Re: pptpd problems

To: <debian-firewall@lists.debian.org>
Subject: Re: pptpd problems
From: Tzafrir Cohen <tzafrir@technion.ac.il>
Date: Thu, 30 Aug 2001 10:56:06 +0300 (IDT)
Message-id: <[🔎] Pine.GSO.4.33_heb2.09.0108301011300.12775-100000@techunix.technion.ac.il>
In-reply-to: <[🔎] Pine.GSO.4.33_heb2.09.0108291545110.29676-100000@techunix.technion.ac.il>
Hi

A third post, but I still can't make things work properly:

On Wed, 29 Aug 2001, Tzafrir Cohen wrote:

> On Wed, 29 Aug 2001, Tzafrir Cohen wrote:
>
> > Hi
> >
> > I'm trying to set up pptpd on a woody system to enable MS clients to
> > connect. I wanted to enable the ssl-mppe patch. Generally I needed to
> > patch the kernel a bit, and to patch the ppp package (patching pppd with
> > ppp-2.4.1-openssl-0.9.6-mppe-patch.gz was not entirely trivial, as I also
> > needed to remove one of the patches of the original debian package - patch
> > 003 (bppc or something similar)). I must say, though, that applying
> > patches to packages sees to involve a bit less black magic than applying
> > patches to RPM packages.
> >
> > I got an error message about not being able to load module
> > 'char-major-108' . I saw that there is an alias of 'char-major-108' to
> > 'ppp_generic'. However, I could not figure out what 'ppp_generic' is.
> > further aliasing 'ppp_generic' to 'ppp' seems to have allowed this module
> > to load, but I'm not really sure that this is a smart move.
> >
> > I'm currently trying to figure out exactly what I need towrite in the
> > pptpd_options file and how I need to configure the clients.
> >
>
> [syslog snipped]
>
> > What bothers me here is that I can't see anything from pppd in the logs. I have
> > 'debug' set in pptpd-options . Even if I run 'pppd debug' (as root') I get
> > a couple of lines of garbage, but I see nothing in this log. Yet the man
> > page claims that pppd debugging goes to syslog as deamon.debug . What am I
> > doing wrong here?
>
> Sorry, I needed to read README.Debian to see that ppd logging is logged as
> local2 , so currently my syslog entry has 'local2,daemon.=debug'
>
> I needed some more messing (it turns out some things weren't installed
> properly) but pptp now works. I'll just have to see how to fit it into the
> packet-filtering rules...

* Is there anything else I need to do, besides enabling "ip_forward" to be
able to route packets through the ppp interface? I can ping from a windows
client to the server's interface, but I can't seem to connect any further.

Running 'ipconfig' on the windows client I see that the gateway's IP
address is the same as the "VPN adapter"'s IP address.

* I can't get "encryption" to work. When I tried using a plain win98,
enabling "software compression" would have resulten in an established
connection, but no data transfered.
I have download MS's latest update (DUN14-98 - Dial-Up Networking 1.4 for
win98. Supposed to give 128bit encryption), and now it doesn't even
establish a connection.

After applying DUN14 I was also able to use "software compression", which
I was not able to use before.

Relevant modules that are loaded when a connection is active:
ppp_deflate            39456   1 (autoclean)
bsd_comp                3936   0 (autoclean)
ppp                    20048   2 (autoclean) [ppp_deflate bsd_comp]
slhc                    4304   0 (autoclean) [ppp]

ppp_mppe is also availble and can be loaded by 'modprobe ppp_mppe' .
Should I give it some alias? (I don't see an error about a module failing
to load).

Here is the log (with failed encryption):
Aug 30 10:36:50 naftali pppd[5944]: rcvd [LCP TermReq id=0x2]
Aug 30 10:36:50 naftali pppd[5944]: Script /etc/ppp/ip-down started (pid 5972)
Aug 30 10:36:50 naftali pppd[5944]: sent [LCP TermAck id=0x2]
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Received PPTP Control Message (type: 12)
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Made a CALL DISCONNECT RPLY packet
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Received CALL CLR request (closing call)
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: I wrote 148 bytes to the client.
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Sent packet to client
Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Exiting now
Aug 30 10:36:50 naftali pptpd[5688]: MGR: Reaped child 5943
Aug 30 10:36:50 naftali pppd[5944]: Waiting for 1 child processes...
Aug 30 10:36:50 naftali pppd[5944]:   script /etc/ppp/ip-down, pid 5972
Aug 30 10:36:50 naftali pppd[5944]: Script /etc/ppp/ip-down finished (pid 5972), status = 0x0
Aug 30 10:36:52 naftali pptpd[5992]: MGR: Launching /usr/sbin/pptpctrl to handle client
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: local address = 192.168.8.254
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: remote address = 192.168.8.2
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pppd speed = 115200
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pppd options file = /etc/ppp/pptpd-options
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 1)
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Made a START CTRL CONN RPLY packet
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: I wrote 156 bytes to the client.
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Sent packet to client
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 7)
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Set parameters to 0 maxbps, 16 window size
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Made a OUT CALL RPLY packet
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pty_fd = 5
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: tty_fd = 6
Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): Connection speed = 115200
Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): local address = 192.168.8.254
Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): remote address = 192.168.8.2
Aug 30 10:36:52 naftali pptpd[5992]: CTRL: I wrote 32 bytes to the client.
Aug 30 10:36:53 naftali pptpd[5992]: CTRL: Sent packet to client
Aug 30 10:36:53 naftali pppd[5993]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap 81> <magic 0xa0e10aa8> <pcomp> <accomp>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP ConfReq id=0x1 <magic 0x215b72> <pcomp> <accomp>]
Aug 30 10:36:53 naftali pppd[5993]: sent [LCP ConfAck id=0x1 <magic 0x215b72> <pcomp> <accomp>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap 81> <magic 0xa0e10aa8> <pcomp> <accomp>]
Aug 30 10:36:53 naftali pppd[5993]: sent [LCP EchoReq id=0x0 magic=0xa0e10aa8]
Aug 30 10:36:53 naftali pppd[5993]: sent [CHAP Challenge id=0x1 <0df9b0fef5df625082010e14d7582c6a>, name = "naftali"]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP EchoRep id=0x0 magic=0x215b72]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [CHAP Response id=0x1 <189d0798df9a33047a18b69ed04c5b5c00000000000000008e08983dc667b56c64d0df2513b9621109c952c4d8ac42fc04>, name = "yedida"]
Aug 30 10:36:53 naftali pppd[5993]: sent [CHAP Success id=0x1 "S=235784DCBD39959D77CE46D2F75C29E1E85E5C82"]
Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfReq id=0x1 <addr 192.168.8.254> <compress VJ 0f 01>]
Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15> <mppe 1 0 0 60> <bsd v1 15>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfNak id=0x1 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>]
Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfNak id=0x1 <mppe 1 0 0 60>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfReq id=0x2 <addr 192.168.8.254>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15> <bsd v1 15>]
Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfReq id=0x2 <mppe 1 0 0 60>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfReq id=0x2 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>]
Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfAck id=0x2 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [CCP ConfReq id=0x2 <mppe 1 0 0 40>]
Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfRej id=0x2 <mppe 1 0 0 40>]
Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfAck id=0x2 <addr 192.168.8.254>]
Aug 30 10:36:54 naftali pppd[5993]: Script /etc/ppp/ip-up started (pid 5995)
Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfNak id=0x2 <mppe 1 0 0 40>]
Aug 30 10:36:54 naftali pppd[5993]: sent [CCP ConfReq id=0x3]
Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfReq id=0x3]
Aug 30 10:36:54 naftali pppd[5993]: sent [CCP ConfAck id=0x3]
Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfAck id=0x3]
Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP TermReq id=0x4]
Aug 30 10:36:54 naftali pppd[5993]: sent [CCP TermAck id=0x4]
Aug 30 10:36:55 naftali pppd[5993]: Script /etc/ppp/ip-up finished (pid 5995), status = 0x0
Aug 30 10:36:57 naftali pppd[5993]: sent [CCP ConfReq id=0x3]
Aug 30 10:36:57 naftali pppd[5993]: rcvd [CCP TermAck id=0x3]
Aug 30 10:36:58 naftali pppd[5993]: rcvd [LCP TermReq id=0x2]
Aug 30 10:36:58 naftali pppd[5993]: Script /etc/ppp/ip-down started (pid 6018)
Aug 30 10:36:58 naftali pppd[5993]: sent [LCP TermAck id=0x2]
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 12)
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Made a CALL DISCONNECT RPLY packet
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Received CALL CLR request (closing call)
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: I wrote 148 bytes to the client.
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Sent packet to client
Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Exiting now
Aug 30 10:36:58 naftali pptpd[5688]: MGR: Reaped child 5992
Aug 30 10:36:58 naftali pppd[5993]: Waiting for 1 child processes...
Aug 30 10:36:58 naftali pppd[5993]:   script /etc/ppp/ip-down, pid 6018
Aug 30 10:36:59 naftali pppd[5993]: Script /etc/ppp/ip-down finished (pid 6018), status = 0x0

(f the chap secret can be guessed from here: don't bother, it is 'secret')



/etc/pptp.conf (without some comments and empty lines)

--------------
speed 115200
option /etc/ppp/pptpd-options
debug
localip 192.168.8.254
#localip 192.168.9.1-50
remoteip 192.168.8.1-50
--------------


The address of the ethernet interface of this machine is 192.168.1.250
(I'm still using a test machine with one ethernet adapter)

My pptpd-options file:
--------------
debug
name naftali
domain gadot

auth
#require-chap
#require-chapms
require-chapms-v2
#+chap
#+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless

ms-dns 192.168.1.200
ms-wins 192.168.1.200
netmask 255.255.255.0

#nodefaultroute
proxyarp
lock
--------------



-- 
Tzafrir Cohen
mailto:tzafrir@technion.ac.il
http://www.technion.ac.il/~tzafrir
Reply to:
Follow-Ups:
- Re: pptpd problems
  - From: Tzafrir Cohen <tzafrir@technion.ac.il>
References:
- Re: pptpd problems
  - From: Tzafrir Cohen <tzafrir@technion.ac.il>
Prev by Date: Re: performance problem with my home network
Next by Date: Re: Request For Information
Previous by thread: Re: pptpd problems
Next by thread: Re: pptpd problems
Index(es):
- Date
- Thread