Re: Linux VPN Server w/ MPPE MPPC Help
> Hello,
> I have built a Debian VPN server with a 2.6.10 kernel that I intend to
> use to support microsoft clients. I followed the directions at the
> following url:
>
> http://gfxcafe.com/VPN%20Howto.html
>
> Now I have this problem: When I try to connect using a windows
> machine, it says
> "Error 741: The local computer does not support the required data
> encryption type"
>
> lsmod shows that the ppp_mppe_mppc module is loaded, as well as sha1 and arc4
>
> I noticed the following in /var/log/daemon.log
>
> Apr 9 15:26:17 vpn1 pptpd[1629]: CTRL: Client 169.254.65.187 control
> connection started
> Apr 9 15:26:17 vpn1 pptpd[1629]: CTRL: Starting call (launching pppd,
> opening GRE)
> Apr 9 15:26:17 vpn1 pppd[1630]: pppd 2.4.3 started by root, uid 0
> Apr 9 15:26:17 vpn1 pppd[1630]: Using interface ppp0
> Apr 9 15:26:17 vpn1 pppd[1630]: Connect: ppp0 <--> /dev/pts/1
> Apr 9 15:26:20 vpn1 pptpd[1629]: CTRL: Ignored a SET LINK INFO packet
> with real ACCMs!
> Apr 9 15:26:20 vpn1 pppd[1630]: MPPE required, but MS-CHAP[v2] auth
> not performed.
> Apr 9 15:26:20 vpn1 pptpd[1629]: CTRL: Reaping child PPP[1630]
> Apr 9 15:26:20 vpn1 pppd[1630]: Modem hangup
> Apr 9 15:26:20 vpn1 pppd[1630]: Connection terminated.
> Apr 9 15:26:20 vpn1 pppd[1630]: Connect time 0.1 minutes.
> Apr 9 15:26:20 vpn1 pppd[1630]: Sent 0 bytes, received 0 bytes.
> Apr 9 15:26:20 vpn1 pppd[1630]: Exit.
> Apr 9 15:26:20 vpn1 pptpd[1629]: CTRL: Client 169.254.65.187 control
> connection finished
>
> Can someone help me sort out what is going on here? I cannot tell if
> the mppe support is not working, or if there is some other problem.
> One strange behavior I have noticed is this: I tell the windows client
> not to require encryption, and then try to connect. It complains,
> since the server requires authentication. Then I recheck the box to
> require encryption and try again, and it works. I cannot tell at this
> point if encryption is happening or not, but I do know that it will
> continue to work until I delete the connection and recreate it. At
> this point I will get the same err 741 that I mentioned above.
>
> Any help is hugely appreciated
> Chris
>
Looks like I got this to work now. For anyone else who runs into this
issue, I solved the problem by removing these lines from
/etc/ppp/options-pptpd:
+chap
+mschap-v2
Then I added this:
require-mschap-v2
And now it works. My options-pptpd looks like this:
name *
lock
mtu 1450
mru 1450
proxyarp
auth
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
deflate 0
mppe required
require-mschap-v2
Chris
Reply to: