From owner-freebsd-net Fri May 24 17: 8:27 2002 Delivered-To: freebsd-net@freebsd.org Received: from scotty.masternet.it (scotty.masternet.it [194.184.65.2]) by hub.freebsd.org (Postfix) with SMTP id 0546437B400 for ; Fri, 24 May 2002 17:08:21 -0700 (PDT) Received: from usul.scotty.masternet.it [194.184.65.139] by scotty.masternet.it with ESMTP (SMTPD32-4.03) id A526B50098; Fri, 24 May 2002 20:23:34 +03d00 Message-Id: <5.1.1.2.2.20020524202247.02722e98@194.184.65.4> X-Sender: gmarco@194.184.65.7 X-Mailer: QUALCOMM Windows Eudora Version 5.1.1.3 (Beta) Date: Fri, 24 May 2002 20:22:52 +0200 To: net@freebsd.org From: Gianmarco Giovannelli Subject: mpd: pptp server Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I am trying to implement a small vpn solutions with mpd as pptp server and pptpclient from home to office. I have setup also in other implementations and it works fine, but I need for this situations pptp server... The office is connected directly to the net, while at home I am using user ppp and a PPPoE connection. The situations is this one: Home : 10.254.254.1/24 pptpclient from the ports. Office: 192.168.0.1/24 , 194.243.20.91 real ip , mpd as pptp server This is the config for the mpd - pptp server: --- mpd.links --- pptp: set link type pptp set pptp self 194.243.20.91 set pptp enable incoming set pptp disable originate --- mpd.conf --- pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp ranges 192.168.0.1/32 192.168.0.70/32 set ipcp dns 192.168.0.1 set bundle enable compression set ccp yes mppc set ccp no mpp-e40 set ccp yes mpp-e128 set ccp no mpp-stateless --- mpd.secret --- mylogin "mypwd" For the pptpclient I have added to my ppp.conf the following lines: --- ppp.conf --- vpn-pptp-cof: set authname mylogin set authkey mypwd set timeout 0 set ifaddr 0 0 add 192.168.0.1/24 HISADDR # alias enable yes I run on the server: mpd pptp and on the client: pptp 194.243.20.91 vpn-pptp-cof where 194.243.20.91 is the real ip of the server (like in the links section). I think the connections is fine because... On the CLIENT: a new tun device (the tun0 is the user ppp with the PPPoE on the DSL cable) is created on the client side with the requested ip address: tun1: flags=8051 mtu 1498 inet 192.168.0.70 --> 192.168.0.1 netmask 0xffffff00 Opened by PID 2152 and the appropriate routing added: 192.168.0 192.168.0.1 UGSc 0 0 tun1 192.168.0.1 192.168.0.70 UH 1 3 tun1 On the SERVER: ng0: flags=88d1 mtu 1496 inet 192.168.0.1 --> 192.168.0.70 netmask 0xffffffff the netstat -rn: [...] 192.168.0.70 192.168.0.1 UH 0 3 ng0 192.168.0.70 00:10:5a:dc:21:f6 UHLS2 0 0 xl1 But when I try to use a ping I receive: [...] [pptp] IPCP: state change Ack-Rcvd --> Opened [pptp] IPCP: LayerUp 192.168.0.1 -> 192.168.0.70 [pptp] IFACE: Up event [pptp] exec: /sbin/ifconfig ng0 192.168.0.1 192.168.0.70 netmask 0xffffffff -link0 [pptp] exec: /usr/sbin/arp -s 192.168.0.70 0:10:5a:dc:21:f6 pub [pptp] IFACE: Up event [pptp] CCP: rec'd Configure Request #3 link 0 (Ack-Rcvd) MPPC 0x00000040: MPPE, 128 bit [pptp] CCP: SendConfigAck #3 MPPC 0x00000040: MPPE, 128 bit [pptp] CCP: state change Ack-Rcvd --> Opened [pptp] CCP: LayerUp Compress using: MPPE, 128 bit Decompress using: MPPE, 128 bit [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) [pptp] LCP: protocol 0x2145 was rejected [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) [pptp] LCP: protocol 0x2145 was rejected [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) [pptp] LCP: protocol 0x2145 was rejected and on the client: ppp[2152]: tun1: IPCP: IPADDR[6] 192.168.0.70 ppp[2152]: tun1: IPCP: COMPPROTO[6] 16 VJ slots with slot compression ppp[2152]: tun1: CCP: deflink: RecvConfigNak(2) state = Ack-Sent ppp[2152]: tun1: CCP: MPPE[6] value 0x00000040 (128 bits, stateful) ppp[2152]: tun1: CCP: deflink: SendConfigReq(3) state = Ack-Sent ppp[2152]: tun1: CCP: MPPE[6] value 0x00000040 (128 bits, stateful) ppp[2152]: tun1: IPCP: deflink: RecvConfigAck(2) state = Ack-Sent ppp[2152]: tun1: IPCP: deflink: State change Ack-Sent --> Opened ppp[2152]: tun1: IPCP: deflink: LayerUp. ppp[2152]: tun1: IPCP: myaddr 192.168.0.70 hisaddr = 192.168.0.1 ppp[2152]: tun1: CCP: deflink: RecvConfigAck(3) state = Ack-Sent ppp[2152]: tun1: CCP: deflink: State change Ack-Sent --> Opened ppp[2152]: tun1: CCP: deflink: LayerUp. ppp[2152]: tun1: CCP: MPPE: Input channel initiated ppp[2152]: tun1: CCP: MPPE: Output channel initiated ppp[2152]: tun1: CCP: deflink: Out = MPPE[18], In = MPPE[18] ppp[2152]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) with the ssh from the client to the server I got: ppp[2152]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) last message repeated 9 times ppp[2152]: tun1: Phase: Unknown protocol 0x2145 (unrecognised protocol) ppp[2152]: tun1: Phase: deflink: HDLC errors -> FCS: 0, ADDR: 0, COMD: 0, PROTO: 11 and [pptp] LCP: protocol 0x2145 was rejected [pptp] LCP: bad length: says 0, rec'd 65 [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) [pptp] LCP: protocol 0x2145 was rejected [pptp] LCP: bad length: says 174, rec'd 65 [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) [pptp] LCP: protocol 0x2145 was rejected [pptp] LCP: rec'd Protocol Reject #2 link 0 (Opened) and so on... I tried to reverse the client server hosts, so mpd behind user ppp and pptpclient alone, but I get the same results. I have to say I have tried only with pptpclient from the ports not from any windows implementation... Any idea ? Thanks to all for attention... Best Regards, Gianmarco Giovannelli , "Unix expert since yesterday" http://www.gufi.org/~gmarco To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message