Enrique Llanos V.
2005-08-03 15:30:09 UTC
Hi all, im working on a gentoo pc as a pptp client and a debian as pptp
server, for starters i followed the directions (available here[0] and
here[1]) and patched the kernel properly, recompiled it, installed the
modules, copied the bzImage to /boot and rebooted.
Later i configured the pptp remote server and the client, some files are
here:
-On the Server Side-
#cat /etc/pptpd.conf
option /etc/ppp/pptpd-options
debug
logwtmp
localip 192.168.1.170-204
remoteip 192.168.0.4 #my local IP in the client side
#cat /etc/ppp/pptpd-options
name pptpd
domain recolsa-sa.com.pe
auth
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
#cat /etc/ppp/chap-secrets
recolsa-sa.com.pe\\USERNAME * USER_PASS *
# lsmod | grep ppp
ppp_async 11648 0
crc_ccitt 2144 1 ppp_async
ppp_mppe 14016 0
ppp_generic 30292 2 ppp_async,ppp_mppe
slhc 7488 1 ppp_generic
-On the Client Side-
#cat /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
#cat /etc/ppp/options.pptpd
lock
noauth
nobsdcomp
nodeflate
require-mppe
mtu 1000
mru 1000
lcp-echo-failure 10
lcp-echo-interval 10
#cat /etc/ppp/chap-secrets
recolsa-sa.com.pe\\USERNAME recolsa USER_PASS *
#cat /etc/ppp/peers/recolsa
pty "pptp xxx.yyy.zzz.www --nolaunchpppd"
#I set here --^ the Public IP of RECOLSA
name USERNAME
require-mschap-v2
remotename recolsa
file /etc/ppp/options.recolsa
ipparam recolsa
#lsmod | grep ppp
ppp_mppe_mppc 16004 0
ppp_async 10624 0
crc_ccitt 2816 1 ppp_async
ppp_generic 26900 2 ppp_mppe_mppc,ppp_async
slhc 7552 1 ppp_generic
-----
Now i proceed to try to connect to the VPN server
On the client side: (when i dont start the pptpd service)
# pon recolsa debug dump logfd 2 nodetach
/usr/sbin/pppd: In file /etc/ppp/options.recolsa: unrecognized option
'require-mppe'
Then i comment-out the 'require-mppe' line in /etc/ppp/options.recolsa
#pon recolsa debug dump logfd 2 nodetach
pppd options in effect:
debug # (from command line)
nodetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/options.recolsa)
name usuario1 # (from /etc/ppp/peers/recolsa)
remotename recolsa # (from /etc/ppp/peers/recolsa)
# (from /etc/ppp/options.recolsa)
pty pptp xxx.yyy.zzz.www --nolaunchpppd # (from /etc/ppp/peers/recolsa)
mru 1000 # (from /etc/ppp/options.recolsa)
mtu 1000 # (from /etc/ppp/options.recolsa)
lcp-echo-failure 10 # (from /etc/ppp/options.recolsa)
lcp-echo-interval 10 # (from /etc/ppp/options.recolsa)
ipparam recolsa # (from /etc/ppp/peers/recolsa)
nobsdcomp # (from /etc/ppp/options.recolsa)
nodeflate # (from /etc/ppp/options.recolsa)
using channel 18
Using interface ppp0
Connect: ppp0 <--> /dev/pts/12
sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0x6606a876>
<pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xecff7ee7> <pcomp> <accomp>]
No auth is possible
sent [LCP ConfRej id=0x1 <auth chap MS-v2>]
rcvd [LCP ConfAck id=0x1 <mru 1000> <asyncmap 0x0> <magic 0x6606a876>
<pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xecff7ee7> <pcomp>
<accomp>]
sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0xecff7ee7> <pcomp>
<accomp>]
sent [LCP EchoReq id=0x0 magic=0x6606a876]
sent [CCP ConfReq id=0x1 <mppe -H -M -S -L -D +C>]
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.0.4>]
rcvd [LCP EchoReq id=0x0 magic=0xecff7ee7]
sent [LCP EchoRep id=0x0 magic=0x6606a876]
rcvd [LCP TermReq id=0x3 "peer refused to authenticate"]
LCP terminated by peer (peer refused to authenticate)
sent [LCP TermAck id=0x3]
Modem hangup
Connection terminated.
Waiting for 1 child processes...
script pptp xxx.yyy.zzz.www --nolaunchpppd, pid 15079
Script pptp xxx.yyy.zzz.www --nolaunchpppd finished (pid 15079), status
= 0x0
-----
And when i start the pptpd service in the Client Side, the results are
almost the same.
Well my question here is? Is any configuration file wrong? or is it my
kernel configuration?, i need to solve this and i cant find a solution
by googling, please i will really appreciate your assistance.
Best Regards.
Enrique
Lima-Peru
[0]http://gentoo-wiki.com/HOWTO_Set_up_a_vpn_client_with_mppe_encryption
[1]http://poptop.sourceforge.net/dox/debian-howto.phtml
server, for starters i followed the directions (available here[0] and
here[1]) and patched the kernel properly, recompiled it, installed the
modules, copied the bzImage to /boot and rebooted.
Later i configured the pptp remote server and the client, some files are
here:
-On the Server Side-
#cat /etc/pptpd.conf
option /etc/ppp/pptpd-options
debug
logwtmp
localip 192.168.1.170-204
remoteip 192.168.0.4 #my local IP in the client side
#cat /etc/ppp/pptpd-options
name pptpd
domain recolsa-sa.com.pe
auth
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
#cat /etc/ppp/chap-secrets
recolsa-sa.com.pe\\USERNAME * USER_PASS *
# lsmod | grep ppp
ppp_async 11648 0
crc_ccitt 2144 1 ppp_async
ppp_mppe 14016 0
ppp_generic 30292 2 ppp_async,ppp_mppe
slhc 7488 1 ppp_generic
-On the Client Side-
#cat /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
#cat /etc/ppp/options.pptpd
lock
noauth
nobsdcomp
nodeflate
require-mppe
mtu 1000
mru 1000
lcp-echo-failure 10
lcp-echo-interval 10
#cat /etc/ppp/chap-secrets
recolsa-sa.com.pe\\USERNAME recolsa USER_PASS *
#cat /etc/ppp/peers/recolsa
pty "pptp xxx.yyy.zzz.www --nolaunchpppd"
#I set here --^ the Public IP of RECOLSA
name USERNAME
require-mschap-v2
remotename recolsa
file /etc/ppp/options.recolsa
ipparam recolsa
#lsmod | grep ppp
ppp_mppe_mppc 16004 0
ppp_async 10624 0
crc_ccitt 2816 1 ppp_async
ppp_generic 26900 2 ppp_mppe_mppc,ppp_async
slhc 7552 1 ppp_generic
-----
Now i proceed to try to connect to the VPN server
On the client side: (when i dont start the pptpd service)
# pon recolsa debug dump logfd 2 nodetach
/usr/sbin/pppd: In file /etc/ppp/options.recolsa: unrecognized option
'require-mppe'
Then i comment-out the 'require-mppe' line in /etc/ppp/options.recolsa
#pon recolsa debug dump logfd 2 nodetach
pppd options in effect:
debug # (from command line)
nodetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/options.recolsa)
name usuario1 # (from /etc/ppp/peers/recolsa)
remotename recolsa # (from /etc/ppp/peers/recolsa)
# (from /etc/ppp/options.recolsa)
pty pptp xxx.yyy.zzz.www --nolaunchpppd # (from /etc/ppp/peers/recolsa)
mru 1000 # (from /etc/ppp/options.recolsa)
mtu 1000 # (from /etc/ppp/options.recolsa)
lcp-echo-failure 10 # (from /etc/ppp/options.recolsa)
lcp-echo-interval 10 # (from /etc/ppp/options.recolsa)
ipparam recolsa # (from /etc/ppp/peers/recolsa)
nobsdcomp # (from /etc/ppp/options.recolsa)
nodeflate # (from /etc/ppp/options.recolsa)
using channel 18
Using interface ppp0
Connect: ppp0 <--> /dev/pts/12
sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0x6606a876>
<pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
0xecff7ee7> <pcomp> <accomp>]
No auth is possible
sent [LCP ConfRej id=0x1 <auth chap MS-v2>]
rcvd [LCP ConfAck id=0x1 <mru 1000> <asyncmap 0x0> <magic 0x6606a876>
<pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xecff7ee7> <pcomp>
<accomp>]
sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0xecff7ee7> <pcomp>
<accomp>]
sent [LCP EchoReq id=0x0 magic=0x6606a876]
sent [CCP ConfReq id=0x1 <mppe -H -M -S -L -D +C>]
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.0.4>]
rcvd [LCP EchoReq id=0x0 magic=0xecff7ee7]
sent [LCP EchoRep id=0x0 magic=0x6606a876]
rcvd [LCP TermReq id=0x3 "peer refused to authenticate"]
LCP terminated by peer (peer refused to authenticate)
sent [LCP TermAck id=0x3]
Modem hangup
Connection terminated.
Waiting for 1 child processes...
script pptp xxx.yyy.zzz.www --nolaunchpppd, pid 15079
Script pptp xxx.yyy.zzz.www --nolaunchpppd finished (pid 15079), status
= 0x0
-----
And when i start the pptpd service in the Client Side, the results are
almost the same.
Well my question here is? Is any configuration file wrong? or is it my
kernel configuration?, i need to solve this and i cant find a solution
by googling, please i will really appreciate your assistance.
Best Regards.
Enrique
Lima-Peru
[0]http://gentoo-wiki.com/HOWTO_Set_up_a_vpn_client_with_mppe_encryption
[1]http://poptop.sourceforge.net/dox/debian-howto.phtml