From owner-freebsd-net@FreeBSD.ORG Fri Mar 18 15:05:48 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 386FA106564A for ; Fri, 18 Mar 2011 15:05:48 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id F27308FC14 for ; Fri, 18 Mar 2011 15:05:47 +0000 (UTC) Received: by iyj12 with SMTP id 12so4814027iyj.13 for ; Fri, 18 Mar 2011 08:05:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=DYgoZKvVpHFoD6MqkXPQXynV4i67Ho26LtgoCLzZB2I=; b=FAgdX72FfO51n/noDdTAdiAyVNhITnm8d7Jf2vQ6jwNZGc4XfymnNmafGGLopni9kb 5jIrec42cM9KAa3x/vI9D+3VZ8Ic/Ka1emZQNujC8mIow4t6CH0dEyeJQuNY9T5P0qjO 9w9psNa8xtfcdtw/p5Y/DVsYf8j9m7IBAHj6A= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=YUJezv2Ii5/HCDcZGRsADtNkFK/94iXgOod8AbLSy+Z+jqRXdd3O1aLo3Xcrxm0oDp XGoN81t3StzIDS/Qq7oVCVb7pr176UgYICb2uWZiAMaW4916M0yxdtBYgeVB+hKkYHJs xQnHMiMLjLksuzKNgSQLT7yYVYJWxef5+Sptc= MIME-Version: 1.0 Received: by 10.231.119.105 with SMTP id y41mr1044053ibq.27.1300459133677; Fri, 18 Mar 2011 07:38:53 -0700 (PDT) Sender: ermal.luci@gmail.com Received: by 10.231.170.208 with HTTP; Fri, 18 Mar 2011 07:38:53 -0700 (PDT) In-Reply-To: <4D836B6B.8040106@herveybayaustralia.com.au> References: <4D8164CA.80501@herveybayaustralia.com.au> <4D81871B.1030506@sentex.net> <4D81AE1E.5070103@herveybayaustralia.com.au> <4D833787.3020706@herveybayaustralia.com.au> <4D836637.6080601@sentex.net> <4D836B6B.8040106@herveybayaustralia.com.au> Date: Fri, 18 Mar 2011 15:38:53 +0100 X-Google-Sender-Auth: yUQAD4z_fVYh66Q8zCCDa-yjfio Message-ID: From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Da Rock Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net@freebsd.org Subject: Re: mpd- no ng_l2tp coming up X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Mar 2011 15:05:48 -0000 On Fri, Mar 18, 2011 at 3:25 PM, Da Rock wrote: > On 03/19/11 00:03, Mike Tancsa wrote: >> >> On 3/18/2011 6:44 AM, Da Rock wrote: >> >>> >>> First, the connection from Android (apparently uses mtpd- I just found >>> out) fails at SCCRP- apparently it doesn't respond to the challenge >>> response (logs posted previously). Using xl2tpd (apparently- linux only= ) >>> you have a l2tp-secrets file with the local hostname, remote hostname, >>> and the secret in that order. >>> >> >> >>> >>> How do I do this in mpd? I tried the >>> hostname directive, but its still no good. Or is this never going to >>> work with mpd? Just use it without secrets? >>> >> >> There are username/passwd credentials and LAC-LNS credentials which are >> different and it sounds like you are confusing the two. =A0You just need >> to put the userid and passwd in the mpd.secrets file. >> > > I don't think I'm confusing the 2. I understand the ppp user login, and I > understand the peer credentials- the error I see in the log is in relatio= n > to the peer credentials. If I run mpd on the FBSD system as a client with= a > secret then it connects. Android fails here- it will connect if I remove = the > secret from the server config (btw I'm still using my original server > config- it was roughly the same as yours anyway, so I seem to have been o= n > the right track). So whats different? > > Android logs in as peer "anonymous". I haven't found anything specific in > the manual (or maybe I missed it) that tells me how to do this. On linux > apparently there's a l2tp-secrets file (xl2tpd uses it at least) which ha= s > " <(optional) IP>" per line. Seeing = as > android is linux, and uses mtpd (a linux l2tp client) then shouldn't I fi= nd > a way for this? Or am I being paranoid? > > This is to secure the control connection, but I will be using this with > IPSEC. How much does/would this matter? >> >> >>> >>> Second, why does mpd die (as in terminated- no process running) when >>> this fails? >>> >> >> Are you running it in the foreground ? =A0Just run it with mpd -b >> > > No, rc service. But I have to actually start it again after this failure- > beats me why it would throw it in with a very basic error like that. The > logs I posted earlier showed it up- the CS-DYING is thrown (assertion > failure), and mpd4 or 5 dies. For that matter I think l2tpd dies for the > same reason- whatever that is... > > I'll try with -b and get back to you. >> >> =A0 =A0 =A0 =A0---Mike >> > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > Well check this out http://doc.pfsense.org/index.php/Android_VPN_Connectivi= ty. Behind teh scenes pfSense uses mpd so this might be useful. --=20 Ermal