[prev in list] [next in list] [prev in thread] [next in thread]
List: portmaster-users
Subject: (PM) PM3 LAC?
From: "Bo Byrd" <byrdr () corp ! earthlink ! net>
Date: 2003-05-13 15:48:14
[Download RAW message or body]
Hey everyone, Im having problems getting l2tp on a pm3 working as a lac.
Im doing partial radius authenticaion (im not using call-check).
Debugging on my LNS shows that the PM3 isnt even trying to establish a
tunnel. I had it working a few days ago but now I cant figure out why
its not working anymore. For starters, the pm3 is not successfully
authing the ppp session. The pm3 says auth-nak but the radius server is
actually sending auth-accept. Theres a weird "MAIN !!!!" ppp debug
trace message on the pm3 as well.
Heres the output from my "show global" command:
pm3> show global
System Name: pm3
Default Host: 0.0.0.0
Alternate Hosts:
IP Gateway: x.x.3.129
Gateway Metric: 1
Default Routing: Quiet (Off)
Name Service: DNS
Name Server: x.x.188.187
Domain: x
Telnet Access Port: 23
Loghost: 0.0.0.0
Maximum PMconsole: 1
Assigned Address: x.x.3.161 (Pool Size 6)
RADIUS Server: x.x.3.232* 1645
Alternate Server: x.x.x.232* 1645
Accounting Server: x.x.3.232 1646
Alt. Acct. Server: x.x.3.232 1646
Acct Retry Interval: 30 Sec
Acct Retry Count: 6
Auth Retry Interval: 0 Sec
Auth Failover: off
ChoiceNet Server: 0.0.0.0
Alt. ChNet Server: 0.0.0.0
PPP Authentication: PAP: on CHAP: on
ISDN Switch Type: att-5ess
L2TP LAC
End Point Disc: None
Disabled Modules: SNMP OSPF BGP
Heres the ppp debug from the pm3:
Sending LCP_CONFIGURE_REQUEST on port S0 of 20 bytes containing:wire
bytes 24
01 01 00 18 02 06 00 00 00 00 05 06 53 68 04 ec
07 02 08 02 03 04 c0 23
Received LCP_CONFIGURE_ACK on port S0 of 20 bytes containing:wire bytes
24
02 01 00 18 02 06 00 00 00 00 05 06 53 68 04 ec
07 02 08 02 03 04 c0 23
Received LCP_CONFIGURE_REQUEST on port S0 of 19 bytes containing:wire
bytes 23
01 01 00 17 02 06 00 00 00 00 05 06 3e 46 3e fa
07 02 08 02 0d 03 06
Sending LCP_CONFIGURE_REJECT on port S0 of 3 bytes containing:wire bytes
7
04 01 00 07 0d 03 06
Received LCP_CONFIGURE_REQUEST on port S0 of 16 bytes containing:wire
bytes 20
01 02 00 14 02 06 00 00 00 00 05 06 3e 46 3e fa
07 02 08 02
Sending LCP_CONFIGURE_ACK on port S0 of 16 bytes containing:wire bytes
20
02 02 00 14 02 06 00 00 00 00 05 06 3e 46 3e fa
07 02 08 02
S0: LCP Open
Received UNKNOWN on port S0 of 14 bytes containing:wire bytes 18
0c 03 00 12 3e 46 3e fa 4d 53 52 41 53 56 35 2e
31 30
Received UNKNOWN on port S0 of 17 bytes containing:wire bytes 21
0c 04 00 15 3e 46 3e fa 4d 53 52 41 53 2d 31 2d
42 42 59 52 44
Received PAP_AUTH_REQ on port S0 of 23 bytes containing:
01 26 00 17 0d 74 75 6e 6e 65 6c 40 6e 65 74 65
6e 67 04 74 65 73 74
MAIN !!!!!!
Sending PAP_AUTH_NAK on port S0 of 14 bytes containing:wire bytes 18
03 26 00 12 0d 49 6e 76 61 6c 69 64 20 4c 6f 67
69 6e
Sending LCP_TERMINATE_ACK on port S0 of 0 bytes containing:wire bytes 4
06 02 00 04
S0: Connection Failed
Heres the snip from the radius logfile:
Code: Access-Request
Identifier: 3
Authentic: $<178><7><153><198>k<196><180><231><197><154><227>s9<4><191>
Attributes:
User-Name = "tunnel@neteng"
User-Password =
"<12><220>q3O<238><139><6>cr<152>'<15><237><186><225>"
NAS-IP-Address = x.x.3.134
NAS-Port = 0
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Connect-Info = "9600 LAPM/V42BIS"
Tue May 13 11:34:09 2003: DEBUG: Handling request with Handler
'Realm=neteng'
Tue May 13 11:34:09 2003: DEBUG: Rewrote user name to tunnel
Tue May 13 11:34:09 2003: DEBUG: Deleting session for tunnel@neteng,
x.x.3.134, 0
Tue May 13 11:34:09 2003: DEBUG: Handling with Radius::AuthFILE:
Tue May 13 11:34:09 2003: DEBUG: Radius::AuthFILE looks for match with
tunnel
Tue May 13 11:34:09 2003: DEBUG: Radius::AuthFILE ACCEPT:
Tue May 13 11:34:09 2003: DEBUG: Access accepted for tunnel
Tue May 13 11:34:09 2003: DEBUG: Packet dump:
*** Sending to x.x.3.134 port 1026 ....
Code: Access-Accept
Identifier: 3
Authentic: $<178><7><153><198>k<196><180><231><197><154><227>s9<4><191>
Attributes:
Tunnel-Type = L2TP
Tunnel-Medium-Type = IP
Tunnel-Server-Endpoint = x.x.3.132
Like I said, I had it working earlier, but now I'm lost. Please help!!
-Bo Byrd
-
To unsubscribe, email 'majordomo@portmasters.com' with
'unsubscribe portmaster-users' in the body of the message.
List archive: <URL:http://www.portmasters.com/archives/>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic