Date: Mon, 16 Apr 2007 18:35:05 -0400 From: Tom McLaughlin <tmclaugh@sdf.lonestar.org> To: freebsd-net@FreeBSD.org Subject: net/mpd4: Unable to pass pass traffic as pptp client Message-ID: <1176762905.1901.59.camel@localhost>
next in thread | raw e-mail | index | archive | help
Hi all,
I'm trying to use mpd4 to connect my work's Cisco VPN concentrator.
After fiddling with mpd.conf I can now get past the connection setup
phase and authentication steps. According to the VPN concentrator's
logs I have successfully connected but some bit later I am disconnected
and the logs show no traffic passed in or out on my connection. While
connected I can't ping or reach anything on the work network. After
some googling I've found that others have had routing related issues but
couldn't find exactly how they were resolved. Can anyone lend me a hand
here and point me in the right direction? Below is my mpd.conf along
with mpd's console messages along with my routing table.
Thanks,
tom
(Please CC me on replies)
mpd.conf:
----
vpn:
new -i ng0 vpn vpn
set iface disable on-demand
set iface idle 0
# disconnect the client after 8 hours
set iface session 28800
set iface enable tcpmssfix
set auth authname "*****"
set auth password "*****"
set link yes acfcomp protocomp
# If remote machine is NT you need this..
set link enable no-orig-auth
set link enable keep-ms-domain
set link no pap
set link yes chap-msv1
set link mtu 1400
set link mru 1400
set link keep-alive 10 75
set ipcp no vjcomp
set ipcp enable req-pri-dns
set ipcp enable req-sec-dns
set ipcp enable req-pri-nbns
set ipcp enable req-sec-nbns
set ipcp ranges 0.0.0.0/0 208.206.3.5/32
#
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
#
set bundle disable multilink
set bundle enable compression
# set bundle enable crypt-reqd
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
open
mpd console log:
----
[root@bofh tom]# mpd4
Multi-link PPP daemon for FreeBSD
process 10036 started, version 4.1 (tom@bofh.straycat.dhs.org 08:58 10-Apr-2007)
CONSOLE: listening on 0.0.0.0 5005
[vpn] using interface ng0
[vpn] link: OPEN event
[vpn] LCP: Open event
[vpn] LCP: state change Initial --> Starting
[vpn] LCP: LayerStart
pptp0: connecting to 208.206.3.5 1723
pptp0: connected to 208.206.3.5 1723
pptp0: attached to connection with 208.206.3.5 1723
pptp0-0: outgoing call connected at 10000000 bps
[vpn] PPTP call successful
[vpn] link: UP event
[vpn] link: origination is local
[vpn] LCP: Up event
[vpn] LCP: state change Starting --> Req-Sent
[vpn] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 74561568
AUTHPROTO CHAP MSOFT
[vpn] LCP: SendConfigReq #2
ACFCOMP
PROTOCOMP
MRU 1400
MAGICNUM 74561568
AUTHPROTO CHAP MSOFT
[vpn] LCP: rec'd Configure Reject #2 link 0 (Req-Sent)
ACFCOMP
PROTOCOMP
AUTHPROTO CHAP MSOFT
[vpn] LCP: SendConfigReq #3
MRU 1400
MAGICNUM 74561568
[vpn] LCP: rec'd Configure Nak #3 link 0 (Req-Sent)
MRU 1500
[vpn] LCP: SendConfigReq #4
MRU 1500
MAGICNUM 74561568
[vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
AUTHPROTO CHAP MSOFT
[vpn] LCP: SendConfigAck #1
AUTHPROTO CHAP MSOFT
[vpn] LCP: state change Req-Sent --> Ack-Sent
[vpn] LCP: rec'd Configure Ack #4 link 0 (Ack-Sent)
MRU 1500
MAGICNUM 74561568
[vpn] LCP: state change Ack-Sent --> Opened
[vpn] LCP: auth: peer wants CHAP, I want nothing
[vpn] LCP: LayerUp
[vpn] CHAP: rec'd CHALLENGE #1
Name: ""
Using authname "*****"
[vpn] CHAP: sending RESPONSE len:70
[vpn] CHAP: rec'd CHALLENGE #2
Name: ""
Using authname "*****"
[vpn] CHAP: sending RESPONSE len:70
[vpn] CHAP: rec'd SUCCESS #2
[vpn] LCP: authorization successful
[vpn] Bundle up: 1 link, total bandwidth 64000 bps
[vpn] IPCP: Open event
[vpn] IPCP: state change Initial --> Starting
[vpn] IPCP: LayerStart
[vpn] CCP: Open event
[vpn] CCP: state change Initial --> Starting
[vpn] CCP: LayerStart
[vpn] IPCP: Up event
[vpn] IPCP: state change Starting --> Req-Sent
[vpn] IPCP: SendConfigReq #1
IPADDR 0.0.0.0
PRIDNS 0.0.0.0
SECDNS 0.0.0.0
PRINBNS 0.0.0.0
SECNBNS 0.0.0.0
[vpn] CCP: Up event
[vpn] CCP: state change Starting --> Req-Sent
[vpn] CCP: SendConfigReq #1
MPPC
0x01000060:MPPE(40, 128 bits), stateless
[vpn] IPCP: rec'd Configure Request #0 link 0 (Req-Sent)
IPADDR 208.206.3.5
208.206.3.5 is OK
[vpn] IPCP: SendConfigAck #0
IPADDR 208.206.3.5
[vpn] IPCP: state change Req-Sent --> Ack-Sent
[vpn] CCP: rec'd Configure Request #0 link 0 (Req-Sent)
MPPC
0x01000060:MPPE(40, 128 bits), stateless
[vpn] CCP: SendConfigNak #0
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] CCP: rec'd Configure Request #1 link 0 (Req-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] CCP: SendConfigAck #1
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] CCP: state change Req-Sent --> Ack-Sent
[vpn] CCP: SendConfigReq #2
MPPC
0x01000060:MPPE(40, 128 bits), stateless
[vpn] IPCP: SendConfigReq #2
IPADDR 0.0.0.0
PRIDNS 0.0.0.0
SECDNS 0.0.0.0
PRINBNS 0.0.0.0
SECNBNS 0.0.0.0
[vpn] CCP: rec'd Configure Nak #2 link 0 (Ack-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] CCP: SendConfigReq #3
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] IPCP: rec'd Configure Nak #2 link 0 (Ack-Sent)
IPADDR 172.30.29.9
172.30.29.9 is OK
PRIDNS 172.30.16.2
SECDNS 172.30.0.2
PRINBNS 172.30.16.3
SECNBNS 172.30.0.7
[vpn] IPCP: SendConfigReq #3
IPADDR 172.30.29.9
PRIDNS 172.30.16.2
SECDNS 172.30.0.2
PRINBNS 172.30.16.3
SECNBNS 172.30.0.7
[vpn] CCP: rec'd Configure Ack #3 link 0 (Ack-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[vpn] CCP: state change Ack-Sent --> Opened
[vpn] CCP: LayerUp
Compress using: mppc (MPPE(128 bits), stateless)
Decompress using: mppc (MPPE(128 bits), stateless)
[vpn] IPCP: rec'd Configure Ack #3 link 0 (Ack-Sent)
IPADDR 172.30.29.9
PRIDNS 172.30.16.2
SECDNS 172.30.0.2
PRINBNS 172.30.16.3
SECNBNS 172.30.0.7
[vpn] IPCP: state change Ack-Sent --> Opened
[vpn] IPCP: LayerUp
172.30.29.9 -> 208.206.3.5
[vpn] IFACE: Up event
[vpn] LCP: no reply to 1 echo request(s)
[vpn] LCP: no reply to 2 echo request(s)
[vpn] LCP: no reply to 3 echo request(s)
[vpn] LCP: no reply to 4 echo request(s)
[vpn] LCP: no reply to 1 echo request(s)
[vpn] LCP: no reply to 2 echo request(s)
[vpn] LCP: no reply to 3 echo request(s)
[vpn] LCP: no reply to 4 echo request(s)
[vpn] LCP: no reply to 5 echo request(s)
[vpn] LCP: no reply to 6 echo request(s)
[vpn] LCP: no reply to 7 echo request(s)
[vpn] LCP: peer not responding to echo requests
[vpn] LCP: state change Opened --> Stopping
[vpn] AUTH: Accounting data for user : 154 seconds, 260 octets in, 1609 octets out
[vpn] AUTH: Cleanup
[vpn] Bundle up: 0 links, total bandwidth 9600 bps
[vpn] IPCP: Close event
[vpn] IPCP: state change Opened --> Closing
[vpn] IPCP: SendTerminateReq #4
[vpn] error writing len 8 frame to bypass: Network is down
[vpn] IPCP: LayerDown
[vpn] IFACE: Down event
[vpn] CCP: Close event
[vpn] CCP: state change Opened --> Closing
[vpn] CCP: SendTerminateReq #4
[vpn] error writing len 8 frame to bypass: Network is down
[vpn] CCP: LayerDown
[vpn] IPCP: Down event
[vpn] IPCP: LayerFinish
[vpn] No NCPs left. Closing links...
[vpn] closing link "vpn"...
[vpn] IPCP: state change Closing --> Initial
[vpn] CCP: Down event
[vpn] CCP: LayerFinish
[vpn] CCP: state change Closing --> Initial
[vpn] LCP: SendTerminateReq #5
[vpn] LCP: LayerDown
[vpn] link: CLOSE event
[vpn] LCP: Close event
[vpn] LCP: state change Stopping --> Closing
[vpn] LCP: SendTerminateReq #6
pptp0: read: Connection reset by peer
pptp0: killing connection with 208.206.3.5 1723
pptp0-0: killing channel
[vpn] PPTP call terminated
[vpn] link: DOWN event
[vpn] LCP: Down event
[vpn] LCP: LayerFinish
[vpn] LCP: state change Closing --> Initial
netstat
[root@bofh mpd4]# netstat -r -f inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default linksys UGS 0 8516 em0
localhost localhost UH 0 640 lo0
172.30.29.9/32 lo0 US 0 0 lo0
192.168.1 link#2 UC 0 0 em0
linksys 00:06:25:dc:a0:f1 UHLW 2 0 em0 1024
shorthair 00:09:5b:0b:78:e2 UHLW 1 6401 em0 1180
COMPASS 00:11:d8:f9:70:aa UHLW 1 73381 em0 1160
bofh 00:11:25:85:e4:fc UHLW 1 193 lo0
192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 1 84 em0
208.206.3.5 172.30.29.9 UH 0 7 ng0
ifconfig
[root@bofh tom]# ifconfig ng0
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1396
inet 172.30.29.9 --> 208.206.3.5 netmask 0xffffffff
--
| tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org |
| FreeBSD http://www.FreeBSD.org |
| BSD# http://www.mono-project.com/Mono:FreeBSD |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1176762905.1901.59.camel>