Re: [FUG-BR] mpd5 ok porem clientes com windows vista nao conectam

Welkson Renny de Medeiros Thu, 14 May 2009 04:37:46 -0700

Ricardo Augusto de Souza escreveu:
> Tenho um servidor mpd5 rodando em um FreeBSD 7.1 e seus clientes eram somente 
> mikrotiks e tudo funcionava na boa.
> Ontem precisei liberar acesso a este servidor mpd5 para alguns colaboradores 
> da empresa e os que usavam Windows vista não conseguiram conectar.
> Clientes  com Windows XP conectam na boa.
> Minha conf é:
>
> Trinity# cat mpd.conf
> startup:
> set user admin mamamia admin
> set console self 127.0.0.1 5005
> set console open
> set web self 0.0.0.0 5006
> set web open
>
> default:
>    load pptp_server
>
> pptp_server:
>    create bundle template PPTP
>    set iface enable proxy-arp
>    set iface idle 1800
>    set iface enable tcpmssfix
>    set ipcp yes vjcomp
> #   set ipcp dns 172.16.0.1
>    set ippool add LANPOOL 172.16.0.2 172.16.0.10
>    set ipcp ranges 172.16.0.1/32 ippool LANPOOL
>
> # set bundle disable compression
>
>   create link template Clients pptp
>   set link latency 0
>   set link action bundle PPTP
>   set link enable multilink
> #set link yes acfcomp protocomp
>   set link no pap chap
>   set link enable chap
> # load radius
>   set link keep-alive 10 60
>   set link mtu 1460
>   set pptp self 0.0.0.0
>   set link enable incoming
> set bundle enable compression
> set bundle enable crypt-reqd
> #set ccp yes mppc
> set ccp yes mpp-e40
> set ccp yes mpp-e128
> set ccp yes mpp-stateless
>
> Trinity#
> PF.conf
> pass in quick on $ext_if proto tcp from any to $ext_if port 1723 synproxy 
> state
>
> Trinity# /usr/local/sbin/mpd5
> Multi-link PPP daemon for FreeBSD
>
> process 91839 started, version 5.2 (r...@trinity.cmtsp.com.br 19:35 
> 13-Apr-2009)
> PPTP: waiting for connection on 0.0.0.0 1723
> [Clients] [Clients-1] Accepting PPTP connection
> [Clients-1] Link: OPEN event
> [Clients-1] LCP: Open event
> [Clients-1] LCP: state change Initial --> Starting
> [Clients-1] LCP: LayerStart
> [Clients-1] PPTP: attaching to peer's outgoing call
> [Clients-1] Link: UP event
> [Clients-1] LCP: Up event
> [Clients-1] LCP: state change Starting --> Req-Sent
> [Clients-1] LCP: SendConfigReq #1
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #2
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #3
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #4
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #5
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #6
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #7
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #8
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #9
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: SendConfigReq #10
> [Clients-1]   ACFCOMP
> [Clients-1]   PROTOCOMP
> [Clients-1]   MRU 1500
> [Clients-1]   MAGICNUM 1228bfbe
> [Clients-1]   AUTHPROTO CHAP MSOFTv2
> [Clients-1]   MP MRRU 2048
> [Clients-1]   MP SHORTSEQ
> [Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
> [Clients-1] LCP: parameter negotiation failed
> [Clients-1] LCP: state change Req-Sent --> Stopped
> [Clients-1] LCP: LayerFinish
> [Clients-1] PPTP call terminated
> [Clients-1] Link: DOWN event
> [Clients-1] LCP: Close event
> [Clients-1] LCP: state change Stopped --> Closed
> [Clients-1] LCP: Down event
> [Clients-1] LCP: state change Closed --> Initial
> [Clients-1] Link: SHUTDOWN event
> [Clients-1] Link: Shutdown
>
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
>
>


Um detalhe que vi agora...
No firewall você não libera o GRE, só libera a porta PPTP.

Veja como está no meu:
# liberar PPTP Server (VPN/MPD5)
pass in quick log on $ext_if proto gre all synproxy state
pass in quick log on $ext_if proto { tcp, udp } from any to any port 
pptp synproxy state

PS: no meu estava keep state, alterei agora para synproxy. (espero que 
funcione =)

-- 
Welkson Renny de Medeiros
Focus Automação Comercial
Desenvolvimento / Gerência de Redes
welk...@focusautomacao.com.br
 
 
 
                      Powered by ....
 
                                           (__)
                                        \\\'',)
                                          \/  \ ^
                                          .\._/_)
 
                                      www.FreeBSD.org 


-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd

Re: [FUG-BR] mpd5 ok porem clientes com windows vista nao conectam

Responder a