It would be nice if in the logs it would specify an ipaddress when athentication fails
eg
Current
Jun 16 13:48:21 Server pppd[24808]: Peer User failed CHAP authentication
Changed to
Jun 16 13:48:21 Server pppd[24808]: Peer User failed CHAP authentication on 102.213.42.12
This way it would work with blocker programs such as fail2ban