From: Richard B. P. <rp...@ki...> - 2004-06-30 11:55:20
|
That didn't work, it just changed the error message to 629 and left this in the debug log: ------------------------------------------ pptpd[6849]: MGR: Launching /usr/sbin/pptpctrl to handle client pptpd[6849]: CTRL: pppd speed = 115200 pptpd[6849]: CTRL: pppd options file = /etc/ppp/options.poptop pptpd[6849]: CTRL: Client 208.186.176.66 control connection started pptpd[6849]: CTRL: Received PPTP Control Message (type: 1) pptpd[6849]: CTRL: Made a START CTRL CONN RPLY packet pptpd[6849]: CTRL: I wrote 156 bytes to the client. pptpd[6849]: CTRL: Sent packet to client pptpd[6849]: CTRL: Received PPTP Control Message (type: 7) pptpd[6849]: CTRL: Set parameters to 0 maxbps, 16 window size pptpd[6849]: CTRL: Made a OUT CALL RPLY packet pptpd[6849]: CTRL: Starting call (launching pppd, opening GRE) pptpd[6849]: CTRL: pty_fd = 5 pptpd[6849]: CTRL: tty_fd = 6 pptpd[6849]: CTRL: I wrote 32 bytes to the client. pptpd[6849]: CTRL: Sent packet to client pptpd[6851]: CTRL (PPPD Launcher): Connection speed = 115200 pppd[6851]: In file /etc/ppp/options.poptop: unrecognized option 'require-mschap-v2' pptpd[6849]: GRE: read(fd=5,buffer=804dc00,len=8196) from PTY failed: status = -1 error = Input/output error pptpd[6849]: CTRL: PTY read or GRE write failed (pty,gre)=(5,6) pptpd[6849]: CTRL: Closing child ppp with pid 6851 pptpd[6849]: CTRL: Client 208.186.176.66 control connection finished pptpd[6849]: CTRL: Exiting now pptpd[717]: MGR: Reaped child 6849 ----------------------------------------- FWIW, I am running linux kernel 2.4.26 with the linux-default- bsd-mppe.patch (Thu May 15 13:40:59 2003), ppp vers 2.4.1 with ppp-2.4.1-openssl-0.9.6-mppe.patch and ppp-2.4.1-MSCHAPv2- fix.patch, and pptp version 1.1.4. --Richard On 30 Jun 2004 at 21:06, David Williams wrote: > Richard B. Pyne wrote: > > >I had everything working fine with Linux kernel 2.4.25 and pptp > >1.1.3-20030409 for months until my boss got an alert from > >ScanAlert. I showed him that the 1.1.3-20030409 release wasn't > >vulnerable, but he insisted that I update. Now we can't connect. > > > >My /etc/pptp.conf: > >------------------------------------------ > >option /etc/ppp/options.poptop > >debug > >speed 115200 > >localip 10.1.5.254 > >remoteip 10.1.230.1-254 > >------------------------------------------ > > > >My /etc/ppp/options.poptop: > >------------------------------------------ > >debug > >name * > >#ipparam PoPToP > >lock > >noauth > >mtu 1450 > >mru 1450 > >ms-wins 10.1.5.254 > >ms-dns 10.1.5.254 > >#multilink > >proxyarp > >#auth > >+chap > >+chapms > >+chapms-v2 > >ipcp-accept-local > >ipcp-accept-remote > >lcp-echo-failure 30 > >lcp-echo-interval 5 > >deflate 0 > >mppe-128 > >mppe-40 > >mppe-stateless > >#require-mppe > >#require-mppe-stateless > >nodeflate > >------------------------------------------ > > > > > >>From my debug log: > >------------------------------------------ > >pptpd[4774]: CTRL: Client 208.186.176.66 control connection > >started > >pptpd[4774]: CTRL: Starting call (launching pppd, opening GRE) > >pppd[4776]: pppd 2.4.1 started by root, uid 0 > >pppd[4776]: using channel 12 > >pppd[4776]: Using interface ppp0 > >pppd[4776]: Connect: ppp0 <--> /dev/pty/s1 > >pppd[4776]: sent [LCP ConfReq id=0x1 <mru 1450> <asyncmap 0x0> > ><auth chap 81> <magic 0x8aa9b49a> <pcomp> <accomp>] > >pppd[4776]: rcvd [LCP ConfReq id=0x1 <magic 0x8dde0a9> <pcomp> > ><accomp>] > >pppd[4776]: sent [LCP ConfAck id=0x1 <magic 0x8dde0a9> <pcomp> > ><accomp>] > >pppd[4776]: rcvd [LCP ConfAck id=0x1 <mru 1450> <asyncmap 0x0> > ><auth chap 81> <magic 0x8aa9b49a> <pcomp> <accomp>] > >pppd[4776]: sent [LCP EchoReq id=0x0 magic=0x8aa9b49a] > >pppd[4776]: sent [CHAP Challenge id=0x1 > ><6796eaafae9eb7f2e80b65fa6185bc19>, name = "*"] > >pppd[4776]: rcvd [LCP EchoRep id=0x0 magic=0x8dde0a9] > >pppd[4776]: rcvd [CHAP Response id=0x1 > ><fc112394a78a9e8b11f7f4d219c040e30000000000000000f71931774a1f9794 > >258614b9bf1759e9eb1e2cde4c618de004>, name = "rpyne"] > >pppd[4776]: sent [CHAP Success id=0x1 > >"S=906FC47947C32E2F7F4A8D32F5FE688F331B0E36"] > >pppd[4776]: sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <compress > >VJ 0f 01>] > >pppd[4776]: MSCHAP-v2 peer authentication succeeded for rpyne > >pppd[4776]: rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr > >0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> > ><ms-wins 0.0.0.0>] > >pppd[4776]: sent [IPCP ConfRej id=0x1 <addr 0.0.0.0>] > >pppd[4776]: rcvd [IPCP ConfAck id=0x1 <addr 0.0.0.0> <compress > >VJ 0f 01>] > >pppd[4776]: rcvd [IPCP ConfReq id=0x2 <addrs 0.0.0.0 0.0.0.0> > ><compress VJ 0f 01> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 > >0.0.0.0> <ms-wins 0.0.0.0>] > >pppd[4776]: sent [IPCP ConfRej id=0x2 <addrs 0.0.0.0 0.0.0.0>] > >pppd[4776]: rcvd [IPCP TermReq id=0x3] > >pppd[4776]: sent [IPCP TermAck id=0x3] > >pppd[4776]: rcvd [LCP TermReq id=0x2] > >pppd[4776]: LCP terminated by peer > >pppd[4776]: sent [LCP TermAck id=0x2] > >pppd[4776]: Modem hangup > >pppd[4776]: Connection terminated. > >pppd[4776]: Connect time 0.1 minutes. > >pppd[4776]: Sent 44 bytes, received 104 bytes. > >pppd[4776]: Exit. > >pptpd[4774]: CTRL: EOF or bad error reading ctrl packet length. > >pptpd[4774]: CTRL: couldn't read packet header (exit) > >pptpd[4774]: CTRL: CTRL read failed > >pptpd[4774]: CTRL: Closing child ppp with pid 4776 > >pptpd[4774]: CTRL: Client 208.186.176.66 control connection > >finished > >---------------------------------------------------- > > > >I admit I really don't know much about pptp, but it looks to me > >like everything works up until the IPCP ConfReq. > > > >Thanks in advance for any help. I really need to get this going > >so I can get some sleep. > > > >--Richard > > > > > > > >------------------------------------------------------- > >This SF.Net email sponsored by Black Hat Briefings & Training. > >Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > >digital self defense, top technical experts, no vendor pitches, > >unmatched networking opportunities. Visit www.blackhat.com > >_______________________________________________ > >Poptop-server mailing list > >Pop...@li... > >https://lists.sourceforge.net/lists/listinfo/poptop-server > > > > > > > require-mschap-v2 > require-mppe-128 > > here is my config > > cat /etc/ppp/options.pptpd > proxyarp > auth > ipcp-accept-local > ipcp-accept-remote > lcp-echo-failure 3 > lcp-echo-interval 5 > deflate 0 > lock > debug > require-mschap-v2 > require-mppe-128 > ms-dns 100.100.100.1 > ms-wins 100.100.100.1 > > > David Williams > SecureGate Australia > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > Poptop-server mailing list > Pop...@li... > https://lists.sourceforge.net/lists/listinfo/poptop-server > |