forum.opennet.ru

Составление сообщения

Исходное сообщение

"Проблемы с клиентом PPTP к VPN-серверу на FreeBSD"
Отправлено Донат, 25-Июн-05 10:42

Конфиг - минимальная доработка дефультного
(не привожу links - не скопировал)
пустых строк следует избегать!
Посмотри, что mpd  говорит после загрузки - если что-то string too long - trancated - еще раз проверь на пустые (вот у меня говорит не в начале, что напрягает)
default:
    load vpn
pptp:
    new -i ng0 pptp pptp
    set iface disable on-demand
    set iface enable proxy-arp
    set iface idle 1800
    set iface enable tcpmssfix
    set bundle enable multilink
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
#    set bundle enable tcp-wrapper
# use RADIUS servers
#    load radius
    set link yes acfcomp protocomp
    set link no pap chap
    set link enable chap
    set link keep-alive 10 60
    set link mtu 1460
    set ipcp yes vjcomp
    set ipcp ranges 192.168.1.1/32 192.168.1.50/32
    set ipcp dns 192.168.1.3
    set ipcp nbns 192.168.1.4
#
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
#
    set bundle enable compression
    set ccp yes mppc
    set ccp yes mpp-e40
    set ccp yes mpp-e128
    set ccp yes mpp-stateless
vpn:
    new -i ng1 vpn vpn
    set iface disable on-demand
    set iface addrs 192.168.1.1 192.168.2.1
    set iface idle 0
# disconnect the client after 8 hours
    set iface session 28800
    set iface route 192.168.3.0/24
    set bundle disable multilink
    set bundle authname "user"
    set bundle password "12345"
    set link yes acfcomp protocomp
    set link no pap
    set link yes chap
    set link mtu 1460
# If remote machine is NT you need this..
    set link enable no-orig-auth
    set link keep-alive 10 75
    set ipcp yes vjcomp
    set ipcp ranges 192.168.1.1/32 192.168.2.1/32
#
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
#
    set bundle enable compression
    set ccp yes mppc
    set ccp yes mpp-e40
    set ccp yes mpp-e128
    set bundle enable crypt-reqd
#    set ccp yes mpp-stateless
    open

Обещанный лог от mpd
Jun 24 17:00:07 mobile mpd: mpd: pid 1104, version 3.18 (root@mobile 14:01 23-Jun-2005)
Jun 24 17:00:07 mobile mpd: [vpn] ppp node is "mpd1104-vpn"
Jun 24 17:00:07 mobile mpd: mpd: local IP address for PPTP is 0.0.0.0
Jun 24 17:00:07 mobile mpd: [vpn] using interface ng1
Jun 24 17:00:07 mobile mpd: [vpn] IFACE: Open event
Jun 24 17:00:07 mobile mpd: [vpn] IPCP: Open event
Jun 24 17:00:07 mobile mpd: [vpn] IPCP: state change Initial --> Starting
Jun 24 17:00:07 mobile mpd: [vpn] IPCP: LayerStart
Jun 24 17:00:07 mobile mpd: [vpn] bundle: OPEN event in state CLOSED
Jun 24 17:00:07 mobile mpd: [vpn] opening link "vpn"...
Jun 24 17:00:07 mobile mpd: [vpn] link: OPEN event
Jun 24 17:00:07 mobile mpd: [vpn] LCP: Open event
Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Initial --> Starting
Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerStart
Jun 24 17:00:07 mobile mpd: [vpn] device: OPEN event in state DOWN
Jun 24 17:00:07 mobile mpd: pptp0: connecting to 192.168.3.1:1723
Jun 24 17:00:07 mobile mpd: [vpn] device is now in state OPENING
Jun 24 17:00:07 mobile mpd: pptp0: connected to 192.168.3.1:1723
Jun 24 17:00:07 mobile mpd: pptp0: attached to connection with 192.168.3.1:1723
Jun 24 17:00:07 mobile mpd: pptp0-0: outgoing call connected at 64000 bps
Jun 24 17:00:07 mobile mpd: [vpn] PPTP call successful
Jun 24 17:00:07 mobile mpd: [vpn] device: UP event in state OPENING
Jun 24 17:00:07 mobile mpd: [vpn] device is now in state UP
Jun 24 17:00:07 mobile mpd: [vpn] link: UP event
Jun 24 17:00:07 mobile mpd: [vpn] link: origination is local
Jun 24 17:00:07 mobile mpd: [vpn] LCP: Up event
Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Starting --> Req-Sent
Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift DEAD --> ESTABLISH
Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigReq #1
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  MRU 1500
Jun 24 17:00:07 mobile mpd:  MAGICNUM 7c460800
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  MRU 1500
Jun 24 17:00:07 mobile mpd:  MAGICNUM 7c460800
Jun 24 17:00:07 mobile mpd:    Same magic! Detected loopback condition
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigNak #1
Jun 24 17:00:07 mobile mpd:  MAGICNUM 83b9f7ff
Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Nak #1 link 0 (Req-Sent)
Jun 24 17:00:07 mobile mpd:  MAGICNUM 83b9f7ff
Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigReq #2
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  MRU 1500
Jun 24 17:00:07 mobile mpd:  MAGICNUM 7cc58950
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent)
Jun 24 17:00:07 mobile mpd:  ACCMAP 0x00000000
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd:  MAGICNUM 8c39c310
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigAck #1
Jun 24 17:00:07 mobile mpd:  ACCMAP 0x00000000
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd:  MAGICNUM 8c39c310
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Req-Sent --> Ack-Sent
Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Ack #2 link 0 (Ack-Sent)
Jun 24 17:00:07 mobile mpd:  ACFCOMP
Jun 24 17:00:07 mobile mpd:  PROTOCOMP
Jun 24 17:00:07 mobile mpd:  MRU 1500
Jun 24 17:00:07 mobile mpd:  MAGICNUM 7cc58950
Jun 24 17:00:07 mobile mpd:  AUTHPROTO CHAP MSOFTv2
Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Ack-Sent --> Opened
Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE
Jun 24 17:00:07 mobile mpd: [vpn] LCP: auth: peer wants CHAP, I want CHAP
Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending CHALLENGE
Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerUp
Jun 24 17:00:07 mobile mpd: [vpn] CHAP: rec'd CHALLENGE #149
Jun 24 17:00:07 mobile mpd:  Name: "vhost"
Jun 24 17:00:07 mobile mpd:  Using authname "user"
Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending RESPONSE
Jun 24 17:00:07 mobile mpd: [vpn] CHAP: rec'd RESPONSE #1
Jun 24 17:00:07 mobile mpd:  Name: "vhost"
Jun 24 17:00:07 mobile mpd:  Peer name: "vhost"
Jun 24 17:00:07 mobile mpd: mpd: warning: line too long, truncated
Jun 24 17:00:07 mobile mpd:  Can't get credentials for "vhost"
Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending FAILURE
Jun 24 17:00:07 mobile mpd: [vpn] LCP: authorization failed
Jun 24 17:00:07 mobile mpd: [vpn] device: CLOSE event in state UP
Jun 24 17:00:07 mobile mpd: pptp0-0: clearing call
Jun 24 17:00:07 mobile mpd: [vpn] device is now in state CLOSING
Jun 24 17:00:07 mobile mpd: [vpn] device: DOWN event in state CLOSING
Jun 24 17:00:07 mobile mpd: [vpn] device is now in state DOWN
Jun 24 17:00:07 mobile mpd: [vpn] link: DOWN event
Jun 24 17:00:07 mobile mpd: [vpn] LCP: Down event
Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Opened --> Starting
Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift AUTHENTICATE --> DEAD
Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerDown
Jun 24 17:00:07 mobile mpd: [vpn] device: OPEN event in state DOWN
Jun 24 17:00:07 mobile mpd: [vpn] pausing 9 seconds before open
Jun 24 17:00:07 mobile mpd: [vpn] device is now in state DOWN
Jun 24 17:00:07 mobile mpd: pptp0: ctrl connection closed by peer
Jun 24 17:00:07 mobile mpd: pptp0: killing connection with 192.168.3.1:1723
Jun 24 17:00:07 mobile mpd: pptp0-0: killing channel
Напомню, что по pptp проверку пароля проходит нормально...

Исходное сообщение
"Проблемы с клиентом PPTP к VPN-серверу на FreeBSD" Отправлено Донат, 25-Июн-05 10:42
Конфиг - минимальная доработка дефультного (не привожу links - не скопировал) пустых строк следует избегать! Посмотри, что mpd говорит после загрузки - если что-то string too long - trancated - еще раз проверь на пустые (вот у меня говорит не в начале, что напрягает) default: load vpn pptp: new -i ng0 pptp pptp set iface disable on-demand set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set bundle enable multilink # enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients # set bundle enable tcp-wrapper # use RADIUS servers # load radius set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set link mtu 1460 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.1.50/32 set ipcp dns 192.168.1.3 set ipcp nbns 192.168.1.4 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set ccp yes mpp-stateless vpn: new -i ng1 vpn vpn set iface disable on-demand set iface addrs 192.168.1.1 192.168.2.1 set iface idle 0 # disconnect the client after 8 hours set iface session 28800 set iface route 192.168.3.0/24 set bundle disable multilink set bundle authname "user" set bundle password "12345" set link yes acfcomp protocomp set link no pap set link yes chap set link mtu 1460 # If remote machine is NT you need this.. set link enable no-orig-auth set link keep-alive 10 75 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.2.1/32 # # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. # set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd # set ccp yes mpp-stateless open Обещанный лог от mpd Jun 24 17:00:07 mobile mpd: mpd: pid 1104, version 3.18 (root@mobile 14:01 23-Jun-2005) Jun 24 17:00:07 mobile mpd: [vpn] ppp node is "mpd1104-vpn" Jun 24 17:00:07 mobile mpd: mpd: local IP address for PPTP is 0.0.0.0 Jun 24 17:00:07 mobile mpd: [vpn] using interface ng1 Jun 24 17:00:07 mobile mpd: [vpn] IFACE: Open event Jun 24 17:00:07 mobile mpd: [vpn] IPCP: Open event Jun 24 17:00:07 mobile mpd: [vpn] IPCP: state change Initial --> Starting Jun 24 17:00:07 mobile mpd: [vpn] IPCP: LayerStart Jun 24 17:00:07 mobile mpd: [vpn] bundle: OPEN event in state CLOSED Jun 24 17:00:07 mobile mpd: [vpn] opening link "vpn"... Jun 24 17:00:07 mobile mpd: [vpn] link: OPEN event Jun 24 17:00:07 mobile mpd: [vpn] LCP: Open event Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Initial --> Starting Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerStart Jun 24 17:00:07 mobile mpd: [vpn] device: OPEN event in state DOWN Jun 24 17:00:07 mobile mpd: pptp0: connecting to 192.168.3.1:1723 Jun 24 17:00:07 mobile mpd: [vpn] device is now in state OPENING Jun 24 17:00:07 mobile mpd: pptp0: connected to 192.168.3.1:1723 Jun 24 17:00:07 mobile mpd: pptp0: attached to connection with 192.168.3.1:1723 Jun 24 17:00:07 mobile mpd: pptp0-0: outgoing call connected at 64000 bps Jun 24 17:00:07 mobile mpd: [vpn] PPTP call successful Jun 24 17:00:07 mobile mpd: [vpn] device: UP event in state OPENING Jun 24 17:00:07 mobile mpd: [vpn] device is now in state UP Jun 24 17:00:07 mobile mpd: [vpn] link: UP event Jun 24 17:00:07 mobile mpd: [vpn] link: origination is local Jun 24 17:00:07 mobile mpd: [vpn] LCP: Up event Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Starting --> Req-Sent Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift DEAD --> ESTABLISH Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigReq #1 Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: MRU 1500 Jun 24 17:00:07 mobile mpd: MAGICNUM 7c460800 Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent) Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: MRU 1500 Jun 24 17:00:07 mobile mpd: MAGICNUM 7c460800 Jun 24 17:00:07 mobile mpd: Same magic! Detected loopback condition Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigNak #1 Jun 24 17:00:07 mobile mpd: MAGICNUM 83b9f7ff Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Nak #1 link 0 (Req-Sent) Jun 24 17:00:07 mobile mpd: MAGICNUM 83b9f7ff Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigReq #2 Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: MRU 1500 Jun 24 17:00:07 mobile mpd: MAGICNUM 7cc58950 Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Request #1 link 0 (Req-Sent) Jun 24 17:00:07 mobile mpd: ACCMAP 0x00000000 Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: MAGICNUM 8c39c310 Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: [vpn] LCP: SendConfigAck #1 Jun 24 17:00:07 mobile mpd: ACCMAP 0x00000000 Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: MAGICNUM 8c39c310 Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Req-Sent --> Ack-Sent Jun 24 17:00:07 mobile mpd: [vpn] LCP: rec'd Configure Ack #2 link 0 (Ack-Sent) Jun 24 17:00:07 mobile mpd: ACFCOMP Jun 24 17:00:07 mobile mpd: PROTOCOMP Jun 24 17:00:07 mobile mpd: MRU 1500 Jun 24 17:00:07 mobile mpd: MAGICNUM 7cc58950 Jun 24 17:00:07 mobile mpd: AUTHPROTO CHAP MSOFTv2 Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Ack-Sent --> Opened Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE Jun 24 17:00:07 mobile mpd: [vpn] LCP: auth: peer wants CHAP, I want CHAP Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending CHALLENGE Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerUp Jun 24 17:00:07 mobile mpd: [vpn] CHAP: rec'd CHALLENGE #149 Jun 24 17:00:07 mobile mpd: Name: "vhost" Jun 24 17:00:07 mobile mpd: Using authname "user" Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending RESPONSE Jun 24 17:00:07 mobile mpd: [vpn] CHAP: rec'd RESPONSE #1 Jun 24 17:00:07 mobile mpd: Name: "vhost" Jun 24 17:00:07 mobile mpd: Peer name: "vhost" Jun 24 17:00:07 mobile mpd: mpd: warning: line too long, truncated Jun 24 17:00:07 mobile mpd: Can't get credentials for "vhost" Jun 24 17:00:07 mobile mpd: [vpn] CHAP: sending FAILURE Jun 24 17:00:07 mobile mpd: [vpn] LCP: authorization failed Jun 24 17:00:07 mobile mpd: [vpn] device: CLOSE event in state UP Jun 24 17:00:07 mobile mpd: pptp0-0: clearing call Jun 24 17:00:07 mobile mpd: [vpn] device is now in state CLOSING Jun 24 17:00:07 mobile mpd: [vpn] device: DOWN event in state CLOSING Jun 24 17:00:07 mobile mpd: [vpn] device is now in state DOWN Jun 24 17:00:07 mobile mpd: [vpn] link: DOWN event Jun 24 17:00:07 mobile mpd: [vpn] LCP: Down event Jun 24 17:00:07 mobile mpd: [vpn] LCP: state change Opened --> Starting Jun 24 17:00:07 mobile mpd: [vpn] LCP: phase shift AUTHENTICATE --> DEAD Jun 24 17:00:07 mobile mpd: [vpn] LCP: LayerDown Jun 24 17:00:07 mobile mpd: [vpn] device: OPEN event in state DOWN Jun 24 17:00:07 mobile mpd: [vpn] pausing 9 seconds before open Jun 24 17:00:07 mobile mpd: [vpn] device is now in state DOWN Jun 24 17:00:07 mobile mpd: pptp0: ctrl connection closed by peer Jun 24 17:00:07 mobile mpd: pptp0: killing connection with 192.168.3.1:1723 Jun 24 17:00:07 mobile mpd: pptp0-0: killing channel Напомню, что по pptp проверку пароля проходит нормально...

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

На сайте действует частичное премодерирование - после публикации некоторые сообщения от анонимов могут автоматически скрываться ботом. После проверки модератором ошибочно скрытые сообщения раскрываются. Для ускорения раскрытия можно воспользоваться ссылкой "Сообщить модератору", указав в качестве причины обращения "скрыто по ошибке".

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру