CHAP on linux+bigpond fails

CHAP on linux+bigpond fails

Post by doh » Mon, 10 Jul 2000 04:00:00



I signed up w/ bigpond, and it turns out they use CHAP in canberra.
Well, every time I try to dial-up with pppd/chat, it fails.

My /etc/ppp/chap-secrets is:

# client        server  secret                  IP addresses
my_login           *     my_passwd

I can see my account info on their website so I know the above
login/passwd works.  Looks like my machine is Rejecting their
authentication? Does anybody here use linux with bigpond?

The debug log is:

Jul  8 19:54:20 localhost pppd[3296]: pppd 2.3.11 started by root, uid 0

Jul  8 19:54:40 localhost pppd[3296]: Serial connection established.
Jul  8 19:54:40 localhost pppd[3296]: Using interface ppp0
Jul  8 19:54:40 localhost pppd[3296]: Connect: ppp0 <--> /dev/ttyS1
Jul  8 19:54:41 localhost pppd[3296]: sent [LCP ConfReq id=0x1 <asyncmap
0x0> <magic 0x8607d1df> <pcomp> <accomp>]
Jul  8 19:54:41 localhost pppd[3296]: rcvd [LCP ConfReq id=0x1 < 00 04
00 00> <mru 1524> <asyncmap 0xa0000> <auth chap MD5> <pcomp> <accomp> <
11 04 05 f4> < 13 09 03 00 c0 7b 7e 1d 19>]
Jul  8 19:54:41 localhost pppd[3296]: sent [LCP ConfRej id=0x1 < 00 04
00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e 1d 19>] <----------- is
this the problem?
Jul  8 19:54:41 localhost pppd[3296]: rcvd [LCP ConfAck id=0x1 <asyncmap
0x0> <magic 0x8607d1df> <pcomp> <accomp>]
Jul  8 19:54:41 localhost pppd[3296]: rcvd [LCP ConfReq id=0x2 <mru
1524> <asyncmap 0xa0000> <auth chap MD5> <pcomp> <accomp>]
Jul  8 19:54:41 localhost pppd[3296]: sent [LCP ConfAck id=0x2 <mru
1524> <asyncmap 0xa0000> <auth chap MD5> <pcomp> <accomp>]
Jul  8 19:54:41 localhost pppd[3296]: rcvd [CHAP Challenge id=0x1
<8b0087d8368e7d0d04e42ce3d1d57b82>, name = "DKBH-T-002"]
Jul  8 19:54:41 localhost pppd[3296]: sent [CHAP Response id=0x1
<9fb77d3c39b90dbad3ffee65b5ff789e>, name = "my_login"]
Jul  8 19:54:41 localhost pppd[3296]: rcvd [CHAP Failure id=0x1 "\000"]

Jul  8 19:54:41 localhost pppd[3296]: CHAP authentication failed
Jul  8 19:54:41 localhost pppd[3296]: sent [LCP TermReq id=0x2 "Failed
to authenticate ourselves to peer"]
Jul  8 19:54:42 localhost pppd[3296]: rcvd [LCP TermAck id=0x2]
Jul  8 19:54:42 localhost pppd[3296]: Connection terminated.
Jul  8 19:54:42 localhost pppd[3296]: Hangup (SIGHUP)
Jul  8 19:54:42 localhost pppd[3296]: Exit.

My options file is:

lock
defaultroute
noipdefault
modem
/dev/ttyS1
57600       # this can be 115200
crtscts
debug
passive
asyncmap 0
novj
#mtu size
#mtu 552
#max receive packet
#mru 552
# end of options
name my_login

I also tried adding "remote bigpond" and replacing the * in chap-secrets
w/ bigpond. Didn't work.  Nor did putting a * as the fourth value in the
chap-secrets.

Appreciate any help.

thanks,
trig.
PS - I dial using

/usr/sbin/pppd connect "usr/sbin/chat -f /etc/ppp/pppscript" &

 
 
 

CHAP on linux+bigpond fails

Post by Clifford Kit » Mon, 10 Jul 2000 04:00:00



> Well, every time I try to dial-up with pppd/chat, it fails.
> My /etc/ppp/chap-secrets is:
> # client        server  secret                  IP addresses
> my_login           *     my_passwd

This form is correct.  If either the "client" or secret has unusual
characters then it's possible that quotes are needed, both here and
for the name option.

...

Quote:> Jul  8 19:54:41 localhost pppd[3296]: sent [LCP ConfRej id=0x1 < 00 04
> 00 00> < 11 04 05 f4> < 13 09 03 00 c0 7b 7e 1d 19>] <----------- is
> this the problem?

No.  One of these options is related to link quality and the other
two to Multilink PPP.  They are not required for a connection.

Quote:> Jul  8 19:54:41 localhost pppd[3296]: rcvd [LCP ConfAck id=0x1 <asyncmap
> 0x0> <magic 0x8607d1df> <pcomp> <accomp>]
> Jul  8 19:54:41 localhost pppd[3296]: rcvd [LCP ConfReq id=0x2 <mru
> 1524> <asyncmap 0xa0000> <auth chap MD5> <pcomp> <accomp>]

The peer asks for "asyncmap a0000" and this, together with a failure
in CHAP negotiations, sometimes signals that the ISP PPP is broken
with respect to its asyncmap implementation.  Try adding the
"asyncmap a0000" option to the pppd configuration.

> Jul  8 19:54:41 localhost pppd[3296]: sent [LCP ConfAck id=0x2 <mru
> 1524> <asyncmap 0xa0000> <auth chap MD5> <pcomp> <accomp>]
> Jul  8 19:54:41 localhost pppd[3296]: rcvd [CHAP Challenge id=0x1
> <8b0087d8368e7d0d04e42ce3d1d57b82>, name = "DKBH-T-002"]
> Jul  8 19:54:41 localhost pppd[3296]: sent [CHAP Response id=0x1
> <9fb77d3c39b90dbad3ffee65b5ff789e>, name = "my_login"]
> Jul  8 19:54:41 localhost pppd[3296]: rcvd [CHAP Failure id=0x1 "\000"]

> Jul  8 19:54:41 localhost pppd[3296]: CHAP authentication failed
> Jul  8 19:54:41 localhost pppd[3296]: sent [LCP TermReq id=0x2 "Failed
> to authenticate ourselves to peer"]

This is a simple authentication failure.  It almost always means that
the CHAP response or username that the ISP receives is incorrect.  That
could be because the username or secret in the secrets file is wrong,
or caused by the asyncmap problem mentioned above.

On rare occasions the ISP has entered the wrong username or secret
in it's PPP database.  That database may well differ from the one that
the has the account information for the WWW site.

--


 
 
 

CHAP on linux+bigpond fails

Post by Alan Yate » Tue, 11 Jul 2000 04:00:00



> I signed up w/ bigpond, and it turns out they use CHAP in canberra.
> Well, every time I try to dial-up with pppd/chat, it fails.

        It is probably using MS-CHAP hashes.

Quote:> # client        server  secret                  IP addresses
> my_login           *     my_passwd

        I normally put * in for the IPs too, but that shouldn't cause the
remote host to fail the chap auth.

--

 
 
 

CHAP on linux+bigpond fails

Post by Villy Kru » Tue, 11 Jul 2000 04:00:00




>> I signed up w/ bigpond, and it turns out they use CHAP in canberra.
>> Well, every time I try to dial-up with pppd/chat, it fails.

>    It is probably using MS-CHAP hashes.

The log printouts clearly showed that this is not the case.  If it were
then the process would not even reach the authentication stage, but
fail in the LCP negotiation stage.

Villy

 
 
 

1. pppd - PAP, CHAP, MS-CHAP, MS-CHAP-v2 protocol negotiation

Hi,

We have clients connecting to pppd 2.4.2b1.
Clients are able to connect using PAP, CHAP, MS-CHAP, MS-CHAP-v2 if
the pppd configuration is set up to require a specific protocol, eg:

If we change /etc/ppp/options to not request a specific protocol,
clients can only connect using PAP or MS-CHAP-V2. Client trying to
connect through CHAP or MS-CHAP fail and Pppd logs the error "peer
refused to authenticate: terminating link"

pppd configuration:

We'd like our clients to be able to connect using PAP, CHAP, MS-CHAP
or MS-CHAP-v2, the protocol being negotiated by server and client...

I suppose it's a pppd configuration issue; any help is highly
appreciated.
Thx.
dan

2. Looking for Cyclom (Cyclades) serial boards

3. SuSE Linux 8.0: adsl-start > CHAP authentication failed

4. iomega parallel port and scsi

5. Linux & ADSL BigPond

6. Job Opportunity

7. <chap 80> versus <chap 05>...?!?

8. Unix Zmodem

9. Connect to BigPond via linux - help please

10. Connecting pppd to NT server without chap/ms-chap

11. Howto dial ISP running NT4 - chap, pap, ms-chap?

12. Bigpond satelite interface with Linux

13. chap authentication fails