Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 May 2002 12:49:33 -0700 (PDT)
From:      Archie Cobbs <archie@dellroad.org>
To:        Thomas David Rivers <rivers@dignus.com>
Cc:        archie@dellroad.org, freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG, K.J.Koster@kpn.com
Subject:   Re: Anyone using pptp?
Message-ID:  <200205021949.g42JnXq97404@arch20m.dellroad.org>
In-Reply-To: <200205021939.g42JdEK49871@lakes.dignus.com> "from Thomas David Rivers at May 2, 2002 03:39:14 pm"

next in thread | previous in thread | raw e-mail | index | archive | help
Thomas David Rivers writes:
> > > 	enable MSChapV2
> > >   in /etc/ppp/ppp.conf - then our ppp client requires that the
> > >   peer (the Microsoft VPN server) authenticate using MSChapV2.  But,
> > >   the Microsoft VPN peer refuses that (it's configured to not use
> > >   MSChapV2.
> > 
> > Don't you want something like "allow MSChapV2" and "disable MSChapV2" ?
> 
>  Something like that...  but - that's the default setting.  With the
>  default setting, it seems to pass through CHAP (0x80) Authentication.
> 
>  But - then, the MPPE encryption is not allowed - because MPPE 
>  compression requires MSChapV2 (0x81) Authentication... and, the
>  VPN server doesn't authenticate that way.
> 
>  I notice there is a line in the ppp man page:
> 
> 	For now, ppp can only get encryption keys from CHAP 81 
> 	authentication.
> 
>  But - the (Microsoft Win2000) VPN server I'm trying to talk do doesn't 
>  allow CHAP 81 authentication, but wants to use MPPE...  

In that case you need to use mpd I guess.

-Archie

__________________________________________________________________________
Archie Cobbs     *     Packet Design     *     http://www.packetdesign.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205021949.g42JnXq97404>