Problem ver. 2 : VPN using MPD 3.10 on 5.0-R and Win. VPN clients
Kristian Rask
krask at isupport.dk
Fri May 9 01:36:38 PDT 2003
Hi
Here's the setup and the logs for the dysfunctional VPN setup
[/usr/local/etc/mpd/mpd.conf]
default:
load pptp
pptp:
new -i ng0 pptp pptp
set iface disable on-demand
set iface enable proxy-arp
set iface idle 1800
set iface mtu 1350
set bundle enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set link mtu 1460
set ipcp yes vjcomp
set ipcp ranges 192.168.1.1/32 192.168.1.32/27
set ipcp dns 192.168.1.102
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set bundle enable crypt-reqd
[END]
[/usr/local/etc/mpd/mpd.links]
pptp:
set link type pptp
set pptp self a.b.c.d
set pptp enable incoming
set pptp disable originate
[END]
[/usr/local/etc/mpd/mpd.secret]
someuser "somepass"
fixipuser "fixippass" 192.168.1.40
[END]
note: a.b.c.d is the public IP of the machine.
note: There is no mpd.script as this is a VPN server, not a modem server
[/var/log/mpd.log]
May 9 10:20:57 dmz4 mpd: mpd: pid 3775, version 3.10 (root at gohan10.freebsd.org
08:13 3-Jan-2003)
May 9 10:20:57 dmz4 mpd: [pptp] ppp node is "mpd3775-pptp"
May 9 10:20:57 dmz4 mpd: mpd: local IP address for PPTP is a.b.c.d
May 9 10:20:57 dmz4 mpd: [pptp] using interface ng0
May 9 10:21:17 dmz4 mpd: mpd: PPTP connection from a.b.c.e:1046
May 9 10:21:17 dmz4 mpd: pptp0: attached to connection with a.b.c.e:1046
May 9 10:21:17 dmz4 mpd: [pptp] IFACE: Open event
May 9 10:21:17 dmz4 mpd: [pptp] IPCP: Open event
May 9 10:21:17 dmz4 mpd: [pptp] IPCP: state change Initial --> Starting
May 9 10:21:17 dmz4 mpd: [pptp] IPCP: LayerStart
May 9 10:21:17 dmz4 mpd: [pptp] IPCP: Open event
May 9 10:21:17 dmz4 mpd: [pptp] bundle: OPEN event in state CLOSED
May 9 10:21:17 dmz4 mpd: [pptp] opening link "pptp"...
May 9 10:21:17 dmz4 mpd: [pptp] link: OPEN event
May 9 10:21:17 dmz4 mpd: [pptp] LCP: Open event
May 9 10:21:17 dmz4 mpd: [pptp] LCP: state change Initial --> Starting
May 9 10:21:17 dmz4 mpd: [pptp] LCP: LayerStart
May 9 10:21:17 dmz4 mpd: [pptp] device: OPEN event in state DOWN
May 9 10:21:17 dmz4 mpd: [pptp] attaching to peer's outgoing call
May 9 10:21:17 dmz4 mpd: [pptp] device is now in state OPENING
May 9 10:21:17 dmz4 mpd: [pptp] device: UP event in state OPENING
May 9 10:21:17 dmz4 mpd: [pptp] device is now in state UP
May 9 10:21:17 dmz4 mpd: [pptp] link: UP event
May 9 10:21:17 dmz4 mpd: [pptp] link: origination is remote
May 9 10:21:17 dmz4 mpd: [pptp] LCP: Up event
May 9 10:21:17 dmz4 mpd: [pptp] LCP: state change Starting --> Req-Sent
May 9 10:21:17 dmz4 mpd: [pptp] LCP: phase shift DEAD --> ESTABLISH
May 9 10:21:17 dmz4 mpd: [pptp] LCP: SendConfigReq #1
May 9 10:21:17 dmz4 mpd: ACFCOMP
May 9 10:21:17 dmz4 mpd: PROTOCOMP
May 9 10:21:17 dmz4 mpd: MRU 1500
May 9 10:21:17 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:17 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:17 dmz4 mpd: MP MRRU 1600
May 9 10:21:17 dmz4 mpd: MP SHORTSEQ
May 9 10:21:17 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:17 dmz4 mpd: pptp0-0: ignoring SetLinkInfo
May 9 10:21:17 dmz4 mpd: [pptp] LCP: rec'd Configure Request #0 link 0 (Req-Sent)
May 9 10:21:17 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:17 dmz4 mpd: PROTOCOMP
May 9 10:21:17 dmz4 mpd: ACFCOMP
May 9 10:21:17 dmz4 mpd: CALLBACK
May 9 10:21:17 dmz4 mpd: Not supported
May 9 10:21:17 dmz4 mpd: [pptp] LCP: SendConfigRej #0
May 9 10:21:17 dmz4 mpd: CALLBACK
May 9 10:21:19 dmz4 mpd: [pptp] LCP: SendConfigReq #2
May 9 10:21:19 dmz4 mpd: ACFCOMP
May 9 10:21:19 dmz4 mpd: PROTOCOMP
May 9 10:21:19 dmz4 mpd: MRU 1500
May 9 10:21:19 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:19 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:19 dmz4 mpd: MP MRRU 1600
May 9 10:21:19 dmz4 mpd: MP SHORTSEQ
May 9 10:21:19 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:19 dmz4 mpd: [pptp] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
May 9 10:21:19 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:19 dmz4 mpd: PROTOCOMP
May 9 10:21:19 dmz4 mpd: ACFCOMP
May 9 10:21:19 dmz4 mpd: CALLBACK
May 9 10:21:19 dmz4 mpd: Not supported
May 9 10:21:19 dmz4 mpd: [pptp] LCP: SendConfigRej #1
May 9 10:21:19 dmz4 mpd: CALLBACK
May 9 10:21:21 dmz4 mpd: [pptp] LCP: SendConfigReq #3
May 9 10:21:21 dmz4 mpd: ACFCOMP
May 9 10:21:21 dmz4 mpd: PROTOCOMP
May 9 10:21:21 dmz4 mpd: MRU 1500
May 9 10:21:21 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:21 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:21 dmz4 mpd: MP MRRU 1600
May 9 10:21:21 dmz4 mpd: MP SHORTSEQ
May 9 10:21:21 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:22 dmz4 mpd: [pptp] LCP: rec'd Configure Request #2 link 0 (Req-Sent)
May 9 10:21:22 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:22 dmz4 mpd: PROTOCOMP
May 9 10:21:22 dmz4 mpd: ACFCOMP
May 9 10:21:22 dmz4 mpd: CALLBACK
May 9 10:21:22 dmz4 mpd: Not supported
May 9 10:21:22 dmz4 mpd: [pptp] LCP: SendConfigRej #2
May 9 10:21:22 dmz4 mpd: CALLBACK
May 9 10:21:23 dmz4 mpd: [pptp] LCP: SendConfigReq #4
May 9 10:21:23 dmz4 mpd: ACFCOMP
May 9 10:21:23 dmz4 mpd: PROTOCOMP
May 9 10:21:23 dmz4 mpd: MRU 1500
May 9 10:21:23 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:23 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:23 dmz4 mpd: MP MRRU 1600
May 9 10:21:23 dmz4 mpd: MP SHORTSEQ
May 9 10:21:23 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:25 dmz4 mpd: [pptp] LCP: SendConfigReq #5
May 9 10:21:25 dmz4 mpd: ACFCOMP
May 9 10:21:25 dmz4 mpd: PROTOCOMP
May 9 10:21:25 dmz4 mpd: MRU 1500
May 9 10:21:25 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:25 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:25 dmz4 mpd: MP MRRU 1600
May 9 10:21:25 dmz4 mpd: MP SHORTSEQ
May 9 10:21:25 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:26 dmz4 mpd: [pptp] LCP: rec'd Configure Request #3 link 0 (Req-Sent)
May 9 10:21:26 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:26 dmz4 mpd: PROTOCOMP
May 9 10:21:26 dmz4 mpd: ACFCOMP
May 9 10:21:26 dmz4 mpd: CALLBACK
May 9 10:21:26 dmz4 mpd: Not supported
May 9 10:21:26 dmz4 mpd: [pptp] LCP: SendConfigRej #3
May 9 10:21:26 dmz4 mpd: CALLBACK
May 9 10:21:27 dmz4 mpd: [pptp] LCP: SendConfigReq #6
May 9 10:21:27 dmz4 mpd: ACFCOMP
May 9 10:21:27 dmz4 mpd: PROTOCOMP
May 9 10:21:27 dmz4 mpd: MRU 1500
May 9 10:21:27 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:27 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:27 dmz4 mpd: MP MRRU 1600
May 9 10:21:27 dmz4 mpd: MP SHORTSEQ
May 9 10:21:27 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:29 dmz4 mpd: [pptp] LCP: SendConfigReq #7
May 9 10:21:29 dmz4 mpd: ACFCOMP
May 9 10:21:29 dmz4 mpd: PROTOCOMP
May 9 10:21:29 dmz4 mpd: MRU 1500
May 9 10:21:29 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:29 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:29 dmz4 mpd: MP MRRU 1600
May 9 10:21:29 dmz4 mpd: MP SHORTSEQ
May 9 10:21:29 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:30 dmz4 mpd: [pptp] LCP: rec'd Configure Request #4 link 0 (Req-Sent)
May 9 10:21:30 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:30 dmz4 mpd: PROTOCOMP
May 9 10:21:30 dmz4 mpd: ACFCOMP
May 9 10:21:30 dmz4 mpd: CALLBACK
May 9 10:21:30 dmz4 mpd: Not supported
May 9 10:21:30 dmz4 mpd: [pptp] LCP: SendConfigRej #4
May 9 10:21:30 dmz4 mpd: CALLBACK
May 9 10:21:31 dmz4 mpd: [pptp] LCP: SendConfigReq #8
May 9 10:21:31 dmz4 mpd: ACFCOMP
May 9 10:21:31 dmz4 mpd: PROTOCOMP
May 9 10:21:31 dmz4 mpd: MRU 1500
May 9 10:21:31 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:31 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:31 dmz4 mpd: MP MRRU 1600
May 9 10:21:31 dmz4 mpd: MP SHORTSEQ
May 9 10:21:31 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:33 dmz4 mpd: [pptp] LCP: SendConfigReq #9
May 9 10:21:33 dmz4 mpd: ACFCOMP
May 9 10:21:33 dmz4 mpd: PROTOCOMP
May 9 10:21:33 dmz4 mpd: MRU 1500
May 9 10:21:33 dmz4 mpd: MAGICNUM a5aa6217
May 9 10:21:33 dmz4 mpd: AUTHPROTO CHAP MSOFTv2
May 9 10:21:33 dmz4 mpd: MP MRRU 1600
May 9 10:21:33 dmz4 mpd: MP SHORTSEQ
May 9 10:21:33 dmz4 mpd: ENDPOINTDISC [802.1] 00 05 5d 64 c6 d2
May 9 10:21:34 dmz4 mpd: [pptp] LCP: rec'd Configure Request #5 link 0 (Req-Sent)
May 9 10:21:34 dmz4 mpd: MAGICNUM 0bff7dca
May 9 10:21:34 dmz4 mpd: PROTOCOMP
May 9 10:21:34 dmz4 mpd: ACFCOMP
May 9 10:21:34 dmz4 mpd: CALLBACK
May 9 10:21:34 dmz4 mpd: Not supported
May 9 10:21:34 dmz4 mpd: [pptp] LCP: not converging
May 9 10:21:34 dmz4 mpd: [pptp] LCP: parameter negotiation failed
May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Req-Sent --> Stopped
May 9 10:21:34 dmz4 mpd: [pptp] LCP: LayerFinish
May 9 10:21:34 dmz4 mpd: [pptp] device: CLOSE event in state UP
May 9 10:21:34 dmz4 mpd: pptp0-0: clearing call
May 9 10:21:34 dmz4 mpd: pptp0-0: killing channel
May 9 10:21:34 dmz4 mpd: [pptp] PPTP call terminated
May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event
May 9 10:21:34 dmz4 mpd: [pptp] IPCP: Close event
May 9 10:21:34 dmz4 mpd: [pptp] IPCP: state change Starting --> Initial
May 9 10:21:34 dmz4 mpd: [pptp] IPCP: LayerFinish
May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event
May 9 10:21:34 dmz4 mpd: pptp0: closing connection with a.b.c.e:1046
May 9 10:21:34 dmz4 mpd: [pptp] IFACE: Close event
May 9 10:21:34 dmz4 mpd: [pptp] device is now in state CLOSING
May 9 10:21:34 dmz4 mpd: [pptp] bundle: CLOSE event in state OPENED
May 9 10:21:34 dmz4 mpd: [pptp] closing link "pptp"...
May 9 10:21:34 dmz4 mpd: [pptp] device: DOWN event in state CLOSING
May 9 10:21:34 dmz4 mpd: [pptp] device is now in state DOWN
May 9 10:21:34 dmz4 mpd: [pptp] link: CLOSE event
May 9 10:21:34 dmz4 mpd: [pptp] LCP: Close event
May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Stopped --> Closed
May 9 10:21:34 dmz4 mpd: [pptp] device: DOWN event in state DOWN
May 9 10:21:34 dmz4 mpd: [pptp] device is now in state DOWN
May 9 10:21:34 dmz4 mpd: [pptp] link: DOWN event
May 9 10:21:34 dmz4 mpd: [pptp] LCP: Down event
May 9 10:21:34 dmz4 mpd: [pptp] LCP: state change Closed --> Initial
May 9 10:21:34 dmz4 mpd: [pptp] LCP: phase shift ESTABLISH --> DEAD
May 9 10:21:34 dmz4 mpd: [pptp] link: DOWN event
May 9 10:21:34 dmz4 mpd: [pptp] LCP: Down event
May 9 10:21:34 dmz4 mpd: pptp0: killing connection with a.b.c.e:1046
[END]
note: the a.b.c.e in the last line is another public ip.
pointers to working setups, especially ones that documents the exact clients and parameters.. such as "Windows 2000 sp1, require encryption, allow chap, etc, etc" would be much appreciated..
I have tried google, it contains a lot of supposedly working scripts.. however they dont work for me..
regards
Kristian
More information about the freebsd-net
mailing list