pptp клиент

Установка, настройка, поддержка
Ответить
wazzup
Сообщения: 11
Зарегистрирован: Вт ноя 28, 2006 8:29 am

pptp клиент

Сообщение wazzup » Пт июн 01, 2007 9:07 am

уже   почти год работает  pptp  сервер    под  линус

с настройкой  win клиентов никаких проблем не  было
достаточно  было  просто  отжать  галочку  требуеться  шифрование  данных

потом решили перевести нектороых    клиентов  под  линукс
выбрали   убунту
и начались пляски  с бубном :'(
ну    и  пробуем  сперва без   опций  связанных с mppe
либо  с опцией nomppe

Код: Выделить всё

Connecting...
pppd options in effect:
debug           # (from /etc/ppp/options.pptp)
nodetach                # (from command line)
dump            # (from /etc/ppp/options.pptp)
noauth          # (from /etc/ppp/options.pptp)
name xxx                # (from /etc/ppp/peers/vpninternet)
remotename PPTP         # (from /etc/ppp/peers/vpninternet)
                # (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd                # (from /etc/ppp/peers/vpninternet)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam vpninternet             # (from /etc/ppp/peers/vpninternet)
proxyarp                # (from /etc/ppp/options.pptp)
usepeerdns              # (from /etc/ppp/options.pptp)
nobsdcomp               # (from /etc/ppp/options.pptp)
nodeflate               # (from /etc/ppp/options.pptp)
mppe-stateful           # (from /etc/ppp/options.pptp)
noipx           # (from /etc/ppp/options)
using channel 27
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xcdb53c64> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xcdb53c64> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0x1692aabc>]
rcvd [LCP ConfNak id=0x1 <magic 0x1692aabc>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xc687f23d> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xc687f23d> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x26a45e20>]
rcvd [LCP ConfNak id=0x2 <magic 0x26a45e20>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xe25097f8> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xe25097f8> <pcomp> <accomp>]
sent [LCP ConfNak id=0x3 <magic 0x6e6020ea>]
rcvd [LCP ConfNak id=0x3 <magic 0x6e6020ea>]
sent [LCP ConfReq id=0x4 <asyncmap 0x0> <magic 0x12d5d128> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x6c02e889> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x6c02e889> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x4 <asyncmap 0x0> <magic 0x12d5d128> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x12d5d128]
rcvd [CHAP Challenge id=0xf <4e950143c113f97b39681fd69552dc18>, name = "pptpd"]
sent [CHAP Response id=0xf <a777e115a6f5eba1822eaf53db83aedf00000000000000001c06e974f966fab818b7e5cbdfb9c9addd2ee8e838d1eaaf00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x6c02e889]
rcvd [CHAP Success id=0xf "S=D6C18475066765AB8565B19D4D242FA1F9687C0F"]
CHAP authentication succeeded
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [CCP ConfAck id=0x1]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.86> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
found interface eth0 for proxy arp
local  IP address 192.168.2.86
remote IP address 10.0.0.1
primary   DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 2323)
rcvd [LCP TermReq id=0x2 "Traffic limit"]
LCP terminated by peer (Traffic limit)
Connect time 0.1 minutes.
Sent 26474394 bytes, received 0 bytes.
sent [LCP TermAck id=0x2]
Script /etc/ppp/ip-up finished (pid 2323), status = 0x0
Script /etc/ppp/ip-down started (pid 2340)
Modem hangup
Connection terminated.
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 2318), status = 0x0
Waiting for 1 child processes...
  script /etc/ppp/ip-down, pid 2340
Script /etc/ppp/ip-down finished (pid 2340), status = 0x0
Error :(
откуда  тут  трафик лимит не понятно ::)
машинка  с  win    с  тем  же  аккаунтом  работает на  ура.


пробуем  с require-mppe
+ mppe-stateful

Код: Выделить всё

pppd options in effect:
debug           # (from /etc/ppp/options.pptp)
nodetach                # (from command line)
dump            # (from /etc/ppp/options.pptp)
noauth          # (from /etc/ppp/options.pptp)
name xxx                # (from /etc/ppp/peers/vpninternet)
remotename PPTP         # (from /etc/ppp/peers/vpninternet)
                # (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd                # (from /etc/ppp/peers/vpninternet)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam vpninternet             # (from /etc/ppp/peers/vpninternet)
proxyarp                # (from /etc/ppp/options.pptp)
usepeerdns              # (from /etc/ppp/options.pptp)
nobsdcomp               # (from /etc/ppp/options.pptp)
nodeflate               # (from /etc/ppp/options.pptp)
require-mppe            # (from /etc/ppp/options.pptp)
mppe-stateful           # (from /etc/ppp/options.pptp)
noipx           # (from /etc/ppp/options)
using channel 29
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xa0aff010> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xa0aff010> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0xf34db2f8>]
rcvd [LCP ConfNak id=0x1 <magic 0xf34db2f8>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x6ae05bc9> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x6ae05bc9> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x442d16bc>]
rcvd [LCP ConfNak id=0x2 <magic 0x442d16bc>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
sent [LCP ConfNak id=0x3 <magic 0xcd29f0e6>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x15367bb> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x15367bb> <pcomp> <accomp>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x3 <asyncmap 0x0> <magic 0xc3335a64> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xc3335a64]
rcvd [CHAP Challenge id=0x93 <8cabe527827da8df52c8ddc99423c9c1>, name = "pptpd"]
sent [CHAP Response id=0x93 <03992bf362f2f70fa2c19e6c1293fb1200000000000000006182c287a012a4cd224dfa65952459451e3e1ec1fef8eb2d00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x15367bb]
rcvd [CHAP Success id=0x93 "S=9BBA02907DBFD836653C2D527D144C8CF87EAEBE"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP TermAck id=0x1]
rcvd [CCP ConfNak id=0x1 <mppe -H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2 <mppe -H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x2 <mppe -H -M -S -L -D -C>]
sent [CCP ConfNak id=0x2 <mppe +H -M +S +L -D -C>]
rcvd [CCP ConfAck id=0x2 <mppe -H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateful compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.114> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
found interface eth0 for proxy arp
local  IP address 192.168.2.114
remote IP address 10.0.0.1
primary   DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 4606)
Script /etc/ppp/ip-up finished (pid 4606), status = 0x0
rcvd [LCP TermReq id=0x2 "MPPE disabled"]
LCP terminated by peer (MPPE disabled)
Connect time 0.1 minutes.
Sent 0 bytes, received 0 bytes.
Script /etc/ppp/ip-down started (pid 4625)
sent [LCP TermAck id=0x2]
rcvd [LCP TermReq id=0x3 "MPPE disabled"]
sent [LCP TermAck id=0x3]
Modem hangup
Connection terminated.
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 4594), status = 0x0
Waiting for 1 child processes...
  script /etc/ppp/ip-down, pid 4625
Script /etc/ppp/ip-down finished (pid 4625), status = 0x0
Error :(
read: 30: arg count
и  уже  совсем  странно  с опцией 
nomppe-128

Код: Выделить всё

Connecting...
pppd options in effect:
debug           # (from /etc/ppp/options.pptp)
nodetach                # (from command line)
dump            # (from /etc/ppp/options.pptp)
noauth          # (from /etc/ppp/options.pptp)
name xxx                # (from /etc/ppp/peers/vpninternet)
remotename PPTP         # (from /etc/ppp/peers/vpninternet)
                # (from /etc/ppp/options.pptp)
pty pptp 10.0.0.1 --nolaunchpppd                # (from /etc/ppp/peers/vpninternet)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam vpninternet             # (from /etc/ppp/peers/vpninternet)
proxyarp                # (from /etc/ppp/options.pptp)
usepeerdns              # (from /etc/ppp/options.pptp)
nobsdcomp               # (from /etc/ppp/options.pptp)
nodeflate               # (from /etc/ppp/options.pptp)
nomppe-128              # (from /etc/ppp/options.pptp)
mppe-stateful           # (from /etc/ppp/options.pptp)
noipx           # (from /etc/ppp/options)
using channel 28
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x7750551d> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x7750551d> <pcomp> <accomp>]
sent [LCP ConfNak id=0x1 <magic 0xde5e6781>]
rcvd [LCP ConfNak id=0x1 <magic 0xde5e6781>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xbf7c501e> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xbf7c501e> <pcomp> <accomp>]
sent [LCP ConfNak id=0x2 <magic 0x5c747ced>]
rcvd [LCP ConfNak id=0x2 <magic 0x5c747ced>]
sent [LCP ConfReq id=0x3 <asyncmap 0x0> <magic 0xf295e341> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x79e90b20> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1486> <asyncmap 0x0> <auth chap MS-v2> <magic 0x79e90b20> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x3 <asyncmap 0x0> <magic 0xf295e341> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xf295e341]
rcvd [CHAP Challenge id=0x92 <24707776b4147cf5c7215de0f2227c87>, name = "pptpd"]
sent [CHAP Response id=0x92 <52030c22d043a05116957c086b5cfaad0000000000000000c99122533e3b56f48ade8f9452413e8bbb75bb11b09a2e2c00>, name = "xxx"]
rcvd [LCP EchoRep id=0x0 magic=0x79e90b20]
rcvd [CHAP Success id=0x92 "S=26394119F21B8691F8D5F5F724C0CC04B9A10D49"]
CHAP authentication succeeded
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <mppe -H -M -S -L -D -C> <deflate 15> <deflate(old#) 15>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <deflate 15> <deflate(old#) 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 10.0.0.1>]
rcvd [IPCP ConfNak id=0x1 <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
rcvd [CCP ConfAck id=0x1]
rcvd [CCP ConfReq id=0x2 <mppe -H -M -S -L -D -C>]
sent [CCP ConfNak id=0x2 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.2.206> <ms-dns1 yy.yy.yy.yy> <ms-dns3 xx.xx.xx.xx>]
found interface eth0 for proxy arp
local  IP address 192.168.2.206
remote IP address 10.0.0.1
primary   DNS address yy.yy.yy.yy
secondary DNS address xx.xx.xx.xx
Script /etc/ppp/ip-up started (pid 3720)
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless transmit compression enabled
Script /etc/ppp/ip-up finished (pid 3720), status = 0x0
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
Connecting successful! Close this window for disconnecting.
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
rcvd [CCP ConfReq id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x3 <mppe +H -M +S -L -D -C>]
sent [CCP ConfReq id=0x2]
sent [CCP ConfReq id=0x2]
CCP: timeout sending Config-Requests
Script pptp 10.0.0.1 --nolaunchpppd finished (pid 3714), status = 0x0
Modem hangup
Connect time 2.5 minutes.
Sent 33629378 bytes, received 100 bytes.
Script /etc/ppp/ip-down started (pid 4479)
Connection terminated.
Waiting for 1 child processes...
  script /etc/ppp/ip-down, pid 4479
Script /etc/ppp/ip-down finished (pid 4479), status = 0x0
Disconnected :(
read: 32: arg count
здесь   содединение  держиться около двух  минут    после  сообщения
CCP: timeout sending Config-Requests
и   при этом  еще  меняеться  таблица  маршрутизации
зачемто   добавляеться    маршрут  на ип pptp  сервера  на  интерфейс  ppp0
при   удалении   этого маршрута   
сразу  хангап  и выход  с ошибкой   MPPE disabled


примерно такой  конфиг

Код: Выделить всё

lock 
refuse-pap    //либо  эти  4  опции  либо  require-mschap-v2
refuse-chap
refuse-mschap
refuse-eap
require-mschap-v2
nobsdcomp      //на результат   не  влияет
nodeflate         //на  результат не  влияет 

#nomppe    //с этими  опциями проводились  эксперименты
#nomppe-128  
#nomppe-40
#require-mppe 
#mppe-stateful	

noipx		
usepeerdns
proxyarp
#mtu 2000
#mru 2000
noauth
debug
dump
#nologfd   
nodetach
#nopcomp   //включение отключение не  влияет
#noaccomp //включение отключение не  влияет
#noipdefault //включение отключение не  влияет
конфиг  сервера

Код: Выделить всё

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
plugin /usr/local/lib/pppd/2.4.3/radius.so
plugin /usr/local/lib/pppd/2.4.3/radattr.so
ms-dns yy.yy.yy.yy
ms-dns xx.xx.xx.xx

proxyarp
nologfd
lock
nobsdcomp 
mtu 1486
mru 1486
вот  написал    поосоветуйте  куда  копать  ::)
заранее  спасибо

11

Eugene
Сообщения: 27
Зарегистрирован: Пн июл 17, 2006 9:26 am
Контактная информация:

Сообщение Eugene » Сб июн 02, 2007 9:23 am

работает на freebsd с таким конфигом

default:
set log Phase Chat tun command LCP IPCP CCP
ident user-ppp VERSION (built COMPILATIONDATE)
set timeout 30

vpn:
set authname user
set authkey ****
set timeout 0
set ifaddr 0 0
add default HISADDR
set mtu 1400
set mru 1400
disable MSCHAPv2
disable MSCHAP


проверка из крона каждые х минут
(если соединение разорвалось и не поднялось)
айпи-адрес клиента в биллинге статический 192.168.7.23
айпи сервера 192.168.1.1

#!/bin/sh

/sbin/ifconfig |grep 192.168.7.23

if [ $? -ne 0 ]
then
cat /var/run/tun0.pid
if [ $? -ne 0 ]
then
/usr/local/sbin/pptp 192.168.1.1 vpn &
logger VPN restarted
fi
fi

Ответить