cisco (client) + mpd (server)
Mark
mark at x86.co.za
Tue Sep 16 13:39:11 UTC 2008
Hi There
Im trying to get a little cisco 837 to speak to a MPD4 server running on
7.0-stable. Ive been able to make them communicate but for the life of
me they dont want to authenticate. Below is logs + configs.. I hope
someone is kind enough to share some info with me :)
MPD Config:
l2tp:
new -i ng0 l2tp l2tp
set iface disable on-demand
set iface enable proxy-arp
set iface idle 0
set iface enable tcpmssfix
set bundle disable multilink
set link yes acfcomp protocomp
# set link no pap chap
# set link enable chap
set link keep-alive 10 60
set link mtu 1460
set ipcp yes vjcomp protocomp
set ipcp ranges 172.16.254.1/32 172.16.254.2/32
set ipcp dns 196.25.1.11
secrets file:
x86-cisco <removed>
Cisco Config:
l2tp-class dynamicpw
pseudowire-class dynamicpw
encapsulation l2tpv2
interface Virtual-PPP2
no ip address
no cdp enable
ppp authentication chap
ppp chap password 0 <removed>
pseudowire 196.15.202.94 10 pw-class dynamicpw
MPD error:
[l2tp] LCP: state change Ack-Sent --> Opened
[l2tp] LCP: auth: peer wants CHAP, I want nothing
[l2tp] LCP: LayerUp
[l2tp] CHAP: rec'd CHALLENGE #29
Name: "x86-cisco"
Using authname "x86-cisco"
[l2tp] CHAP: sending RESPONSE len:26
[l2tp] CHAP: rec'd FAILURE #29
MESG: Authentication failed
[l2tp] LCP: authorization failed
[l2tp] LCP: parameter negotiation failed
[l2tp] LCP: state change Opened --> Stopping
[l2tp] AUTH: Cleanup
[l2tp] LCP: SendTerminateReq #123
[l2tp] LCP: LayerDown
Cisco Error:
6d04h: Vp2 PPP: Phase is AUTHENTICATING, by this end
6d04h: Vp2 CHAP: O CHALLENGE id 29 len 30 from "x86-cisco"
6d04h: Vp2 CHAP: I RESPONSE id 29 len 30 from "x86-cisco"
6d04h: Vp2 PPP: Phase is FORWARDING, Attempting Forward
6d04h: Vp2 PPP: Phase is AUTHENTICATING, Unauthenticated User
6d04h: Vp2 PPP: Sent CHAP LOGIN Request
6d04h: Vp2 PPP: Received LOGIN Response FAIL
6d04h: Vp2 CHAP: O FAILURE id 29 len 25 msg is "Authentication failed"
6d04h: Vp2 PPP: Sending Acct Event[Down] id[373]
6d04h: Vp2 PPP: Phase is TERMINATING
It seems tho If i remove the x86-home user out of the mpd secrets file
it moans about not finding the user so its definatley reading the
username but having some difficulty with the password? I have tried all
the ppp authentication methods (pap, chap, eap, mschap etc)
Chow
Mark
More information about the freebsd-isp
mailing list