From owner-freebsd-questions@FreeBSD.ORG  Wed May  5 08:16:52 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 83B6416A4CE
	for <questions@FreeBSD.org>; Wed,  5 May 2004 08:16:52 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6193743D46
	for <questions@FreeBSD.org>; Wed,  5 May 2004 08:16:49 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.11/8.12.11) with ESMTP id i45FGdGo054363
	for <questions@FreeBSD.org>; Wed, 5 May 2004 11:16:39 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)i45FGdtN054360
	for <questions@FreeBSD.org>; Wed, 5 May 2004 11:16:39 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Wed, 5 May 2004 11:16:38 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: questions@FreeBSD.org
Message-ID: <Pine.NEB.3.96L.1040505110824.39879C-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: mpd failing to negotiate pptp with a Mac OS X VPN client
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 05 May 2004 15:16:52 -0000


I'm attempting to get PPTP set up between a Mac OS X 10.3.3 client using
the VPN tool in Internet Connect and a FreeBSD 4.10-BETA box running mpd. 
I don't have a whole lot of experience with this, so it could well be I'm
doing something stupid.  However, the problem seems fairly consistent
across a number of tries.  It looks like something stalls during CHAP on
the FreeBSD side; on Mac OS X, it simply gets stuck in the "Negotiating" 
state for a while and then disconnects.  I don't know enough to know if
it's the server requesting authentication and the client not doing the
right thing, or the client sending auth data and the two passing in the
night... 

Here's the configuration file I'm using, with a slight password tweak and
address tweaks: 

default:
        load leigh

leigh:
        new -i ng0 pptp pptp
        set ipcp ranges 192.168.3.1/32 192.168.3.100/32
        set bundle authname leigh
        set bundle password "abc"
        load standard

standard:
        set iface disable on-demand
        set bundle disable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 60 180
        set ipcp yes vjcomp
        set ipcp dns 192.168.3.1
        set iface enable proxy-arp
        set bundle enable compression
        set ccp yes mppc
        set ccp yes mpp-e40
        set ccp yes mpp-e128
        set ccp yes mpp-stateless
        set bundle yes crypt-reqd

The mpd.links entry is:

pptp:
        set link type pptp
        set pptp self 1.2.3.4		# would be external address
        set pptp enable incoming
        set pptp disable originate

Here's the error log -- it looks like there's some problem with getting
CHAP negotiated:

Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 81199, version 3.17 (root@host 09:49 5-May-2004)
[pptp] ppp node is "mpd81199-pptp"
mpd: local IP address for PPTP is 1.2.3.4
[pptp] using interface ng0
[pptp:pptp] 
[pptp:pptp] 
[pptp:pptp] 
[pptp:pptp] mpd: PPTP connection from 5.6.7.8:49351
pptp0: attached to connection with 5.6.7.8:49351
[pptp] IFACE: Open event
[pptp] IPCP: Open event
[pptp] IPCP: state change Initial --> Starting
[pptp] IPCP: LayerStart
[pptp] IPCP: Open event
[pptp] bundle: OPEN event in state CLOSED
[pptp] opening link "pptp"...
[pptp] link: OPEN event
[pptp] LCP: Open event
[pptp] LCP: state change Initial --> Starting
[pptp] LCP: LayerStart
[pptp] device: OPEN event in state DOWN
[pptp] attaching to peer's outgoing call
[pptp] device is now in state OPENING
[pptp] device: UP event in state OPENING
[pptp] device is now in state UP
[pptp] link: UP event
[pptp] link: origination is remote
[pptp] LCP: Up event
[pptp] LCP: state change Starting --> Req-Sent
[pptp] LCP: phase shift DEAD --> ESTABLISH
[pptp] LCP: SendConfigReq #1
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
pptp0-0: ignoring SetLinkInfo
[pptp] LCP: SendConfigReq #2
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #3
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #4
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #5
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #6
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #7
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #8
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #9
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: SendConfigReq #10
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 47690847
 AUTHPROTO CHAP MSOFTv2
[pptp] LCP: state change Req-Sent --> Stopped
[pptp] LCP: LayerFinish
[pptp] LCP: parameter negotiation failed
[pptp] LCP: LayerFinish
[pptp] device: CLOSE event in state UP
pptp0-0: clearing call
pptp0-0: killing channel
[pptp] PPTP call terminated
[pptp] IFACE: Close event
[pptp] IPCP: Close event
[pptp] IPCP: state change Starting --> Initial
[pptp] IPCP: LayerFinish
[pptp] IFACE: Close event
pptp0: closing connection with 5.6.7.8:49351
[pptp] IFACE: Close event
[pptp] device is now in state CLOSING
[pptp] bundle: CLOSE event in state OPENED
[pptp] closing link "pptp"...
[pptp] device: CLOSE event in state CLOSING
[pptp] device is now in state CLOSING
[pptp] link: CLOSE event
[pptp] LCP: Close event
[pptp] LCP: state change Stopped --> Closed
[pptp] device: DOWN event in state CLOSING
[pptp] device is now in state DOWN
[pptp] link: DOWN event
[pptp] LCP: Down event
[pptp] LCP: state change Closed --> Initial
[pptp] LCP: phase shift ESTABLISH --> DEAD
[pptp] device: DOWN event in state DOWN
[pptp] device is now in state DOWN
[pptp] link: DOWN event
[pptp] LCP: Down event
pptp0: ctrl connection closed by peer
pptp0: killing connection with 5.6.7.8:49351

Any help appreciated, thanks!

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Senior Research Scientist, McAfee Research