Date: 28 Apr 2002 14:34:32 +0300 From: Ralf Folkerts <ralf.folkerts@epost.de> To: freebsd-questions@freebsd.org Subject: MPD-(PPTP) Config Problem... Message-ID: <1019993672.321.68.camel@beastie.home.folkerts-net.de>
next in thread | raw e-mail | index | archive | help
Hi, I'd like to access "my" Company's Net through a VPN from my FreeBSD box. However, I was unable to configure mpd (and pptp) to work.I then tried from my Win-Box - and it worked (so there must a be a way to configure mpd to get it to work, too). In a "short" Overview: I have a small Network @ home (10.0.0.0/24) and access the IN through a DSL-Router (10.0.0.254/32 local, a.b.c.d/32 as assigned by ISP,. remote). The company's internal Network is on address 192.168.1.0/24. The company's VPN-Router can be reached via Internet at address "c.o.m.p" It will assign ne an address 192.168.7.101/32 which, however, is fix for my Login-Name. FreeBSD is 4.5STABLE, mpd is mpd-3.7. I tried with several Configs, but either MPD won't connect at all, or it will connect and I also can ping the remote machines but not e.g. telnet to them (which works fine from my Win-machine, so it shouldn't be a Routing Problem of the Server's of the Company) or it does establish a link but then produces errors. Here is my "latest" config that produces the last symptom (connects but the produces errors). ---<<<mpd.conf>>>--- default: load vpn vpn: new -i ng0 vpn vpn set iface disable on-demand set iface addrs 192.168.7.101 c.o.m.p set iface idle 0 set iface route 192.168.1.0/24 set bundle disable multilink set bundle authname "abc" set link yes acfcomp protocomp set link disable pap chap set link accept chap # If remote machine is NT you need this.. set link enable no-orig-auth set link keep-alive 10 75 set ipcp yes vjcomp set ipcp ranges 192.168.7.101/32 c.o.m.p/32 set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless open ---<<</mpd.conf>>>--- ---<<<mpd.links>>>--- vpn: set link type pptp set pptp self 192.168.7.101 set pptp peer c.o.m.p set pptp disable incoming set pptp enable originate outcall ---<<</mpd.links>>> ---<<<mpd.log>>>--- beastie:root#mpd Multi-link PPP for FreeBSD, by Archie L. Cobbs. Based on iij-ppp, by Toshiharu OHNO. mpd: pid 668, version 3.7 (root@freebsd.home.folkerts-net.de 17:43 18-Apr-2002) [vpn] ppp node is "mpd668-vpn" [vpn] using interface ng0 [vpn] IFACE: Open event [vpn] IPCP: Open event [vpn] IPCP: state change Initial --> Starting [vpn] IPCP: LayerStart [vpn:vpn] [vpn] bundle: OPEN event in state CLOSED [vpn] opening link "vpn"... [vpn] link: OPEN event [vpn] LCP: Open event [vpn] LCP: state change Initial --> Starting [vpn] LCP: LayerStart [vpn] device: OPEN event in state DOWN pptp0: connecting to c.o.m.p:1723 [vpn] device is now in state OPENING pptp0: connected to c.o.m.p:1723 pptp0: attached to connection with c.o.m.p:1723 pptp0-0: outgoing call connected at 64000 bps [vpn] PPTP call successful [vpn] device: UP event in state OPENING [vpn] device is now in state UP [vpn] link: UP event [vpn] link: origination is local [vpn] LCP: Up event [vpn] LCP: state change Starting --> Req-Sent [vpn] LCP: phase shift DEAD --> ESTABLISH [vpn] LCP: SendConfigReq #1 ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 12345678 [vpn] rec'd unknown ctrl message, cookie=942710669 cmd=4 [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent) MRU 1524 AUTHPROTO CHAP MD5 MAGICNUM 12345678 PROTOCOMP ACFCOMP [vpn] LCP: SendConfigAck #1 MRU 1524 AUTHPROTO CHAP MD5 MAGICNUM 12345678 PROTOCOMP ACFCOMP [vpn] LCP: state change Req-Sent --> Ack-Sent [vpn] LCP: rec'd Configure Ack #1 link 0 (Ack-Sent) ACFCOMP PROTOCOMP MRU 1500 MAGICNUM 12345678 [vpn] LCP: state change Ack-Sent --> Opened [vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE [vpn] LCP: auth: peer wants CHAP, I want nothing [vpn] LCP: LayerUp [vpn] CHAP: rec'd CHALLENGE #1 Name: "company" Using authname "abc" [vpn] CHAP: sending RESPONSE [vpn] CHAP: rec'd SUCCESS #1 [vpn] LCP: authorization successful [vpn] LCP: phase shift AUTHENTICATE --> NETWORK [vpn] up: 1 link, total bandwidth 64000 bps [vpn] IPCP: Up event [vpn] IPCP: state change Starting --> Req-Sent [vpn] IPCP: SendConfigReq #1 IPADDR 192.168.7.101 COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] CCP: Open event [vpn] CCP: state change Initial --> Starting [vpn] CCP: LayerStart [vpn] CCP: Up event [vpn] CCP: state change Starting --> Req-Sent [vpn] CCP: SendConfigReq #1 MPPC 0x01000060: MPPE, 40 bit, 128 bit, stateless [vpn] CCP: rec'd Configure Request #1 link 0 (Req-Sent) MPPC 0x00000020: MPPE, 40 bit [vpn] CCP: SendConfigAck #1 MPPC 0x00000020: MPPE, 40 bit [vpn] CCP: state change Req-Sent --> Ack-Sent [vpn] IPCP: rec'd Configure Request #1 link 0 (Req-Sent) IPADDR c.o.m.p Same as PPTP IP; would cause routing loop NAKing with c.o.m.p [vpn] IPCP: SendConfigNak #1 IPADDR c.o.m.p [vpn] IPCP: rec'd Configure Reject #1 link 0 (Req-Sent) COMPPROTO VJCOMP, 16 comp. channels, no comp-cid [vpn] IPCP: SendConfigReq #2 IPADDR 192.168.7.101 [vpn] CCP: SendConfigReq #2 MPPC 0x01000060: MPPE, 40 bit, 128 bit, stateless [vpn] IPCP: rec'd Configure Ack #2 link 0 (Req-Sent) IPADDR 192.168.7.101 [vpn] IPCP: state change Req-Sent --> Ack-Rcvd [vpn] CCP: rec'd Configure Nak #2 link 0 (Ack-Sent) MPPC 0x00000020: MPPE, 40 bit [vpn] CCP: SendConfigReq #3 MPPC 0x00000020: MPPE, 40 bit [vpn] CCP: rec'd Configure Ack #3 link 0 (Ack-Sent) MPPC 0x00000020: MPPE, 40 bit [vpn] CCP: state change Ack-Sent --> Opened [vpn] CCP: LayerUp [vpn] "accept chap" required for MPPE [vpn] can't determine credentials for MPPE [vpn] CCP: failed to negotiate required encryption [vpn] CCP: Close event [vpn] CCP: state change Opened --> Closing [vpn] CCP: SendTerminateReq #4 [vpn] CCP: LayerDown [vpn] CCP: state change Closing --> Closed [vpn] CCP: LayerFinish [vpn] "accept chap" required for MPPE [vpn] can't determine credentials for MPPE [vpn] CCP: failed to negotiate required encryption [vpn] CCP: Close event [vpn] CCP: LayerFinish Compress using: MPPE, 40 bit Decompress using: MPPE, 40 bit [vpn] CCP: rec'd Terminate Ack #4 link 0 (Closed) [vpn] CCP: rec'd Configure Request #2 link 0 (Closed) [vpn] CCP: SendTerminateAck #5 [vpn] IPCP: rec'd Configure Request #2 link 0 (Ack-Rcvd) IPADDR c.o.m.p Same as PPTP IP; would cause routing loop NAKing with c.o.m.p [vpn] IPCP: SendConfigNak #2 IPADDR c.o.m.p [vpn] IPCP: rec'd Configure Request #3 link 0 (Ack-Rcvd) [vpn] IPCP: SendConfigAck #3 [vpn] IPCP: state change Ack-Rcvd --> Opened [vpn] IPCP: LayerUp 192.168.7.101 -> c.o.m.p [vpn] IFACE: Up event [vpn] exec: /sbin/ifconfig ng0 192.168.7.101 c.o.m.p netmask 0xffffffff -link0 [vpn] exec: /sbin/route add 192.168.1.0 c.o.m.p -netmask 0xffffff00 [vpn] IFACE: Up event ---<<</mpd.log>>>--- When I try to ping a Server I get (I put the DNS-Zone for "company.lan" on my local DNS!): ---<<<>>>--- beastie:mpd#ping test.company.lan PING test.company.lan (192.168.1.9): 56 data bytes ping: sendto: Resource deadlock avoided ping: sendto: Resource deadlock avoided ping: sendto: No buffer space available ping: sendto: No buffer space available ping: sendto: No buffer space available ping: sendto: No buffer space available ---<<</>>>--- Could someone out there please put me on the right track?? I first assumed my NATting router be a problem, but as my Win-Box establishes the pptp-Link w/o any problems (I can ping and telnet and ftp to all Servers I tried) I hope hat this should not be the problem?! Would be great if someone could help me with this! Regards, _ralf_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1019993672.321.68.camel>