[Comm] Re: PPTP + freeradius
Alexey S. Kuznetsov
=?iso-8859-1?q?buster_=CE=C1_vostok=2Enet=2Eua?=
Пн Июн 14 15:38:07 MSD 2004
Hello Konstantin,
Monday, June 14, 2004, 1:52:18 PM, you wrote:
KAL> Hi Alexey!
KAL> Ага, а freeradius ждет chap digest. Попробуйте либо задействовать
KAL> mschap-v2 плагин (либо собрать FR с его поддержкой), либо отключите на
KAL> стороне клиента mschap, потавив жестко тип авторизации CHAP
Попробовал:
# cat /etc/ppp/options.pptpd
lock
debug
name pptpd
noauth
proxyarp
asyncmap 0
-pap
+chap
-mschap
-mschap-v2
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
ms-dns xxx.xxx.xxx.xxx
plugin radius.so
в radiusd.conf убрал все mschap. Рестартовал радиус, попытка
подключения:
Jun 14 14:27:31 bigbox pptpd[7095]: CTRL: Client 192.168.2.5 control connection started
Jun 14 14:27:31 bigbox pptpd[7095]: CTRL: Starting call (launching pppd, opening GRE)
Jun 14 14:27:31 bigbox pppd[7096]: Plugin radius.so loaded.
Jun 14 14:27:31 bigbox pppd[7096]: RADIUS plugin initialized.
Jun 14 14:27:31 bigbox pppd[7096]: pppd 2.4.2 started by buster, uid 0
Jun 14 14:27:31 bigbox pptpd[7095]: GRE: Discarding duplicate packet
Jun 14 14:27:31 bigbox pppd[7096]: Using interface ppp0
Jun 14 14:27:31 bigbox pppd[7096]: Connect: ppp0 <--> /dev/pts/1
Jun 14 14:27:31 bigbox pptpd[7095]: GRE: Bad checksum from pppd.
Jun 14 14:27:33 bigbox pptpd[7095]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Jun 14 14:27:38 bigbox pppd[7096]: rc_check_reply: received invalid reply digest from RADIUS server
Jun 14 14:27:38 bigbox pppd[7096]: Peer buster failed CHAP authentication
Jun 14 14:27:38 bigbox pppd[7096]: Connection terminated.
Jun 14 14:27:38 bigbox pptpd[7095]: CTRL: Client 192.168.2.5 control connection finished
Jun 14 14:27:38 bigbox pppd[7096]: Terminating on signal 2.
Jun 14 14:27:38 bigbox pppd[7096]: Exit.
потом меняю всё обратно, ставлю в настройках клиента MS-CHAPv2:
Jun 14 14:34:21 bigbox pptpd[7579]: CTRL: Client 192.168.2.5 control connection
started
Jun 14 14:34:21 bigbox pptpd[7579]: CTRL: Starting call (launching pppd, opening
GRE)
Jun 14 14:34:21 bigbox pppd[7580]: Plugin radius.so loaded.
Jun 14 14:34:21 bigbox pppd[7580]: RADIUS plugin initialized.
Jun 14 14:34:21 bigbox pptpd[7579]: GRE: Discarding duplicate packet
Jun 14 14:34:21 bigbox pppd[7580]: pppd 2.4.2 started by buster, uid 0
Jun 14 14:34:21 bigbox pppd[7580]: Using interface ppp0
Jun 14 14:34:21 bigbox pppd[7580]: Connect: ppp0 <--> /dev/pts/1
Jun 14 14:34:21 bigbox pptpd[7579]: GRE: Bad checksum from pppd.
Jun 14 14:34:23 bigbox pptpd[7579]: CTRL: Ignored a SET LINK INFO packet with re
al ACCMs!
Jun 14 14:34:28 bigbox pppd[7580]: Peer buster failed CHAP authentication
Jun 14 14:34:28 bigbox pppd[7580]: Connection terminated.
Jun 14 14:34:28 bigbox pptpd[7579]: CTRL: Client 192.168.2.5 control connection
finished
Jun 14 14:34:28 bigbox pppd[7580]: Terminating on signal 2.
Jun 14 14:34:28 bigbox pppd[7580]: Exit.
Ставлю в настройках клиента просто CHAP, и пароль ставлю абсолютно
произвольный! (при том, что в options.pptpd
-chap
+mschap-v2)
Jun 14 14:36:04 bigbox pptpd[7654]: CTRL: Client 192.168.2.5 control connection
started
Jun 14 14:36:04 bigbox pptpd[7654]: CTRL: Starting call (launching pppd, opening
GRE)
Jun 14 14:36:04 bigbox pppd[7655]: Plugin radius.so loaded.
Jun 14 14:36:04 bigbox pppd[7655]: RADIUS plugin initialized.
Jun 14 14:36:04 bigbox pppd[7655]: pppd 2.4.2 started by buster, uid 0
Jun 14 14:36:04 bigbox pptpd[7654]: GRE: Discarding duplicate packet
Jun 14 14:36:04 bigbox pppd[7655]: Using interface ppp0
Jun 14 14:36:04 bigbox pppd[7655]: Connect: ppp0 <--> /dev/pts/1
Jun 14 14:36:04 bigbox pptpd[7654]: GRE: Bad checksum from pppd.
Jun 14 14:36:06 bigbox pppd[7655]: peer refused to authenticate: terminating lin
k
Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: Ignored a SET LINK INFO packet with re
al ACCMs!
Jun 14 14:36:06 bigbox pppd[7655]: Connection terminated.
Jun 14 14:36:06 bigbox pppd[7655]: Exit.
Jun 14 14:36:06 bigbox pptpd[7654]: GRE: read(fd=5,buffer=804e6e0,len=8196) from
PTY failed: status = -1 error = Input/output error
Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: PTY read or GRE write failed (pty,gre)
=(5,6)
Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: Client 192.168.2.5 control connection
finished
а в Windows XP написало, выдало ошибку уже когда было: Registering
your computer in network. т.е. как я понял фаза авторизации
прошла.....что-то не так.
--
Sincerely,
Alexey S. Kuznetsov
AK2351-RIPE
Подробная информация о списке рассылки community