немогу завести poptop с шифрованием mppe в debian Sarge

redils · Сообщение **redils** » 09 ноя 2005, 13:28

Очень большая просба выручите ни как немогу завести poptop с шифрованием mppe в debian Sarge.
Ядро я собрал с опциями
cd /usr/src/kernel-source-2.6.8
# make-kpkg \
--added-patches mppe \
--append-to-version -mppe \
--config oldconfig \
--initrd \
kernel_image
vmlinuz-2.6.8-mppe поставил так же kernel-patch-mppe пакет ppp 2.4.3 f pptpd 1.2.1-4 все из дистрибутива.
в качестве настроик
pptpd.conf
-----------------------------
option /etc/ppp/pptpd-options
debug
listen 62.33.91.35
localip 10.0.0.1
remoteip 10.0.0.234-238
-----------------------------
pptpd-options
-----------------------------
name pptpd
chapms-strip-domain
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 10.0.0.1
proxyarp
debug
lock
nobsdcomp

-----------------------------
chap-secrets
_______________________________
user1 pptp tywewewrm

_____________________________
в winxp создаю мастером соединение vpn
поключаюсь
пользователь user1 пароль tywewewrm
соединение не происходит вылетает ошибка(
в логах debian
Nov 1 15:36:08 gate_i pptpd[2029]: MGR: Launching /usr/sbin/pptpctrl to handle client
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: local address = 10.0.0.1
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: remote address = 10.0.0.235
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: pppd options file = /etc/ppp/pptpd-options
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Client 192.168.1.19 control connection started
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Received PPTP Control Message (type: 1)
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Made a START CTRL CONN RPLY packet
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: I wrote 156 bytes to the client.
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Sent packet to client
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Received PPTP Control Message (type: 7)
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Made a OUT CALL RPLY packet
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Starting call (launching pppd, opening GRE)
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: pty_fd = 4
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: tty_fd = 5
Nov 1 15:36:08 gate_i pptpd[2030]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Nov 1 15:36:08 gate_i pptpd[2030]: CTRL (PPPD Launcher): local address = 10.0.0.1
Nov 1 15:36:08 gate_i pptpd[2030]: CTRL (PPPD Launcher): remote address = 10.0.0.235
Nov 1 15:36:08 gate_i pppd[2030]: The remote system is required to authenticate itself
Nov 1 15:36:08 gate_i pppd[2030]: but I couldn't find any suitable secret (password) for it to use to do so.
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: I wrote 32 bytes to the client.
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Sent packet to client
Nov 1 15:36:08 gate_i pptpd[2029]: GRE: read(fd=4,buffer=804e6c0,len=8196) from PTY failed: status = -1 error = I
nput/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Reaping child PPP[2030]
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Client 192.168.1.19 control connection finished
Nov 1 15:36:08 gate_i pptpd[2029]: CTRL: Exiting now
Nov 1 15:36:08 gate_i pptpd[1902]: MGR: Reaped child 2029

Llama · Сообщение **Llama** » 09 ноя 2005, 13:35

Код: Выделить всё

Nov 1 15:36:08 gate_i pppd[2030]: The remote system is required to authenticate itself
Nov 1 15:36:08 gate_i pppd[2030]: but I couldn't find any suitable secret (password) for it to use to do so.

попробуй чтоль добавить опцию noauth в аргументы pptpd, если такая там есть...?

redils · Сообщение **redils** » 09 ноя 2005, 14:20

Llama,

после добавления
noauth
в pptpd-options
в результате получил в логах:
var/log/syslog

Nov 9 16:20:30 gate_i pptpd[7493]: MGR: Launching /usr/sbin/pptpctrl to handle client
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: local address = 10.0.0.1
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: remote address = 10.0.0.234
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: pppd options file = /etc/ppp/pptpd-options
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Client 62.148.238.82 control connection started
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Received PPTP Control Message (type: 1)
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Made a START CTRL CONN RPLY packet
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: I wrote 156 bytes to the client.
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Sent packet to client
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Received PPTP Control Message (type: 7)
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Made a OUT CALL RPLY packet
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Starting call (launching pppd, opening GRE)
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: pty_fd = 4
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: tty_fd = 5
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): local address = 10.0.0.1
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): remote address = 10.0.0.234
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: I wrote 32 bytes to the client.
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Sent packet to client
Nov 9 16:20:31 gate_i pppd[7494]: The remote system is required to authenticate itself
Nov 9 16:20:31 gate_i pppd[7494]: but I couldn't find any suitable secret (password) for it to use to do so.
Nov 9 16:20:31 gate_i pppd[7494]: (None of the available passwords would let it use an IP address.)
Nov 9 16:20:31 gate_i pptpd[7493]: GRE: read(fd=4,buffer=804e6c0,len=8196) from PTY failed: status = -1 error =
Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Reaping child PPP[7494]
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Client 62.148.238.82 control connection finished
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Exiting now
Nov 9 16:20:31 gate_i pptpd[7453]: MGR: Reaped child 7493

\var\log\debug

Nov 9 16:20:30 gate_i pptpd[7493]: MGR: Launching /usr/sbin/pptpctrl to handle client
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: local address = 10.0.0.1
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: remote address = 10.0.0.234
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: pppd options file = /etc/ppp/pptpd-options
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Received PPTP Control Message (type: 1)
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Made a START CTRL CONN RPLY packet
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: I wrote 156 bytes to the client.
Nov 9 16:20:30 gate_i pptpd[7493]: CTRL: Sent packet to client
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Received PPTP Control Message (type: 7)
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Made a OUT CALL RPLY packet
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: pty_fd = 4
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: tty_fd = 5
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): local address = 10.0.0.1
Nov 9 16:20:31 gate_i pptpd[7494]: CTRL (PPPD Launcher): remote address = 10.0.0.234
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: I wrote 32 bytes to the client.
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Sent packet to client
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Reaping child PPP[7494]
Nov 9 16:20:31 gate_i pptpd[7493]: CTRL: Exiting now
Nov 9 16:20:31 gate_i pptpd[7453]: MGR: Reaped child 7493

Llama · Сообщение **Llama** » 09 ноя 2005, 14:24

Хм, ИМХО дело все же наверное не в noauth...

Код: Выделить всё

Solution: Adjust the chap-secrets file to add an asterisk as the address, which is the fourth field.

http://pptpclient.sourceforge.net/howto ... to_auth_ip

redils · Сообщение **redils** » 09 ноя 2005, 14:27

есть еще какие нибудь идеи?:(

Llama · Сообщение **Llama** » 09 ноя 2005, 15:01

redils, * в chap-secret прописал куда нужно?

redils · Сообщение **redils** » 09 ноя 2005, 15:20

Llama,

вроде нашел в чем косяк
я изменил фаил
-----------------------------
chap-secrets
_______________________________
user1 pptp tywewewrm 62.148.238.82

добавил ip адрес и вроде все заработало .
только одна проблема я хочу иметь доступ с любой машины а не только с определенных ip(((

Llama · Сообщение **Llama** » 09 ноя 2005, 15:28

redils, надеюсь с третьего раза дойдет...

Код: Выделить всё

Solution: Adjust the chap-secrets file to add an asterisk as the address, which is the fourth field.

Что в этой цитате непонятно? Тут же четко написано _что_ надо сделать... Или это не работает?

redils · Сообщение **redils** » 09 ноя 2005, 15:44

Llama,
спасибо за help!

Llama · Сообщение **Llama** » 09 ноя 2005, 15:56

наконец-то...