From owner-freebsd-net Thu May 9 20:32:28 2002 Delivered-To: freebsd-net@freebsd.org Received: from spontoon.braithwaite.net (spontoon.braithwaite.net [207.135.122.130]) by hub.freebsd.org (Postfix) with ESMTP id CCB7E37B401 for ; Thu, 9 May 2002 20:32:23 -0700 (PDT) Received: from dogberry.braithwaite.net (nat-236-141.cnet.com [64.124.236.141]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "dogberry.braithwaite.net", Issuer "Braithwaite's Certifying Authority" (verified OK)) by spontoon.braithwaite.net (Postfix) with ESMTP id 263B57DF03; Thu, 9 May 2002 20:32:23 -0700 (PDT) Received: by dogberry.braithwaite.net (Postfix, from userid 1001) id 1FCA4924F; Thu, 9 May 2002 20:32:22 -0700 (PDT) Date: Thu, 9 May 2002 20:32:22 -0700 From: Matthew Braithwaite To: Matthew Braithwaite Cc: Archie Cobbs , dgilbert@velocet.ca, freebsd-net@FreeBSD.ORG Subject: Re: mpd-netgraph problem. Message-ID: <20020509203222.B28528@dogberry.braithwaite.net> References: <200205092357.g49Nvb204332@arch20m.dellroad.org> <86bsbo6696.fsf@limekiller.braithwaite.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <86bsbo6696.fsf@limekiller.braithwaite.net>; from matt@braithwaite.net on Thu, May 09, 2002 at 08:17:41PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, May 09, 2002 at 08:17:41PM -0700, Matthew Braithwaite wrote: > > (One things that's odd about my authentication -- this was pointed out > to me by the Windows boys, whom I'm sorry I dissed -- is that all the > Windows users seem to authenticate as ``domain\\user'' whereas I > authenticate as just ``user''. Who knows what that difference might > tickle.) One other datum: I was just able to snoop a Windows 98 user connecting to the same VPN server, and he also gets the double-authentication. The sequence is: LCP-configure-request MS-CHAPv2 LCP-configure-ack MS-CHAPv2 CHAP Challenge CHAP Response LCP-configure-request MS-CHAP LCP-configure-request compression LCP-configure-ack compression LCP-configure-ack MS-CHAP CHAP Challenge CHAP Response CHAP Success Note: no response to the first CHAP response. So whatever else may be true, the lack of that response doesn't prevent clients from speaking with this VPN server. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message