[prev in list] [next in list] [prev in thread] [next in thread]
List: poptop-server
Subject: [Poptop-server] Re: poptop + winbind problem
From: Jeff Hardy <hardyjm () potsdam ! edu>
Date: 2005-03-18 19:02:30
Message-ID: 1111172551.5045.36.camel () fritzdesk ! potsdam ! edu
[Download RAW message or body]
Also, this is on stock kernel 2.6.11.3
On Fri, 2005-03-18 at 13:59 -0500, Jeff Hardy wrote:
> Having trouble setting up winbind auth with pptp and ppp. I have
> installed the following on a fedora core 3 box:
>
> pptpd-1.2.1-1
> kernel_ppp_mppe-0.0.5-2dkms
> ppp-2.4.3-4.fc3
>
> I have options.pptp setup as follows:
>
> name pptpd
> refuse-pap
> refuse-chap
> refuse-mschap
> require-mschap-v2
> require-mppe-128
> ms-dns 123.123.123.1
> ms-dns 123.123.123.2
> ms-wins 123.123.123.3
> proxyarp
> debug
> lock
> nobsdcomp
>
>
> As you can see, I have the box setup to do mschap-v2. When I have
> secrets setup in the chap-secrets file, I can connect from Windows XP
> and OSX clients with no problems. The following log snippet is a
> successful connect from a Windows XP machine (IPs sanitized):
>
> Mar 18 13:33:44 vpn pptpd[6038]: CTRL: Client 192.168.1.1 control
> connection started
> Mar 18 13:33:44 vpn pptpd[6038]: CTRL: Starting call (launching pppd,
> opening GR E)
> Mar 18 13:33:44 vpn pppd[6039]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so
> loaded.
> Mar 18 13:33:44 vpn pppd[6039]: pptpd-logwtmp: $Version$
> Mar 18 13:33:44 vpn pppd[6039]: pppd 2.4.3 started by root, uid 0
> Mar 18 13:33:44 vpn pppd[6039]: Using interface ppp0
> Mar 18 13:33:44 vpn pppd[6039]: Connect: ppp0 <--> /dev/pts/2
> Mar 18 13:33:44 vpn pptpd[6038]: GRE: Bad checksum from pppd.
> Mar 18 13:33:47 vpn pptpd[6038]: CTRL: Ignored a SET LINK INFO packet
> with real ACCMs!
> Mar 18 13:33:47 vpn kernel: PPP MPPE Compression module registered
> Mar 18 13:33:47 vpn pppd[6039]: MPPE 128-bit stateless compression
> enabled
> Mar 18 13:33:48 vpn pppd[6039]: found interface eth0.6 for proxy arp
> Mar 18 13:33:48 vpn pppd[6039]: local IP address 192.168.2.1
> Mar 18 13:33:48 vpn pppd[6039]: remote IP address 192.168.2.10
> Mar 18 13:33:48 vpn pppd[6039]: pptpd-logwtmp.so ip-up ppp0 hardyjm
> 192.168.1.1
>
>
> I connect and go on my merry way. Then I try to setup winbind auth with
> these options in the options.pptp file:
>
> noauth
> plugin winbind.so
> ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1"
>
>
> I cannot connect and the Windows client reports: "Error 732: Your
> computer and the remote computer could not agree on PPP control
> protocols." I have tried with defaultroute set on and off. The log
> shows:
>
>
> Mar 18 13:45:27 vpn pptpd[6196]: CTRL: Client 192.168.1.1 control
> connection started
> Mar 18 13:45:27 vpn pptpd[6196]: CTRL: Starting call (launching pppd,
> opening GRE)
> Mar 18 13:45:27 vpn pppd[6197]: Plugin winbind.so loaded.
> Mar 18 13:45:27 vpn pppd[6197]: WINBIND plugin initialized.
> Mar 18 13:45:27 vpn pppd[6197]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so
> loaded.
> Mar 18 13:45:27 vpn pppd[6197]: pptpd-logwtmp: $Version$
> Mar 18 13:45:27 vpn pppd[6197]: pppd 2.4.3 started by root, uid 0
> Mar 18 13:45:27 vpn pppd[6197]: Using interface ppp0
> Mar 18 13:45:27 vpn pppd[6197]: Connect: ppp0 <--> /dev/pts/2
> Mar 18 13:45:27 vpn pptpd[6196]: GRE: Bad checksum from pppd.
> Mar 18 13:45:30 vpn pppd[6197]: Modem hangup
> Mar 18 13:45:30 vpn pppd[6197]: Connection terminated.
> Mar 18 13:45:30 vpn pppd[6197]: Exit.
> Mar 18 13:45:30 vpn pptpd[6196]: CTRL: Client 192.168.1.1 control
> connection finished
>
>
> I followed the excellent docs on the poptop website regarding fedora
> core 3 (James Cameron), and another on replacing a Windows PPTP server
> (Matt Alexander), in addition to the great pdf located here:
> http://hawkerc.net/staff/abartlet/comp3700/final-report.pdf
>
> It seems I have hit all the bases, as ntlm_auth works, etc. Something
> is amiss. It looks like it connects but simply cannot authenticate.
> Any help would be appreciated.
>
>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Poptop-server mailing list
Poptop-server@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/poptop-server
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic