pptp/pppd lcp config request problem

pptp/pppd lcp config request problem

Post by Viet Hoan » Mon, 24 Jan 2000 04:00:00



I'm trying to get pptp client to work with an MS NT server
setup.  I think I've got all the software (pptp 1.0.2,
ppp 2.3.10 w/ chapms/mppe patch) but I just can't get
it past the config request phase to get to the auth
part.  I'm running with the following options
   user 'ntdomain\ntid' +chapms-v2 mppe-128 noauth debug passive

Here's the debug log, it looks like pppd never accepts
any conf offered by the remote server.  It also seems that
both sides trying to start the config negotiation.  Is
that normal?  Any suggestions on what to do?

mymachine pptp[867]: Client connection established.
mymachine pptp[867]: Incomming call established.
mymachine pptp[868]: pptp: call_id = 0  peer_call_id = 0
mymachine modprobe: can't locate module char-major-108
mymachine pppd[872]: pppd 2.3.10 started by root, uid 0
mymachine pppd[872]: Using interface ppp0
mymachine pppd[872]: Connect: ppp0 <--> /dev/ttya0
mymachine pppd[872]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic
0x9ea4218b>
<pcomp> <accomp>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x0 <auth chap 81> <magic
0x6fbc> <pco
mp> <accomp>]
mymachine pppd[872]: lcp_reqci: returning CONFNAK.
mymachine pppd[872]: sent [LCP ConfNak id=0x0 <auth pap>]
mymachine pppd[872]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic
0x9ea4218b>
<pcomp> <accomp>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x1 <auth chap m$oft> <magic
0x6fbc> <
pcomp> <accomp>]
mymachine pppd[872]: lcp_reqci: returning CONFNAK.
mymachine pppd[872]: sent [LCP ConfNak id=0x1 <auth pap>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x2 <auth chap m$oft> <magic
0x6fbc> <
pcomp> <accomp>]  
mymachine pppd[872]: lcp_reqci: returning CONFNAK.
mymachine pppd[872]: sent [LCP ConfNak id=0x2 <auth pap>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x3 <auth chap m$oft> <magic
0x6fbc> <
pcomp> <accomp>]
mymachine pppd[872]: lcp_reqci: returning CONFNAK.
mymachine pppd[872]: sent [LCP ConfNak id=0x3 <auth pap>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x4 <auth chap m$oft> <magic
0x6fbc> <
pcomp> <accomp>]
mymachine pppd[872]: lcp_reqci: returning CONFNAK.
mymachine pppd[872]: sent [LCP ConfNak id=0x4 <auth pap>]
mymachine pppd[872]: rcvd [LCP ConfReq id=0x5 <auth chap m$oft> <magic
0x6fbc> <
pcomp> <accomp>]
mymachine pppd[872]: lcp_reqci: returning CONFREJ.
mymachine pppd[872]: sent [LCP ConfRej id=0x5 <auth chap m$oft>]
mymachine pppd[872]: rcvd [LCP TermReq id=0x6 00 00 02 dc]
mymachine pppd[872]: sent [LCP TermAck id=0x6]
mymachine pppd[872]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic
0x9ea4218b>
<pcomp> <accomp>]
mymachine pptp[867]: Call closed (NTFY) (call id 0)
mymachine pptp[867]: Closing PPTP connection
mymachine pppd[872]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic
0x9ea4218b>
<pcomp> <accomp>]

 
 
 

pptp/pppd lcp config request problem

Post by Bill Unr » Mon, 24 Jan 2000 04:00:00



Quote:>I'm trying to get pptp client to work with an MS NT server
>setup.  I think I've got all the software (pptp 1.0.2,
>ppp 2.3.10 w/ chapms/mppe patch) but I just can't get
>it past the config request phase to get to the auth
>part.  I'm running with the following options
>   user 'ntdomain\ntid' +chapms-v2 mppe-128 noauth debug passive

Well, get rid of the +chapms stuff. Why do you want the other side
athenticating itself, and then you state noauth which is in direct
contradiction with the +chapms-v2 line.

Also you only have pap set up on your machine, and the other side wants
chap. Set up your chap secrets file.

 
 
 

pptp/pppd lcp config request problem

Post by Viet Hoan » Mon, 24 Jan 2000 04:00:00



> >part.  I'm running with the following options

> >   user 'ntdomain\ntid' +chapms-v2 mppe-128 noauth debug passive

> Well, get rid of the +chapms stuff. Why do you want the other side
> athenticating itself, and then you state noauth which is in direct
> contradiction with the +chapms-v2 line.

Ah, so that's what it means, the doc says add it to the command line
so I did thinking it means enabling chapms support.

Quote:

> Also you only have pap set up on your machine, and the other side wants
> chap. Set up your chap secrets file.

I already did, pppd did use the chap-secrets entry once I took out the
+chapms-v2 option, now it fails the the CHAP sequence with

rcvd [CHAP Failure id=0x3f "E=691 R=1 C=ECEE8E505272E9C7EC01D34C0D82906A
V=3"]

I'll have to play and see if I can get the id/password right,
they do have a '3-strike and your id is toasted' rule which makes
it take longer.

One step closer though, thanks for the help.

Viet Hoang