с настройкой win клиентов никаких проблем не было
достаточно было просто отжать галочку требуеться шифрование данных
потом решили перевести нектороых клиентов под линукс
выбрали убунту
и начались пляски с бубном :'(
ну и пробуем сперва без опций связанных с mppe
либо с опцией nomppe
Код: Выделить всё
Connecting...
pppd options in effect:
debug # (from /etc/ppp/options.pptp)
nodetach # (from command line)
dump # (from /etc/ppp/options.pptp)
noauth # (from /etc/ppp/options.pptp)
name xxx # (from /etc/ppp/peers/vpninternet)
remotename PPTP # (from /etc/ppp/peers/vpninternet)
# (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd # (from /etc/ppp/peers/vpninternet)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam vpninternet # (from /etc/ppp/peers/vpninternet)
proxyarp # (from /etc/ppp/options.pptp)
usepeerdns # (from /etc/ppp/options.pptp)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
mppe-stateful # (from /etc/ppp/options.pptp)
noipx # (from /etc/ppp/options)
using channel 27
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xcdb53c64> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xcdb53c64> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0x1692aabc>]
rcvd [LCP ConfNak id=0x1 <magic 0x1692aabc>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xc687f23d> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xc687f23d> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x26a45e20>]
rcvd [LCP ConfNak id=0x2 <magic 0x26a45e20>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xe25097f8> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xe25097f8> <pcomp> <accomp>]
sent [LCP ConfNak id=0x3 <magic 0x6e6020ea>]
rcvd [LCP ConfNak id=0x3 <magic 0x6e6020ea>]
sent [LCP ConfReq id=0x4 <asyncmap 0x0> <magic 0x12d5d128> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x6c02e889> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x6c02e889> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x4 <asyncmap 0x0> <magic 0x12d5d128> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x12d5d128]
rcvd [CHAP Challenge id=0xf <4e950143c113f97b39681fd69552dc18>, name = "pptpd"]
sent [CHAP Response id=0xf <a777e115a6f5eba1822eaf53db83aedf00000000000000001c06e974f966fab818b7e5cbdfb9c9addd2ee8e838d1eaaf00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x6c02e889]
rcvd [CHAP Success id=0xf "S=D6C18475066765AB8565B19D4D242FA1F9687C0F"]
CHAP authentication succeeded
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [CCP ConfAck id=0x1]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
found interface eth0 for proxy arp
local IP address 192.168.2.86
remote IP address 10.0.0.1
primary DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 2323)
rcvd [LCP TermReq id=0x2 "Traffic limit"]
LCP terminated by peer (Traffic limit)
Connect time 0.1 minutes.
Sent 26474394 bytes, received 0 bytes.
sent [LCP TermAck id=0x2]
Script /etc/ppp/ip-up finished (pid 2323), status = 0x0
Script /etc/ppp/ip-down started (pid 2340)
Modem hangup
Connection terminated.
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 2318), status = 0x0
Waiting for 1 child processes...
script /etc/ppp/ip-down, pid 2340
Script /etc/ppp/ip-down finished (pid 2340), status = 0x0
Error :(
машинка с win с тем же аккаунтом работает на ура.
пробуем с require-mppe
+ mppe-stateful
Код: Выделить всё
pppd options in effect:
debug # (from /etc/ppp/options.pptp)
nodetach # (from command line)
dump # (from /etc/ppp/options.pptp)
noauth # (from /etc/ppp/options.pptp)
name xxx # (from /etc/ppp/peers/vpninternet)
remotename PPTP # (from /etc/ppp/peers/vpninternet)
# (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd # (from /etc/ppp/peers/vpninternet)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam vpninternet # (from /etc/ppp/peers/vpninternet)
proxyarp # (from /etc/ppp/options.pptp)
usepeerdns # (from /etc/ppp/options.pptp)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
require-mppe # (from /etc/ppp/options.pptp)
mppe-stateful # (from /etc/ppp/options.pptp)
noipx # (from /etc/ppp/options)
using channel 29
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xa0aff010> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xa0aff010> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0xf34db2f8>]
rcvd [LCP ConfNak id=0x1 <magic 0xf34db2f8>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x6ae05bc9> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x6ae05bc9> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x442d16bc>]
rcvd [LCP ConfNak id=0x2 <magic 0x442d16bc>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
sent [LCP ConfNak id=0x3 <magic 0xcd29f0e6>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x15367bb> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x15367bb> <pcomp> <accomp>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xc3335a64]
rcvd [CHAP Challenge id=0x93 <8cabe527827da8df52c8ddc99423c9c1>, name = "pptpd"]
sent [CHAP Response id=0x93 <03992bf362f2f70fa2c19e6c1293fb1200000000000000006182c287a012a4cd224dfa65952459451e3e1ec1fef8eb2d00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x15367bb]
rcvd [CHAP Success id=0x93 "S=9BBA02907DBFD836653C2D527D144C8CF87EAEBE"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP TermAck id=0x1]
rcvd [CCP ConfNak id=0x1 <mppe -H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2 <mppe -H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x2 <mppe -H -M -S -L -D -C>]
sent [CCP ConfNak id=0x2 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfAck id=0x2 <mppe -H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateful compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
found interface eth0 for proxy arp
local IP address 192.168.2.114
remote IP address 10.0.0.1
primary DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 4606)
Script /etc/ppp/ip-up finished (pid 4606), status = 0x0
rcvd [LCP TermReq id=0x2 "MPPE disabled"]
LCP terminated by peer (MPPE disabled)
Connect time 0.1 minutes.
Sent 0 bytes, received 0 bytes.
Script /etc/ppp/ip-down started (pid 4625)
sent [LCP TermAck id=0x2]
rcvd [LCP TermReq id=0x3 "MPPE disabled"]
sent [LCP TermAck id=0x3]
Modem hangup
Connection terminated.
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 4594), status = 0x0
Waiting for 1 child processes...
script /etc/ppp/ip-down, pid 4625
Script /etc/ppp/ip-down finished (pid 4625), status = 0x0
Error :(
read: 30: arg count
nomppe-128
Код: Выделить всё
Connecting...
pppd options in effect:
debug # (from /etc/ppp/options.pptp)
nodetach # (from command line)
dump # (from /etc/ppp/options.pptp)
noauth # (from /etc/ppp/options.pptp)
name xxx # (from /etc/ppp/peers/vpninternet)
remotename PPTP # (from /etc/ppp/peers/vpninternet)
# (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd # (from /etc/ppp/peers/vpninternet)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam vpninternet # (from /etc/ppp/peers/vpninternet)
proxyarp # (from /etc/ppp/options.pptp)
usepeerdns # (from /etc/ppp/options.pptp)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
nomppe-128 # (from /etc/ppp/options.pptp)
mppe-stateful # (from /etc/ppp/options.pptp)
noipx # (from /etc/ppp/options)
using channel 28
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x7750551d> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x7750551d> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0xde5e6781>]
rcvd [LCP ConfNak id=0x1 <magic 0xde5e6781>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xbf7c501e> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xbf7c501e> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x5c747ced>]
rcvd [LCP ConfNak id=0x2 <magic 0x5c747ced>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xf295e341> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x79e90b20> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x79e90b20> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x3 <asyncmap 0x0> <magic 0xf295e341> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xf295e341]
rcvd [CHAP Challenge id=0x92 <24707776b4147cf5c7215de0f2227c87>, name = "pptpd"]
sent [CHAP Response id=0x92 <52030c22d043a05116957c086b5cfaad0000000000000000c99122533e3b56f48ade8f9452413e8bbb75bb11b09a2e2c00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x79e90b20]
rcvd [CHAP Success id=0x92 "S=26394119F21B8691F8D5F5F724C0CC04B9A10D49"]
CHAP authentication succeeded
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [CCP ConfAck id=0x1]
rcvd [CCP ConfReq id=0x2 <mppe -H -M -S -L -D -C>]
sent [CCP ConfNak id=0x2 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
found interface eth0 for proxy arp
local IP address 192.168.2.206
remote IP address 10.0.0.1
primary DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 3720)
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless transmit compression enabled
Script /etc/ppp/ip-up finished (pid 3720), status = 0x0
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
Connecting successful! Close this window for disconnecting.
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
sent [CCP ConfReq id=0x2]
CCP: timeout sending Config-Requests
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 3714), status = 0x0
Modem hangup
Connect time 2.5 minutes.
Sent 33629378 bytes, received 100 bytes.
Script /etc/ppp/ip-down started (pid 4479)
Connection terminated.
Waiting for 1 child processes...
script /etc/ppp/ip-down, pid 4479
Script /etc/ppp/ip-down finished (pid 4479), status = 0x0
Disconnected :(
read: 32: arg count
CCP: timeout sending Config-Requests
и при этом еще меняеться таблица маршрутизации
зачемто добавляеться маршрут на ип pptp сервера на интерфейс ppp0
при удалении этого маршрута
сразу хангап и выход с ошибкой MPPE disabled
примерно такой конфиг
Код: Выделить всё
lock
refuse-pap //либо эти 4 опции либо require-mschap-v2
refuse-chap
refuse-mschap
refuse-eap
require-mschap-v2
nobsdcomp //на результат не влияет
nodeflate //на результат не влияет
#nomppe //с этими опциями проводились эксперименты
#nomppe-128
#nomppe-40
#require-mppe
#mppe-stateful
noipx
usepeerdns
proxyarp
#mtu 2000
#mru 2000
noauth
debug
dump
#nologfd
nodetach
#nopcomp //включение отключение не влияет
#noaccomp //включение отключение не влияет
#noipdefault //включение отключение не влияет
Код: Выделить всё
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
plugin /usr/local/lib/pppd/2.4.3/radius.so
plugin /usr/local/lib/pppd/2.4.3/radattr.so
ms-dns yy.yy.yy.yy
ms-dns xx.xx.xx.xx
proxyarp
nologfd
lock
nobsdcomp
mtu 1486
mru 1486
заранее спасибо
11