Date: Thu, 6 Jun 2002 17:19:28 +1200 From: "Patrick Brennan" <patrickb@advantagegroup.co.nz> To: freebsd-security@freebsd.org Subject: MPD & MPPE LCP not converging Message-ID: <3CFF99A0.22805.16AA502@localhost>
next in thread | raw e-mail | index | archive | help
Hello all,
Has anyone had problems with MPD and MPPE (win2K clients -
128bit SP 2) before? I would appear that the CCP phase of the
negotiation is not-converging and we are completely stumped as to
why this is the case. I have not been able to find any similar
problems in the newsgroups.
I have tried various combinations of acccept/yes/enable to the same
end. Also I have commented out the accept encryption line as this
appeared to be for DES (with this line in, then the ECP layer would
try to come up and of course fail). Here is my configuration:
default:
load pptp0
pptp0:
new -i ng0 pptp0 pptp0
log +all
set bundle disable multilink
set bundle enable compression
#set bundle accept encryption
set bundle enable crypt-reqd
set iface disable on-demand
set iface enable proxy-arp
set ipcp ranges 172.25.150.254/32 172.25.150.1/32
set ipcp dns 202.20.64.18 202.20.64.19
set ipcp nbns 172.25.1.1 172.25.1.2
set ipcp accept vjcomp
set link accept acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ccp accept mppc
set ccp accept mpp-compress
set ccp accept mpp-e40
set ccp accept mpp-e128
set ccp accept mpp-stateless
Here is an extract from the MPD log file:
May 27 18:00:00 elmo newsyslog[93828]: logfile turned over
May 28 11:08:34 elmo mpd: mpd: PPTP connection from
172.25.0.253:1028
May 28 11:08:34 elmo mpd: pptp0: attached to connection with
172.25.0.253:1028
May 28 11:08:34 elmo mpd: [pptp0] IFACE: Open event
May 28 11:08:34 elmo mpd: [pptp0] IPCP: Open event
May 28 11:08:34 elmo mpd: [pptp0] IPCP: state change Initial -->
Starting
May 28 11:08:34 elmo mpd: [pptp0] IPCP: LayerStart
May 28 11:08:34 elmo mpd: [pptp0] IPCP: Open event
May 28 11:08:34 elmo mpd: [pptp0] bundle: OPEN event in state
CLOSED
May 28 11:08:34 elmo mpd: [pptp0] opening link "pptp0"...
May 28 11:08:34 elmo mpd: [pptp0] link: OPEN event
May 28 11:08:34 elmo mpd: [pptp0] LCP: Open event
May 28 11:08:34 elmo mpd: [pptp0] LCP: state change Initial -->
Starting
May 28 11:08:34 elmo mpd: [pptp0] LCP: LayerStart
May 28 11:08:34 elmo mpd: [pptp0] device: OPEN event in state
DOWN
May 28 11:08:34 elmo mpd: [pptp0] attaching to peer's outgoing call
May 28 11:08:34 elmo mpd: [pptp0] device is now in state OPENING
May 28 11:08:34 elmo mpd: [pptp0] device: UP event in state
OPENING
May 28 11:08:34 elmo mpd: [pptp0] device is now in state UP
May 28 11:08:34 elmo mpd: [pptp0] link: UP event
May 28 11:08:34 elmo mpd: [pptp0] link: origination is remote
May 28 11:08:34 elmo mpd: [pptp0] LCP: Up event
May 28 11:08:34 elmo mpd: [pptp0] LCP: state change Starting -->
Req-Sent
May 28 11:08:34 elmo mpd: [pptp0] LCP: phase shift DEAD -->
ESTABLISH
May 28 11:08:34 elmo mpd: [pptp0] LCP: SendConfigReq #11
May 28 11:08:34 elmo mpd: ACFCOMP
May 28 11:08:34 elmo mpd: PROTOCOMP
May 28 11:08:34 elmo mpd: MRU 1500
May 28 11:08:34 elmo mpd: MAGICNUM 29b18f16
May 28 11:08:34 elmo mpd: AUTHPROTO CHAP MSOFTv2
May 28 11:08:35 elmo mpd: pptp0-0: ignoring SetLinkInfo
May 28 11:08:35 elmo mpd: [pptp0] LCP: rec'd Configure Request
#0 link 0 (Req-Sent)
May 28 11:08:35 elmo mpd: MAGICNUM 10e451b7
May 28 11:08:35 elmo mpd: PROTOCOMP
May 28 11:08:35 elmo mpd: ACFCOMP
May 28 11:08:35 elmo mpd: CALLBACK
May 28 11:08:35 elmo mpd: Not supported
May 28 11:08:35 elmo mpd: MP MRRU 1614
May 28 11:08:35 elmo mpd: ENDPOINTDISC [LOCAL] f8 07 e5 8a
f0 63 45 41 8d 92 9f 8d d5 75 5d 4d 00 00 00 01
May 28 11:08:35 elmo mpd: [pptp0] LCP: SendConfigRej #0
May 28 11:08:35 elmo mpd: CALLBACK
May 28 11:08:35 elmo mpd: MP MRRU 1614
May 28 11:08:35 elmo mpd: [pptp0] LCP: rec'd Configure Request
#1 link 0 (Req-Sent)
May 28 11:08:35 elmo mpd: MAGICNUM 10e451b7
May 28 11:08:35 elmo mpd: PROTOCOMP
May 28 11:08:35 elmo mpd: ACFCOMP
May 28 11:08:35 elmo mpd: ENDPOINTDISC [LOCAL] f8 07 e5 8a
f0 63 45 41 8d 92 9f 8d d5 75 5d 4d 00 00 00 01
May 28 11:08:35 elmo mpd: [pptp0] LCP: SendConfigAck #1
May 28 11:08:35 elmo mpd: MAGICNUM 10e451b7
May 28 11:08:35 elmo mpd: PROTOCOMP
May 28 11:08:35 elmo mpd: ACFCOMP
May 28 11:08:35 elmo mpd: ENDPOINTDISC [LOCAL] f8 07 e5 8a
f0 63 45 41 8d 92 9f 8d d5 75 5d 4d 00 00 00 01
May 28 11:08:35 elmo mpd: [pptp0] LCP: state change Req-Sent -->
Ack-Sent
May 28 11:08:36 elmo mpd: [pptp0] LCP: SendConfigReq #12
May 28 11:08:36 elmo mpd: ACFCOMP
May 28 11:08:36 elmo mpd: PROTOCOMP
May 28 11:08:36 elmo mpd: MRU 1500
May 28 11:08:36 elmo mpd: MAGICNUM 29b18f16
May 28 11:08:36 elmo mpd: AUTHPROTO CHAP MSOFTv2
May 28 11:08:37 elmo mpd: pptp0-0: ignoring SetLinkInfo
May 28 11:08:37 elmo mpd: [pptp0] LCP: rec'd Configure Ack #12
link 0 (Ack-Sent)
May 28 11:08:37 elmo mpd: ACFCOMP
May 28 11:08:37 elmo mpd: PROTOCOMP
May 28 11:08:37 elmo mpd: MRU 1500
May 28 11:08:37 elmo mpd: MAGICNUM 29b18f16
May 28 11:08:37 elmo mpd: AUTHPROTO CHAP MSOFTv2
May 28 11:08:37 elmo mpd: [pptp0] LCP: state change Ack-Sent -->
Opened
May 28 11:08:37 elmo mpd: [pptp0] LCP: phase shift ESTABLISH --> AUTHENTICATE
May 28 11:08:37 elmo mpd: [pptp0] LCP: auth: peer wants nothing, I
want CHAP
May 28 11:08:37 elmo mpd: [pptp0] CHAP: sending CHALLENGE
May 28 11:08:37 elmo mpd: [pptp0] LCP: LayerUp
May 28 11:08:37 elmo mpd: [pptp0] LCP: rec'd Ident #2 link 0
(Opened)
May 28 11:08:37 elmo mpd: MESG: MSRASV5.00
May 28 11:08:37 elmo mpd: [pptp0] LCP: rec'd Ident #3 link 0
(Opened)
May 28 11:08:37 elmo mpd: MESG: MSRAS-1-BRETTK
May 28 11:08:37 elmo mpd: [pptp0] CHAP: rec'd RESPONSE #1
May 28 11:08:37 elmo mpd: Name: "ch1"
May 28 11:08:37 elmo mpd: Peer name: "ch1"
May 28 11:08:37 elmo mpd: Response is valid
May 28 11:08:37 elmo mpd: [pptp0] CHAP: sending SUCCESS
May 28 11:08:37 elmo mpd: [pptp0] LCP: authorization successful
May 28 11:08:37 elmo mpd: [pptp0] LCP: phase shift
AUTHENTICATE --> NETWORK
May 28 11:08:37 elmo mpd: [pptp0] up: 1 link, total bandwidth 64000
bps
May 28 11:08:37 elmo mpd: [pptp0] IPCP: Up event
May 28 11:08:37 elmo mpd: [pptp0] IPCP: state change Starting -->
Req-Sent
May 28 11:08:37 elmo mpd: [pptp0] IPCP: SendConfigReq #3
May 28 11:08:37 elmo mpd: IPADDR 172.25.150.254
May 28 11:08:37 elmo mpd: COMPPROTO VJCOMP, 16 comp.
channels, no comp-cid
May 28 11:08:37 elmo mpd: [pptp0] rec'd unexpected protocol CCP
on link 0, rejecting
May 28 11:08:37 elmo mpd: [pptp0] IPCP: rec'd Configure Request
#5 link 0 (Req-Sent)
May 28 11:08:37 elmo mpd: IPADDR 0.0.0.0
May 28 11:08:37 elmo mpd: NAKing with 172.25.150.1
May 28 11:08:37 elmo mpd: PRIDNS 0.0.0.0
May 28 11:08:37 elmo mpd: NAKing with 202.20.64.18
May 28 11:08:37 elmo mpd: PRINBNS 0.0.0.0
May 28 11:08:37 elmo mpd: NAKing with 172.25.1.1
May 28 11:08:37 elmo mpd: SECDNS 0.0.0.0
May 28 11:08:37 elmo mpd: NAKing with 202.20.64.19
May 28 11:08:37 elmo mpd: SECNBNS 0.0.0.0
May 28 11:08:37 elmo mpd: NAKing with 172.25.1.2
May 28 11:08:37 elmo mpd: [pptp0] IPCP: SendConfigNak #5
May 28 11:08:37 elmo mpd: IPADDR 172.25.150.1
May 28 11:08:37 elmo mpd: PRIDNS 202.20.64.18
May 28 11:08:37 elmo mpd: PRINBNS 172.25.1.1
May 28 11:08:37 elmo mpd: SECDNS 202.20.64.19
May 28 11:08:37 elmo mpd: SECNBNS 172.25.1.2
May 28 11:08:37 elmo mpd: [pptp0] IPCP: rec'd Configure Reject #3
link 0 (Req-Sent)
May 28 11:08:37 elmo mpd: COMPPROTO VJCOMP, 16 comp.
channels, no comp-cid
May 28 11:08:37 elmo mpd: [pptp0] IPCP: SendConfigReq #4
May 28 11:08:37 elmo mpd: IPADDR 172.25.150.254
May 28 11:08:38 elmo mpd: [pptp0] IPCP: rec'd Configure Request
#6 link 0 (Req-Sent)
May 28 11:08:38 elmo mpd: IPADDR 172.25.150.1
May 28 11:08:38 elmo mpd: 172.25.150.1 is OK
May 28 11:08:38 elmo mpd: PRIDNS 202.20.64.18
May 28 11:08:38 elmo mpd: PRINBNS 172.25.1.1
May 28 11:08:38 elmo mpd: SECDNS 202.20.64.19
May 28 11:08:38 elmo mpd: SECNBNS 172.25.1.2
May 28 11:08:38 elmo mpd: [pptp0] IPCP: SendConfigAck #6
May 28 11:08:38 elmo mpd: IPADDR 172.25.150.1
May 28 11:08:38 elmo mpd: PRIDNS 202.20.64.18
May 28 11:08:38 elmo mpd: PRINBNS 172.25.1.1
May 28 11:08:38 elmo mpd: SECDNS 202.20.64.19
May 28 11:08:38 elmo mpd: SECNBNS 172.25.1.2
May 28 11:08:38 elmo mpd: [pptp0] IPCP: state change Req-Sent --> Ack-Sent
May 28 11:08:38 elmo mpd: [pptp0] IPCP: rec'd Configure Ack #4
link 0 (Ack-Sent)
May 28 11:08:38 elmo mpd: IPADDR 172.25.150.254
May 28 11:08:38 elmo mpd: [pptp0] IPCP: state change Ack-Sent -->
Opened
May 28 11:08:38 elmo mpd: [pptp0] IPCP: LayerUp
May 28 11:08:38 elmo mpd: 172.25.150.254 -> 172.25.150.1
May 28 11:08:38 elmo mpd: [pptp0] IFACE: Up event
May 28 11:08:38 elmo mpd: [pptp0] exec: /sbin/ifconfig ng0
172.25.150.254 172.25.150.1 netmask 0xffffffff -link0
May 28 11:08:38 elmo mpd: [pptp0] exec: /usr/sbin/arp -s
172.25.150.1 0:90:27:98:a4:fd pub
May 28 11:08:38 elmo mpd: [pptp0] IFACE: Up event
May 28 12:33:12 elmo mpd: [pptp0] LCP: no reply to 1 echo
request(s)
May 28 12:33:22 elmo mpd: [pptp0] LCP: no reply to 2 echo
request(s)
May 28 12:33:32 elmo mpd: [pptp0] LCP: no reply to 3 echo
request(s)
May 28 12:33:42 elmo mpd: [pptp0] LCP: no reply to 4 echo
request(s)
May 28 12:33:52 elmo mpd: [pptp0] LCP: no reply to 5 echo
request(s)
May 28 12:33:52 elmo mpd: [pptp0] LCP: peer not responding to
echo requests
May 28 12:33:52 elmo mpd: [pptp0] LCP: LayerFinish
May 28 12:33:52 elmo mpd: [pptp0] LCP: LayerStart
May 28 12:33:52 elmo mpd: [pptp0] LCP: state change Opened -->
Starting
May 28 12:33:52 elmo mpd: [pptp0] LCP: phase shift NETWORK -->
DEAD
May 28 12:33:52 elmo mpd: [pptp0] up: 0 links, total bandwidth 9600
bps
May 28 12:33:52 elmo mpd: [pptp0] IPCP: Down event
May 28 12:33:52 elmo mpd: [pptp0] IPCP: state change Opened -->
Starting
May 28 12:33:52 elmo mpd: [pptp0] IPCP: LayerDown
May 28 12:33:52 elmo mpd: [pptp0] IFACE: Down event
May 28 12:33:52 elmo mpd: [pptp0] exec: /usr/sbin/arp -d
172.25.150.1
May 28 12:33:52 elmo mpd: [pptp0] exec: /sbin/ifconfig ng0 down
delete -link0
May 28 12:33:52 elmo mpd: [pptp0] LCP: LayerDown
May 28 12:33:52 elmo mpd: [pptp0] device: CLOSE event in state
UP
May 28 12:33:52 elmo mpd: pptp0-0: clearing call
May 28 12:33:52 elmo mpd: pptp0-0: killing channel
May 28 12:33:52 elmo mpd: [pptp0] PPTP call terminated
May 28 12:33:52 elmo mpd: [pptp0] IFACE: Close event
May 28 12:33:52 elmo mpd: [pptp0] IPCP: Close event
May 28 12:33:52 elmo mpd: [pptp0] IPCP: state change Starting -->
Initial
May 28 12:33:52 elmo mpd: [pptp0] IPCP: LayerFinish
May 28 12:33:52 elmo mpd: [pptp0] IFACE: Close event
May 28 12:33:52 elmo mpd: pptp0: closing connection with
172.25.0.253:1028
May 28 12:33:52 elmo mpd: [pptp0] IFACE: Close event
May 28 12:33:52 elmo mpd: [pptp0] device is now in state CLOSING
May 28 12:33:52 elmo mpd: [pptp0] bundle: CLOSE event in state
OPENED
May 28 12:33:52 elmo mpd: [pptp0] closing link "pptp0"...
May 28 12:33:52 elmo mpd: [pptp0] device: OPEN event in state
CLOSING
May 28 12:33:52 elmo mpd: [pptp0] device is now in state CLOSING
May 28 12:33:52 elmo mpd: [pptp0] link: CLOSE event
May 28 12:33:52 elmo mpd: [pptp0] LCP: Close event
May 28 12:33:52 elmo mpd: [pptp0] LCP: state change Starting -->
Initial
May 28 12:33:52 elmo mpd: [pptp0] LCP: LayerFinish
May 28 12:33:52 elmo mpd: [pptp0] device: DOWN event in state
CLOSING
May 28 12:33:52 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:33:52 elmo mpd: [pptp0] link: DOWN event
May 28 12:33:52 elmo mpd: [pptp0] LCP: Down event
May 28 12:33:52 elmo mpd: [pptp0] device: DOWN event in state
DOWN
May 28 12:33:52 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:33:52 elmo mpd: [pptp0] link: DOWN event
May 28 12:33:52 elmo mpd: [pptp0] LCP: Down event
May 28 12:33:52 elmo mpd: [pptp0] device: CLOSE event in state
DOWN
May 28 12:33:52 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:33:52 elmo mpd: [pptp0] device: OPEN event in state
DOWN
May 28 12:33:52 elmo mpd: [pptp0] pausing 9 seconds before open
May 28 12:33:52 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:33:52 elmo mpd: [pptp0] device: OPEN event in state
DOWN
May 28 12:33:52 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:33:55 elmo mpd: pptp0: no reply to StopCtrlConnRequest
after 3 sec
May 28 12:33:55 elmo mpd: pptp0: killing connection with
172.25.0.253:1028
May 28 12:34:01 elmo mpd: [pptp0] device: OPEN event in state
DOWN
May 28 12:34:01 elmo mpd: [pptp0] pptp originate option is not
enabled
May 28 12:34:01 elmo mpd: [pptp0] device is now in state OPENING
May 28 12:34:01 elmo mpd: [pptp0] device: DOWN event in state
OPENING
May 28 12:34:01 elmo mpd: [pptp0] device is now in state DOWN
May 28 12:34:01 elmo mpd: [pptp0] link: DOWN event
May 28 12:34:01 elmo mpd: [pptp0] LCP: Down event
Thanks
Patrick Brennan
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CFF99A0.22805.16AA502>