|
|
|
Тема
|
 PPTP client pod FreeBSD - problemi s LCP
|
|
| Автор |
MartinT () |
| Публикувано | 27.03.04 16:35 |
|
|
Imam problem sys 3aka4aneto na FreeBSD PPTP client, pri osyshtestviavane na vry3kata se opitva da napravi LCP negotiation no ne uspiava i se ra3ka4a. 3ad ta3i mashina na FreeBSD sym probval s Linux i Windows clienti i vsi4ko si raboti, pod Windows triabva da se i3klui4at LCP extensions oba4e.
Pol3vah to3i guide 3a konfigurirane http://www.freebsddiary.org/pptp.php.
Osven tova probvah ra3li4ni opcii v /etc/ppp/ppp.conf:
vpn:
# down lcp
# disable vjcomp
# disable MSCHAPv2
# disable mppe
# enable deflate pred1
# close lcp
# lcp-echo-interval 30
# lcp-echo-request 0
# open lcp
# set openmode passive
# set openmode passive
# set stopped 3
# disable lqr
set authname username
set authkey password
set timeout 0
set ifaddr 0 0
add 192.168.0.0/16 HISADDR
# set log Phase LCP Connect tun Warning Alert
set log phase chat lcp ipcp ccp tun command
# alias enable yes
# noauth
Pol3vam FreeBSD 5.2 sys pptp-client-linux 1.3.1.
V /var/log/ppp.log se povtaria tova niakolko pyti pri opit 3a connectvane:
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Req-Sent
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Pod Debian Linux s ne patch-nato ppp (v docs pishe 4e triabva da e patch-nato 3a pptp ;-) raboti s to3i config:
/etc/ppp/chap-secrets
username peer-name password *
/etc/ppp/peers/peer-name:
# name of tunnel, used to select lines in secrets files
remotename peer-name
# name of tunnel, used to name /var/run pid file
linkname peer-name
# name of tunnel, passed to ip-up scripts
ipparam peer-name
# data stream for pppd to use
pty "pptp vpn.ip.or.hostname --nolaunchpppd "
# domain and username, used to select lines in secrets files
name username
persist
#debug dump
# do not require the server to authenticate to our client
noauth
/var/log/ppp.log:
Mar 22 00:34:52 mtb ppp[9415]: Phase: Using interface: tun0
Mar 22 00:34:52 mtb ppp[9415]: Phase: deflink: Created in closed state
Mar 22 00:34:52 mtb ppp[9415]: tun0: Phase: PPP Started (direct mode).
Mar 22 00:34:52 mtb ppp[9415]: tun0: Phase: bundle: Establish
Mar 22 00:34:52 mtb ppp[9415]: tun0: Phase: deflink: closed -> opening
Mar 22 00:34:52 mtb ppp[9415]: tun0: Phase: deflink: Connected!
Mar 22 00:34:52 mtb ppp[9415]: tun0: Phase: deflink: opening -> carrier
Mar 22 00:34:53 mtb ppp[9415]: tun0: Phase: deflink: carrier -> lcp
Mar 22 00:34:53 mtb ppp[9415]: tun0: LCP: FSM: Using "deflink" as a
transport
Mar 22 00:34:53 mtb ppp[9415]: tun0: LCP: deflink: State change Initial -->
Closed
Mar 22 00:34:53 mtb ppp[9415]: tun0: LCP: deflink: State change Closed -->
Stopped
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: deflink: LayerStart
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Stopped
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Mar 22 00:34:54 mtb ppp[9415]: tun0: LCP: deflink: State change Stopped -->
Req-Sent
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Req-Sent
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:34:57 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Req-Sent
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:35:00 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Req-Sent
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:35:03 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: deflink: SendConfigReq(1) state =
Req-Sent
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: ACFCOMP[2]
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: PROTOCOMP[2]
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: ACCMAP[6] 0x00000000
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: MRU[4] 1500
Mar 22 00:35:06 mtb ppp[9415]: tun0: LCP: MAGICNUM[6] 0xda445afa
Mar 22 00:35:09 mtb ppp[9415]: tun0: LCP: deflink: LayerFinish
Mar 22 00:35:09 mtb ppp[9415]: tun0: LCP: deflink: State change Req-Sent -->
Stopped
Mar 22 00:35:09 mtb ppp[9415]: tun0: LCP: deflink: State change Stopped -->
Closed
Mar 22 00:35:09 mtb ppp[9415]: tun0: LCP: deflink: State change Closed -->
Initial
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: deflink: Disconnected!
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: deflink: Connect time: 17 secs:
0
octets in, 260 octets out
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: deflink: 0 packets in, 5 packets
out
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: total 15 bytes/sec, peak 20
bytes/sec on Mon Mar 22 00:34:57 2004
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: deflink: lcp -> closed
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: bundle: Dead
Mar 22 00:35:09 mtb ppp[9415]: tun0: Phase: PPP Terminated (normal).
| |
|
Тема
|
Re: PPTP client pod FreeBSD - problemi s LCP
[re: MartinT]
|
|
| Автор |
MartinT () |
| Публикувано | 13.04.04 11:39 |
|
|
Problema se opravi kato probvah s mpd. Sega oba4e routing-a mi ne e dobre, niakoj ako pol3va neshto takova uspeshno i ako moje da mi prati netstat -rn pri aktiven connection shte sym mnogo blagodaren.
PS. Imate li niakakvi nabludenia keep state vyv ipfilter dali raboti dobre s GRE? Pri men neshto ne se polu4ava i triabva da sloja i pass in 3a vyrnatite paketi, tova e pri 5.2.
| |
|
Тема
|
 Re: PPTP client pod FreeBSD - problemi s LCP
[re: MartinT]
|
|
| Автор | NoN (Нерегистриран) |
| Публикувано | 14.04.04 00:32 |
|
|
Относно рутинга когато стартираш mpd - трябва да рефрешнеш firewalla -
#ipf -Fa -f /etc/"rules" , това е ако не си обявил че имаш ng0 ng1 .... , можеш да ги видиш с ifconfig , те се появяват когато стартираш mpd , и ipfilter незнае за тях и те са блокирани в зависимост от настроиките ти. трява да имаш rules и за тях- това е една доста срещана причина да не работи рутинга.
А относно GRE - нужно ти е само pass out !!! pass in - ти трябва само за 1723 tcp които е за автентикация на pptp .
| |
|
Тема
|
Re: PPTP client pod FreeBSD - problemi s LCP
[re: NoN]
|
|
| Автор |
MartinT () |
| Публикувано | 14.04.04 21:28 |
|
|
Poneje dosta sym se my4il s tova reshih 4e e naj dobre ipf -Fa samo da napisha predi da se opitam da se vyrja ;-) S 2 dumi ne se blokira ot firewalla, problema mi e 4e kernela prashta GRE paketite pre3 ng0 a ne pre3 rl0 kakto triabva da byde.
A 3a stateful firewalla imah predvid 4e imam pass out keep state i o4akvah 4e vyrnatite paketi niama da imat problemi, no se oka3va 4e ne e taka i triabva da sloja pass in proto gre. Interesuvashe me ako niakoj ima 4.x i connection trackinga raboti da kaje, a pyk ako raboti i pri 5.x oshte po dobre.
| |
|
| 
|
|
