From: David W. <da...@mi...> - 2004-06-30 11:06:47
|
Richard B. Pyne wrote: >I had everything working fine with Linux kernel 2.4.25 and pptp >1.1.3-20030409 for months until my boss got an alert from >ScanAlert. I showed him that the 1.1.3-20030409 release wasn't >vulnerable, but he insisted that I update. Now we can't connect. > >My /etc/pptp.conf: >------------------------------------------ >option /etc/ppp/options.poptop >debug >speed 115200 >localip 10.1.5.254 >remoteip 10.1.230.1-254 >------------------------------------------ > >My /etc/ppp/options.poptop: >------------------------------------------ >debug >name * >#ipparam PoPToP >lock >noauth >mtu 1450 >mru 1450 >ms-wins 10.1.5.254 >ms-dns 10.1.5.254 >#multilink >proxyarp >#auth >+chap >+chapms >+chapms-v2 >ipcp-accept-local >ipcp-accept-remote >lcp-echo-failure 30 >lcp-echo-interval 5 >deflate 0 >mppe-128 >mppe-40 >mppe-stateless >#require-mppe >#require-mppe-stateless >nodeflate >------------------------------------------ > > >>From my debug log: >------------------------------------------ >pptpd[4774]: CTRL: Client 208.186.176.66 control connection >started >pptpd[4774]: CTRL: Starting call (launching pppd, opening GRE) >pppd[4776]: pppd 2.4.1 started by root, uid 0 >pppd[4776]: using channel 12 >pppd[4776]: Using interface ppp0 >pppd[4776]: Connect: ppp0 <--> /dev/pty/s1 >pppd[4776]: sent [LCP ConfReq id=0x1 <mru 1450> <asyncmap 0x0> ><auth chap 81> <magic 0x8aa9b49a> <pcomp> <accomp>] >pppd[4776]: rcvd [LCP ConfReq id=0x1 <magic 0x8dde0a9> <pcomp> ><accomp>] >pppd[4776]: sent [LCP ConfAck id=0x1 <magic 0x8dde0a9> <pcomp> ><accomp>] >pppd[4776]: rcvd [LCP ConfAck id=0x1 <mru 1450> <asyncmap 0x0> ><auth chap 81> <magic 0x8aa9b49a> <pcomp> <accomp>] >pppd[4776]: sent [LCP EchoReq id=0x0 magic=0x8aa9b49a] >pppd[4776]: sent [CHAP Challenge id=0x1 ><6796eaafae9eb7f2e80b65fa6185bc19>, name = "*"] >pppd[4776]: rcvd [LCP EchoRep id=0x0 magic=0x8dde0a9] >pppd[4776]: rcvd [CHAP Response id=0x1 ><fc112394a78a9e8b11f7f4d219c040e30000000000000000f71931774a1f9794 >258614b9bf1759e9eb1e2cde4c618de004>, name = "rpyne"] >pppd[4776]: sent [CHAP Success id=0x1 >"S=906FC47947C32E2F7F4A8D32F5FE688F331B0E36"] >pppd[4776]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress >VJ 0f 01>] >pppd[4776]: MSCHAP-v2 peer authentication succeeded for rpyne >pppd[4776]: rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr >0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> ><ms-wins 0.0.0.0>] >pppd[4776]: sent [IPCP ConfRej id=0x1 <addr 0.0.0.0>] >pppd[4776]: rcvd [IPCP ConfAck id=0x1 <addr 0.0.0.0> <compress >VJ 0f 01>] >pppd[4776]: rcvd [IPCP ConfReq id=0x2 <addrs 0.0.0.0 0.0.0.0> ><compress VJ 0f 01> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 >0.0.0.0> <ms-wins 0.0.0.0>] >pppd[4776]: sent [IPCP ConfRej id=0x2 <addrs 0.0.0.0 0.0.0.0>] >pppd[4776]: rcvd [IPCP TermReq id=0x3] >pppd[4776]: sent [IPCP TermAck id=0x3] >pppd[4776]: rcvd [LCP TermReq id=0x2] >pppd[4776]: LCP terminated by peer >pppd[4776]: sent [LCP TermAck id=0x2] >pppd[4776]: Modem hangup >pppd[4776]: Connection terminated. >pppd[4776]: Connect time 0.1 minutes. >pppd[4776]: Sent 44 bytes, received 104 bytes. >pppd[4776]: Exit. >pptpd[4774]: CTRL: EOF or bad error reading ctrl packet length. >pptpd[4774]: CTRL: couldn't read packet header (exit) >pptpd[4774]: CTRL: CTRL read failed >pptpd[4774]: CTRL: Closing child ppp with pid 4776 >pptpd[4774]: CTRL: Client 208.186.176.66 control connection >finished >---------------------------------------------------- > >I admit I really don't know much about pptp, but it looks to me >like everything works up until the IPCP ConfReq. > >Thanks in advance for any help. I really need to get this going >so I can get some sleep. > >--Richard > > > >------------------------------------------------------- >This SF.Net email sponsored by Black Hat Briefings & Training. >Attend Black Hat Briefings & Training, Las Vegas July 24-29 - >digital self defense, top technical experts, no vendor pitches, >unmatched networking opportunities. Visit www.blackhat.com >_______________________________________________ >Poptop-server mailing list >Pop...@li... >https://lists.sourceforge.net/lists/listinfo/poptop-server > > > require-mschap-v2 require-mppe-128 here is my config cat /etc/ppp/options.pptpd proxyarp auth ipcp-accept-local ipcp-accept-remote lcp-echo-failure 3 lcp-echo-interval 5 deflate 0 lock debug require-mschap-v2 require-mppe-128 ms-dns 100.100.100.1 ms-wins 100.100.100.1 David Williams SecureGate Australia |