FreeBSD Dialin to NT PPP Server

FreeBSD Dialin to NT PPP Server

Post by Paul Danckae » Wed, 02 Jul 1997 04:00:00



Hi,

I'm trying to get a FreeBSD box dialing into a NT 4.0 server and establish
a PPP connection, but am having quite a bit of trouble with it.  I'm
trying to use PAP or CHAP authentication, but from the unix side in ppp
I get a dial OK, a login OK, and Packet mode.. but nothing is really
connected.  Looking at LCP debugging in /var/log/ppp.log, there is a
go around of sent configs, and rejections, until both machines get
tired of it, and call it a day.  Here is an example..:

07-01 22:59:00 [6294]  AUTHPROTO proto = c023
07-01 22:59:00 [6294]  MAGICNUM 000018a2
07-01 22:59:00 [6294]  PROTOCOMP
07-01 22:59:00 [6294]  ACFCOMP
07-01 22:59:00 [6294] LCP:  SendConfigAck(Req-Sent)
07-01 22:59:00 [6294]  ACCMAP 00000000
07-01 22:59:00 [6294]  AUTHPROTO proto = c023
07-01 22:59:00 [6294]  MAGICNUM 000018a2
07-01 22:59:00 [6294]  PROTOCOMP
07-01 22:59:00 [6294]  ACFCOMP
07-01 22:59:00 [6294] LCP: state change Req-Sent --> Ack-Sent
07-01 22:59:00 [6294] LCP: Received Configure Reject (3) state = Ack-Sent (8)
07-01 22:59:00 [6294] LCP: RecvConfigRej.
07-01 22:59:00 [6294]  AUTHPROTO proto = c223
07-01 22:59:00 [6294] LCP: SendConfigReq
07-01 22:59:00 [6294]  ACFCOMP
07-01 22:59:00 [6294]  PROTOCOMP
07-01 22:59:00 [6294]  ACCMAP [6] 00000000
07-01 22:59:00 [6294]  MRU [4] 1500
07-01 22:59:00 [6294]  MAGICNUM [6] c898b6ca
07-01 22:59:00 [6294]  AUTHPROTO [5] 49699
07-01 22:59:00 [6294] LCP: Received Configure Reject (4) state = Ack-Sent (8)

Any ideas on what might be wrong, or other information that would be useful?
Its possible the NT side is not correct, though the more NT-ish people than
I looked it over and didn't see any problems..

thanks.

paul

 
 
 

FreeBSD Dialin to NT PPP Server

Post by Brian Some » Thu, 03 Jul 1997 04:00:00




Quote:> Hi,

> I'm trying to get a FreeBSD box dialing into a NT 4.0 server and establish
> a PPP connection, but am having quite a bit of trouble with it.  I'm
> trying to use PAP or CHAP authentication, but from the unix side in ppp
> I get a dial OK, a login OK, and Packet mode.. but nothing is really
> connected.  Looking at LCP debugging in /var/log/ppp.log, there is a
> go around of sent configs, and rejections, until both machines get
> tired of it, and call it a day.  Here is an example..:

> 07-01 22:59:00 [6294]  AUTHPROTO proto = c023
> 07-01 22:59:00 [6294]  MAGICNUM 000018a2
> 07-01 22:59:00 [6294]  PROTOCOMP
> 07-01 22:59:00 [6294]  ACFCOMP
> 07-01 22:59:00 [6294] LCP:  SendConfigAck(Req-Sent)
> 07-01 22:59:00 [6294]  ACCMAP 00000000
> 07-01 22:59:00 [6294]  AUTHPROTO proto = c023
> 07-01 22:59:00 [6294]  MAGICNUM 000018a2
> 07-01 22:59:00 [6294]  PROTOCOMP
> 07-01 22:59:00 [6294]  ACFCOMP
> 07-01 22:59:00 [6294] LCP: state change Req-Sent --> Ack-Sent
> 07-01 22:59:00 [6294] LCP: Received Configure Reject (3) state = Ack-Sent (8)
> 07-01 22:59:00 [6294] LCP: RecvConfigRej.
> 07-01 22:59:00 [6294]  AUTHPROTO proto = c223

                         ^^^^^^^^^^^^^^^^^^^^^^
The peer doesn't like your authentication protocol.

Quote:> 07-01 22:59:00 [6294] LCP: SendConfigReq
> 07-01 22:59:00 [6294]  ACFCOMP
> 07-01 22:59:00 [6294]  PROTOCOMP
> 07-01 22:59:00 [6294]  ACCMAP [6] 00000000
> 07-01 22:59:00 [6294]  MRU [4] 1500
> 07-01 22:59:00 [6294]  MAGICNUM [6] c898b6ca
> 07-01 22:59:00 [6294]  AUTHPROTO [5] 49699
> 07-01 22:59:00 [6294] LCP: Received Configure Reject (4) state = Ack-Sent (8)

> Any ideas on what might be wrong, or other information that would be useful?
> Its possible the NT side is not correct, though the more NT-ish people than
> I looked it over and didn't see any problems..

Have you done an "enable pap" or an "enable chap" in your config file ?

Quote:> thanks.

> paul

--

      <http://www.awfulhak.org>
Don't _EVER_ lose your sense of humour !

 
 
 

FreeBSD Dialin to NT PPP Server

Post by Paul Danckae » Thu, 03 Jul 1997 04:00:00


It doesn't like my authentication?  That gave me some more ideas, and I tried
stripping down the config and it works much better now.  I had accept and
enable pap, rather than just accept...

thanks for the ideas.

paul

 
 
 

FreeBSD Dialin to NT PPP Server

Post by Wilko Bul » Thu, 03 Jul 1997 04:00:00


For ijppp the following works for us with an ISP using NT:

default:
# com poort
 set device /dev/cuaa5
 set speed 57600
 set timeout 600
# set debug phase chat lqm lcp tcp/ip hdlc async
# set debug phase chat lqm lcp tcp/ip
# set debug phase
 set debug chat
 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0 OK-AT-OK \\dATDT\\T TIMEOUT 40 CONNECT "
# get the packet filtering rules
 load universal
 display

# primary internet provider
universal:
 set phone 0257375387
 set login ""
 set ifaddr 0.0.0.0/0 0.0.0.0/0
 disable lqr
 deny lqr
# disable pred1
# deny pred1
 accept pred1
 enable pred1
 disable pap
 deny pap
 disable chap
 deny chap
# accept chap
# enable chap
 accept pap
# enable pap
 set authname "yourname"
 set authkey "yourpasswd"
 set openmode active

--
Wilko
_     ____________________________________________________________________

 |/|/ / / /( (_)        Do, or do not. There is no 'try' - Yoda