Launcher): local address = 10.0.0.1 May 14 14:17:59 morrison pptpd[2778]: CTRL (PPPD Launcher): remote address = 10.0.0.128 May 14 14:17:59 morrison pppd[2778]: pppd 2.4.2b1 started by root, uid 0 May 14 14:17:59 morrison pppd[2778]: using channel 32 May 14 14:17:59 morrison pppd[2778]: Using interface ppp1 May 14 14:17:59 morrison pppd[2778]: Connect: ppp1 <--> /dev/pts/6 May 14 14:17:59 morrison pppd[2778]: sent [LCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: sent [LCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: rcvd [LCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: sent [LCP ConfAck id=0x1 ] May 14 14:18:02 morrison pppd[2778]: rcvd [LCP ConfAck id=0x1 ] May 14 14:18:02 morrison pppd[2778]: sent [CHAP Challenge id=0x1 , name = "morrison"] May 14 14:18:02 morrison pppd[2778]: rcvd [CHAP Response id=0x1 <5d159d6ea122848cf7fec37c43ea9ff531c15b5ab0b4c7c4752794d970c0654b10ad55d7343ac1a5e5a254819ac13d8701>, name = "workgroup\\alex"] May 14 14:18:02 morrison pppd[2778]: sent [CHAP Success id=0x1 "Welcome to morrison.itspace."] May 14 14:18:02 morrison pppd[2778]: sent [IPCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: Disabling 40-bit MPPE; MS-CHAP LM not supported May 14 14:18:02 morrison pppd[2778]: Disabling 40-bit MPPE; MS-CHAP LM not supported May 14 14:18:02 morrison pppd[2778]: sent [CCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: CHAP peer authentication succeeded for workgroup\\alex May 14 14:18:02 morrison pppd[2778]: rcvd [IPCP ConfReq id=0x1 ] May 14 14:18:02 morrison pppd[2778]: sent [IPCP ConfNak id=0x1 ] May 14 14:18:02 morrison pppd[2778]: rcvd [IPCP ConfAck id=0x1 ] May 14 14:18:02 morrison pppd[2778]: rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 0a 12 06 01 00 00 40] May 14 14:18:02 morrison pppd[2778]: rcvd [IPCP ConfReq id=0x2 ] May 14 14:18:02 morrison pppd[2778]: sent [IPCP ConfAck id=0x2 ] May 14 14:18:02 morrison pppd[2778]: Cannot determine ethernet address for proxy ARP May 14 14:18:02 morrison pppd[2778]: local IP address 10.0.0.1 May 14 14:18:02 morrison pppd[2778]: remote IP address 10.0.0.128 May 14 14:18:02 morrison pppd[2778]: Script /etc/ppp/ip-up started (pid 2787) May 14 14:18:04 morrison pppd[2778]: Script /etc/ppp/ip-up finished (pid 2787), status = 0x0 May 14 14:18:08 morrison pppd[2778]: rcvd [LCP TermReq id=0x3] May 14 14:18:08 morrison pppd[2778]: LCP terminated by peer May 14 14:18:08 morrison pppd[2778]: Script /etc/ppp/ip-down started (pid 2799) May 14 14:18:08 morrison pppd[2778]: sent [LCP TermAck id=0x3] May 14 14:18:08 morrison pppd[2778]: Modem hangup May 14 14:18:08 morrison pppd[2778]: Connection terminated. May 14 14:18:08 morrison pppd[2778]: Connect time 0.2 minutes. May 14 14:18:08 morrison pppd[2778]: Sent 100 bytes, received 152 bytes. May 14 14:18:08 morrison pppd[2778]: Waiting for 1 child processes... May 14 14:18:08 morrison pppd[2778]: script /etc/ppp/ip-down, pid 2799 May 14 14:18:08 morrison pppd[2778]: Script /etc/ppp/ip-down finished (pid 2799), status = 0x0 May 14 14:18:08 morrison pppd[2778]: Connect time 0.2 minutes. May 14 14:18:08 morrison pppd[2778]: Sent 100 bytes, received 152 bytes. May 14 14:18:08 morrison pppd[2778]: Exit. -------------- next part -------------- May 14 14:30:51 morrison pptpd[2884]: CTRL (PPPD Launcher): Connection speed = 115200 May 14 14:30:51 morrison pptpd[2884]: CTRL (PPPD Launcher): local address = 10.0.0.1 May 14 14:30:51 morrison pptpd[2884]: CTRL (PPPD Launcher): remote address = 10.0.0.129 May 14 14:30:51 morrison pppd[2884]: pppd 2.4.2b1 started by root, uid 0 May 14 14:30:51 morrison pppd[2884]: using channel 35 May 14 14:30:51 morrison pppd[2884]: Using interface ppp1 May 14 14:30:51 morrison pppd[2884]: Connect: ppp1 <--> /dev/pts/6 May 14 14:30:51 morrison pppd[2884]: sent [LCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: sent [LCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [LCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: sent [LCP ConfAck id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [LCP ConfAck id=0x1 ] May 14 14:30:54 morrison pppd[2884]: sent [CHAP Challenge id=0x1 , name = "morrison"] May 14 14:30:54 morrison pppd[2884]: rcvd [CHAP Response id=0x1 , name = "workgroup\\alex"] May 14 14:30:54 morrison pppd[2884]: sent [CHAP Success id=0x1 "Welcome to morrison.itspace."] May 14 14:30:54 morrison pppd[2884]: sent [IPCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: Disabling 40-bit MPPE; MS-CHAP LM not supported May 14 14:30:54 morrison pppd[2884]: Disabling 40-bit MPPE; MS-CHAP LM not supported May 14 14:30:54 morrison pppd[2884]: sent [CCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: CHAP peer authentication succeeded for workgroup\\alex May 14 14:30:54 morrison pppd[2884]: rcvd [IPCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: sent [IPCP ConfNak id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [CCP ConfReq id=0x1 ] May 14 14:30:54 morrison pppd[2884]: sent [CCP ConfNak id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [IPCP ConfAck id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [CCP ConfAck id=0x1 ] May 14 14:30:54 morrison pppd[2884]: rcvd [IPCP ConfReq id=0x2 ] May 14 14:30:54 morrison pppd[2884]: sent [IPCP ConfAck id=0x2 ] May 14 14:30:54 morrison pppd[2884]: Cannot determine ethernet address for proxy ARP May 14 14:30:54 morrison pppd[2884]: local IP address 10.0.0.1 May 14 14:30:54 morrison pppd[2884]: remote IP address 10.0.0.129 May 14 14:30:54 morrison pppd[2884]: Script /etc/ppp/ip-up started (pid 2893) May 14 14:30:54 morrison pppd[2884]: rcvd [CCP ConfReq id=0x2 ] May 14 14:30:54 morrison pppd[2884]: sent [CCP ConfAck id=0x2 ] May 14 14:30:54 morrison pppd[2884]: MPPE 128-bit stateless compression enabled May 14 14:30:57 morrison pppd[2884]: Script /etc/ppp/ip-up finished (pid 2893), status = 0x0 May 14 14:32:14 morrison pppd[2884]: rcvd [LCP TermReq id=0x2] May 14 14:32:14 morrison pppd[2884]: LCP terminated by peer May 14 14:32:14 morrison pppd[2884]: Script /etc/ppp/ip-down started (pid 2908) May 14 14:32:14 morrison pppd[2884]: sent [LCP TermAck id=0x2] May 14 14:32:14 morrison pppd[2884]: Script /etc/ppp/ip-down finished (pid 2908), status = 0x0 May 14 14:32:14 morrison pppd[2884]: Modem hangup May 14 14:32:14 morrison pppd[2884]: Connection terminated. May 14 14:32:14 morrison pppd[2884]: Connect time 1.4 minutes. May 14 14:32:14 morrison pppd[2884]: Sent 4952 bytes, received 969 bytes. May 14 14:32:14 morrison pppd[2884]: Connect time 1.4 minutes. May 14 14:32:14 morrison pppd[2884]: Sent 4952 bytes, received 969 bytes. May 14 14:32:14 morrison pppd[2884]: Exit. From wylie at datamaersk.com Mon May 13 21:54:52 2002 From: wylie at datamaersk.com (Wylie Swanson) Date: Mon, 13 May 2002 19:54:52 -0700 Subject: [pptp-server] GRE: Bad checksum from pppd ? In-Reply-To: <20020514015509.GC2241@morrison.king.net.nz> Message-ID: <000301c1faf2$b9170dd0$0400a8c0@core.datamaersk.net> Client is Windows XP Professional I gave disabling chapms-v2 a shot -- I don't think auth is the problem. This was the only thing that looked possibly different in the debug: May 13 19:47:43 atry2 pptpd[1801]: GRE: read error: Bad file descriptor Here's the output with chapms-v2 disabled: May 13 19:47:29 atry2 pptpd[1800]: MGR: Manager process started May 13 19:47:38 atry2 pptpd[1801]: MGR: Launching /usr/local/sbin/pptpctrl to handle client May 13 19:47:38 atry2 pptpd[1801]: CTRL: local address = 192.168.0.15 May 13 19:47:38 atry2 pptpd[1801]: CTRL: remote address = 192.168.0.224 May 13 19:47:38 atry2 pptpd[1801]: CTRL: pppd options file = /etc/ppp/options.pptp May 13 19:47:38 atry2 pptpd[1801]: CTRL: Client 192.168.0.4 control connection started May 13 19:47:38 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 1) May 13 19:47:38 atry2 pptpd[1801]: CTRL: Made a START CTRL CONN RPLY packet May 13 19:47:38 atry2 pptpd[1801]: CTRL: I wrote 156 bytes to the client. May 13 19:47:38 atry2 pptpd[1801]: CTRL: Sent packet to client May 13 19:47:38 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 7) May 13 19:47:38 atry2 pptpd[1801]: CTRL: 0 min_bps, 1525 max_bps, 32 window size May 13 19:47:38 atry2 pptpd[1801]: CTRL: Made a OUT CALL RPLY packet May 13 19:47:38 atry2 pptpd[1801]: CTRL: Starting call (launching pppd, opening GRE) May 13 19:47:38 atry2 pptpd[1801]: CTRL: pty_fd = 5 May 13 19:47:38 atry2 pptpd[1801]: CTRL: tty_fd = 6 May 13 19:47:38 atry2 pptpd[1802]: CTRL (PPPD Launcher): Connection speed = 115200 May 13 19:47:38 atry2 pptpd[1801]: CTRL: I wrote 32 bytes to the client. May 13 19:47:38 atry2 pptpd[1802]: CTRL (PPPD Launcher): local address = 192.168.0.15 May 13 19:47:38 atry2 pptpd[1801]: CTRL: Sent packet to client May 13 19:47:38 atry2 pptpd[1802]: CTRL (PPPD Launcher): remote address = 192.168.0.224 May 13 19:47:38 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 15) May 13 19:47:38 atry2 pptpd[1801]: CTRL: Got a SET LINK INFO packet with standard ACCMs May 13 19:47:38 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 15) May 13 19:47:38 atry2 pptpd[1801]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! May 13 19:47:40 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 15) May 13 19:47:40 atry2 pptpd[1801]: CTRL: Got a SET LINK INFO packet with standard ACCMs May 13 19:47:43 atry2 pptpd[1801]: CTRL: Received PPTP Control Message (type: 12) May 13 19:47:43 atry2 pptpd[1801]: CTRL: Made a CALL DISCONNECT RPLY packet May 13 19:47:43 atry2 pptpd[1801]: CTRL: Received CALL CLR request (closing call) May 13 19:47:43 atry2 pptpd[1801]: CTRL: I wrote 148 bytes to the client. May 13 19:47:43 atry2 pptpd[1801]: CTRL: Sent packet to client May 13 19:47:43 atry2 pptpd[1801]: GRE: read error: Bad file descriptor May 13 19:47:43 atry2 pptpd[1801]: CTRL: PTY read or GRE write failed (pty,gre)=(-1,-1) May 13 19:47:43 atry2 pptpd[1801]: CTRL: Client 192.168.0.4 control connection finished May 13 19:47:43 atry2 pptpd[1801]: CTRL: Exiting now May 13 19:47:43 atry2 pptpd[1800]: MGR: Reaped child 1801 -----Original Message----- From: Alex King [mailto:alex at king.net.nz] On Behalf Of Alex King Sent: Monday, May 13, 2002 6:55 PM To: Wylie Swanson Subject: Re: [pptp-server] GRE: Bad checksum from pppd ? On Mon, May 13, 2002 at 06:14:32PM -0700, Wylie Swanson wrote: > I am not sure what is causing this problem or if "GRE: Bad checksum > from pppd" is the terminating error. This is running on a 2.4.18 > patched kernel with mppe and mschap2 and PoPToP. Authentication > appears to be working, but the connection is lost immediately after > successful authentication. > .... What client is this? What does the ppp debug look like? (you only have pptp output listed) If you read my posts, I had similar symptoms, the client disconnects after an apparantly successfull authentication. In my case, disabling chapms-v2 fixed my problems. I suggest you give it a try with that disabled on the server and see what you get. Alex > > /etc/ppp/options.pptp: > #debug > lock > auth > +chap > +chapms > +chapms-v2 > mppe-40 > mppe-128 > mppe-stateless > > > TIA > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From alex at morrison.king.net.nz Mon May 13 22:00:41 2002 From: alex at morrison.king.net.nz (Alex King) Date: Tue, 14 May 2002 15:00:41 +1200 Subject: [pptp-server] Another thing: compression In-Reply-To: <20020514023615.GD2241@morrison.king.net.nz> References: <20020514023615.GD2241@morrison.king.net.nz> Message-ID: <20020514030041.GA2945@morrison.king.net.nz> If I tick "Enable software compression" in the client setup, the mppe negotiation and the connection will fail. (Unless both client and server do not require mppe.) Alex From james.cameron at hp.com Mon May 13 23:38:13 2002 From: james.cameron at hp.com (James Cameron) Date: 14 May 2002 14:38:13 +1000 Subject: [pptp-server] Another thing: compression In-Reply-To: <20020514030041.GA2945@morrison.king.net.nz> References: <20020514023615.GD2241@morrison.king.net.nz> <20020514030041.GA2945@morrison.king.net.nz> Message-ID: <1021351100.4295.22.camel@jander> On Tue, 2002-05-14 at 13:00, Alex King wrote: > If I tick "Enable software compression" in the client setup, the mppe > negotiation and the connection will fail. (Unless both client and server > do not require mppe.) This rings a bell. Doesn't that require MPPC, and isn't MPPC unavailable to us? I'm mainly on the PPTP Client side of things, and here is what we have on this; http://pptpclient.sourceforge.net/howto-diagnosis.phtml#mppc -- James Cameron (james.cameron at hp.com) http://quozl.linux.org.au/ (or) http://quozl.netrek.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 232 bytes Desc: This is a digitally signed message part URL: From wylie at datamaersk.com Mon May 13 23:42:26 2002 From: wylie at datamaersk.com (Wylie Swanson) Date: Mon, 13 May 2002 21:42:26 -0700 Subject: [pptp-server] RE: GRE: Bad checksum from pppd? In-Reply-To: Message-ID: <003001c1fb01$c03607b0$0400a8c0@core.datamaersk.net> Hmmm. I'm actually testing in this environment: [ xp client 192.168.0.5 ] ---> [ poptop server 192.168.0.120 ] --> [ nat fw/gw 192.168.0.1 ] --> [ internet ] [ internal dhcp ] --> The block I am allocating addresses for PoPToP is also in the 192.168.0 network, and are available. The plan is to move this to production, ending up with [ nat fw/gw/vpn 192.168.0.1 ] --> [ internet ] <-- ['road warrior' Windows XP Professional native client] It clicked in the back of my mind that creating the tunnel from the 192.168.0/24 to the 192.168.0/24 in the lab might be causing a problem for GRE? Thoughts? Best regards, Wylie -----Original Message----- From: kluivert at dodobirdy.netcraft.com.my [mailto:kluivert at dodobirdy.netcraft.com.my] On Behalf Of Julian Gomez Sent: Monday, May 13, 2002 9:36 PM To: wylie at datamaersk.com Subject: Re: GRE: Bad checksum from pppd? On Mon, 13 May 2002 wylie-netfilter at datamaersk.net wrote: > I am not sure what is causing this problem or if "GRE: Bad checksum > from pppd" is the terminating error. This is running on a 2.4.18 > patched kernel with mppe and mschap2 and PoPToP. Authentication > appears to be working, but the connection is lost immediately after > successful authentication. I have it got iptables/ipchains working with poptop. There is a problem when you have two poptops trying to authenticate from behind one nat machine to another server like the diagram below. [ client a ] --+ [ client b ] ----> [ nat gw ] --> [ external poptop server ] You need to patch accordingly with the pptp conntracking patch but I never got that bit working also even with the patch. > May 13 17:10:22 myserver pptpd[1658]: CTRL: GRE read or PTY write > failed > (gre,pty)=(6,5) Used to get hit by this one all the time and it used to be a configuration side problem for me. But I can't see where you are going wrong at your end and I don't have a spare machine to diff the configuration files with. Try switching on debugging and see what else it reaps. From wylie at datamaersk.com Mon May 13 23:50:35 2002 From: wylie at datamaersk.com (Wylie Swanson) Date: Mon, 13 May 2002 21:50:35 -0700 Subject: [pptp-server] Another thing: compression In-Reply-To: <1021351100.4295.22.camel@jander> Message-ID: <003101c1fb02$e2c8a070$0400a8c0@core.datamaersk.net> Yep. Module Size Used by ppp_mppe 10480 0 (autoclean) (unused) SSLeay is not needed for the pppd 2.4.1 patches because the rc4 implementation is in the mppe kernel module, ignore the filenames below -- pay attention to the content. :) http://samba.org/ftp/ppp/ppp-2.4.1.tar.gz is the pppd source you will have to patch. http://planetmirror.com/pub/mppe/ppp-2.4.1-openssl-0.9.6-mppe-patch.gz adds the mppe support into pppd. http://planetmirror.com/pub/mppe/ppp-2.4.1-MSCHAPv2-fix.patch.gz fixes a MSCHAPv2 issue. http://planetmirror.com/pub/mppe/linux-2.4.16-openssl-0.9.6b-mppe.patch. gz is the linux kernel patch you will need. This patches against 2.4.18 and 0.9.6d. After decompressing ppp somewhere (like /usr/local/src) gzip -d -c ppp-2.4.1-openssl-0.9.6-mppe-patch.gz | patch -p0 gzip -d -c ppp-2.4.1-MSCHAPv2-fix.patch.gz | patch -p0 cd ppp-2.4.1 ; ./configure ; make ; make install [Assuming files are in /usr/local/src] Cd /usr/src/linux gzip -d -c /usr/local/src/linux-2.4.16-openssl-0.9.6b-mppe.patch.gz | patch -p1 make modules SUBDIRS=drivers/net make modules_install Hope this helps, Wylie -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org] On Behalf Of James Cameron Sent: Monday, May 13, 2002 9:38 PM To: Alex King Cc: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Another thing: compression On Tue, 2002-05-14 at 13:00, Alex King wrote: > If I tick "Enable software compression" in the client setup, the mppe > negotiation and the connection will fail. (Unless both client and > server do not require mppe.) This rings a bell. Doesn't that require MPPC, and isn't MPPC unavailable to us? I'm mainly on the PPTP Client side of things, and here is what we have on this; http://pptpclient.sourceforge.net/howto-diagnosis.phtml#mppc -- James Cameron (james.cameron at hp.com) http://quozl.linux.org.au/ (or) http://quozl.netrek.org/ From kenny at muspellsheim.net Tue May 14 10:58:03 2002 From: kenny at muspellsheim.net (Kenny Austin) Date: Tue, 14 May 2002 10:58:03 -0500 Subject: [pptp-server] Continuing adventures with cvs pppd In-Reply-To: <20020514023615.GD2241@morrison.king.net.nz> Message-ID: Have you tried the require-mppe patch for ppp? I think that this is what you are trying to do. The patch can be found at: ftp://ftp.shorewall.net/pub/shorewall/misc/require-mppe.diff, although it was created for ppp-2.3.11, I can verify that it works with ppp-2.4.1b2 (I cannot remember if I had to manually apply any of it). Then you can add require-mppe require-mppe-stateless to your ppp options file. I hope this is what you need. Kenny Austin kenny at muspellsheim.net -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Alex King Sent: Monday, May 13, 2002 9:36 PM To: pptp-server at lists.schulte.org Subject: [pptp-server] Continuing adventures with cvs pppd OK, I can now get a mschap (v1) and mppe-128 connection between my Win95/DUN1.4 client and my poptop/cvs pppd server. However, the worry is (appart from chap-v2 not working) that mppe encryption is not being enforced. Here are my pppd options for pptpd: auth require-mschap require-mppe-128 require-mppe ms-dns 10.0.0.1 ms-wins 10.0.0.1 netmask 255.255.255.0 nodefaultroute proxyarp lock kdebug 7 With "Require encrypted passowrd" and "Require data encryption" not set on the client, although the server sends CCP requests for MPPE, these are not answered by the client, and the connection continues unencrypted. When "Require encrypted passowrd" and "Require data encryption" are set in the client, MPPE encryption is properly negoiated, and used. I would rather have pppd close the connection if the required encryption is not abvailable...... Alex From mikes at hartwellcorp.com Tue May 14 11:08:13 2002 From: mikes at hartwellcorp.com (Michael St. Laurent) Date: Tue, 14 May 2002 09:08:13 -0700 Subject: [pptp-server] GRE: Bad checksum from pppd ? Message-ID: <91A5926EFF44D3118B1200104B7276EB010853A2@hart-exchange.hartwellcorp.com> What version of ppp are you using? -- Michael St. Laurent Hartwell Corporation > -----Original Message----- > From: Wylie Swanson [mailto:wylie at datamaersk.com] > Sent: Monday, May 13, 2002 6:15 PM > To: pptp-server at lists.schulte.org > Subject: [pptp-server] GRE: Bad checksum from pppd ? > > > I am not sure what is causing this problem or if "GRE: Bad > checksum from > pppd" is the terminating error. This is running on a 2.4.18 patched > kernel with mppe and mschap2 and PoPToP. Authentication appears to be > working, but the connection is lost immediately after successful > authentication. [snip] From bao at gibbons.com Tue May 14 18:23:55 2002 From: bao at gibbons.com (bao) Date: Tue, 14 May 2002 16:23:55 -0700 Subject: [pptp-server] OT kernel hangs Message-ID: <3CE19C8B.A99851D2@gibbons.com> hi list, I know it's not appropriate to ask questions about kernel here, but I can't find the newsgroup for kernel. We have two Linux machines: RH 7.1 (2.4.2-2) and 7.2 (2.4.7-10). However, they would sometimes go blank, allowing no login, even at the terminal, and offering no services to their client machines. The only way to get them out of that is reboot. There is no trace at all in the log file. Has anyone encountered this problem..?? Thanks, From fcusack at fcusack.com Wed May 15 05:21:08 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Wed, 15 May 2002 03:21:08 -0700 Subject: [pptp-server] GRE: Bad checksum from pppd ? In-Reply-To: <001d01c1fae4$b42314d0$0400a8c0@core.datamaersk.net>; from wylie@datamaersk.com on Mon, May 13, 2002 at 06:14:32PM -0700 References: <001d01c1fae4$b42314d0$0400a8c0@core.datamaersk.net> Message-ID: <20020515032108.H27081@google.com> On Mon, May 13, 2002 at 06:14:32PM -0700, Wylie Swanson wrote: > I am not sure what is causing this problem or if "GRE: Bad checksum from > pppd" is the terminating error. This is running on a 2.4.18 patched > kernel with mppe and mschap2 and PoPToP. Authentication appears to be > working, but the connection is lost immediately after successful > authentication. Try 'logfile /dev/null' in your options.pptp. Then you'll see the error is something else and you'll need to add 'debug' to find out what. pppd writes some log stuff to stdout before LCP comes up which causes the 'bad checksum' (ignored by pptpd, but gives you a spurious error). /fc From fcusack at fcusack.com Wed May 15 05:24:20 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Wed, 15 May 2002 03:24:20 -0700 Subject: [pptp-server] poptop, mppe, and ppp cvs In-Reply-To: <20020514014919.GB2241@morrison.king.net.nz>; from alex@morrison.king.net.nz on Tue, May 14, 2002 at 01:49:19PM +1200 References: <20020508085915.GA8251@morrison.king.net.nz> <20020509031620.A11051@google.com> <20020514014919.GB2241@morrison.king.net.nz> Message-ID: <20020515032420.I27081@google.com> On Tue, May 14, 2002 at 01:49:19PM +1200, Alex King wrote: > > I've got it working with a win2k client. I am currently aware of win98 > > problems which I am working on, related to mschap (v1). > > > > The ProtRej is worrisome. This is a long shot, but try setting 'novj' > > and 'nodeflate' in your ppp options. You might also try 'asyncmap a0000'. > > It does appear that win95 doesn't like your IPCP offering, but normally > > it should send you an IPCP ConfNak. But it might be broken. > > > > For the record: setting novj and nodeflate options did not help this > problem. Nor did 'asyncmap a0000'. With noccp, no ProtRej packet comes > through, but the TermReq still comes through, despite an apparantly > successfull MSCHAPv2 login (from the server's perspective), and even if > the client is not set up to "Require encrypted passowrd" or to "Require > data encryption" > > The only thing that does fix it is to disable the "require-mschap-v2" > option on the server. With just "require-mschap" on the server, the > Win95 client can successfully connect (and use MPPE) Not with 'noccp'. MPPE is negotiated within CCP. I have a lot of data on this problem and think I have it down to 2 possible problems which I won't be able to look at until this weekend. Are you able to provide more debug data if needed? /fc From fcusack at fcusack.com Wed May 15 05:25:21 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Wed, 15 May 2002 03:25:21 -0700 Subject: [pptp-server] Continuing adventures with cvs pppd In-Reply-To: <20020514023615.GD2241@morrison.king.net.nz>; from alex@morrison.king.net.nz on Tue, May 14, 2002 at 02:36:15PM +1200 References: <20020514023615.GD2241@morrison.king.net.nz> Message-ID: <20020515032521.J27081@google.com> On Tue, May 14, 2002 at 02:36:15PM +1200, Alex King wrote: > However, the worry is (appart from chap-v2 not working) that mppe > encryption is not being enforced. > With "Require encrypted passowrd" and "Require data encryption" not set > on the client, although the server sends CCP requests for MPPE, these > are not answered by the client, and the connection continues > unencrypted. Yup, I know about this problem also and have a fix I'm working on. I agree, this is a really bad one. /fc From fcusack at fcusack.com Wed May 15 05:41:51 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Wed, 15 May 2002 03:41:51 -0700 Subject: [pptp-server] Another thing: compression In-Reply-To: <1021351100.4295.22.camel@jander>; from james.cameron@hp.com on Tue, May 14, 2002 at 02:38:13PM +1000 References: <20020514023615.GD2241@morrison.king.net.nz> <20020514030041.GA2945@morrison.king.net.nz> <1021351100.4295.22.camel@jander> Message-ID: <20020515034151.K27081@google.com> On Tue, May 14, 2002 at 02:38:13PM +1000, James Cameron wrote: > On Tue, 2002-05-14 at 13:00, Alex King wrote: > > If I tick "Enable software compression" in the client setup, the mppe > > negotiation and the connection will fail. (Unless both client and server > > do not require mppe.) > > This rings a bell. Doesn't that require MPPC, and isn't MPPC > unavailable to us? Right, it's not available, but I would expect 'enable' doesn't mean 'require'. > I'm mainly on the PPTP Client side of things, and > here is what we have on this; > > http://pptpclient.sourceforge.net/howto-diagnosis.phtml#mppc Very interesting... /fc From floydianfan at hotmail.com Wed May 15 08:52:26 2002 From: floydianfan at hotmail.com (Denilson Amaral Zimmermann) Date: Wed, 15 May 2002 13:52:26 +0000 Subject: [pptp-server] Couldn't start pptpd Message-ID: Im using FreeBSD 4.5 and MPD 3.7 with PoPToP 1.0.0 and i had this problem recently : createHostSocket: Can't assign requested address pptpd[526]: MGR: Couldn't create host socket pptpd[526]: MGR: Couldn't create host socket Thanks for while and hugs for all Denilson A. Zimmermann UNIJUI - RS - Brasil _________________________________________________________________ Una-se ao maior servi?o de email do mundo: o MSN Hotmail. http://www.hotmail.com From terry at strictlybusinesssystems.net Wed May 15 11:58:31 2002 From: terry at strictlybusinesssystems.net (Terry Orgill) Date: Wed, 15 May 2002 09:58:31 -0700 Subject: [pptp-server] Printing with samba Message-ID: <002001c1fc31$be192300$2101a8c0@customrollforming.com> I have my pptp server up and running with a range of IPs so multiple users can connect. I am printing from a linux application to windows printers attached to the client machines. The problem is, samba can't see the shares on the clients unless I specify an IP (i.e. smbclient -L -I ). IPs are assigned in the order the users connect, so half the time the printers will not work. How can I either tweak pptp or samba to see the clients without the IPs? -------------- next part -------------- An HTML attachment was scrubbed... URL: From berzerke at swbell.net Wed May 15 15:31:45 2002 From: berzerke at swbell.net (robert) Date: Wed, 15 May 2002 15:31:45 -0500 Subject: [pptp-server] Couldn't start pptpd In-Reply-To: References: Message-ID: <0GW6006BI661SK@mta4.rcsntx.swbell.net> On Wednesday 15 May 2002 08:52 am, Denilson Amaral Zimmermann wrote: > Im using FreeBSD 4.5 and MPD 3.7 with PoPToP 1.0.0 and i had this problem > recently : > > createHostSocket: Can't assign requested address > pptpd[526]: MGR: Couldn't create host socket > pptpd[526]: MGR: Couldn't create host socket > > Thanks for while and hugs for all > > > > Denilson A. Zimmermann > UNIJUI - RS - Brasil This usually means that you've assigned a localip address that's already in use. From luismi at adpsoft.com Wed May 15 16:23:44 2002 From: luismi at adpsoft.com (LuisMi) Date: Wed, 15 May 2002 23:23:44 +0200 (CEST) Subject: [pptp-server] Routing problem, more or less urgent. Thanks. Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Maybe this problem is on the documentation but I didn' see it. I have pptp running in my linux box without problems. The client is a W2K, when this client connects to my linux server using PPTP it changes its route table and add a entry where the default gateway is my linux!!! I don't want that. How can I resolve that? Thanks - -- Luis Miguel Cruz. PGP KEY: 0x3AC52657 | [ADPSOFT] http://www.adpsoft.com | "Connecting your business" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzi0eQACgkQvQHLTzrFJlfNNwCfQ+e8Cawsrr+lgQzDJr4LUCtg 5Y0An2arNjkO0CjlfQY0gJVBiSi7iqd2 =CoFu -----END PGP SIGNATURE----- From neale at lowendale.com.au Wed May 15 17:36:19 2002 From: neale at lowendale.com.au (Neale Banks) Date: Thu, 16 May 2002 08:36:19 +1000 (EST) Subject: [pptp-server] Routing problem, more or less urgent. Thanks. In-Reply-To: Message-ID: On Wed, 15 May 2002, LuisMi wrote: > Maybe this problem is on the documentation but I didn' see it. > > I have pptp running in my linux box without problems. > The client is a W2K, when this client connects to my linux server using > PPTP it changes its route table and add a entry where the default gateway > is my linux!!! I don't want that. > > How can I resolve that? In the W2K box's PPTP connectoid, look under IP setttings (possibly advanced settings, I don't know exactly where) for something like "use default gateway on remote network" - uncheck this, and hopefully all will be well. HTH, Neale. From alex at morrison.king.net.nz Wed May 15 17:13:53 2002 From: alex at morrison.king.net.nz (Alex King) Date: Thu, 16 May 2002 10:13:53 +1200 Subject: [pptp-server] poptop, mppe, and ppp cvs In-Reply-To: <20020515032420.I27081@google.com> References: <20020508085915.GA8251@morrison.king.net.nz> <20020509031620.A11051@google.com> <20020514014919.GB2241@morrison.king.net.nz> <20020515032420.I27081@google.com> Message-ID: <20020515221353.GA9969@morrison.king.net.nz> On Wed, May 15, 2002 at 03:24:20AM -0700, Frank Cusack wrote: > On Tue, May 14, 2002 at 01:49:19PM +1200, Alex King wrote: > > > I've got it working with a win2k client. I am currently aware of win98 > > > problems which I am working on, related to mschap (v1). > > > > > > The ProtRej is worrisome. This is a long shot, but try setting 'novj' > > > and 'nodeflate' in your ppp options. You might also try 'asyncmap a0000'. > > > It does appear that win95 doesn't like your IPCP offering, but normally > > > it should send you an IPCP ConfNak. But it might be broken. > > > > > > > For the record: setting novj and nodeflate options did not help this > > problem. Nor did 'asyncmap a0000'. With noccp, no ProtRej packet comes > > through, but the TermReq still comes through, despite an apparantly > > successfull MSCHAPv2 login (from the server's perspective), and even if > > the client is not set up to "Require encrypted passowrd" or to "Require > > data encryption" > > > > The only thing that does fix it is to disable the "require-mschap-v2" > > option on the server. With just "require-mschap" on the server, the > > Win95 client can successfully connect (and use MPPE) > > Not with 'noccp'. MPPE is negotiated within CCP. I have a lot of data Yeah, that's right, mppe doesn't work with noccp. I took out all the asyncmap, novj, nodeflate and noccp options when I got it working without MSCHAPv2. > on this problem and think I have it down to 2 possible problems which > I won't be able to look at until this weekend. Are you able to provide > more debug data if needed? > Yep, no problem, just fire me an email and I can test stuff on my setup here. I did wonder about setting up an MS server and doing packet capture of the interaction and comparing it with the linux setup. However I'm not sure what MS products would have a server. Also, the easy way out is just to use MSCHAPv1.... Still it would be nice to have v2 working. Alex > /fc From mcowger at bowdoin.edu Thu May 16 00:12:02 2002 From: mcowger at bowdoin.edu (Matt Cowger) Date: Thu, 16 May 2002 01:12:02 -0400 Subject: [pptp-server] It Works: FreeBSD and PoPToP HOWTO! Message-ID: <3CE33FA2.8060509@bowdoin.edu> Hi... I know I am new to the list, but I noticed that alot of people seem to be having issues with getting PoPToP runnng as a VPN Server for Windows clients. I've gotten it running on FreeBSD 4.6-PRERELEASE, and thought I'd share with the group. 1. The first thing I did was of course cvsup my ports tree. 2. Next, cd to /usr/ports/net/poptop and run make all install clean 3. You will now need to edit a number of files to make this work: ----/usr/local/etc/pptpd.conf------- speed 115200 option /etc/ppp/options localip xxx.xxx.xxx.xxx remoteip xxx.xxx.xxx.yy-zz pidfile /var/run/pptpd.pid ------------------------------------ You will need to change the local and remote IP's to match your local configuration. LocalIP should be an address in your subnet but not the address of your network interface(s). RemoteIP should be a **range** in your subnet that the PPTP daemon can assign clients for addresses. For example, if you're address on interface ep0 is 192.168.1.1, and your subnet mask is 255.255.255.0, localip should be something like 192.168.1.100 and remote ip should be something like 192.168.1.150-200 (written just like that). The PIDFile entry should be obvious. You will also need to create a /etc/ppp/options file: ---/etc/ppp/options---- auth proxyarp pap chap ---/etc/ppp/options---- Don't worry too much about what these mean, but auth, chap, and proxyarp NEED to be in there (look them up in man ppp for more info. The last file you need is /etc/ppp/ppp.conf ---/etc/ppp/ppp.conf---- loop: set timeout 0 set log phase chat connect lcp ipcp command set device localhost:pptp set dial set login # Server (local) IP address, Range for Clients, and Netmask set ifaddr 192.168.1.100 192.168.1.150-192.168.1.200 255.255.255.255 set server /tmp/loop "" 0177 loop-in: set timeout 0 set log phase lcp ipcp command allow mode direct pptp: load loop enable chap enable pap # Authenticate against /etc/passwd enable passwdauth # The next depends on your routing. Proxy arp is an easy way out enable proxy accept dns # DNS Servers to assign client - replace with your own set dns 1.1.1.1 set device !/etc/ppp/secure ---/etc/ppp/ppp.conf---- The file above basically needs to stay the way it is, but the line containing set ifaddr needs to have the same info as what you set in pptpd.conf. The first argument should be the value of localip, the second should be the same range as remoteip (just in a slightly different format - you gotta spell out the whole range this time) and the last needs to be 255.255.255.255 Now, start up the daemon with: /usr/local/sbin/pptpd -d The remaining setup need to be done on your windows machine. I am assuming you are using Windows XP here, but its pretty much the same as Windows 2000. Go to Start|Settings|Network Connections. Click the new connection wizard. You want to "Connect to the network at my workplace" or something along those lines - whichever one relates to VPNs. Click next. Choose Virtual Private Network Connection. Click Next. In the COmpany Name, type whatever you wish and hot next. The next box will ask you if it should dial your dialup connection before trying to start this one - choose whichever is appropriate and hit next. In the host name, you need to put the IP of your BSD box (the real routable address...dealing with NAT is another issue). The next screen asks who to make this connection for, choose whiever is appropriate. Next. Hit Finish. Phew! Only a little more to go. Windows will now pop up the connection box for this connection. STOP! SLOW DOWN! DONT CONNECT YET. Breathe. Ok, Ready? Hit Properties. Under security, you need to *disable* "Require data encryption" THis is just a tunnel, not a IPSec encrypted connection. Click OK, and for your username and password enter your username and password on the BSD box. Life should be good. Have fun with your new VPN. From mcowger at bowdoin.edu Thu May 16 00:34:27 2002 From: mcowger at bowdoin.edu (Matt Cowger) Date: Thu, 16 May 2002 01:34:27 -0400 Subject: [pptp-server] It Works: FreeBSD and PoPToP HOWTO! References: <3CE33FA2.8060509@bowdoin.edu> <1021526926.20870.1.camel@jander> Message-ID: <3CE344E3.8010203@bowdoin.edu> G'Day to you to, Actually, I wrote my writeup after reading exactly what you describe at http://www.freebsddiary.org/pptp.php It is was inspired me to get poptop working. So yeha, check there. Good work on pptpclient too - I use it very successfully. Cheers, --Matt James Cameron wrote: > G'day Matt, > > Nice work. Have you ever considered trying to get PPTP Client going and > writing it up? That would balance out nicely against your pptpd work, > and would help my project too. > > http://pptpclient.sourceforge.net/ > From james.cameron at hp.com Thu May 16 00:43:15 2002 From: james.cameron at hp.com (James Cameron) Date: 16 May 2002 15:43:15 +1000 Subject: [pptp-server] It Works: FreeBSD and PoPToP HOWTO! In-Reply-To: <3CE344E3.8010203@bowdoin.edu> References: <3CE33FA2.8060509@bowdoin.edu> <1021526926.20870.1.camel@jander> <3CE344E3.8010203@bowdoin.edu> Message-ID: <1021527798.20870.4.camel@jander> On Thu, 2002-05-16 at 15:34, Matt Cowger wrote: > Actually, I wrote my writeup after reading exactly what you describe at > http://www.freebsddiary.org/pptp.php That wasn't me who wrote that. Or are you saying you wrote that? I'm not sure. I'm confused. Anyway, I've included a link to it on the PPTP Client documentation page. Thanks for pointing it out to me. -- James Cameron (james.cameron at hp.com) http://quozl.linux.org.au/ (or) http://quozl.netrek.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 232 bytes Desc: This is a digitally signed message part URL: From Administrator at josims.com Thu May 16 03:36:52 2002 From: Administrator at josims.com (Andrew Lyon) Date: Thu, 16 May 2002 09:36:52 +0100 Subject: [pptp-server] Printing with samba Message-ID: <592F914D209FD942908826DFF2277A2DE79B@COMMSSERVER> WINS, you need WINS -----Original Message----- From: Terry Orgill [mailto:terry at strictlybusinesssystems.net] Sent: 15 May 2002 17:59 To: pptp-server at lists.schulte.org Subject: [pptp-server] Printing with samba I have my pptp server up and running with a range of IPs so multiple users can connect. I am printing from a linux application to windows printers attached to the client machines. The problem is, samba can't see the shares on the clients unless I specify an IP (i.e. smbclient -L -I ). IPs are assigned in the order the users connect, so half the time the printers will not work. How can I either tweak pptp or samba to see the clients without the IPs? The information contained in this e-mail is confidential and is intended for the addressee only. The contents of this e-mail must not be disclosed or copied without the sender's consent. If you are not the intended recipient of the message, please notify the sender immediately, and delete the message. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the company. No commitment may be inferred from the contents unless explicitly stated. The company does not take any responsibility for the personal views of the author. This message has been scanned for viruses before sending, but the company does not accept any responsibility for infection and recommends that you scan any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From drauman at siscom.net Mon May 20 15:35:27 2002 From: drauman at siscom.net (Daniel Auman) Date: Mon, 20 May 2002 16:35:27 -0400 Subject: [pptp-server] LAN clients cannot login?? Message-ID: <000801c2003d$e0516170$03fea8c0@auman> Hi everybody, I'm using poptop v1.1.2 and SAMBA v2.21a on FreeBSD 4.4 release. VPN and LAN clients are WinME. My VPN works great or logging into SAMBA over the LAN works great but, not both at the same time?? Any ideas? I've not included any details, I just wouldn't know what to include. I'd be happy to provide any needed details. Thanks in advance for any assistance. Dan Auman -------------- next part -------------- An HTML attachment was scrubbed... URL: From bao at gibbons.com Tue May 21 13:54:59 2002 From: bao at gibbons.com (bao) Date: Tue, 21 May 2002 11:54:59 -0700 Subject: [pptp-server] routing question Message-ID: <3CEA9803.C6E2AE3B@gibbons.com> I'm able to get the client (Win2k, win98) to connect to the linux poptop, and it does get assigned an IP. However, the routing table for both the client and the server are all messed up. I am confused of how they should be. Does anyone have an example of how the routing tables should look like on the client and also on the server?? I have a router serving as the gateway for the whole network. The remote range IPs is .85-.87 The poptop server has .62, the router (gateway) has .61 What should the gateway for the client be ?? the router or the poptop server?? Sometimes the client gets the assigned IP (.85) as its gateway, sometimes .87 Thanks everyone From igor.maciel at mailbr.com.br Tue May 21 15:16:36 2002 From: igor.maciel at mailbr.com.br (Igor Maciel Macaubas) Date: Tue, 21 May 2002 17:16:36 -0300 Subject: [pptp-server] MSCHAP Authentication - MPPE encryption Message-ID: <002b01c20104$6e468ed0$01fea8c0@igor> Hi All, I have a VPN server with: - pptpd 1.0.1 - pppd 2.4.1 - kernel 2.2.20 And I would like now to implement mschap/mschap-v2 authentication and mppe/mppe128 encryption. Anyone here has a HOW-TO, a link to the patchs, anything to help me? Regards, Igor -- igor.maciel at mailbr.com.br -------------- next part -------------- An HTML attachment was scrubbed... URL: From fcusack at fcusack.com Tue May 21 16:09:13 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Tue, 21 May 2002 14:09:13 -0700 Subject: [pptp-server] MSCHAP Authentication - MPPE encryption In-Reply-To: <002b01c20104$6e468ed0$01fea8c0@igor>; from igor.maciel@mailbr.com.br on Tue, May 21, 2002 at 05:16:36PM -0300 References: <002b01c20104$6e468ed0$01fea8c0@igor> Message-ID: <20020521140912.C26199@google.com> On Tue, May 21, 2002 at 05:16:36PM -0300, Igor Maciel Macaubas wrote: > Hi All, > I have a VPN server with: > - pptpd 1.0.1 > - pppd 2.4.1 > - kernel 2.2.20 > > And I would like now to implement mschap/mschap-v2 authentication and mppe/mppe128 encryption. > Anyone here has a HOW-TO, a link to the patchs, anything to help me? Lots. www.poptop.org ... follow the documentation link. I'm surprised you found this mailing list without also finding the web page. /fc From neale at lowendale.com.au Tue May 21 17:32:56 2002 From: neale at lowendale.com.au (Neale Banks) Date: Wed, 22 May 2002 08:32:56 +1000 (EST) Subject: [pptp-server] MSCHAP Authentication - MPPE encryption In-Reply-To: <20020521140912.C26199@google.com> Message-ID: On Tue, 21 May 2002, Frank Cusack wrote: > On Tue, May 21, 2002 at 05:16:36PM -0300, Igor Maciel Macaubas wrote: > > Hi All, > > I have a VPN server with: > > - pptpd 1.0.1 > > - pppd 2.4.1 > > - kernel 2.2.20 > > > > And I would like now to implement mschap/mschap-v2 authentication and mppe/mppe128 encryption. > > Anyone here has a HOW-TO, a link to the patchs, anything to help me? > > Lots. www.poptop.org ... follow the documentation link. I'm surprised > you found this mailing list without also finding the web page. Also, it'd help if you told us what distro (and version thereof) you're using. Neale. From igor.maciel at mailbr.com.br Wed May 22 08:22:39 2002 From: igor.maciel at mailbr.com.br (Igor Maciel Macaubas) Date: Wed, 22 May 2002 10:22:39 -0300 Subject: [pptp-server] MSCHAP Authentication - MPPE encryption References: Message-ID: <00b601c20197$39cd4ac0$01fea8c0@igor> Hi, I'm running this server in a RedHat 6.2 box. Regards, Igor -- igor.maciel at mailbr.com.br > > Also, it'd help if you told us what distro (and version thereof) you're > using. > > Neale. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From cscott at smartmoney.com Wed May 22 14:08:47 2002 From: cscott at smartmoney.com (Cintra Scott) Date: Wed, 22 May 2002 15:08:47 -0400 Subject: [pptp-server] Out of Office AutoReply: Language Message-ID: <2364F39D683AD511B91E00508BD9162502E20BC8@ny01ex01.ny02.clubsmartmoney.com> I will be out of the office until Tuesday, May 28. From phil at beyer.family-site.org Wed May 22 15:27:19 2002 From: phil at beyer.family-site.org (Philip J Beyer) Date: Wed, 22 May 2002 15:27:19 -0500 Subject: [pptp-server] It Works: FreeBSD and PoPToP HOWTO! In-Reply-To: <3CE33FA2.8060509@bowdoin.edu> Message-ID: i also had trouble setting poptop up for the first time on FreeBSD 4.x ... i'm glad you were able to figure it out and return your findings to the community > You will also need to create a /etc/ppp/options file: this file is not necessary... it is actually a file that "pppd" uses, but not the userland "ppp" that you reference later... on FreeBSD, poptop currently uses "ppp"... i can confirm this because i'm running fine without that options file ;-) > The last file you need is /etc/ppp/ppp.conf > > ---/etc/ppp/ppp.conf---- -- snipped -- > pptp: > load loop > enable chap > enable pap > # Authenticate against /etc/passwd > enable passwdauth > # The next depends on your routing. Proxy arp is an > easy way out > enable proxy > accept dns > # DNS Servers to assign client - replace with your own > set dns 1.1.1.1 > set device !/etc/ppp/secure > ---/etc/ppp/ppp.conf---- an FYI for others who are reading this: you do not have to setup users in /etc/passwd for this to work... you can put your PPTP users in /etc/ppp/ppp.secret and it will work just fine i have a slightly different setup than Matt... in order to force the use of a reasonably secure authentication method and to allow M$ users to encrypt their communications (which is the precise reason i am setting up a poptop vpn in the first place ;-P), my pptp section is as follows: --- /etc/ppp/ppp.conf --- [ all of the rest snipped ] pptp: load loop enable proxy enable dns enable chap81 disable pap disable deflate pred1 deny deflate pred1 set dns 1.1.1.1 set nbns 1.1.1.1 set device !/etc/ppp/secure --- /etc/ppp/ppp.conf --- > Ok, Ready? Hit Properties. Under security, you need to *disable* > "Require data encryption" THis is just a tunnel, not a IPSec > encrypted > connection. Click OK, and for your username and password enter your > username and password on the BSD box. Life should be good. if you decide to use the method outlined above for enabling MS-CHAPv2, a Windows VPN client will negotiate the connection successfully using its defaults (i.e. it will encrypt the data over the wire)... which means you won't have to "disable" anything ;-) good luck all, Phil From bao at gibbons.com Wed May 22 15:31:30 2002 From: bao at gibbons.com (bao) Date: Wed, 22 May 2002 13:31:30 -0700 Subject: [pptp-server] pppd Message-ID: <3CEC0022.B3FC580D@gibbons.com> I'm running RH 7.3 with pptp-1.0.1 and ppp-2.4.1-3 (all newest versions). When I connect in from a win98 client, it fails when it comes to pppd. Here is the log: May 22 12:34:21 barracuda pptpd[13373]: MGR: Manager process started May 22 12:34:34 barracuda pptpd[13376]: MGR: Launching /usr/local/sbin/pptpctrl to handle client May 22 12:34:34 barracuda pptpd[13376]: CTRL: local address = xx.xx.xx.166 May 22 12:34:34 barracuda pptpd[13376]: CTRL: remote address = xx.xx.xx.185 May 22 12:34:34 barracuda pptpd[13376]: CTRL: pppd speed = 115200 May 22 12:34:34 barracuda pptpd[13376]: CTRL: pppd options file = /etc/ppp/pptpd.options May 22 12:34:34 barracuda pptpd[13376]: CTRL: Client 209.247.138.250 control connection started May 22 12:34:34 barracuda pptpd[13376]: CTRL: Received PPTP Control Message (type: 1) May 22 12:34:34 barracuda pptpd[13376]: CTRL: Made a START CTRL CONN RPLY packet May 22 12:34:34 barracuda pptpd[13376]: CTRL: I wrote 156 bytes to the client. May 22 12:34:34 barracuda pptpd[13376]: CTRL: Sent packet to client May 22 12:34:34 barracuda pptpd[13376]: CTRL: Received PPTP Control Message (type: 7) using channel 25 May 22 12:34:34 barracuda pptpd[13376]: CTRL: Set parameters to 0 maxbps, 16 window size Using interface ppp0 May 22 12:34:34 barracuda pptpd[13376]: CTRL: Made a OUT CALL RPLY packet May 22 12:34:34 barracuda pptpd[13376]: CTRL: Starting call (launching pppd, opening GRE) May 22 12:34:34 barracuda pptpd[13376]: CTRL: pty_fd = 4 May 22 12:34:34 barracuda pptpd[13376]: CTRL: tty_fd = 5 Connect: ppp0 <--> /dev/pts/5 sent [LCP ConfReq id=0x1 ] May 22 12:34:34 barracuda pptpd[13376]: CTRL: I wrote 32 bytes to the client. May 22 12:34:34 barracuda pptpd[13376]: CTRL: Sent packet to client May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): Connection speed = 115200 May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): local address = xx.xx.xx.166 May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): remote address = xx.xx.xx.185 May 22 12:34:34 barracuda pppd[13377]: pppd 2.4.1 started by root, uid 0 May 22 12:34:34 barracuda pppd[13377]: using channel 25 May 22 12:34:34 barracuda pppd[13377]: Using interface ppp0 May 22 12:34:34 barracuda pppd[13377]: Connect: ppp0 <--> /dev/pts/5 May 22 12:34:34 barracuda pppd[13377]: sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] sent [LCP ConfReq id=0x1 ] LCP: timeout sending Config-Requests Connection terminated. May 22 12:35:01 barracuda last message repeated 9 times May 22 12:35:04 barracuda pppd[13377]: LCP: timeout sending Config-Requests May 22 12:35:04 barracuda pppd[13377]: Connection terminated. May 22 12:35:04 barracuda pppd[13377]: Exit. May 22 12:35:04 barracuda pptpd[13376]: GRE: read(fd=4,buffer=804daa0,len=8196) from PTY failed: status = -1 error = Input/output error May 22 12:35:04 barracuda pptpd[13376]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5) May 22 12:35:04 barracuda pptpd[13376]: CTRL: Client 209.247.138.250 control connection finished May 22 12:35:04 barracuda pptpd[13376]: CTRL: Exiting now May 22 12:35:04 barracuda pptpd[13373]: MGR: Reaped child 13376 Using packet sniffer, I see that the linux server sends out lots of LCP Config Requests, the clients keeps sending back Encapsulated PPP (GRE). It seems like they can't communicate with each other. Please give me any comments b/c without ppp working, i won't get pptp and dialup to work. Thanks From bao at gibbons.com Wed May 22 17:06:10 2002 From: bao at gibbons.com (bao) Date: Wed, 22 May 2002 15:06:10 -0700 Subject: [pptp-server] pppd References: <3CEC0022.B3FC580D@gibbons.com> Message-ID: <3CEC1652.32305FD4@gibbons.com> I had enabled all the protocols needed by pptp such as TCP 1723, GRE 47 on the firewall, but it didn't work. Now i'm taking the firewall off, and pptp works. What are the other rules (protocols, ports) that I have to enable on the firewall ?? Thanks, bao wrote: > I'm running RH 7.3 with pptp-1.0.1 and ppp-2.4.1-3 (all newest > versions). > When I connect in from a win98 client, it fails when it comes to pppd. > > Here is the log: > > May 22 12:34:21 barracuda pptpd[13373]: MGR: Manager process started > May 22 12:34:34 barracuda pptpd[13376]: MGR: Launching > /usr/local/sbin/pptpctrl to handle client > May 22 12:34:34 barracuda pptpd[13376]: CTRL: local address = > xx.xx.xx.166 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: remote address = > xx.xx.xx.185 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: pppd speed = 115200 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: pppd options file = > /etc/ppp/pptpd.options > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Client 209.247.138.250 > control connection started > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Received PPTP Control > Message (type: 1) > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Made a START CTRL CONN > RPLY packet > May 22 12:34:34 barracuda pptpd[13376]: CTRL: I wrote 156 bytes to the > client. > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Sent packet to client > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Received PPTP Control > Message (type: 7) > using channel 25 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Set parameters to 0 > maxbps, 16 window size > Using interface ppp0 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Made a OUT CALL RPLY > packet > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Starting call (launching > pppd, opening GRE) > May 22 12:34:34 barracuda pptpd[13376]: CTRL: pty_fd = 4 > May 22 12:34:34 barracuda pptpd[13376]: CTRL: tty_fd = 5 > Connect: ppp0 <--> /dev/pts/5 > sent [LCP ConfReq id=0x1 > ] > May 22 12:34:34 barracuda pptpd[13376]: CTRL: I wrote 32 bytes to the > client. > May 22 12:34:34 barracuda pptpd[13376]: CTRL: Sent packet to client > May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): Connection > speed = 115200 > May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): local > address = xx.xx.xx.166 > May 22 12:34:34 barracuda pptpd[13377]: CTRL (PPPD Launcher): remote > address = xx.xx.xx.185 > May 22 12:34:34 barracuda pppd[13377]: pppd 2.4.1 started by root, uid 0 > > May 22 12:34:34 barracuda pppd[13377]: using channel 25 > May 22 12:34:34 barracuda pppd[13377]: Using interface ppp0 > May 22 12:34:34 barracuda pppd[13377]: Connect: ppp0 <--> /dev/pts/5 > May 22 12:34:34 barracuda pppd[13377]: sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > sent [LCP ConfReq id=0x1 > ] > LCP: timeout sending Config-Requests > Connection terminated. > May 22 12:35:01 barracuda last message repeated 9 times > May 22 12:35:04 barracuda pppd[13377]: LCP: timeout sending > Config-Requests > May 22 12:35:04 barracuda pppd[13377]: Connection terminated. > May 22 12:35:04 barracuda pppd[13377]: Exit. > May 22 12:35:04 barracuda pptpd[13376]: GRE: > read(fd=4,buffer=804daa0,len=8196) > from PTY failed: status = -1 error = Input/output error > May 22 12:35:04 barracuda pptpd[13376]: CTRL: PTY read or GRE write > failed (pty,gre)=(4,5) > May 22 12:35:04 barracuda pptpd[13376]: CTRL: Client 209.247.138.250 > control connection finished > May 22 12:35:04 barracuda pptpd[13376]: CTRL: Exiting now > May 22 12:35:04 barracuda pptpd[13373]: MGR: Reaped child 13376 > > Using packet sniffer, I see that the linux server sends out lots of LCP > Config Requests, the clients > keeps sending back Encapsulated PPP (GRE). It seems like they can't > communicate with each other. > Please give me any comments b/c without ppp working, i won't get pptp > and dialup to work. > > Thanks > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- From alex at morrison.king.net.nz Wed May 22 20:55:52 2002 From: alex at morrison.king.net.nz (Alex King) Date: Thu, 23 May 2002 13:55:52 +1200 Subject: [pptp-server] poptop, mppe, and ppp cvs In-Reply-To: <20020515032420.I27081@google.com> References: <20020508085915.GA8251@morrison.king.net.nz> <20020509031620.A11051@google.com> <20020514014919.GB2241@morrison.king.net.nz> <20020515032420.I27081@google.com> Message-ID: <20020523015552.GA20918@morrison.king.net.nz> On Wed, May 15, 2002 at 03:24:20AM -0700, Frank Cusack wrote: > > Not with 'noccp'. MPPE is negotiated within CCP. I have a lot of data > on this problem and think I have it down to 2 possible problems which > I won't be able to look at until this weekend. Are you able to provide Just a note to say that with the changes to cvs pppd mschapv2 is now working with my setup (Poptop 1.1.2, Linux kernel 2.4.19-pre8, and the cvs pppd, client Win95 with DUN update 1.4). Thanks for your help with this. Alex From rcd at amherst.com Thu May 23 10:55:40 2002 From: rcd at amherst.com (Rob Dege) Date: Thu, 23 May 2002 11:55:40 -0400 Subject: [pptp-server] Logging question Message-ID: I just got PPTP up & running. Works fine. However, I wish to compose a log of who connects, when they signon & when they log off. I have just about everything except for WHO makes the connection. Syslog doesn't even show it. Any help is appreciated. -Rob From fcusack at fcusack.com Thu May 23 17:51:36 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Thu, 23 May 2002 15:51:36 -0700 Subject: [pptp-server] Logging question In-Reply-To: ; from rcd@amherst.com on Thu, May 23, 2002 at 11:55:40AM -0400 References: Message-ID: <20020523155136.B5984@google.com> On Thu, May 23, 2002 at 11:55:40AM -0400, Rob Dege wrote: > > I just got PPTP up & running. Works fine. However, I wish to compose a log > of who connects, when they signon & when they log off. > > I have just about everything except for WHO makes the connection. Syslog > doesn't even show it. > > Any help is appreciated. PPTP doesn't do that (the protocol doesn't deal with users). Set your ppp options appropriately. By default I am pretty sure it does log connect/disconnect (with username if available) to syslog. "worst case" you can always add something to /etc/ppp/ip-{up,down} to record info in whatever format you want wherever you like. From skent at nsdi.com Fri May 24 06:20:02 2002 From: skent at nsdi.com (Steve Kent) Date: Fri, 24 May 2002 07:20:02 -0400 Subject: [pptp-server] Logging question In-Reply-To: <20020523155136.B5984@google.com> Message-ID: <008a01c20314$f6396120$1e0e000a@tpamerica.com> Here are a couple of scripts I have found during my travels. I hope they help. Steve -----Original Message----- From: pptp-server-admin at lists.schulte.org [mailto:pptp-server-admin at lists.schulte.org] On Behalf Of Frank Cusack Sent: Thursday, May 23, 2002 18:52 To: Rob Dege Cc: pptp-server at lists.schulte.org Subject: Re: [pptp-server] Logging question On Thu, May 23, 2002 at 11:55:40AM -0400, Rob Dege wrote: > > I just got PPTP up & running. Works fine. However, I wish to compose > a log of who connects, when they signon & when they log off. > > I have just about everything except for WHO makes the connection. > Syslog doesn't even show it. > > Any help is appreciated. PPTP doesn't do that (the protocol doesn't deal with users). Set your ppp options appropriately. By default I am pretty sure it does log connect/disconnect (with username if available) to syslog. "worst case" you can always add something to /etc/ppp/ip-{up,down} to record info in whatever format you want wherever you like. _______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. -- -------------- next part -------------- A non-text attachment was scrubbed... Name: vpnuser Type: application/octet-stream Size: 1383 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: pptplog.pl Type: application/x-perl Size: 7017 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: vpnstats Type: application/octet-stream Size: 1949 bytes Desc: not available URL: From rcd at amherst.com Fri May 24 07:25:17 2002 From: rcd at amherst.com (Rob Dege) Date: Fri, 24 May 2002 08:25:17 -0400 Subject: [pptp-server] Logging question In-Reply-To: <20020523155136.B5984@google.com> Message-ID: I figured out the problem. I had to adjust syslog so that daemon.debug pointed to /var/log/pptpd.log. Once I did that, then I was able to extrapulate the username from the pppd logs. btw, ip-[up|down] doesn't record, use, or work with the username in any way. I wish it did.... Would make my script easier ;) -Rob > -----Original Message----- > From: pptp-server-admin at lists.schulte.org > [mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Frank Cusack > Sent: Thursday, May 23, 2002 6:52 PM > To: Rob Dege > Cc: pptp-server at lists.schulte.org > Subject: Re: [pptp-server] Logging question > > > On Thu, May 23, 2002 at 11:55:40AM -0400, Rob Dege wrote: > > > > I just got PPTP up & running. Works fine. However, I wish to > compose a log > > of who connects, when they signon & when they log off. > > > > I have just about everything except for WHO makes the > connection. Syslog > > doesn't even show it. > > > > Any help is appreciated. > > PPTP doesn't do that (the protocol doesn't deal with users). > Set your ppp options appropriately. By default I am pretty sure it does > log connect/disconnect (with username if available) to syslog. > > "worst case" you can always add something to /etc/ppp/ip-{up,down} > to record info in whatever format you want wherever you like. > > _______________________________________________ > pptp-server maillist - pptp-server at lists.schulte.org > http://lists.schulte.org/mailman/listinfo/pptp-server > --- To unsubscribe, go to the url just above this line. -- > From fcusack at fcusack.com Fri May 24 13:26:36 2002 From: fcusack at fcusack.com (Frank Cusack) Date: Fri, 24 May 2002 11:26:36 -0700 Subject: [pptp-server] Logging question In-Reply-To: ; from rcd@amherst.com on Fri, May 24, 2002 at 08:25:17AM -0400 References: <20020523155136.B5984@google.com> Message-ID: <20020524112635.F16555@google.com> On Fri, May 24, 2002 at 08:25:17AM -0400, Rob Dege wrote: > > I figured out the problem. I had to adjust syslog so that daemon.debug > pointed to /var/log/pptpd.log. Once I did that, then I was able to > extrapulate the username from the pppd logs. > > btw, ip-[up|down] doesn't record, use, or work with the username in any way. > I wish it did.... Would make my script easier ;) Yeah you're right. Damn. /fc From sliu at secai.com Sun May 26 21:14:40 2002 From: sliu at secai.com (Shu Liu) Date: Sun, 26 May 2002 19:14:40 -0700 Subject: [pptp-server] Logging question Message-ID: <3CF19690.80A6670A@secai.com> -------- Original Message -------- Subject: Re: [pptp-server] Logging question Date: Fri, 24 May 2002 11:14:57 -0700 From: Frank Cusack To: Shu Liu References: <20020523155136.B5984 at google.com> <3CEE58D2.575C0751 at secai.com> Good tip, you should resend this to the list. /fc On Fri, May 24, 2002 at 08:14:27AM -0700, Shu Liu wrote: > > You can assign different user different login name and > different IP address in /etc/ppp/options.pptp. > So by checking the IP address, you will be able to > see who is online. By tcpdump the packet of the > interface, you will be able to see what the user is > doing. > > Shu Liu > > Frank Cusack wrote: > > > On Thu, May 23, 2002 at 11:55:40AM -0400, Rob Dege wrote: > > > > > > I just got PPTP up & running. Works fine. However, I wish to compose a log > > > of who connects, when they signon & when they log off. > > > > > > I have just about everything except for WHO makes the connection. Syslog > > > doesn't even show it. > > > > > > Any help is appreciated. > > > > PPTP doesn't do that (the protocol doesn't deal with users). > > Set your ppp options appropriately. By default I am pretty sure it does > > log connect/disconnect (with username if available) to syslog. > > > > "worst case" you can always add something to /etc/ppp/ip-{up,down} > > to record info in whatever format you want wherever you like. > > > > _______________________________________________ > > pptp-server maillist - pptp-server at lists.schulte.org > > http://lists.schulte.org/mailman/listinfo/pptp-server > > --- To unsubscribe, go to the url just above this line. -- > From igor.maciel at mailbr.com.br Mon May 27 14:04:17 2002 From: igor.maciel at mailbr.com.br (Igor Maciel Macaubas) Date: Mon, 27 May 2002 16:04:17 -0300 Subject: [pptp-server] Re: [Poptop-server] updated poptop docs? References: <20020527184750.56621.qmail@web21203.mail.yahoo.com> Message-ID: <004301c205b1$517d9490$01fea8c0@igor> Hi All, I'd like to get in touch with the one responsible by the maintenance of the documentation of this project. Is there any one leading this? If not, how can I assume this responsibility ? I have a huge experience using PPTPd, and can be the one in charge to deploy documentation updates, FAQ's, etc. Regards, Igor -- igor.maciel at mailbr.com.br ----- Original Message ----- From: "Zeeshan Ali" To: Sent: Monday, May 27, 2002 3:47 PM Subject: [Poptop-server] updated poptop docs? > Hi all, > I am very new to poptop & pptp too. I was very > happy to find a linux solution to pptp so i can get > rid of windows 2000. The documentation on > www.poptop.org is pretty outdated. are there any > updated docs available? > > __________________________________________________ > Do You Yahoo!? > Yahoo! - Official partner of 2002 FIFA World Cup > http://fifaworldcup.yahoo.com > > _______________________________________________________________ > > Don't miss the 2002 Sprint PCS Application Developer's Conference > August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm > > _______________________________________________ > Poptop-server mailing list > Poptop-server at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/poptop-server > From fedelman at claxson.com Thu May 30 11:19:01 2002 From: fedelman at claxson.com (Federico Edelman) Date: Thu, 30 May 2002 13:19:01 -0300 Subject: [pptp-server] pptp + PAM Message-ID: I'm running a pptp on Linux Debian 2.2rev3, ppp-4.1, PoPToP-v1.0.1. How can I setting pppd authenticate over PAM. I need a unique simultaneus login per user. I think that?s possible with PAM. Thanks for advance, Federico =-=-= Federico Edelman Anaya Internet Systems Administrator Claxson - (+54-11) 4339-3848 -------------- next part -------------- An HTML attachment was scrubbed... URL: From christopher at schulte.org Thu May 30 17:42:41 2002 From: christopher at schulte.org (Christopher Schulte) Date: Thu, 30 May 2002 17:42:41 -0500 Subject: [pptp-server] Fwd: PopTop pptpd.conf read problem Message-ID: <5.1.0.14.2.20020530173950.0410f008@pop3s.schulte.org> Please follow up to the list and maxheadroom2323 at yahoo.com. For reference, the website is http://lists.schulte.org/mailman/listinfo/pptp-server --Chris >Delivered-To: schulte at clink.schulte.org >Date: Thu, 30 May 2002 15:30:36 -0700 (PDT) >From: Max Headroom >Subject: PopTop pptpd.conf read problem >To: christopher at schulte.org >Cc: matthewr at moreton.com.au, tmk at netmagic.net >X-Virus-Scanned: by AMaViS 0.3.12pre6 on clink.schulte.org >X-Spam-Status: No, hits=1.0 required=5.0 tests=FROM_ENDS_IN_NUMS version=2.20 >X-Spam-Level: * > >Christopher, >I am sending this to you becuase I haven't been >able to locate the pptp users group to post >this message. Could you forward it to the >right people? >---------------------------------------------- >We have been building PopToP with UcLibc >and have found a problem in configfile.c >which is used to open /etc/pptpd.conf >and parse it. >What happens is that if one of the >vars is in the file but doesn't have >a value, then a previous value will >be returned for the var value. >My /etc/pptpd.conf file looks like this: > >option /etc/ppp/options.pptp >localip >remoteip > >In this case, localip is assigned a value >of /etc/ppp/options.pptp and pptpd tries >to do an dns lookup on this string. > >This problem is that with uClibc the sscanf >function will not put in null( empty strings ) >into the vars if there is not token in the >parsing string. In configfile.c at about >line 63: > if (sscanf(buffer, "%s %s", w, v) > 0 && !strcmp(w, >keyword)) > >will not null out v if there is NO value. > >May I suggest that this variable be memset >to '\0' before doing ths sscanf? > >Thanks. > MH > > > > >__________________________________________________ >Do You Yahoo!? >Yahoo! - Official partner of 2002 FIFA World Cup >http://fifaworldcup.yahoo.com