From owner-freebsd-net@FreeBSD.ORG Mon Apr 16 22:53:00 2007 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8BBA316A407 for ; Mon, 16 Apr 2007 22:53:00 +0000 (UTC) (envelope-from tmclaugh@sdf.lonestar.org) Received: from straycat.dhs.org (c-24-63-86-11.hsd1.ma.comcast.net [24.63.86.11]) by mx1.freebsd.org (Postfix) with ESMTP id 50D0B13C44B for ; Mon, 16 Apr 2007 22:52:58 +0000 (UTC) (envelope-from tmclaugh@sdf.lonestar.org) Received: from [192.168.1.127] (bofh.straycat.dhs.org [192.168.1.127]) by straycat.dhs.org (8.13.8/8.13.8) with ESMTP id l3GMZ5DL007990 for ; Mon, 16 Apr 2007 18:35:05 -0400 (EDT) From: Tom McLaughlin To: freebsd-net@FreeBSD.org Content-Type: text/plain Date: Mon, 16 Apr 2007 18:35:05 -0400 Message-Id: <1176762905.1901.59.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.10.0 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: Subject: net/mpd4: Unable to pass pass traffic as pptp client X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Apr 2007 22:53:00 -0000 Hi all, I'm trying to use mpd4 to connect my work's Cisco VPN concentrator. After fiddling with mpd.conf I can now get past the connection setup phase and authentication steps. According to the VPN concentrator's logs I have successfully connected but some bit later I am disconnected and the logs show no traffic passed in or out on my connection. While connected I can't ping or reach anything on the work network. After some googling I've found that others have had routing related issues but couldn't find exactly how they were resolved. Can anyone lend me a hand here and point me in the right direction? Below is my mpd.conf along with mpd's console messages along with my routing table. Thanks, tom (Please CC me on replies) mpd.conf: ---- vpn: new -i ng0 vpn vpn set iface disable on-demand set iface idle 0 # disconnect the client after 8 hours set iface session 28800 set iface enable tcpmssfix set auth authname "*****" set auth password "*****" set link yes acfcomp protocomp # If remote machine is NT you need this.. set link enable no-orig-auth set link enable keep-ms-domain set link no pap set link yes chap-msv1 set link mtu 1400 set link mru 1400 set link keep-alive 10 75 set ipcp no vjcomp set ipcp enable req-pri-dns set ipcp enable req-sec-dns set ipcp enable req-pri-nbns set ipcp enable req-sec-nbns set ipcp ranges 0.0.0.0/0 208.206.3.5/32 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle disable multilink set bundle enable compression # set bundle enable crypt-reqd set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless open mpd console log: ---- [root@bofh tom]# mpd4 Multi-link PPP daemon for FreeBSD process 10036 started, version 4.1 (tom@bofh.straycat.dhs.org 08:58 10-Apr-2007) CONSOLE: listening on 0.0.0.0 5005 [vpn] using interface ng0 [vpn] link: OPEN event [vpn] LCP: Open event [vpn] LCP: state change Initial --> Starting [vpn] LCP: LayerStart pptp0: connecting to 208.206.3.5 1723 pptp0: connected to 208.206.3.5 1723 pptp0: attached to connection with 208.206.3.5 1723 pptp0-0: outgoing call connected at 10000000 bps [vpn] PPTP call successful [vpn] link: UP event [vpn] link: origination is local [vpn] LCP: Up event [vpn] LCP: state change Starting --> Req-Sent [vpn] LCP: SendConfigReq #1 ACFCOMP PROTOCOMP MRU 1400 MAGICNUM 74561568 AUTHPROTO CHAP MSOFT [vpn] LCP: SendConfigReq #2 ACFCOMP PROTOCOMP MRU 1400 MAGICNUM 74561568 AUTHPROTO CHAP MSOFT [vpn] LCP: rec'd Configure Reject #2 link 0 (Req-Sent) ACFCOMP PROTOCOMP AUTHPROTO CHAP MSOFT [vpn] LCP: SendConfigReq #3 MRU 1400 MAGICNUM 74561568 [vpn] LCP: rec'd Configure Nak #3 link 0 (Req-Sent) MRU 1500 [vpn] LCP: SendConfigReq #4 MRU 1500 MAGICNUM 74561568 [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent) AUTHPROTO CHAP MSOFT [vpn] LCP: SendConfigAck #1 AUTHPROTO CHAP MSOFT [vpn] LCP: state change Req-Sent --> Ack-Sent [vpn] LCP: rec'd Configure Ack #4 link 0 (Ack-Sent) MRU 1500 MAGICNUM 74561568 [vpn] LCP: state change Ack-Sent --> Opened [vpn] LCP: auth: peer wants CHAP, I want nothing [vpn] LCP: LayerUp [vpn] CHAP: rec'd CHALLENGE #1 Name: "" Using authname "*****" [vpn] CHAP: sending RESPONSE len:70 [vpn] CHAP: rec'd CHALLENGE #2 Name: "" Using authname "*****" [vpn] CHAP: sending RESPONSE len:70 [vpn] CHAP: rec'd SUCCESS #2 [vpn] LCP: authorization successful [vpn] Bundle up: 1 link, total bandwidth 64000 bps [vpn] IPCP: Open event [vpn] IPCP: state change Initial --> Starting [vpn] IPCP: LayerStart [vpn] CCP: Open event [vpn] CCP: state change Initial --> Starting [vpn] CCP: LayerStart [vpn] IPCP: Up event [vpn] IPCP: state change Starting --> Req-Sent [vpn] IPCP: SendConfigReq #1 IPADDR 0.0.0.0 PRIDNS 0.0.0.0 SECDNS 0.0.0.0 PRINBNS 0.0.0.0 SECNBNS 0.0.0.0 [vpn] CCP: Up event [vpn] CCP: state change Starting --> Req-Sent [vpn] CCP: SendConfigReq #1 MPPC 0x01000060:MPPE(40, 128 bits), stateless [vpn] IPCP: rec'd Configure Request #0 link 0 (Req-Sent) IPADDR 208.206.3.5 208.206.3.5 is OK [vpn] IPCP: SendConfigAck #0 IPADDR 208.206.3.5 [vpn] IPCP: state change Req-Sent --> Ack-Sent [vpn] CCP: rec'd Configure Request #0 link 0 (Req-Sent) MPPC 0x01000060:MPPE(40, 128 bits), stateless [vpn] CCP: SendConfigNak #0 MPPC 0x01000040:MPPE(128 bits), stateless [vpn] CCP: rec'd Configure Request #1 link 0 (Req-Sent) MPPC 0x01000040:MPPE(128 bits), stateless [vpn] CCP: SendConfigAck #1 MPPC 0x01000040:MPPE(128 bits), stateless [vpn] CCP: state change Req-Sent --> Ack-Sent [vpn] CCP: SendConfigReq #2 MPPC 0x01000060:MPPE(40, 128 bits), stateless [vpn] IPCP: SendConfigReq #2 IPADDR 0.0.0.0 PRIDNS 0.0.0.0 SECDNS 0.0.0.0 PRINBNS 0.0.0.0 SECNBNS 0.0.0.0 [vpn] CCP: rec'd Configure Nak #2 link 0 (Ack-Sent) MPPC 0x01000040:MPPE(128 bits), stateless [vpn] CCP: SendConfigReq #3 MPPC 0x01000040:MPPE(128 bits), stateless [vpn] IPCP: rec'd Configure Nak #2 link 0 (Ack-Sent) IPADDR 172.30.29.9 172.30.29.9 is OK PRIDNS 172.30.16.2 SECDNS 172.30.0.2 PRINBNS 172.30.16.3 SECNBNS 172.30.0.7 [vpn] IPCP: SendConfigReq #3 IPADDR 172.30.29.9 PRIDNS 172.30.16.2 SECDNS 172.30.0.2 PRINBNS 172.30.16.3 SECNBNS 172.30.0.7 [vpn] CCP: rec'd Configure Ack #3 link 0 (Ack-Sent) MPPC 0x01000040:MPPE(128 bits), stateless [vpn] CCP: state change Ack-Sent --> Opened [vpn] CCP: LayerUp Compress using: mppc (MPPE(128 bits), stateless) Decompress using: mppc (MPPE(128 bits), stateless) [vpn] IPCP: rec'd Configure Ack #3 link 0 (Ack-Sent) IPADDR 172.30.29.9 PRIDNS 172.30.16.2 SECDNS 172.30.0.2 PRINBNS 172.30.16.3 SECNBNS 172.30.0.7 [vpn] IPCP: state change Ack-Sent --> Opened [vpn] IPCP: LayerUp 172.30.29.9 -> 208.206.3.5 [vpn] IFACE: Up event [vpn] LCP: no reply to 1 echo request(s) [vpn] LCP: no reply to 2 echo request(s) [vpn] LCP: no reply to 3 echo request(s) [vpn] LCP: no reply to 4 echo request(s) [vpn] LCP: no reply to 1 echo request(s) [vpn] LCP: no reply to 2 echo request(s) [vpn] LCP: no reply to 3 echo request(s) [vpn] LCP: no reply to 4 echo request(s) [vpn] LCP: no reply to 5 echo request(s) [vpn] LCP: no reply to 6 echo request(s) [vpn] LCP: no reply to 7 echo request(s) [vpn] LCP: peer not responding to echo requests [vpn] LCP: state change Opened --> Stopping [vpn] AUTH: Accounting data for user : 154 seconds, 260 octets in, 1609 octets out [vpn] AUTH: Cleanup [vpn] Bundle up: 0 links, total bandwidth 9600 bps [vpn] IPCP: Close event [vpn] IPCP: state change Opened --> Closing [vpn] IPCP: SendTerminateReq #4 [vpn] error writing len 8 frame to bypass: Network is down [vpn] IPCP: LayerDown [vpn] IFACE: Down event [vpn] CCP: Close event [vpn] CCP: state change Opened --> Closing [vpn] CCP: SendTerminateReq #4 [vpn] error writing len 8 frame to bypass: Network is down [vpn] CCP: LayerDown [vpn] IPCP: Down event [vpn] IPCP: LayerFinish [vpn] No NCPs left. Closing links... [vpn] closing link "vpn"... [vpn] IPCP: state change Closing --> Initial [vpn] CCP: Down event [vpn] CCP: LayerFinish [vpn] CCP: state change Closing --> Initial [vpn] LCP: SendTerminateReq #5 [vpn] LCP: LayerDown [vpn] link: CLOSE event [vpn] LCP: Close event [vpn] LCP: state change Stopping --> Closing [vpn] LCP: SendTerminateReq #6 pptp0: read: Connection reset by peer pptp0: killing connection with 208.206.3.5 1723 pptp0-0: killing channel [vpn] PPTP call terminated [vpn] link: DOWN event [vpn] LCP: Down event [vpn] LCP: LayerFinish [vpn] LCP: state change Closing --> Initial netstat [root@bofh mpd4]# netstat -r -f inet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default linksys UGS 0 8516 em0 localhost localhost UH 0 640 lo0 172.30.29.9/32 lo0 US 0 0 lo0 192.168.1 link#2 UC 0 0 em0 linksys 00:06:25:dc:a0:f1 UHLW 2 0 em0 1024 shorthair 00:09:5b:0b:78:e2 UHLW 1 6401 em0 1180 COMPASS 00:11:d8:f9:70:aa UHLW 1 73381 em0 1160 bofh 00:11:25:85:e4:fc UHLW 1 193 lo0 192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 1 84 em0 208.206.3.5 172.30.29.9 UH 0 7 ng0 ifconfig [root@bofh tom]# ifconfig ng0 ng0: flags=88d1 mtu 1396 inet 172.30.29.9 --> 208.206.3.5 netmask 0xffffffff -- | tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org | | FreeBSD http://www.FreeBSD.org | | BSD# http://www.mono-project.com/Mono:FreeBSD |