Date: Thu, 2 May 2002 17:33:35 -0400 (EDT) From: Thomas David Rivers <rivers@dignus.com> To: archie@dellroad.org, tlambert2@mindspring.com Cc: freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG, K.J.Koster@kpn.com, rivers@dignus.com Subject: Re: Anyone using pptp? Message-ID: <200205022133.g42LXZE51368@lakes.dignus.com> In-Reply-To: <3CD1AD80.DFCC100F@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert <tlambert2@mindspring.com> wrote: > > Archie Cobbs wrote: > > Thomas David Rivers writes: > > > If I add > > > enable MSChapV2 > > > in /etc/ppp/ppp.conf - then our ppp client requires that the > > > peer (the Microsoft VPN server) authenticate using MSChapV2. But, > > > the Microsoft VPN peer refuses that (it's configured to not use > > > MSChapV2. > > > > Don't you want something like "allow MSChapV2" and "disable MSChapV2" ? > > The MS PAP/CHAP stuff never made it to RFC because of the > protocol layering violations. > > I think the problem T.D.R. is seeing are a result of not > having some covert channel, which is *not* MSChapV2, to get > a session key for the VPN session. > > I guess we need to see a packet trace for a Windows machine > being successful, and a FreeBSD machine being unsuccessful, > in order to run a side-by-side comparison. Believe me! I've asked for such a thingy... apparently, the "magic software" needed to do a packet trace on Windows isn't installed on the server. - Dave Rivers - -- rivers@dignus.com Work: (919) 676-0847 Get your mainframe programming tools at http://www.dignus.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205022133.g42LXZE51368>