Date: Tue, 10 Oct 2000 17:07:58 +1100 From: "Andrew Reilly" <areilly@bigpond.net.au> To: Archie Cobbs <archie@whistle.com> Cc: freebsd-net@freebsd.org Subject: Re: mpd-netgraph port vs Windows-2000 PPTP vpn Message-ID: <20001010170757.A1428@gurney.reilly.home> In-Reply-To: <200007181745.KAA55411@bubba.whistle.com>; from archie@whistle.com on Tue, Jul 18, 2000 at 10:45:59AM -0700 References: <20000718231031.A16524@gurney.reilly.home> <200007181745.KAA55411@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 18, 2000 at 10:45:59AM -0700, Archie Cobbs wrote: > Andrew Reilly writes: > > mpd: [vpn] LCP: auth: peer wants CHAP, I want CHAP > > mpd: [vpn] CHAP: sending CHALLENGE > > mpd: [vpn] LCP: LayerUp > > mpd: pptp0: CID 0xa525 in SetLinkInfo not found > > mpd: [vpn] CHAP: rec'd CHALLENGE #0 > > mpd: Name: "FIREWALL" > > mpd: Using authname "andrew" > > mpd: [vpn] CHAP: sending RESPONSE > > mpd: [vpn] CHAP: rec'd FAILURE #0 > > mpd: [vpn] LCP: authorization failed > > This is a bit weird.. the remote side claims to support CHAP MD5 > but either doesn't really, or your password is wrong. But even > if this were fixed, you need MS-CHAP to do MPPE encryption, so > that would still be a problem. > > Just for fun, try the patch below and see if you get any further. > =================================================================== > RCS file: /cvs/mod/whistle/ia/daemon/mpd/lcp.c,v > retrieving revision 1.12.2.18 > diff -u -r1.12.2.18 lcp.c > --- lcp.c 2000/05/08 20:33:34 1.12.2.18 > +++ lcp.c 2000/07/18 17:43:22 > @@ -736,7 +736,11 @@ > case TY_AUTHPROTO: /* authentication protocol */ > { > static const u_char chapcf[] = > +#ifdef MICROSOFT_CHAP > + { PROTO_CHAP >> 8, PROTO_CHAP & 0xff, CHAP_ALG_MSOFT }; > +#else > { PROTO_CHAP >> 8, PROTO_CHAP & 0xff, CHAP_ALG_MD5 }; > +#endif > static const struct fsmoption chapNak = > { TY_AUTHPROTO, 2 + sizeof(chapcf), (u_char *) chapcf }; > static const u_char papcf[] = I've just upgraded to mpd-netgraph-3.1, and that patch still seems to be required for authentication against the office's Windows{NT,2000} PPTP server. Any chance of this making it into the distribution? Or is this indicative that there is still something horribly wrong with my setup? Oh: the define MICROSOFT_CHAP is also necessary, but isn't mentioned in the ports/net/mpd-netgraph/Makefile. It is described in work/mpd-3.1/doc/mpd8.html, but by then it's too late for a straight make install. Should this be a send-pr? -- Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001010170757.A1428>