From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Mon, 14 Jun 2004 14:38:07 +0300 From: "Alexey S. Kuznetsov" X-Priority: 3 (Normal) Message-ID: <835081874.20040614143807@vostok.net.ua> To: "Konstantin A. Lepikhov" Subject: Re: [Comm] Re: PPTP + freeradius In-Reply-To: <20040614105218.GA13037@lks.home> References: <40CD4F60.4070700@vostok.net.ua> <20040614080204.GA4689@lks.home> <40CD6512.4030007@vostok.net.ua> <20040614093204.GA9416@lks.home> <40CD7F15.8070208@vostok.net.ua> <20040614105218.GA13037@lks.home> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.5 Precedence: list Reply-To: community@altlinux.ru List-Id: Mailing list for ALT Linux users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jun 2004 11:37:28 -0000 Archived-At: List-Archive: List-Post: Hello Konstantin, Monday, June 14, 2004, 1:52:18 PM, you wrote: KAL> Hi Alexey! KAL> Ага, а freeradius ждет chap digest. Попробуйте либо задействовать KAL> mschap-v2 плагин (либо собрать FR с его поддержкой), либо отключите на KAL> стороне клиента mschap, потавив жестко тип авторизации CHAP Попробовал: # cat /etc/ppp/options.pptpd lock debug name pptpd noauth proxyarp asyncmap 0 -pap +chap -mschap -mschap-v2 lcp-echo-failure 30 lcp-echo-interval 5 ipcp-accept-local ipcp-accept-remote ms-dns xxx.xxx.xxx.xxx plugin radius.so в radiusd.conf убрал все mschap. Рестартовал радиус, попытка подключения: Jun 14 14:27:31 bigbox pptpd[7095]: CTRL: Client 192.168.2.5 control connection started Jun 14 14:27:31 bigbox pptpd[7095]: CTRL: Starting call (launching pppd, opening GRE) Jun 14 14:27:31 bigbox pppd[7096]: Plugin radius.so loaded. Jun 14 14:27:31 bigbox pppd[7096]: RADIUS plugin initialized. Jun 14 14:27:31 bigbox pppd[7096]: pppd 2.4.2 started by buster, uid 0 Jun 14 14:27:31 bigbox pptpd[7095]: GRE: Discarding duplicate packet Jun 14 14:27:31 bigbox pppd[7096]: Using interface ppp0 Jun 14 14:27:31 bigbox pppd[7096]: Connect: ppp0 <--> /dev/pts/1 Jun 14 14:27:31 bigbox pptpd[7095]: GRE: Bad checksum from pppd. Jun 14 14:27:33 bigbox pptpd[7095]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Jun 14 14:27:38 bigbox pppd[7096]: rc_check_reply: received invalid reply digest from RADIUS server Jun 14 14:27:38 bigbox pppd[7096]: Peer buster failed CHAP authentication Jun 14 14:27:38 bigbox pppd[7096]: Connection terminated. Jun 14 14:27:38 bigbox pptpd[7095]: CTRL: Client 192.168.2.5 control connection finished Jun 14 14:27:38 bigbox pppd[7096]: Terminating on signal 2. Jun 14 14:27:38 bigbox pppd[7096]: Exit. потом меняю всё обратно, ставлю в настройках клиента MS-CHAPv2: Jun 14 14:34:21 bigbox pptpd[7579]: CTRL: Client 192.168.2.5 control connection started Jun 14 14:34:21 bigbox pptpd[7579]: CTRL: Starting call (launching pppd, opening GRE) Jun 14 14:34:21 bigbox pppd[7580]: Plugin radius.so loaded. Jun 14 14:34:21 bigbox pppd[7580]: RADIUS plugin initialized. Jun 14 14:34:21 bigbox pptpd[7579]: GRE: Discarding duplicate packet Jun 14 14:34:21 bigbox pppd[7580]: pppd 2.4.2 started by buster, uid 0 Jun 14 14:34:21 bigbox pppd[7580]: Using interface ppp0 Jun 14 14:34:21 bigbox pppd[7580]: Connect: ppp0 <--> /dev/pts/1 Jun 14 14:34:21 bigbox pptpd[7579]: GRE: Bad checksum from pppd. Jun 14 14:34:23 bigbox pptpd[7579]: CTRL: Ignored a SET LINK INFO packet with re al ACCMs! Jun 14 14:34:28 bigbox pppd[7580]: Peer buster failed CHAP authentication Jun 14 14:34:28 bigbox pppd[7580]: Connection terminated. Jun 14 14:34:28 bigbox pptpd[7579]: CTRL: Client 192.168.2.5 control connection finished Jun 14 14:34:28 bigbox pppd[7580]: Terminating on signal 2. Jun 14 14:34:28 bigbox pppd[7580]: Exit. Ставлю в настройках клиента просто CHAP, и пароль ставлю абсолютно произвольный! (при том, что в options.pptpd -chap +mschap-v2) Jun 14 14:36:04 bigbox pptpd[7654]: CTRL: Client 192.168.2.5 control connection started Jun 14 14:36:04 bigbox pptpd[7654]: CTRL: Starting call (launching pppd, opening GRE) Jun 14 14:36:04 bigbox pppd[7655]: Plugin radius.so loaded. Jun 14 14:36:04 bigbox pppd[7655]: RADIUS plugin initialized. Jun 14 14:36:04 bigbox pppd[7655]: pppd 2.4.2 started by buster, uid 0 Jun 14 14:36:04 bigbox pptpd[7654]: GRE: Discarding duplicate packet Jun 14 14:36:04 bigbox pppd[7655]: Using interface ppp0 Jun 14 14:36:04 bigbox pppd[7655]: Connect: ppp0 <--> /dev/pts/1 Jun 14 14:36:04 bigbox pptpd[7654]: GRE: Bad checksum from pppd. Jun 14 14:36:06 bigbox pppd[7655]: peer refused to authenticate: terminating lin k Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: Ignored a SET LINK INFO packet with re al ACCMs! Jun 14 14:36:06 bigbox pppd[7655]: Connection terminated. Jun 14 14:36:06 bigbox pppd[7655]: Exit. Jun 14 14:36:06 bigbox pptpd[7654]: GRE: read(fd=5,buffer=804e6e0,len=8196) from PTY failed: status = -1 error = Input/output error Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: PTY read or GRE write failed (pty,gre) =(5,6) Jun 14 14:36:06 bigbox pptpd[7654]: CTRL: Client 192.168.2.5 control connection finished а в Windows XP написало, выдало ошибку уже когда было: Registering your computer in network. т.е. как я понял фаза авторизации прошла.....что-то не так. -- Sincerely, Alexey S. Kuznetsov AK2351-RIPE