>looking at this debug log...
>
>Sep 9 21:23:22 horla pppd[67]: sent [LCP ConfReq id=0x1 <mru 1500>
><asyncmap 0x0> <magic 0x35f240b8> <pcomp> <accomp>]
Your side sending a typical LCP Configure-Request.
>Sep 9 21:23:23 horla pppd[67]: rcvd [LCP ConfReq id=0x0 <asyncmap 0x0>
><auth chap 80> <magic 0x630c> <pcomp> <accomp>] e9 6b
The "server" is requesting you use MSCHAP to authenticate yourself.
>Sep 9 21:23:23 horla pppd[67]: sent [LCP ConfNak id=0x0 <auth chap 05>]
Your side is it can do CHAP, but only the MD5 form.
>Sep 9 21:23:23 horla pppd[67]: rcvd [LCP ConfAck id=0x1 <mru 1500>
><asyncmap 0x0> <magic 0x35f240b8> <pcomp> <accomp>] a4 3e
The "server" says it likes your LCP Configure-Request.
>Sep 9 21:23:23 horla pppd[67]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0>
><auth 0xc027 01 00 00 01> <magic 0x630c> <pcomp> <accomp>] d7 5b
The "server" asks you to authenticate yourself using SPAP (a Shiva
proprietary authentication protocol)
>Sep 9 21:23:23 horla pppd[67]: fsm_rconfreq(LCP): Rcvd id 1.
The "server" asks you to authenticate yourself using SPAP (a Shiva
proprietary authentication protocol)
>Sep 9 21:23:23 horla pppd[67]: sent [LCP ConfRej id=0x1 <auth 0xc027 01 00
>00 01>]
Your side is saying it REJECTs SPAP. Note that technically this is a BUG in
the PPPD you are using since your side does support the negotiation of an
authentication protocol; just not SPAP. When it sees an authentication
protocol it doesn't support, it's supposed to send back a Configure-NAK
suggesting an authentication protocol it does support. Sending a
Configure-Reject is just plain WRONG here.
>Sep 9 21:23:23 horla pppd[67]: rcvd [LCP TermReq id=0x2 00 00 02 dc] 33 4d
The "server" side has decided to terminate the link since your side has
indicated that it does not support authentication (as far as the server
can tell).
>Sep 9 21:23:23 horla pppd[67]: sent [LCP TermAck id=0x2]
Standard response for a Terminate-Request.
>...i ask you: my isp uses CHAP, right? but it doesn't have a chap-secrets
>file, right?
No. More then likely, your ISP is using NT servers as it's dialin servers.
>please, confirm my humble assumptions...
>
>- my computer (client) sent its secret, and received a 'temporary
>acknowledgment' (i don't know exactly what NAK means)
Actually, the secret is not sent until AFTER both side agree on how the
authentication will take place (which protocol to use). In this case,
the two sides never agreed upon authentication so the link was terminated.
============================================================================
Patrick Klos Email: [EMAIL PROTECTED]
Klos Technologies, Inc. Voice: (603) 471-2547
18 Farmhouse Rd. Web: http://www.klos.com/
Bedford, New Hampshire 03110
============================================================================
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
