Hi A third post, but I still can't make things work properly:
On Wed, 29 Aug 2001, Tzafrir Cohen wrote: > On Wed, 29 Aug 2001, Tzafrir Cohen wrote: > > > Hi > > > > I'm trying to set up pptpd on a woody system to enable MS clients to > > connect. I wanted to enable the ssl-mppe patch. Generally I needed to > > patch the kernel a bit, and to patch the ppp package (patching pppd with > > ppp-2.4.1-openssl-0.9.6-mppe-patch.gz was not entirely trivial, as I also > > needed to remove one of the patches of the original debian package - patch > > 003 (bppc or something similar)). I must say, though, that applying > > patches to packages sees to involve a bit less black magic than applying > > patches to RPM packages. > > > > I got an error message about not being able to load module > > 'char-major-108' . I saw that there is an alias of 'char-major-108' to > > 'ppp_generic'. However, I could not figure out what 'ppp_generic' is. > > further aliasing 'ppp_generic' to 'ppp' seems to have allowed this module > > to load, but I'm not really sure that this is a smart move. > > > > I'm currently trying to figure out exactly what I need towrite in the > > pptpd_options file and how I need to configure the clients. > > > > [syslog snipped] > > > What bothers me here is that I can't see anything from pppd in the logs. I > > have > > 'debug' set in pptpd-options . Even if I run 'pppd debug' (as root') I get > > a couple of lines of garbage, but I see nothing in this log. Yet the man > > page claims that pppd debugging goes to syslog as deamon.debug . What am I > > doing wrong here? > > Sorry, I needed to read README.Debian to see that ppd logging is logged as > local2 , so currently my syslog entry has 'local2,daemon.=debug' > > I needed some more messing (it turns out some things weren't installed > properly) but pptp now works. I'll just have to see how to fit it into the > packet-filtering rules... * Is there anything else I need to do, besides enabling "ip_forward" to be able to route packets through the ppp interface? I can ping from a windows client to the server's interface, but I can't seem to connect any further. Running 'ipconfig' on the windows client I see that the gateway's IP address is the same as the "VPN adapter"'s IP address. * I can't get "encryption" to work. When I tried using a plain win98, enabling "software compression" would have resulten in an established connection, but no data transfered. I have download MS's latest update (DUN14-98 - Dial-Up Networking 1.4 for win98. Supposed to give 128bit encryption), and now it doesn't even establish a connection. After applying DUN14 I was also able to use "software compression", which I was not able to use before. Relevant modules that are loaded when a connection is active: ppp_deflate 39456 1 (autoclean) bsd_comp 3936 0 (autoclean) ppp 20048 2 (autoclean) [ppp_deflate bsd_comp] slhc 4304 0 (autoclean) [ppp] ppp_mppe is also availble and can be loaded by 'modprobe ppp_mppe' . Should I give it some alias? (I don't see an error about a module failing to load). Here is the log (with failed encryption): Aug 30 10:36:50 naftali pppd[5944]: rcvd [LCP TermReq id=0x2] Aug 30 10:36:50 naftali pppd[5944]: Script /etc/ppp/ip-down started (pid 5972) Aug 30 10:36:50 naftali pppd[5944]: sent [LCP TermAck id=0x2] Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Received PPTP Control Message (type: 12) Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Made a CALL DISCONNECT RPLY packet Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Received CALL CLR request (closing call) Aug 30 10:36:50 naftali pptpd[5943]: CTRL: I wrote 148 bytes to the client. Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Sent packet to client Aug 30 10:36:50 naftali pptpd[5943]: CTRL: Exiting now Aug 30 10:36:50 naftali pptpd[5688]: MGR: Reaped child 5943 Aug 30 10:36:50 naftali pppd[5944]: Waiting for 1 child processes... Aug 30 10:36:50 naftali pppd[5944]: script /etc/ppp/ip-down, pid 5972 Aug 30 10:36:50 naftali pppd[5944]: Script /etc/ppp/ip-down finished (pid 5972), status = 0x0 Aug 30 10:36:52 naftali pptpd[5992]: MGR: Launching /usr/sbin/pptpctrl to handle client Aug 30 10:36:52 naftali pptpd[5992]: CTRL: local address = 192.168.8.254 Aug 30 10:36:52 naftali pptpd[5992]: CTRL: remote address = 192.168.8.2 Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pppd speed = 115200 Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pppd options file = /etc/ppp/pptpd-options Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 1) Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Made a START CTRL CONN RPLY packet Aug 30 10:36:52 naftali pptpd[5992]: CTRL: I wrote 156 bytes to the client. Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Sent packet to client Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 7) Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Set parameters to 0 maxbps, 16 window size Aug 30 10:36:52 naftali pptpd[5992]: CTRL: Made a OUT CALL RPLY packet Aug 30 10:36:52 naftali pptpd[5992]: CTRL: pty_fd = 5 Aug 30 10:36:52 naftali pptpd[5992]: CTRL: tty_fd = 6 Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): Connection speed = 115200 Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): local address = 192.168.8.254 Aug 30 10:36:52 naftali pptpd[5993]: CTRL (PPPD Launcher): remote address = 192.168.8.2 Aug 30 10:36:52 naftali pptpd[5992]: CTRL: I wrote 32 bytes to the client. Aug 30 10:36:53 naftali pptpd[5992]: CTRL: Sent packet to client Aug 30 10:36:53 naftali pppd[5993]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap 81> <magic 0xa0e10aa8> <pcomp> <accomp>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP ConfReq id=0x1 <magic 0x215b72> <pcomp> <accomp>] Aug 30 10:36:53 naftali pppd[5993]: sent [LCP ConfAck id=0x1 <magic 0x215b72> <pcomp> <accomp>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap 81> <magic 0xa0e10aa8> <pcomp> <accomp>] Aug 30 10:36:53 naftali pppd[5993]: sent [LCP EchoReq id=0x0 magic=0xa0e10aa8] Aug 30 10:36:53 naftali pppd[5993]: sent [CHAP Challenge id=0x1 <0df9b0fef5df625082010e14d7582c6a>, name = "naftali"] Aug 30 10:36:53 naftali pppd[5993]: rcvd [LCP EchoRep id=0x0 magic=0x215b72] Aug 30 10:36:53 naftali pppd[5993]: rcvd [CHAP Response id=0x1 <189d0798df9a33047a18b69ed04c5b5c00000000000000008e08983dc667b56c64d0df2513b9621109c952c4d8ac42fc04>, name = "yedida"] Aug 30 10:36:53 naftali pppd[5993]: sent [CHAP Success id=0x1 "S=235784DCBD39959D77CE46D2F75C29E1E85E5C82"] Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfReq id=0x1 <addr 192.168.8.254> <compress VJ 0f 01>] Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfReq id=0x1 <deflate 15> <deflate(old#) 15> <mppe 1 0 0 60> <bsd v1 15>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>] Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfNak id=0x1 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>] Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfNak id=0x1 <mppe 1 0 0 60>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>] Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfReq id=0x2 <addr 192.168.8.254>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15> <bsd v1 15>] Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfReq id=0x2 <mppe 1 0 0 60>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfReq id=0x2 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>] Aug 30 10:36:53 naftali pppd[5993]: sent [IPCP ConfAck id=0x2 <addr 192.168.8.2> <ms-dns1 192.168.1.200> <ms-wins 192.168.1.200> <ms-dns3 192.168.1.200> <ms-wins 192.168.1.200>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [CCP ConfReq id=0x2 <mppe 1 0 0 40>] Aug 30 10:36:53 naftali pppd[5993]: sent [CCP ConfRej id=0x2 <mppe 1 0 0 40>] Aug 30 10:36:53 naftali pppd[5993]: rcvd [IPCP ConfAck id=0x2 <addr 192.168.8.254>] Aug 30 10:36:54 naftali pppd[5993]: Script /etc/ppp/ip-up started (pid 5995) Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfNak id=0x2 <mppe 1 0 0 40>] Aug 30 10:36:54 naftali pppd[5993]: sent [CCP ConfReq id=0x3] Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfReq id=0x3] Aug 30 10:36:54 naftali pppd[5993]: sent [CCP ConfAck id=0x3] Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP ConfAck id=0x3] Aug 30 10:36:54 naftali pppd[5993]: rcvd [CCP TermReq id=0x4] Aug 30 10:36:54 naftali pppd[5993]: sent [CCP TermAck id=0x4] Aug 30 10:36:55 naftali pppd[5993]: Script /etc/ppp/ip-up finished (pid 5995), status = 0x0 Aug 30 10:36:57 naftali pppd[5993]: sent [CCP ConfReq id=0x3] Aug 30 10:36:57 naftali pppd[5993]: rcvd [CCP TermAck id=0x3] Aug 30 10:36:58 naftali pppd[5993]: rcvd [LCP TermReq id=0x2] Aug 30 10:36:58 naftali pppd[5993]: Script /etc/ppp/ip-down started (pid 6018) Aug 30 10:36:58 naftali pppd[5993]: sent [LCP TermAck id=0x2] Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Received PPTP Control Message (type: 12) Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Made a CALL DISCONNECT RPLY packet Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Received CALL CLR request (closing call) Aug 30 10:36:58 naftali pptpd[5992]: CTRL: I wrote 148 bytes to the client. Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Sent packet to client Aug 30 10:36:58 naftali pptpd[5992]: CTRL: Exiting now Aug 30 10:36:58 naftali pptpd[5688]: MGR: Reaped child 5992 Aug 30 10:36:58 naftali pppd[5993]: Waiting for 1 child processes... Aug 30 10:36:58 naftali pppd[5993]: script /etc/ppp/ip-down, pid 6018 Aug 30 10:36:59 naftali pppd[5993]: Script /etc/ppp/ip-down finished (pid 6018), status = 0x0 (f the chap secret can be guessed from here: don't bother, it is 'secret') /etc/pptp.conf (without some comments and empty lines) -------------- speed 115200 option /etc/ppp/pptpd-options debug localip 192.168.8.254 #localip 192.168.9.1-50 remoteip 192.168.8.1-50 -------------- The address of the ethernet interface of this machine is 192.168.1.250 (I'm still using a test machine with one ethernet adapter) My pptpd-options file: -------------- debug name naftali domain gadot auth #require-chap #require-chapms require-chapms-v2 #+chap #+chapms +chapms-v2 mppe-40 mppe-128 mppe-stateless ms-dns 192.168.1.200 ms-wins 192.168.1.200 netmask 255.255.255.0 #nodefaultroute proxyarp lock -------------- -- Tzafrir Cohen mailto:[EMAIL PROTECTED] http://www.technion.ac.il/~tzafrir
