RES: RES: [pptp-server] Solaris PPTP server setup, please help
Shu Liu
sliu at secai.com
Mon May 6 03:25:58 CDT 2002
Fabio,
I found that probably I have to use Slirp to get
the MPPE 128 encryption working on my Solaris and Win2K
combination.
I actually made it work. So at this moment,
I can use MSCHAP-v2 and MPPE-128 between
Solaris and Win2K client.
But the problem is that, the Slirp solution is not
bidirection. I can connect to the Server from Win2k Client,
but I can not access the client from Solaris server
since all IP addresses is not valid on the server end.
So the Slirp is not real VPN solution, but one way VPN.
Hope Slirp can support bi-direction in the near future.
I don't think it is difficult if we already came to this point.
Best regards,
Shu Liu
Shu Liu wrote:
> Fabio,
>
> Thank you for your info again.
>
> Right now, I am using PPPD 2.4.1 and PPTP 1.1.2 on
> Solaris 2.8.
>
> After worked very hard to look into
> the source code, search the net and fix the problems,
> I finally made the Win2K can connect with the Solaris
> server via MSCHAP-v2.
>
> I think the only thing left is that MPPE support on
> Solaris. I don't know whether it is supported. I merged
> the source code you pointed me to the v2.4.1 PPPD
> source, the situation is still same.
> Without encryption, I can communcate freely
> between Win2K and Solaris server.
>
> The below is the debug output:
>
> ====================
> May 5 03:33:35 grape pptpd[3464]: [ID 625166 local2.debug] CTRL: local address
> = 192.168.0.1
> May 5 03:33:35 grape pptpd[3464]: [ID 507593 local2.debug] CTRL: pppd speed =
> 460800
> May 5 03:33:35 grape pptpd[3464]: [ID 680658 local2.debug] CTRL: pppd options
> file = /etc/ppp/options.pptp
> May 5 03:33:35 grape pptpd[3464]: [ID 899243 local2.info] CTRL: Client
> 10.20.99.85 control connection started
> May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 1)
> May 5 03:33:35 grape pptpd[3464]: [ID 185080 local2.debug] CTRL: Made a START
> CTRL CONN RPLY packet
> May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 156
> bytes to the client.
> May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to
> client
> May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 7)
> May 5 03:33:35 grape pptpd[3464]: [ID 660210 local2.debug] CTRL: 300 min_bps,
> 100000000 max_bps, 32 window size
> May 5 03:33:35 grape pptpd[3464]: [ID 592640 local2.debug] CTRL: Made a OUT
> CALL RPLY packet
> May 5 03:33:35 grape pptpd[3464]: [ID 652591 local2.info] CTRL: Starting call
> (launching pppd, opening GRE)
> May 5 03:33:35 grape pptpd[3464]: [ID 341784 local2.debug] CTRL: Allocating
> pty/tty pair
> May 5 03:33:35 grape pptpd[3464]: [ID 884817 local2.info] CTRL: Allocated
> pty/tty pair (/dev/ptyp0,/dev/ttyp0)
> May 5 03:33:35 grape pptpd[3464]: [ID 478701 local2.debug] CTRL: pty_fd = 4
> May 5 03:33:35 grape pptpd[3464]: [ID 544237 local2.debug] CTRL: tty_fd = 5
> May 5 03:33:35 grape pptpd[3465]: [ID 201917 local2.debug] CTRL (PPPD
> Launcher): Connection speed = 460800
> May 5 03:33:35 grape pptpd[3465]: [ID 408294 local2.debug] CTRL (PPPD
> Launcher): local address = 192.168.0.1
> May 5 03:33:35 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 32
> bytes to the client.
> May 5 03:33:35 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to
> client
> May 5 03:33:35 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 15)
> May 5 03:33:35 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK
> INFO packet with standard ACCMs
> May 5 03:33:35 grape pppd[3465]: [ID 168393 daemon.notice] pppd 2.4.2b1 started
> by root, uid 0
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.info] Using interface ppp0
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.notice] Connect: ppp0 <-->
> /dev/ttyp0
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq
> id=0x1 <mru 1490> <asyncmap 0x0> <auth chap MS-v2> <magic 0x737e2ee5> <pcomp>
> <accomp>]
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak
> id=0x0 <magic 0x2b1705c2>]
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfNak
> id=0x1 <mru 1500>]
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfReq
> id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x737e2ee5> <pcomp> <accomp>]
> May 5 03:33:35 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfAck
> id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic 0x737e2ee5> <pcomp> <accomp>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq
> id=0x1 <magic 0x54b062e5> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint
> 13 17 01 4f 8b 3d 48 97 cc 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfRej
> id=0x1 <callback CBCP> <mrru 1614>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP ConfReq
> id=0x2 <magic 0x54b062e5> <pcomp> <accomp> <endpoint 13 17 01 4f 8b 3d 48 97 cc
> 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP ConfAck
> id=0x2 <magic 0x54b062e5> <pcomp> <accomp> <endpoint 13 17 01 4f 8b 3d 48 97 cc
> 46 78 99 92 18 72 eb 2a f3 40 00 00 00 18>]
> May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 15)
> May 5 03:33:37 grape pptpd[3464]: [ID 457954 local2.error] CTRL: Ignored a SET
> LINK INFO packet with real ACCMs!
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP EchoReq
> id=0x0 magic=0x737e2ee5]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Challenge
> id=0x1 <37f95ce14cad773086799c570af0be6a>, name = "*"]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc
> id=0x3 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej
> id=0x3 0c 03 00 12 54 b0 62 e5 4d 53 52 41 53 56 35 2e 30 30]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP code=0xc
> id=0x4 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP CodeRej
> id=0x4 0c 04 00 16 54 b0 62 e5 4d 53 52 41 53 2d 31 2d 42 4f 53 54 4f 4e]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [LCP EchoRep
> id=0x0 magic=0x54b062e5]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CHAP Response
> id=0x1
> <888cf908b1492c497944af9704a808e50000000000000000b513f080d2269d869ab0adb0a0af6b7d385222afd1d761c100>,
> name = "sliu"]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [CHAP Success
> id=0x1 "S=357D69EE848CF47461C25FFF4D21EF93C15099E7 M=Welcome to grape."]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [IPCP ConfReq
> id=0x1 <addr 192.168.0.1> <compress VJ 0f 01>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.error] MPPE required, but
> kernel has no support.
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] sent [LCP TermReq
> id=0x5 "MPPE required but not available"]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] CHAP peer
> authentication succeeded for sliu
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [CCP ConfReq
> id=0x5 <mppe +H +M +S +L -D +C>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfReq
> id=0x6 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0>
> <ms-wins 0.0.0.0>]
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.debug] rcvd [IPCP ConfRej
> id=0x1 <compress VJ 0f 01>]
> May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 15)
> May 5 03:33:37 grape pptpd[3464]: [ID 830416 local2.debug] CTRL: Got a SET LINK
> INFO packet with standard ACCMs
> May 5 03:33:37 grape pptpd[3464]: [ID 350728 local2.debug] CTRL: Received PPTP
> Control Message (type: 12)
> May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL
> DISCONNECT RPLY packet
> May 5 03:33:37 grape pptpd[3464]: [ID 992900 local2.debug] CTRL: Received CALL
> CLR request (closing call)
> May 5 03:33:37 grape pptpd[3464]: [ID 623027 local2.debug] CTRL: I wrote 148
> bytes to the client.
> May 5 03:33:37 grape pptpd[3464]: [ID 874420 local2.debug] CTRL: Sent packet to
> client
> May 5 03:33:37 grape pptpd[3464]: [ID 476834 local2.error] GRE: read error: Bad
> file number
> May 5 03:33:37 grape pptpd[3464]: [ID 675644 local2.error] CTRL: PTY read or
> GRE write failed (pty,gre)=(-1,-1)
> May 5 03:33:37 grape pptpd[3464]: [ID 601161 local2.info] CTRL: Client
> 10.20.99.85 control connection finished
> May 5 03:33:37 grape pptpd[3464]: [ID 222597 local2.debug] CTRL: Exiting with
> active call
> May 5 03:33:37 grape pptpd[3464]: [ID 440380 local2.error] CTRL: Asked to free
> call when no call open, not handled well
> May 5 03:33:37 grape pptpd[3464]: [ID 565133 local2.debug] CTRL: Made a CALL
> DISCONNECT RPLY packet
> May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write
> packet to client.
> May 5 03:33:37 grape pptpd[3464]: [ID 455850 local2.debug] CTRL: Made a STOP
> CTRL REQ packet
> May 5 03:33:37 grape pptpd[3464]: [ID 561299 local2.error] CTRL: Couldn't write
> packet to client.
> May 5 03:33:37 grape pptpd[3464]: [ID 142720 local2.debug] CTRL: Exiting now
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Modem hangup
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.notice] Connection
> terminated.
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1
> minutes.
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes,
> received 522 bytes.
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Connect time 0.1
> minutes.
> May 5 03:33:37 grape pppd[3465]: [ID 702911 daemon.info] Sent 445 bytes,
> received 522 bytes.
> May 5 03:33:37 grape pppd[3465]: [ID 834084 daemon.info] Exit.
> ==========================
>
> Do you know the MPPE Solaris support status ? If it is supported,
> where can I find it ?
>
> Thank you very much in advance,
> Shu Liu
>
> Fabio Oliveira wrote:
>
> > Liu,
> >
> > you are welcome.
> > >I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options
> > >(without .pptp extention). Do we need to have a "options.pptp"
> > >also ? I have mppe-40 and mppe-128 i /etc/ppp/options file.
> >
> > OK. You dont need have exactly that file. When you configure the
> > /etc/pptpd.conf have a line options, so you must type for ex.: options
> > /etc/ppp/<ppp options file>, that can be any (options, options.pptp,
> > options.vpn, etc....you choose....)
> >
> > >Is this standard Solaris module, or I have to find some software
> > >to install ? Do you know where I can find instruction about Solaris
> > >mppe ?
> >
> > MPPE means Microsoft Point-to-Point Encryption and that is a patch for the
> > pppd program works with encrypted data. (ref. RFC 3078)
> >
> > You can get the source code to compile at :
> > http://pserver.samba.org/cgi-bin/cvsweb/ppp/pppd/
> >
> > and search in : www.sunfreeware.com for Sun packages (you know is very easy
> > to install)
> > Certainly there are another places but I remember of these.
> >
> > good luck again Liu.
> > regards,
> >
> > Fabio
> >
> > -----Mensagem original-----
> > De: Shu Liu [mailto:sliu at secai.com]
> > Enviada em: quarta-feira, 1 de maio de 2002 14:02
> > Para: Fabio Oliveira
> > Cc: pptp-server at lists.schulte.org
> > Assunto: Re: RES: [pptp-server] Solaris PPTP server setup, please help
> >
> > Fabio,
> > Thank you very much for your quick response.
> >
> > I can monitor the communication over port 1723, but
> > pptp-server(on Solaris) stopped at function "accept()", to wait data
> > from Win2K. This time, Win2K already reported 651 error,
> > and disconnected.
> > You are right, I didn't don anything about Solaris mppe module.
> > Is this standard Solaris module, or I have to find some software
> > to install ? Do you know where I can find instruction about Solaris
> > mppe ?
> >
> > I don't have /etc/ppp/options.pptp file, instead /etc/ppp/options
> > (without .pptp extention). Do we need to have a "options.pptp"
> > also ? I have mppe-40 and mppe-128 i /etc/ppp/options file.
> >
> > Many thanks,
> > Shu Liu
> >
> > On Wed, 1 May 2002, Fabio Oliveira wrote:
> >
> > > Hi Liu,
> > >
> > > Considering the return message 651, it seems any problem in TCP/IP stack
> > of
> > > Win2k.
> > >
> > > Anyway I would check another two points:
> > >
> > > - By default the Win2K enable the option () data encrypted . Be sure that
> > > you have the mppe module installed in Solaris. If I dont mistake you can
> > > find the .conf file at /usr/sys/sun/conf.
> > >
> > > - See also your /etc/ppp/options.pptp file, either mppe-40 or mppe-128
> > > option must be there.
> > >
> > > good luck.
> > > regards,
> > >
> > > Fabio Oliveira
> > > IPWay - Internet Services
> > > fabio at ipway.com.br
> > >
> > > (o- (o- (o- (o- (o-
> > > //\ //\ //\ //\ //\
> > > V_/_ V_/_ V_/_ V_/_ V_/_
> > > Live with freedom, choice Linux
> > >
> > >
> > > -----Mensagem original-----
> > > De: pptp-server-admin at lists.schulte.org
> > > [mailto:pptp-server-admin at lists.schulte.org]Em nome de Shu Liu
> > > Enviada em: quarta-feira, 1 de maio de 2002 04:47
> > > Para: pptp-server at lists.schulte.org
> > > Assunto: [pptp-server] Solaris PPTP server setup, please help
> > >
> > >
> > >
> > > Hi,
> > >
> > > The below is what I have:
> > >
> > > - Solaris 8
> > > - Solaris PPTP server source ported by jason.rhoads at sabernet.net
> > >
> > > Compiled and installed successfully on Solaris 8.
> > > - PPPD v 2.3.11
> > > Compiled and installed successfully on Solaris 8.
> > >
> > > - Win2K as the PPTP client
> > >
> > > I want to make a PPTP vpn connection on Internet through DSL.
> > > I am testing on a local LAN right now.
> > >
> > >
> > > When I tried to connect, the Win2K gave me 651 error always.
> > > The Solaris PPTP log says:
> > > .......: server connection ESTABLISHED.
> > > .......: Socket not accepted: Interrupted system call
> > >
> > > Does anyone know where I can get some instruction, or
> > > can anyone who have experience to set the PPTP Solaris server
> > > send me some sample configuration file ?
> > >
> > > Many thanks in advance,
> > > Shu Liu
> > >
> > >
> > >
> > > _______________________________________________
> > > pptp-server maillist - pptp-server at lists.schulte.org
> > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > --- To unsubscribe, go to the url just above this line. --
> > >
> > >
> >
> > _______________________________________________
> > pptp-server maillist - pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
More information about the pptp-server
mailing list