LINUX.ORG.RU
ФорумAdmin

Снова VPN


0

0

Здравствуйте. Нужно настроить vpn соединение с шифрованием. Настраивал по статье fagot-а, но что то не получилось. Ядро 2.4.28 поставил на него патч linux-2.4.28-mppe-mppc-1.2.patch.gz, ppp-2.4.3.tar.gz поставил также патч ppp-2.4.3-mppe-mppc-1.1.patch.gz и установил pptp-linux-1.5.0.tar.gz.
Все настройки сделал как в статье, ессно применив их для себя. Но соединение не устанавилвается, пишется следующее (в логе):

Nov 28 09:28:00 r0y pppd[6751]: pppd 2.4.3 started by root, uid 0
Nov 28 09:28:00 r0y pptp[6753]: anon log[main:pptp.c:243]: The synchronous pptp option is NOT activated 
Nov 28 09:28:00 r0y pptp[6757]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 1 'Start-Control-Connection-Request' 
Nov 28 09:28:00 r0y pptp[6757]: anon log[ctrlp_disp:pptp_ctrl.c:721]: Received Start Control Connection Reply
Nov 28 09:28:00 r0y pptp[6757]: anon log[ctrlp_disp:pptp_ctrl.c:755]: Client connection established.
Nov 28 09:28:01 r0y pptp[6757]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 7 'Outgoing-Call-Request' 
Nov 28 09:28:01 r0y pptp[6757]: anon log[ctrlp_disp:pptp_ctrl.c:841]: Received Outgoing Call Reply.
Nov 28 09:28:01 r0y pptp[6757]: anon log[ctrlp_disp:pptp_ctrl.c:880]: Outgoing call established (call ID 0, peer's call ID 57235). 
Nov 28 09:28:01 r0y pppd[6751]: Exit.

Что можно сделать? В чем вообще ошибка?
anonymous

Ответ на: комментарий от fagot

А как можно достоверно проверить что шифрование все же поддерживается ? Или это не из за этого? Вот конфиги: --- /etc/ppp/options.pptp lock noauth nobsdcomp nodeflate ---

/etc/ppp/peers/PROVIDER name NAME remotename PROVIDER debug lock deflate 0 defaultroute file /etc/ppp/options.pptp pty "/usr/sbin/pptp 192.168.2.1 --nolaunchpppd --loglevel 2" ---

PROVEIDER и NAME конечно другие

messages: Nov 28 21:22:29 r0y pppd[660]: pppd 2.4.3 started by root, uid 0 Nov 28 21:22:29 r0y pppd[660]: Using interface ppp1 Nov 28 21:22:29 r0y pppd[660]: Connect: ppp1 <--> /dev/pts/4 Nov 28 21:22:29 r0y pptp[662]: anon log[main:pptp.c:243]: The synchronous pptp option is NOT activated Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 1 'Start-Control-Connection-Request' Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:721]: Received Start Control Connection Reply Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:755]: Client connection established. Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 7 'Outgoing-Call-Request' Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:841]: Received Outgoing Call Reply. Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:880]: Outgoing call established (call ID 0, peer's call ID 57248). Nov 28 21:22:30 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 0 Nov 28 21:22:30 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 1 Nov 28 21:22:32 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 2 Nov 28 21:22:32 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 3 Nov 28 21:22:35 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 4 Nov 28 21:22:35 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:770]: Received Stop Control Connection Request. Nov 28 21:22:35 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 4 'Stop-Control-Connection-Reply' Nov 28 21:22:35 r0y pptp[674]: anon log[call_callback:pptp_callmgr.c:77]: Closing connection Nov 28 21:22:35 r0y pppd[660]: Modem hangup Nov 28 21:22:35 r0y pppd[660]: Connection terminated. Nov 28 21:22:35 r0y pppd[660]: Exit.

syslog: Nov 28 21:22:35 r0y pppd[660]: Unknown MS-CHAP authentication failure: E=691 R=0

anonymous
()
Ответ на: комментарий от fagot

А как можно достоверно проверить что шифрование все же поддерживается ?
Или это не из за этого? Вот конфиги:
---
/etc/ppp/options.pptp
lock noauth nobsdcomp nodeflate
---

/etc/ppp/peers/PROVIDER 
name NAME
remotename PROVIDER
debug
lock
deflate 0
defaultroute
file /etc/ppp/options.pptp
pty "/usr/sbin/pptp 192.168.2.1 --nolaunchpppd --loglevel 2"
---

PROVEIDER и NAME конечно другие

messages:
Nov 28 21:22:29 r0y pppd[660]: pppd 2.4.3 started by root, uid 0
Nov 28 21:22:29 r0y pppd[660]: Using interface ppp1
Nov 28 21:22:29 r0y pppd[660]: Connect: ppp1 <--> /dev/pts/4
Nov 28 21:22:29 r0y pptp[662]: anon log[main:pptp.c:243]: The synchronous pptp option is NOT activated 
Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 1 'Start-Control-Connection-Request' 
Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:721]: Received Start Control Connection Reply
Nov 28 21:22:29 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:755]: Client connection established.
Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 7 'Outgoing-Call-Request' 
Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:841]: Received Outgoing Call Reply.
Nov 28 21:22:30 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:880]: Outgoing call established (call ID 0, peer's call ID 57248). 
Nov 28 21:22:30 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 0
Nov 28 21:22:30 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 1
Nov 28 21:22:32 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 2
Nov 28 21:22:32 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 3
Nov 28 21:22:35 r0y pptp[662]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 4
Nov 28 21:22:35 r0y pptp[674]: anon log[ctrlp_disp:pptp_ctrl.c:770]: Received Stop Control Connection Request.
Nov 28 21:22:35 r0y pptp[674]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 4 'Stop-Control-Connection-Reply' 
Nov 28 21:22:35 r0y pptp[674]: anon log[call_callback:pptp_callmgr.c:77]: Closing connection
Nov 28 21:22:35 r0y pppd[660]: Modem hangup
Nov 28 21:22:35 r0y pppd[660]: Connection terminated.
Nov 28 21:22:35 r0y pppd[660]: Exit.

syslog:
Nov 28 21:22:35 r0y pppd[660]: Unknown MS-CHAP authentication failure: E=691 R=0

anonymous
()
Ответ на: комментарий от anonymous

Сервер использует mschap v2, шифрование 40 бит. Я все сделал правильно? Все патчи что нужно поставил?

anonymous
()

Вот еще лог пппд:
using channel 7
Using interface ppp1
Connect: ppp1 <--> /dev/pts/9
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xe6806a17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x8 <accomp> <pcomp> <mru 1500> <magic 0xc22cd218> <auth chap MS-v2> <mrru 1600> <ssnhf> <endpoint [MAC:00:40:96:39:d9:27]>]
sent [LCP ConfRej id=0x8 <mrru 1600> <ssnhf>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xe6806a17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0xa <accomp> <pcomp> <mru 1500> <magic 0xc22cd218> <auth chap MS-v2>]
sent [LCP ConfAck id=0xa <accomp> <pcomp> <mru 1500> <magic 0xc22cd218> <auth chap MS-v2>]
rcvd [CHAP Challenge id=0x1 <bb1e68fce02b6ee8e183205262b0aa6a>, name = ""]
sent [CHAP Response id=0x1 <8adf2dfc5f388ea2141e65f0224001e40000000000000000af044cacf5a7cbc146b3b29d2370
2aa98aa984cb46f7ffa000>, name = "dru"]
rcvd [CHAP Failure id=0x1 "E=691 R=0"]
Unknown MS-CHAP authentication failure: E=691 R=0
sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]
Script /usr/sbin/pptp 192.168.2.1 --nolaunchpppd --loglevel 2 finished (pid 1694), status = 0x0
Modem hangup
Connection terminated.

anonymous
()

Все предыдущее было не по моей вине - меня почему то "забыли" добавить. Но после добавления появились проблемы другого плана - как я понял со сжатием:

ppp.log: Connect: ppp0 <--> /dev/pts/10 sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4071514c> <pcomp> <accomp>] rcvd [LCP ConfReq id=0x33 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2> <mrru 1600> <ssnhf> <end point [MAC:00:40:96:39:d9:27]>] sent [LCP ConfRej id=0x33 <mrru 1600> <ssnhf>] rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4071514c> <pcomp> <accomp>] rcvd [LCP ConfReq id=0x35 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2>] sent [LCP ConfAck id=0x35 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2>] rcvd [CHAP Challenge id=0x1 <bb1e6862caf4d903e085edb905783506>, name = ""] sent [CHAP Response id=0x1 <60255ebb892b9430df4f9610ccd3d24100000000000000003ce5e5cd018171d5a7a4262c522b 40f98c21021 13d75494f00>, name = "dru"] rcvd [CHAP Success id=0x1 "S=E75F216F2E166A9BF3A47A8FF273F4C78D3DDF63"] sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>] rcvd [IPCP ConfReq id=0xa <addr 10.10.10.1> <compress VJ 0f 00>] sent [IPCP ConfAck id=0xa <addr 10.10.10.1> <compress VJ 0f 00>] rcvd [CCP ConfReq id=0x13 <mppe +H -M +S +L -D -C>] sent [CCP ConfReq id=0x1] sent [CCP ConfRej id=0x13 <mppe +H -M +S +L -D -C>] rcvd [IPCP ConfRej id=0x1 <ms-dns3 0.0.0.0>] sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0>] rcvd [CCP ConfAck id=0x1] Received bad configure-ack: rcvd [CCP ConfReq id=0x14] sent [CCP ConfAck id=0x14] rcvd [IPCP ConfNak id=0x2 <addr 10.10.10.233> <ms-dns1 192.168.2.1>] sent [IPCP ConfReq id=0x3 <compress VJ 0f 01> <addr 10.10.10.233> <ms-dns1 192.168.2.1>] rcvd [CCP TermReq id=0x15] sent [CCP TermAck id=0x15] rcvd [IPCP ConfReq id=0xb <addr 10.10.10.1> <compress VJ 0f 00>] sent [IPCP ConfAck id=0xb <addr 10.10.10.1> <compress VJ 0f 00>] rcvd [IPCP ConfAck id=0x3 <compress VJ 0f 01> <addr 10.10.10.233> <ms-dns1 192.168.2.1>] Cannot determine ethernet address for proxy ARP local IP address 10.10.10.233 remote IP address 10.10.10.1 primary DNS address 192.168.2.1 Script /etc/ppp/ip-up started (pid 6218) rcvd [LCP TermReq id=0x36] LCP terminated by peer Connect time 0.0 minutes. Sent 0 bytes, received 0 bytes. sent [LCP TermAck id=0x36] Script /usr/sbin/pptp 192.168.2.1 --nolaunchpppd --loglevel 2 finished (pid 6199), status = 0x0 Modem hangup Connection terminated. Waiting for 1 child processes... script /etc/ppp/ip-up, pid 6218 Script /etc/ppp/ip-up finished (pid 6218), status = 0x7 Script /etc/ppp/ip-down started (pid 6236) Script /etc/ppp/ip-down finished (pid 6236), status = 0x0

------------ syslog: Nov 29 12:32:26 r0y modprobe: modprobe: Can't locate module ppp-compress-18 Nov 29 12:32:26 r0y last message repeated 2 times Nov 29 12:32:26 r0y pppd[6241]: Cannot determine ethernet address for proxy ARP

anonymous
()

Простите за некорректное форматирование

Все предыдущее было не по моей вине - меня почему то "забыли" добавить.
Но после добавления появились проблемы другого плана - как я понял со сжатием:

ppp.log:
Connect: ppp0 <--> /dev/pts/10
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4071514c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x33 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2> <mrru 1600> <ssnhf> <end point [MAC:00:40:96:39:d9:27]>]
sent [LCP ConfRej id=0x33 <mrru 1600> <ssnhf>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4071514c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x35 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2>]
sent [LCP ConfAck id=0x35 <accomp> <pcomp> <mru 1500> <magic 0xbc9fe53f> <auth chap MS-v2>]
rcvd [CHAP Challenge id=0x1 <bb1e6862caf4d903e085edb905783506>, name = ""]
sent [CHAP Response id=0x1 <60255ebb892b9430df4f9610ccd3d24100000000000000003ce5e5cd018171d5a7a4262c522b
40f98c21021 13d75494f00>, name = "dru"]
rcvd [CHAP Success id=0x1 "S=E75F216F2E166A9BF3A47A8FF273F4C78D3DDF63"]
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [IPCP ConfReq id=0xa <addr 10.10.10.1> <compress VJ 0f 00>]
sent [IPCP ConfAck id=0xa <addr 10.10.10.1> <compress VJ 0f 00>]
rcvd [CCP ConfReq id=0x13 <mppe +H -M +S +L -D -C>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x13 <mppe +H -M +S +L -D -C>]
rcvd [IPCP ConfRej id=0x1 <ms-dns3 0.0.0.0>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 0.0.0.0> <ms-dns1 0.0.0.0>]
rcvd [CCP ConfAck id=0x1]
Received bad configure-ack: 
rcvd [CCP ConfReq id=0x14]
sent [CCP ConfAck id=0x14]
rcvd [IPCP ConfNak id=0x2 <addr 10.10.10.233> <ms-dns1 192.168.2.1>]
sent [IPCP ConfReq id=0x3 <compress VJ 0f 01> <addr 10.10.10.233> <ms-dns1 192.168.2.1>]
rcvd [CCP TermReq id=0x15]
sent [CCP TermAck id=0x15]
rcvd [IPCP ConfReq id=0xb <addr 10.10.10.1> <compress VJ 0f 00>]
sent [IPCP ConfAck id=0xb <addr 10.10.10.1> <compress VJ 0f 00>]
rcvd [IPCP ConfAck id=0x3 <compress VJ 0f 01> <addr 10.10.10.233> <ms-dns1 192.168.2.1>]
Cannot determine ethernet address for proxy ARP
local  IP address 10.10.10.233
remote IP address 10.10.10.1
primary   DNS address 192.168.2.1
Script /etc/ppp/ip-up started (pid 6218)
rcvd [LCP TermReq id=0x36]
LCP terminated by peer
Connect time 0.0 minutes.
Sent 0 bytes, received 0 bytes.
sent [LCP TermAck id=0x36]
Script /usr/sbin/pptp 192.168.2.1 --nolaunchpppd --loglevel 2 finished (pid 6199), status = 0x0
Modem hangup
Connection terminated.
Waiting for 1 child processes...
  script /etc/ppp/ip-up, pid 6218
Script /etc/ppp/ip-up finished (pid 6218), status = 0x7
Script /etc/ppp/ip-down started (pid 6236)
Script /etc/ppp/ip-down finished (pid 6236), status = 0x0


------------
syslog:
Nov 29 12:32:26 r0y modprobe: modprobe: Can't locate module ppp-compress-18
Nov 29 12:32:26 r0y last message repeated 2 times
Nov 29 12:32:26 r0y pppd[6241]: Cannot determine ethernet address for proxy ARP


anonymous
()
Ответ на: комментарий от anonymous

-----------
messages:
Nov 29 12:31:09 r0y pppd[6197]: Connect: ppp0 <--> /dev/pts/10
Nov 29 12:31:09 r0y pptp[6199]: anon log[main:pptp.c:243]: The synchronous pptp option is NOT activated 
Nov 29 12:31:09 r0y pptp[6211]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 1 'Start-Control-Connection-Request' 
Nov 29 12:31:09 r0y pptp[6211]: anon log[ctrlp_disp:pptp_ctrl.c:721]: Received Start Control Connection Reply
Nov 29 12:31:09 r0y pptp[6211]: anon log[ctrlp_disp:pptp_ctrl.c:755]: Client connection established.
Nov 29 12:31:10 r0y pptp[6211]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 7 'Outgoing-Call-Request' 
Nov 29 12:31:10 r0y pptp[6211]: anon log[ctrlp_disp:pptp_ctrl.c:841]: Received Outgoing Call Reply.
Nov 29 12:31:10 r0y pptp[6211]: anon log[ctrlp_disp:pptp_ctrl.c:880]: Outgoing call established (call ID 0, peer's call ID 4500). 
Nov 29 12:31:10 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 0
Nov 29 12:31:10 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 1
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 2
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 3
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 4
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 5
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 6
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 7
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 8
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 9
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 10
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 11
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 12
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 13
Nov 29 12:31:12 r0y pppd[6197]: local  IP address 10.10.10.233
Nov 29 12:31:12 r0y pppd[6197]: remote IP address 10.10.10.1
Nov 29 12:31:12 r0y pppd[6197]: primary   DNS address 192.168.2.1
Nov 29 12:31:12 r0y pptp[6199]: anon log[decaps_gre:pptp_gre.c:385]: accepting packet 14
Nov 29 12:31:12 r0y pppd[6197]: LCP terminated by peer
Nov 29 12:31:12 r0y pppd[6197]: Connect time 0.0 minutes.
Nov 29 12:31:12 r0y pppd[6197]: Sent 0 bytes, received 0 bytes.
Nov 29 12:31:12 r0y pptp[6211]: anon log[ctrlp_disp:pptp_ctrl.c:770]: Received Stop Control Connection Request.
Nov 29 12:31:12 r0y pptp[6211]: anon log[ctrlp_rep:pptp_ctrl.c:243]: Sent control packet type is 4 'Stop-Control-Connection-Reply' 
Nov 29 12:31:12 r0y pptp[6211]: anon log[call_callback:pptp_callmgr.c:77]: Closing connection
Nov 29 12:31:12 r0y pppd[6197]: Modem hangup
Nov 29 12:31:12 r0y pppd[6197]: Connection terminated.
Nov 29 12:31:12 r0y pppd[6197]: Exit.


Как говорил все делал по статье, ядро патчил, ппп тоже. Опцию в ядре включал не модулем.

Спасибо за дюбую помощь

anonymous
()
Ответ на: комментарий от anonymous

Сделал модулем и все запахало

anonymous
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.