vpn using pptpclient in FreeBSD

Marco Beishuizen mbeis at xs4all.nl
Thu Sep 1 20:36:27 UTC 2011 

On Thu, 1 Sep 2011, the wise Коньков Евгений wrote:

> Notice: [B1] IFACE: Add route 0.0.0.0/0 130.115.3.34 failed: File exists
> You already have default route in your system
> why you set up the default again?
> Notice in conf:
>  set iface route default

With help from Mike Tancsa I've changed the config a bit and getting less 
errors now, but still not a working vpn connection. My mpd.conf is now:
...
# Default configuration is "pptp_client"

default:
 	load pptp_client

pptp_client:
#
# PPTP client: only outgoing calls, auto reconnect,
# ipcp-negotiated address, one-sided authentication,
# default route points on ISP's end
#

 	create bundle static B1
 	set iface route 130.115.0.0/16
 	set ipcp ranges 0.0.0.0/0 0.0.0.0/0

 	set bundle enable compression
 	set ccp yes mppc
 	set mppc yes e40
 	set mppc yes e128
 	set bundle enable crypt-reqd
 	set mppc yes stateless

 	create link static L1 pptp
 	set link action bundle B1
 	set auth authname xxxxxxxxxxxxxx
 	set auth password xxxxxxxxxxxxx
 	set link max-redial 0
 	set link mtu 1460
 	set link keep-alive 20 75
 	set pptp peer vpn-eur-pptp.eur.nl
 	set pptp disable windowing
 	open
...

It looks like it's setting up a correct connection, but the site of the 
library I would like to access isn't accessible when mpd5 is running:
...
process 2965 started, version 5.5 (root at yokozuna.lan 17:08 30-Jul-2011)
CONSOLE: listening on 127.0.0.1 5005
web: listening on 0.0.0.0 5006
[B1] Bundle: Interface ng0 created
[L1] [L1] Link: OPEN event
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
[L1] PPTP call successful
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: SendConfigReq #2
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: rec'd Configure Reject #2 (Req-Sent)
[L1]   PROTOCOMP
[L1] LCP: SendConfigReq #3
[L1]   ACFCOMP
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: rec'd Configure Reject #3 (Req-Sent)
[L1]   ACFCOMP
[L1] LCP: SendConfigReq #4
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: rec'd Configure Nak #4 (Req-Sent)
[L1]   ACCMAP 0x000a0000
[L1] LCP: SendConfigReq #5
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: rec'd Configure Ack #5 (Req-Sent)
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0a9219e0
[L1] LCP: state change Req-Sent --> Ack-Rcvd
[L1] LCP: rec'd Configure Request #1 (Ack-Rcvd)
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: SendConfigAck #1
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: state change Ack-Rcvd --> Opened
[L1] LCP: auth: peer wants CHAP, I want nothing
[L1] LCP: LayerUp
[L1] CHAP: rec'd CHALLENGE #1 len: 21
[L1]   Name: ""
[L1] CHAP: Using authname "xxxxxxxxxxxxxxxxx"
[L1] CHAP: sending RESPONSE #1 len: 69
[L1] CHAP: rec'd CHALLENGE #2 len: 21
[L1]   Name: ""
[L1] CHAP: Using authname "xxxxxxxxxxxxxxxxxx"
[L1] CHAP: sending RESPONSE #2 len: 69
[L1] rec'd proto IPCP during authenticate phase
[L1] rec'd proto CCP during authenticate phase
[L1] CHAP: sending RESPONSE #2 len: 69
[L1] CHAP: rec'd SUCCESS #2 len: 46
[L1]   MESG: S=F1619D8A3373D2F43E6652E992CA564D66B1C1A4
[L1] LCP: authorization successful
[L1] Link: Matched action 'bundle "B1" ""'
[L1] Link: Join bundle "B1"
[B1] Bundle: Status update: up 1 link, total bandwidth 64000 bps
[B1] IPCP: Open event
[B1] IPCP: state change Initial --> Starting
[B1] IPCP: LayerStart
[B1] CCP: Open event
[B1] CCP: state change Initial --> Starting
[B1] CCP: LayerStart
[B1] IPCP: Up event
[B1] IPCP: state change Starting --> Req-Sent
[B1] IPCP: SendConfigReq #1
[B1]   IPADDR 0.0.0.0
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] CCP: Up event
[B1] CCP: state change Starting --> Req-Sent
[B1] CCP: SendConfigReq #1
[B1]   MPPC
[B1]     0x01000060:MPPE(40, 128 bits), stateless
[B1] CCP: rec'd Configure Nak #1 (Req-Sent)
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: SendConfigReq #2
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: rec'd Configure Ack #2 (Req-Sent)
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: state change Req-Sent --> Ack-Rcvd
[B1] IPCP: rec'd Configure Request #1 (Req-Sent)
[B1]   IPADDR 130.115.3.35
[B1]     130.115.3.35 is OK
[B1] IPCP: SendConfigAck #1
[B1]   IPADDR 130.115.3.35
[B1] IPCP: state change Req-Sent --> Ack-Sent
[B1] CCP: rec'd Configure Request #1 (Ack-Rcvd)
[B1]   MPPC
[B1]     0x01000060:MPPE(40, 128 bits), stateless
[B1] CCP: SendConfigNak #1
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: rec'd Configure Request #2 (Ack-Rcvd)
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: SendConfigAck #2
[B1]   MPPC
[B1]     0x01000040:MPPE(128 bits), stateless
[B1] CCP: state change Ack-Rcvd --> Opened
[B1] CCP: LayerUp
[B1] CCP: Compress using: mppc (MPPE(128 bits), stateless)
[B1] CCP: Decompress using: mppc (MPPE(128 bits), stateless)
[B1] IPCP: SendConfigReq #2
[B1]   IPADDR 0.0.0.0
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: rec'd Configure Reject #2 (Ack-Sent)
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: SendConfigReq #3
[B1]   IPADDR 0.0.0.0
[B1] IPCP: rec'd Configure Nak #3 (Ack-Sent)
[B1]   IPADDR 130.115.85.11
[B1]     130.115.85.11 is OK
[B1] IPCP: SendConfigReq #4
[B1]   IPADDR 130.115.85.11
[B1] IPCP: rec'd Configure Ack #4 (Ack-Sent)
[B1]   IPADDR 130.115.85.11
[B1] IPCP: state change Ack-Sent --> Opened
[B1] IPCP: LayerUp
[B1]   130.115.85.11 -> 130.115.3.35
[B1] IFACE: Up event
...

I also noticed some kernel messages when starting mpd5:
...
WARNING: attempt to domain_add(netgraph) after domainfinalize()
Loop detected on ng0
Loop detected on ng0
Loop detected on ng0
...

So I get the impression that I'm almost there.

Marco

-- 
Let me tell you who the actual "front-runners" are.  On one side, you have
George Bush, who is currently going through a sort of fraternity hazing
wherein he has to perform a series of humiliating stunts to win the approval
of the Republican Right.  For example, they had him make a speech oozing
praise all over William Loeb, deceased publisher of the Manchester (N.H.)
Union Leader and Slime Journalist.  Loeb had dumped viciously all over George
in the 1980 New Hampshire primary.  But when the Right held a big tribute
for Loeb, George came back to the fold, like a man with a bungee cord wrapped
around his neck.
 		-- Dave Barry

More information about the freebsd-questions mailing list