[pptp-server] poptop, mppe, and ppp cvs
Frank Cusack
fcusack at fcusack.com
Thu May 9 05:16:20 CDT 2002
On Wed, May 08, 2002 at 08:59:15PM +1200, Alex King wrote:
> Where I'm at - I can connect using a win95/DUN1.4 client with CHAP and no
> encryption. If tick "Require encrypted password" on the cient, I can
> still connect:
>
> sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x70690983>
> <pcomp> <accomp>]
> ...
> rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x70690983>
> <pcomp> <accomp>]
> sent [CHAP Challenge id=...
> rcvd [CHAP Response...
> sent [CHAP Success...
>
> and the connection succeeds
>
> When I configure the server with require-mschap-v2 I get:
> sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x8c3d3f60>
> <pcomp> <accomp>]
> ...
> rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x8c3d3f60>
> <pcomp> <accomp>]
> sent [CHAP Challenge...
> rcvd [CHAP Response...
> sent [CHAP Success...
> sent [IPCP ConfReq id=0x1 <addr 10.0.0.1> <compress VJ 0f 01>]
> sent [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15> <bsd v1 15>]
> CHAP peer authentication succeeded for workgroup\\alex
> rcvd [LCP ProtRej id=0x2 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f]
> rcvd [LCP TermReq id=0x3]
>
> and the connection fails (note I have workgroup\\alex in the chap
> secrets)
>
> Here is my main question:
>
> What should I do to get a working setup? Should I go back to 2.4.18, or
> an earlier 2.4 with other patches, or even back to 2.2 kernel? Is my
> configuration worng? Is it a client issue? (I tried the linux pptp
> client, but I found mail list notes saying this does not work with later
> 2.4 kernels, and I could not get it going even unencrypted.) It is more
> difficult for me to test against win98, but I would do that if I thought
> I'd have a better chance.
>
> What is the significance of the ProtRej line second to last in the above
> log? Has anyone got a poptop to work in a similar setup (ie, kernel
> 2.4.18 or 2.4.19 with mschap-v2 and mppe encryption?)
I've got it working with a win2k client. I am currently aware of win98
problems which I am working on, related to mschap (v1).
The ProtRej is worrisome. This is a long shot, but try setting 'novj'
and 'nodeflate' in your ppp options. You might also try 'asyncmap a0000'.
It does appear that win95 doesn't like your IPCP offering, but normally
it should send you an IPCP ConfNak. But it might be broken.
/fc
More information about the pptp-server
mailing list