John Horne
2003-01-29 11:04:01 UTC
Hello,
I am suddenly getting errors on our vpn servers which show:
Jan 29 11:31:52 barney pppd[1386]: pppd 2.4.2b1 started by root, uid 0
Jan 29 11:31:52 barney pppd[1386]: Connect: ppp0 <--> /dev/pts/1
Jan 29 11:31:52 barney pptpd[1385]: GRE: Bad checksum from pppd.
Jan 29 11:31:54 barney pptpd[1385]: CTRL: Ignored a SET LINK INFO packet
with real ACCMs!
Jan 29 11:31:54 barney pppd[1386]: rc_get_seqnbr: fscanf failure:
/var/run/radius.seq
Jan 29 11:31:55 barney pppd[1386]: MPPE required, but keys are not
available. Possible plugin problem?
Jan 29 11:31:55 barney pppd[1386]: CHAP peer authentication succeeded for
Jan 29 11:31:55 barney pppd[1386]: Modem hangup
Jan 29 11:31:55 barney pppd[1386]: Connection terminated.
Jan 29 11:31:55 barney pptpd[721]: MGR: No free connection slots or IPs -
no more clients can connect!
Jan 29 11:31:55 barney pppd[1390]: pppd 2.4.2b1 started by root, uid 0
Jan 29 11:31:55 barney pppd[1390]: Connect: ppp0 <--> /dev/pts/1
Jan 29 11:31:55 barney pptpd[1389]: GRE: Bad checksum from pppd.
Jan 29 11:31:55 barney pptpd[1389]: GRE: Discarding duplicate packet
Jan 29 11:31:58 barney pptpd[1389]: CTRL: Ignored a SET LINK INFO packet
with real ACCMs!
Jan 29 11:31:58 barney pppd[1390]: MPPE required, but keys are not
available. Possible plugin problem?
Jan 29 11:31:58 barney pppd[1390]: CHAP peer authentication succeeded for
Jan 29 11:31:58 barney pppd[1390]: Modem hangup
Jan 29 11:31:58 barney pppd[1390]: Connection terminated.
I tried rebooting the server but it made no difference. The important bits
seem to be that MPPE states that the keys are not available; MGR then states
that there are no free connection slots. I then repeats the process - I
assume this was the Windows 2K client either restarting the connection?
The servers worked fine the night before - see my previous message about GRE
problems. However, the only change is that for these connection atempts we
are using the pppd radius plugin, which talks to an MS IAS server. However,
I can see the radius request being handled and accepted. As indicated above
the authentication succeeds. If I use an account name/password from the
chap-secrets file then all goes okay and no 'MPPE' errors. The IAS server
shows the radius request arriving and the reply being sent back - so I don't
think that is in itself part of the problem.
Anyone any ideas about this? I'll investigate further - obviously since we
need this to authenticate our users! - but I'm a bit confused as to the
connection between using radius and the MPPE keys!? Also the radius server
seems to send the authentication request of to the IAS server twice - no
idea why.
Thanks,
John.
------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: ***@plymouth.ac.uk
PGP key available from public key servers
I am suddenly getting errors on our vpn servers which show:
Jan 29 11:31:52 barney pppd[1386]: pppd 2.4.2b1 started by root, uid 0
Jan 29 11:31:52 barney pppd[1386]: Connect: ppp0 <--> /dev/pts/1
Jan 29 11:31:52 barney pptpd[1385]: GRE: Bad checksum from pppd.
Jan 29 11:31:54 barney pptpd[1385]: CTRL: Ignored a SET LINK INFO packet
with real ACCMs!
Jan 29 11:31:54 barney pppd[1386]: rc_get_seqnbr: fscanf failure:
/var/run/radius.seq
Jan 29 11:31:55 barney pppd[1386]: MPPE required, but keys are not
available. Possible plugin problem?
Jan 29 11:31:55 barney pppd[1386]: CHAP peer authentication succeeded for
Jan 29 11:31:55 barney pppd[1386]: Modem hangup
Jan 29 11:31:55 barney pppd[1386]: Connection terminated.
Jan 29 11:31:55 barney pptpd[721]: MGR: No free connection slots or IPs -
no more clients can connect!
Jan 29 11:31:55 barney pppd[1390]: pppd 2.4.2b1 started by root, uid 0
Jan 29 11:31:55 barney pppd[1390]: Connect: ppp0 <--> /dev/pts/1
Jan 29 11:31:55 barney pptpd[1389]: GRE: Bad checksum from pppd.
Jan 29 11:31:55 barney pptpd[1389]: GRE: Discarding duplicate packet
Jan 29 11:31:58 barney pptpd[1389]: CTRL: Ignored a SET LINK INFO packet
with real ACCMs!
Jan 29 11:31:58 barney pppd[1390]: MPPE required, but keys are not
available. Possible plugin problem?
Jan 29 11:31:58 barney pppd[1390]: CHAP peer authentication succeeded for
Jan 29 11:31:58 barney pppd[1390]: Modem hangup
Jan 29 11:31:58 barney pppd[1390]: Connection terminated.
I tried rebooting the server but it made no difference. The important bits
seem to be that MPPE states that the keys are not available; MGR then states
that there are no free connection slots. I then repeats the process - I
assume this was the Windows 2K client either restarting the connection?
The servers worked fine the night before - see my previous message about GRE
problems. However, the only change is that for these connection atempts we
are using the pppd radius plugin, which talks to an MS IAS server. However,
I can see the radius request being handled and accepted. As indicated above
the authentication succeeds. If I use an account name/password from the
chap-secrets file then all goes okay and no 'MPPE' errors. The IAS server
shows the radius request arriving and the reply being sent back - so I don't
think that is in itself part of the problem.
Anyone any ideas about this? I'll investigate further - obviously since we
need this to authenticate our users! - but I'm a bit confused as to the
connection between using radius and the MPPE keys!? Also the radius server
seems to send the authentication request of to the IAS server twice - no
idea why.
Thanks,
John.
------------------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: ***@plymouth.ac.uk
PGP key available from public key servers