MPD problems connecting to a Cisco 3000 concentrator

Joe Marcus Clarke marcus at marcuscom.com
Sun Nov 9 16:25:03 PST 2003 

On Sun, 2003-11-09 at 19:16, Joe Marcus Clarke wrote:

[snip]

> 
> As for the CHAP, things work fine when using MS-CHAPv2 without
> encryption (at least I thought that's what was being used).  I can try
> MS-CHAPv1, but what I'm really trying to do is help Will with his PPTP
> setup for access at school.  I have VPN 3000s in my lab that I can do
> just about anything I want to, but Will has no access to his
> concentrator.  Since the concentrator terminates Windows VPN sessions
> correctly, is there anything else on the mpd side I can look at?  Thanks
> for your help.

I just tried MS-CHAPv1 only, but the problem persists:

Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 82223, version 3.14 (root at shumai.marcuscom.com 22:45 
7-Nov-2003)
[ciscovpn] ppp node is "mpd82223-ciscov"
[ciscovpn] using interface ng0
[ciscovpn] IFACE: Open event
[ciscovpn] IPCP: Open event
[ciscovpn] IPCP: state change Initial --> Starting
[ciscovpn] IPCP: LayerStart
Usage: set login [authname]
[ciscovpn:vpn] [ciscovpn] bundle: OPEN event in state CLOSED
[ciscovpn] opening link "vpn"...
[vpn] link: OPEN event
[vpn] LCP: Open event
[vpn] LCP: state change Initial --> Starting
[vpn] LCP: LayerStart
[vpn] device: OPEN event in state DOWN
pptp0: connecting to 172.18.124.132:1723
[vpn] device is now in state OPENING
pptp0: connected to 172.18.124.132:1723
pptp0: attached to connection with 172.18.124.132:1723
pptp0-0: outgoing call connected at 10000000 bps
[vpn] PPTP call successful
[vpn] device: UP event in state OPENING
[vpn] device is now in state UP
[vpn] link: UP event
[vpn] link: origination is local
[vpn] LCP: Up event
[vpn] LCP: state change Starting --> Req-Sent
[vpn] LCP: phase shift DEAD --> ESTABLISH
[vpn] LCP: SendConfigReq #1
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM c264ba4c
[vpn] LCP: rec'd Configure Request #0 link 0 (Req-Sent)
 AUTHPROTO CHAP MSOFTv2
[vpn] LCP: SendConfigNak #0
 AUTHPROTO CHAP MSOFT
[vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
 AUTHPROTO CHAP MSOFT
[vpn] LCP: SendConfigAck #1
 AUTHPROTO CHAP MSOFT
[vpn] LCP: state change Req-Sent --> Ack-Sent
[vpn] LCP: SendConfigReq #2
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM c264ba4c
[vpn] LCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM c264ba4c
[vpn] LCP: state change Ack-Sent --> Opened
[vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE
[vpn] LCP: auth: peer wants CHAP, I want nothing
[vpn] LCP: LayerUp
[vpn] CHAP: rec'd CHALLENGE #1
 Name: ""
 Using authname "marcus"
[vpn] CHAP: sending RESPONSE
[vpn] CHAP: sending RESPONSE
[vpn] CHAP: sending RESPONSE
[vpn] CHAP: rec'd CHALLENGE #2
 Name: ""
 Using authname "marcus"
[vpn] CHAP: sending RESPONSE
[vpn] CHAP: rec'd SUCCESS #2
[vpn] LCP: authorization successful
[vpn] LCP: phase shift AUTHENTICATE --> NETWORK
[ciscovpn] setting interface ng0 MTU to 1460 bytes
[ciscovpn] up: 1 link, total bandwidth 64000 bps
[ciscovpn] IPCP: Up event
[ciscovpn] IPCP: state change Starting --> Req-Sent
[ciscovpn] IPCP: SendConfigReq #1
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] CCP: Open event
[ciscovpn] CCP: state change Initial --> Starting
[ciscovpn] CCP: LayerStart
[ciscovpn] CCP: Up event
[ciscovpn] CCP: state change Starting --> Req-Sent
[ciscovpn] CCP: SendConfigReq #1
[vpn] CCP: Checking wether 40 bits are enabled -> yes
[vpn] CCP: Checking wether 56 bits are enabled -> no
[vpn] CCP: Checking wether 128 bits are enabled -> yes
 MPPC
   0x01000060: MPPE, 40 bit, 128 bit, stateless
[ciscovpn] IPCP: rec'd Configure Request #0 link 0 (Req-Sent)
 IPADDR 172.18.124.132
   172.18.124.132 is OK
[ciscovpn] IPCP: SendConfigAck #0
 IPADDR 172.18.124.132
[ciscovpn] IPCP: state change Req-Sent --> Ack-Sent
[ciscovpn] CCP: rec'd Configure Request #0 link 0 (Req-Sent)
 MPPC
   0x01000060: MPPE, 40 bit, 128 bit, stateless
[vpn] CCP: Checking wether 40 bits are acceptable -> yes
[vpn] CCP: Checking wether 128 bits are acceptable -> yes
[ciscovpn] CCP: SendConfigNak #0
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[ciscovpn] CCP: rec'd Configure Nak #1 link 0 (Req-Sent)
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[ciscovpn] CCP: SendConfigReq #2
[vpn] CCP: Checking wether 40 bits are enabled -> no
[vpn] CCP: Checking wether 56 bits are enabled -> no
[vpn] CCP: Checking wether 128 bits are enabled -> yes
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[ciscovpn] CCP: rec'd Configure Request #1 link 0 (Req-Sent)
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[vpn] CCP: Checking wether 128 bits are acceptable -> yes
[ciscovpn] CCP: SendConfigAck #1
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[ciscovpn] CCP: state change Req-Sent --> Ack-Sent
[ciscovpn] CCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
 MPPC
   0x01000040: MPPE, 128 bit, stateless
[ciscovpn] CCP: state change Ack-Sent --> Opened
[ciscovpn] CCP: LayerUp
  Compress using: MPPE, 128 bit, stateless
Decompress using: MPPE, 128 bit, stateless
[ciscovpn] setting interface ng0 MTU to 1456 bytes
[ciscovpn] IPCP: SendConfigReq #2
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: rec'd Configure Request #1 link 0 (Ack-Sent)
 IPADDR 172.18.124.132
   172.18.124.132 is OK
[ciscovpn] IPCP: SendConfigAck #1
 IPADDR 172.18.124.132
[ciscovpn] IPCP: SendConfigReq #3
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: SendConfigReq #4
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: rec'd Configure Request #2 link 0 (Ack-Sent)
 IPADDR 172.18.124.132
   172.18.124.132 is OK
[ciscovpn] IPCP: SendConfigAck #2
 IPADDR 172.18.124.132
[ciscovpn] IPCP: SendConfigReq #5
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: rec'd Configure Request #3 link 0 (Ack-Sent)
 IPADDR 172.18.124.132
   172.18.124.132 is OK
[ciscovpn] IPCP: SendConfigAck #3
 IPADDR 172.18.124.132
[ciscovpn] IPCP: SendConfigReq #6
 IPADDR 1.1.1.1
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: rec'd Configure Reject #6 link 0 (Ack-Sent)
 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[ciscovpn] IPCP: SendConfigReq #7
 IPADDR 1.1.1.1
[ciscovpn] IPCP: rec'd Configure Ack #7 link 0 (Ack-Sent)
 IPADDR 1.1.1.1
[ciscovpn] IPCP: state change Ack-Sent --> Opened
[ciscovpn] IPCP: LayerUp
  1.1.1.1 -> 172.18.124.132
[ciscovpn] IFACE: Up event
[ciscovpn] setting interface ng0 MTU to 1456 bytes
[ciscovpn] exec: /sbin/ifconfig ng0 1.1.1.1 172.18.124.132 netmask
0xffffffff -link0
[ciscovpn] exec: /sbin/route add 1.1.1.1 -iface lo0
[ciscovpn] IFACE: Up event
[vpn] LCP: rec'd Protocol Reject #2 link 0 (Opened)
[vpn] LCP: protocol 0x70b4 was rejected
[vpn] LCP: rec'd Protocol Reject #3 link 0 (Opened)
[vpn] LCP: protocol 0x97b4 was rejected

Joe

-- 
PGP Key : http://www.marcuscom.com/pgp.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20031109/5e0f0c6e/attachment.bin

More information about the freebsd-questions mailing list