need help setting up PPTP VPN using mpd
Brad Tarver
btarver at idlemind.net
Mon May 3 16:11:46 PDT 2004
I'm trying to setup PPTP connectivity in a lab environment before I
attempt to implement in a real-world situation.
I have two routers and four PCs (two laptops running Windows XP and two
desktops running FreeBSD 5.2.1).
I haven't configured any ipfw or ipfirewall rules yet to keep my
configuration 'simple'.
Both FreeBSD boxes are configured to nat the two Windows boxes to my lab
'internet'.
Can anyone look at the setup below and tell me what I'm missing?
Here is my setup:
LaptopA
|
|
| 10.1.2.0/24
|
| .1
FreebsdA
| .2
|
| 27.40.15.0/24
|
| .1
RouterA
| .25
|
| 26.215.152.0/24
|
| .26
RouterB
| .1
|
| 28.80.30.0/24
|
| .2
FreebsdB
| .1
|
| 192.168.44.0/24
|
|
LaptopB
I have MPD running on FreebsdA (27.40.15.2). Ipnat is configured on both
freebsd boxes. When I open a new pptp vpn session on my laptopB, it gets
to a 'verifying username and pass' stage and then errors.
Here is my log:
---SNIP---
May 3 16:43:10 laurel0 kernel: mpd
May 3 16:43:10 laurel0 mpd: mpd: pid 475, version 3.17
(root at laurel0.idlemind.net 21:09 2-May-2004)
May 3 16:43:10 laurel0 mpd: [pptp0] ppp node is "mpd475-pptp0"
May 3 16:43:11 laurel0 mpd: mpd: local IP address for PPTP is 27.40.15.2
May 3 16:43:11 laurel0 mpd: [pptp0] using interface ng0
May 3 16:43:11 laurel0 mpd: set yes: unknown command. Try "help".
May 3 16:43:11 laurel0 mpd: [pptp1] ppp node is "mpd475-pptp1"
May 3 16:43:11 laurel0 mpd: [pptp1] using interface ng1
May 3 16:43:11 laurel0 mpd: set yes: unknown command. Try "help".
May 3 16:43:39 laurel0 mpd: mpd: PPTP connection from 28.80.30.2:4234
May 3 16:43:39 laurel0 mpd: pptp0: attached to connection with
28.80.30.2:4234
May 3 16:43:39 laurel0 mpd: [pptp0] IFACE: Open event
May 3 16:43:39 laurel0 mpd: [pptp0] IPCP: Open event
May 3 16:43:39 laurel0 mpd: [pptp0] IPCP: state change Initial --> Starting
May 3 16:43:39 laurel0 mpd: [pptp0] IPCP: LayerStart
May 3 16:43:39 laurel0 mpd: [pptp0] IPCP: Open event
May 3 16:43:39 laurel0 mpd: [pptp0] bundle: OPEN event in state CLOSED
May 3 16:43:39 laurel0 mpd: [pptp0] opening link "pptp0"...
May 3 16:43:39 laurel0 mpd: [pptp0] link: OPEN event
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: Open event
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: state change Initial --> Starting
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: LayerStart
May 3 16:43:39 laurel0 mpd: [pptp0] device: OPEN event in state DOWN
May 3 16:43:39 laurel0 mpd: [pptp0] attaching to peer's outgoing call
May 3 16:43:39 laurel0 mpd: [pptp0] device is now in state OPENING
May 3 16:43:39 laurel0 mpd: [pptp0] device: UP event in state OPENING
May 3 16:43:39 laurel0 mpd: [pptp0] device is now in state UP
May 3 16:43:39 laurel0 mpd: [pptp0] link: UP event
May 3 16:43:39 laurel0 mpd: [pptp0] link: origination is remote
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: Up event
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: state change Starting --> Req-Sent
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: phase shift DEAD --> ESTABLISH
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: SendConfigReq #1
May 3 16:43:39 laurel0 mpd: ACFCOMP
May 3 16:43:39 laurel0 mpd: PROTOCOMP
May 3 16:43:39 laurel0 mpd: MRU 1500
May 3 16:43:39 laurel0 mpd: MAGICNUM b960d589
May 3 16:43:39 laurel0 mpd: AUTHPROTO CHAP MSOFTv2
May 3 16:43:39 laurel0 mpd: [pptp0] error writing len 27 frame to
bypass: No route to host
May 3 16:43:39 laurel0 mpd: pptp0-0: ignoring SetLinkInfo
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: rec'd Configure Request #0
link 0 (Req-Sent)
May 3 16:43:39 laurel0 mpd: MRU 1400
May 3 16:43:39 laurel0 mpd: MAGICNUM 44842fcf
May 3 16:43:39 laurel0 mpd: PROTOCOMP
May 3 16:43:39 laurel0 mpd: ACFCOMP
May 3 16:43:39 laurel0 mpd: CALLBACK
May 3 16:43:39 laurel0 mpd: Not supported
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: SendConfigRej #0
May 3 16:43:39 laurel0 mpd: CALLBACK
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: rec'd Configure Request #1
link 0 (Req-Sent)
May 3 16:43:39 laurel0 mpd: MRU 1400
May 3 16:43:39 laurel0 mpd: MAGICNUM 44842fcf
May 3 16:43:39 laurel0 mpd: PROTOCOMP
May 3 16:43:39 laurel0 mpd: ACFCOMP
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: SendConfigAck #1
May 3 16:43:39 laurel0 mpd: MRU 1400
May 3 16:43:39 laurel0 mpd: MAGICNUM 44842fcf
May 3 16:43:39 laurel0 mpd: PROTOCOMP
May 3 16:43:39 laurel0 mpd: ACFCOMP
May 3 16:43:39 laurel0 mpd: [pptp0] LCP: state change Req-Sent --> Ack-Sent
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: SendConfigReq #2
May 3 16:43:41 laurel0 mpd: ACFCOMP
May 3 16:43:41 laurel0 mpd: PROTOCOMP
May 3 16:43:41 laurel0 mpd: MRU 1500
May 3 16:43:41 laurel0 mpd: MAGICNUM b960d589
May 3 16:43:41 laurel0 mpd: AUTHPROTO CHAP MSOFTv2
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: rec'd Configure Ack #2 link 0
(Ack-Sent)
May 3 16:43:41 laurel0 mpd: ACFCOMP
May 3 16:43:41 laurel0 mpd: PROTOCOMP
May 3 16:43:41 laurel0 mpd: MRU 1500
May 3 16:43:41 laurel0 mpd: MAGICNUM b960d589
May 3 16:43:41 laurel0 mpd: AUTHPROTO CHAP MSOFTv2
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: state change Ack-Sent --> Opened
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: phase shift ESTABLISH -->
AUTHENTICATE
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: auth: peer wants nothing, I
want CHAP
May 3 16:43:41 laurel0 mpd: [pptp0] CHAP: sending CHALLENGE
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: LayerUp
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: rec'd Ident #2 link 0 (Opened)
May 3 16:43:41 laurel0 mpd: MESG: MSRASV5.10
May 3 16:43:41 laurel0 mpd: pptp0-0: ignoring SetLinkInfo
May 3 16:43:41 laurel0 mpd: [pptp0] LCP: rec'd Ident #3 link 0 (Opened)
May 3 16:43:41 laurel0 mpd: MESG: MSRAS-0-PEARTREE
May 3 16:43:41 laurel0 mpd: [pptp0] CHAP: rec'd RESPONSE #1
May 3 16:43:41 laurel0 mpd: Name: "btarver0"
May 3 16:43:41 laurel0 mpd: Peer name: "btarver0"
May 3 16:46:11 laurel0 mpd: Response is valid
May 3 16:46:11 laurel0 mpd: [pptp0] CHAP: sending SUCCESS
May 3 16:46:11 laurel0 mpd: [pptp0] error writing len 50 frame to
bypass: No route to host
May 3 16:46:11 laurel0 mpd: [pptp0] LCP: authorization successful
May 3 16:46:11 laurel0 mpd: [pptp0] LCP: phase shift AUTHENTICATE -->
NETWORK
May 3 16:46:11 laurel0 mpd: [pptp0] setting interface ng0 MTU to 1400 bytes
May 3 16:46:11 laurel0 mpd: [pptp0] up: 1 link, total bandwidth 64000 bps
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: Up event
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: state change Starting -->
Req-Sent
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: SendConfigReq #1
May 3 16:46:11 laurel0 mpd: IPADDR 10.1.2.1
May 3 16:46:11 laurel0 mpd: COMPPROTO VJCOMP, 16 comp. channels, no
comp-cid
May 3 16:46:11 laurel0 mpd: [pptp0] error writing len 20 frame to
bypass: No route to host
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Open event
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: state change Initial --> Starting
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: LayerStart
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Up event
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: state change Starting --> Req-Sent
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: SendConfigReq #1
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 40 bits are
enabled -> no
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 56 bits are
enabled -> no
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 128 bits are
enabled -> yes
May 3 16:46:11 laurel0 mpd: MPPC
May 3 16:46:11 laurel0 mpd: 0x01000040: MPPE, 128 bit, stateless
May 3 16:46:11 laurel0 mpd: pptp0: write: Broken pipe
May 3 16:46:11 laurel0 mpd: pptp0: killing connection with 28.80.30.2:4234
May 3 16:46:11 laurel0 mpd: pptp0-0: killing channel
May 3 16:46:11 laurel0 mpd: [pptp0] PPTP call terminated
May 3 16:46:11 laurel0 mpd: [pptp0] IFACE: Close event
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: Close event
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: state change Req-Sent --> Closing
May 3 16:46:11 laurel0 mpd: [pptp0] IPCP: SendTerminateReq #2
May 3 16:46:11 laurel0 mpd: [pptp0] error writing len 8 frame to
bypass: Network is down
May 3 16:46:11 laurel0 mpd: [pptp0] IFACE: Close event
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: SendConfigReq #2
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 40 bits are
enabled -> no
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 56 bits are
enabled -> no
May 3 16:46:11 laurel0 mpd: [pptp0] CCP: Checking whether 128 bits are
enabled -> yes
May 3 16:46:11 laurel0 mpd: MPPC
May 3 16:46:11 laurel0 mpd: 0x01000040: MPPE, 128 bit, stateless
May 3 16:46:11 laurel0 mpd: [pptp0] error writing len 14 frame to
bypass: Network is down
May 3 16:46:11 laurel0 mpd: mpd: accept: Software caused connection abort
May 3 16:46:11 laurel0 mpd: [pptp0] CHAP: rec'd RESPONSE #1
May 3 16:46:11 laurel0 mpd: Not expected, but that's OK
May 3 16:46:11 laurel0 mpd: Name: "btarver0"
May 3 16:46:11 laurel0 mpd: Peer name: "btarver0"
---SNIP---
Here is my mpd.conf:
---SNIP---
default:
load pptp0
load pptp1
pptp0:
new -i ng0 pptp0 pptp0
set ipcp ranges 10.1.2.1/32 10.1.2.5/32
load clientStandard
pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 10.1.2.1/32 10.1.2.9/32
load clientStandard
clientStandard:
set iface disable on-demand
#set iface enable proxy-arp
set bundle disable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp dns 10.1.2.1
set ipcp nbns 10.1.2.1
set bundle enable compression
set ccp yes mppc
#set ccp yes mpp-e40
set ccp no mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle yes crypt-reqd
---SNIP---
And here is my mpd.links:
---SNIP---
pptp0:
set link type pptp
set pptp self 27.40.15.2
set pptp enable incoming
set pptp disable originate
pptp1:
set link type pptp
set pptp self 27.40.15.2
set pptp enable incoming
set pptp disable originate
---SNIP---
--
Brad Tarver, CCNA
btarver[at]idlemind[dot]net
More information about the freebsd-questions
mailing list