Archie Cobbs wrote: > Thomas David Rivers writes: > > If I add > > enable MSChapV2 > > in /etc/ppp/ppp.conf - then our ppp client requires that the > > peer (the Microsoft VPN server) authenticate using MSChapV2. But, > > the Microsoft VPN peer refuses that (it's configured to not use > > MSChapV2. > > Don't you want something like "allow MSChapV2" and "disable MSChapV2" ?
The MS PAP/CHAP stuff never made it to RFC because of the protocol layering violations. I think the problem T.D.R. is seeing are a result of not having some covert channel, which is *not* MSChapV2, to get a session key for the VPN session. I guess we need to see a packet trace for a Windows machine being successful, and a FreeBSD machine being unsuccessful, in order to run a side-by-side comparison. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message