From owner-freebsd-net@FreeBSD.ORG Wed Oct 8 04:51:29 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFF2516A4B3 for ; Wed, 8 Oct 2003 04:51:29 -0700 (PDT) Received: from mail.gmx.net (pop.gmx.de [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 9003E43F75 for ; Wed, 8 Oct 2003 04:51:28 -0700 (PDT) (envelope-from pcc@gmx.net) Received: (qmail 5524 invoked by uid 0); 8 Oct 2003 11:51:27 -0000 Received: from 217.227.149.208 by www43.gmx.net with HTTP; Wed, 8 Oct 2003 13:51:27 +0200 (MEST) Date: Wed, 8 Oct 2003 13:51:27 +0200 (MEST) From: "Peter Cornelius" To: freebsd-net@FreeBSD.org MIME-Version: 1.0 X-Priority: 3 (Normal) X-Authenticated: #491680 Message-ID: <26715.1065613887@www43.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Subject: mpd, MS-vpn and growing confusion. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2003 11:51:30 -0000 Hi, I have installed mpd-3.14 on FreeBSD petra.cornelius 4.8-STABLE FreeBSD 4.8-STABLE #4: Sun Aug 3 12:08:09 GMT 2003 root@petra.cornelius:/usr/obj/usr/src/sys/PETRA i386 This is not the first time that I fiddle with ppp, so I thought that this would be easy. Not this time, as it seems. When I attempt to connect to a MS 'vpn' server (Windows 2000 'Professional', I suppose), I apparently can authenticate but that's about it (I think). I did experiment with a local Windows XP 'Home Edition' which does connect but since that UI more inhibits my work than helps, it's not a permanent option. I'd probably need only rdp (rdesktop) anyways. Well, to cut a long story short, after much google'ing about, reading, etc., I've reached a state of confusion where I'd appreciate anyone to point me the right way... Thank you very much, all the best, Peter. P.S.: Please be so kind to Cc: my address, thank you. --- Configuration and other information follows. Win XP says (Status -> Details, translated from German): Device name: WAN-Miniport (PPTP) Device type: vpn Server type: PPP transceive [???] TCP/IP [Note: I suppose in English, this is 'protocol', or the like?] Authentication: MS CHAP V2 Encryption: MPPE 128 Compression: MPPC PPP-Multilink-Framing: inactive Server-IP-Address: 172.16.26.1 Client-IP-Address: 172.16.26.7 My mpd.conf (slightly anonymized ;-)): vpn: new -i ng0 vpn vpn0 set iface disable on-demand set iface addrs 172.16.26.129 172.16.26.127 set iface idle 0 #### disconnect the client after 8 hours set iface session 28800 set iface route 172.16.26.0/16 set bundle disable multilink set bundle authname "nt-domain\\user" set link yes acfcomp protocomp set link no pap set link yes chap set link mtu 1460 #### If remote machine is NT you need this.. set link enable no-orig-auth set link keep-alive 61 753 set ipcp yes vjcomp set ipcp ranges 172.16.26.129/16 172.16.26.127/16 #### The five lines below enable Microsoft Point-to-Point encryption #### (MPPE) using the ng_mppc(8) netgraph node type. set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e56 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless set ccp yes mpp-compress set ccp yes stac open The corresponding mpd.links (dto.): vpn0: set link type pptp set pptp self 192.168.1.32 set pptp peer PPTP.server.address.here set pptp enable originate incoming outcall Finally, the magic mpd output: bash-2.05b$ sudo mpd csvpn Multi-link PPP for FreeBSD, by Archie L. Cobbs. Based on iij-ppp, by Toshiharu OHNO. mpd: pid 76566, version 3.14 (root@petra.cornelius 09:03 7-Oct-2003) [vpn] ppp node is "mpd76566-vpn" mpd: local IP address for PPTP is 192.168.1.32 [vpn] using interface ng0 mpd: option "stac" unknown mpd: option "stac" unknown [vpn] IFACE: Open event [vpn] IPCP: Open event [vpn] IPCP: state change Initial --> Starting [vpn] IPCP: LayerStart [vpn:vpn0] [vpn] bundle: OPEN event in state CLOSED [vpn] opening link "vpn0"... [vpn0] link: OPEN event [vpn0] LCP: Open event [vpn0] LCP: state change Initial --> Starting [vpn0] LCP: LayerStart [vpn0] device: OPEN event in state DOWN pptp0: connecting to PPTP.server.address.here:1723 [vpn0] device is now in state OPENING pptp0: connected to PPTP.server.address.here:1723 pptp0: attached to connection with PPTP.server.address.here:1723 pptp0-0: outgoing call connected at 14808325 bps [vpn0] PPTP call successful [vpn0] device: UP event in state OPENING [vpn0] device is now in state UP [vpn0] link: UP event [vpn0] link: origination is local [vpn0] LCP: Up event [vpn0] LCP: state change Starting --> Req-Sent [vpn0] LCP: phase shift DEAD --> ESTABLISH [vpn0] LCP: SendConfigReq #1 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 0f841108 AUTHPROTO CHAP MSOFTv2 [vpn0] LCP: rec'd Configure Request #0 link 0 (Req-Sent) AUTHPROTO CHAP MSOFTv2 MAGICNUM 7c3b24b0 PROTOCOMP ACFCOMP CALLBACK Not supported MP MRRU 1614 ENDPOINTDISC [802.1] 9e 39 20 52 41 53 BACP Not supported [vpn0] LCP: SendConfigRej #0 CALLBACK MP MRRU 1614 BACP [vpn0] LCP: rec'd Configure Ack #1 link 0 (Req-Sent) ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 0f841108 AUTHPROTO CHAP MSOFTv2 [vpn0] LCP: state change Req-Sent --> Ack-Rcvd [vpn0] LCP: rec'd Configure Request #1 link 0 (Ack-Rcvd) AUTHPROTO CHAP MSOFTv2 MAGICNUM 7c3b24b0 PROTOCOMP ACFCOMP ENDPOINTDISC [802.1] 9e 39 20 52 41 53 [vpn0] LCP: SendConfigAck #1 AUTHPROTO CHAP MSOFTv2 MAGICNUM 7c3b24b0 PROTOCOMP ACFCOMP ENDPOINTDISC [802.1] 9e 39 20 52 41 53 [vpn0] LCP: state change Ack-Rcvd --> Opened [vpn0] LCP: phase shift ESTABLISH --> AUTHENTICATE [vpn0] LCP: auth: peer wants CHAP, I want CHAP [vpn0] CHAP: sending CHALLENGE [vpn0] LCP: LayerUp pptp0: CID 0x714e in SetLinkInfo not found [vpn0] CHAP: rec'd CHALLENGE #0 Name: "VPN" Using authname "nt-domain\user" [vpn0] CHAP: sending RESPONSE [vpn0] CHAP: rec'd SUCCESS #0 MESG: S=0354804789EE04346A3F902B3A22EACE47C2DB94 [vpn0] LCP: rec'd Configure Request #3 link 0 (Opened) AUTHPROTO CHAP MSOFTv2 MAGICNUM 019706cb PROTOCOMP ACFCOMP CALLBACK Not supported MP MRRU 1614 ENDPOINTDISC [802.1] 9e 39 20 52 41 53 BACP Not supported [vpn0] LCP: LayerDown [vpn0] LCP: SendConfigReq #2 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 0f841108 AUTHPROTO CHAP MSOFTv2 [vpn0] LCP: SendConfigRej #3 CALLBACK MP MRRU 1614 BACP [vpn0] LCP: state change Opened --> Req-Sent [vpn0] LCP: phase shift AUTHENTICATE --> ESTABLISH pptp0: CID 0x714e in SetLinkInfo not found [vpn0] LCP: rec'd Configure Reject #2 link 0 (Req-Sent) AUTHPROTO CHAP MSOFTv2 [vpn0] LCP: SendConfigReq #3 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 0f841108 [vpn0] LCP: rec'd Configure Request #4 link 0 (Req-Sent) AUTHPROTO CHAP MSOFTv2 MAGICNUM 019706cb PROTOCOMP ACFCOMP ENDPOINTDISC [802.1] 9e 39 20 52 41 53 [vpn0] LCP: SendConfigAck #4 AUTHPROTO CHAP MSOFTv2 MAGICNUM 019706cb PROTOCOMP ACFCOMP ENDPOINTDISC [802.1] 9e 39 20 52 41 53 [vpn0] LCP: state change Req-Sent --> Ack-Sent [vpn0] LCP: rec'd Configure Ack #3 link 0 (Ack-Sent) ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 0f841108 [vpn0] LCP: state change Ack-Sent --> Opened [vpn0] LCP: phase shift ESTABLISH --> AUTHENTICATE [vpn0] LCP: auth: peer wants CHAP, I want nothing [vpn0] LCP: LayerUp pptp0: CID 0x714e in SetLinkInfo not found [vpn0] CHAP: rec'd CHALLENGE #0 Name: "VPN" Using authname "nt-domain\user" [vpn0] CHAP: sending RESPONSE [vpn0] CHAP: rec'd SUCCESS #0 MESG: S=564CC7352840D6BB651501E418B0FEEC9D76C307 [vpn0] LCP: authorization successful [vpn0] LCP: phase shift AUTHENTICATE --> NETWORK [vpn] setting interface ng0 MTU to 1460 bytes [vpn] up: 1 link, total bandwidth 64000 bps [vpn] IPCP: Up event [vpn] IPCP: state change Starting --> Req-Sent [vpn] IPCP: SendConfigReq #1 IPADDR 172.16.26.129 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] CCP: Open event [vpn] CCP: state change Initial --> Starting [vpn] CCP: LayerStart [vpn] CCP: Up event [vpn] CCP: state change Starting --> Req-Sent [vpn] CCP: SendConfigReq #1 [vpn0] CCP: Checking wether 40 bits are enabled -> yes [vpn0] CCP: Checking wether 56 bits are enabled -> yes [vpn0] CCP: Checking wether 128 bits are enabled -> yes MPPC 0x010000e1: MPPC MPPE, 40 bit, 56 bit, 128 bit, stateless [vpn] IPCP: SendConfigReq #2 IPADDR 172.16.26.129 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] CCP: SendConfigReq #2 [vpn0] CCP: Checking wether 40 bits are enabled -> yes [vpn0] CCP: Checking wether 56 bits are enabled -> yes [vpn0] CCP: Checking wether 128 bits are enabled -> yes MPPC 0x010000e1: MPPC MPPE, 40 bit, 56 bit, 128 bit, stateless [vpn] IPCP: SendConfigReq #3 IPADDR 172.16.26.129 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] CCP: SendConfigReq #3 [vpn0] CCP: Checking wether 40 bits are enabled -> yes [vpn0] CCP: Checking wether 56 bits are enabled -> yes [vpn0] CCP: Checking wether 128 bits are enabled -> yes MPPC 0x010000e1: MPPC MPPE, 40 bit, 56 bit, 128 bit, stateless [vpn] IPCP: SendConfigReq #4 IPADDR 172.16.26.129 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] CCP: SendConfigReq #4 [vpn0] CCP: Checking wether 40 bits are enabled -> yes [vpn0] CCP: Checking wether 56 bits are enabled -> yes [vpn0] CCP: Checking wether 128 bits are enabled -> yes MPPC 0x010000e1: MPPC MPPE, 40 bit, 56 bit, 128 bit, stateless q [vpn] IPCP: Down event [vpn] IPCP: state change Req-Sent --> Starting [vpn] IFACE: Close event [vpn] IPCP: Close event [vpn] IPCP: state change Starting --> Initial [vpn] IPCP: LayerFinish mpd: process 76566 terminated bash-2.05b$ -- NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien... Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService Jetzt kostenlos anmelden unter http://www.gmx.net +++ GMX - die erste Adresse für Mail, Message, More! +++