[pptp-server] Continuing adventures with cvs pppd
Kenny Austin
kenny at muspellsheim.net
Tue May 14 10:58:03 CDT 2002
Have you tried the require-mppe patch for ppp? I think that this is what
you are trying to do. The patch can be found at:
ftp://ftp.shorewall.net/pub/shorewall/misc/require-mppe.diff, although it
was created for ppp-2.3.11, I can verify that it works with ppp-2.4.1b2 (I
cannot remember if I had to manually apply any of it).
Then you can add
require-mppe
require-mppe-stateless
to your ppp options file.
I hope this is what you need.
Kenny Austin
kenny at muspellsheim.net
-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Alex King
Sent: Monday, May 13, 2002 9:36 PM
To: pptp-server at lists.schulte.org
Subject: [pptp-server] Continuing adventures with cvs pppd
OK, I can now get a mschap (v1) and mppe-128 connection between my
Win95/DUN1.4 client and my poptop/cvs pppd server.
However, the worry is (appart from chap-v2 not working) that mppe
encryption is not being enforced.
Here are my pppd options for pptpd:
auth
require-mschap
require-mppe-128
require-mppe
ms-dns 10.0.0.1
ms-wins 10.0.0.1
netmask 255.255.255.0
nodefaultroute
proxyarp
lock
kdebug 7
With "Require encrypted passowrd" and "Require data encryption" not set
on the client, although the server sends CCP requests for MPPE, these
are not answered by the client, and the connection continues
unencrypted.
When "Require encrypted passowrd" and "Require data encryption" are set
in the client, MPPE encryption is properly negoiated, and used.
I would rather have pppd close the connection if the required encryption
is not abvailable......
Alex
More information about the pptp-server
mailing list