[Openswan Users] Problem connecting with a Linux client

Adrian Chapela achapela.rexistros at gmail.com
Wed Oct 20 04:07:16 EDT 2010


En 19/10/10 20:00, Paul Wouters escribiu:
> On Tue, 19 Oct 2010, Adrian Chapela wrote:
>
>> /etc/ppp/chap-secrets
>> # Secrets for authentication using CHAP
>> # client    server    secret            IP addresses
>> "test"        "*"    "test"    *
>
> I've never tried putting "*" in the IP column, though it might be
> valid as a
> client configuration.
>
>> ip range = 10.10.10.2-10.10.10.254
>> local ip = 10.10.10.1
>
>> /etc/ppp/options.xl2tpd:
>> ======================
>
>> ms-dns 192.168.1.1
>> ms-wins 192.168.1.1
>
> These might not work, since your internal network is not 192.168.1.1 ?
I think that if 10.10.10.1 is a router there is no problem with that but
this is not important now. If I need to put 10.10.10.1, I will put it
because that machine could be a DNS also.
>
>> mtu 1410
>> mru 1410
>> defaultroute
>> debug
>> lock
>> proxyarp
>> connect-delay 5000
>> ======================
>> /etc/ppp/chap-secrets
>> # Secrets for authentication using CHAP
>> # client    server    secret            IP addresses
>> "username" "*" "password" *
>> "test"    "*"    "test" *
>
> If this is the server, you want something like:
>
> # client    server    secret            IP addresses
> #"username" "*" "password" *        10.10.10.0/24
> # test gets a dynamic ip from the pool
> "test"    "*"    "test" *        10.10.10.0/24
> # test2 gets a static ip
> "test2"    "*"    "test2" *        10.10.10.111/32
After doing that changes I coud see the same behaviour. I have putted
the 10.10.10.0/24 and 10.10.10.111/32 in both sides server and client
and the behaviour is the same. You can see the logs:
 Connect: ppp0 <--> /dev/pts/6
Oct 20 10:00:22 semsor10 pppd[29889]: sent [LCP ConfReq id=0x1 <mru
1400> <asyncmap 0x0> <magic 0x8418788e> <pcomp> <accomp>]
Oct 20 10:00:22 semsor10 pppd[29889]: rcvd [LCP ConfReq id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x2ef3bc90> <pcomp> <accomp>]
Oct 20 10:00:22 semsor10 pppd[29889]: sent [LCP ConfAck id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x2ef3bc90> <pcomp> <accomp>]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [LCP ConfReq id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x2ef3bc90> <pcomp> <accomp>]
Oct 20 10:00:25 semsor10 pppd[29889]: sent [LCP ConfAck id=0x1 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x2ef3bc90> <pcomp> <accomp>]
Oct 20 10:00:25 semsor10 pppd[29889]: sent [LCP ConfReq id=0x1 <mru
1400> <asyncmap 0x0> <magic 0x8418788e> <pcomp> <accomp>]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [LCP ConfAck id=0x1 <mru
1400> <asyncmap 0x0> <magic 0x8418788e> <pcomp> <accomp>]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [LCP EchoReq id=0x0
magic=0x2ef3bc90]
Oct 20 10:00:25 semsor10 pppd[29889]: sent [LCP EchoRep id=0x0
magic=0x8418788e]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [CHAP Challenge id=0xf6
<3f04756ec2ac899f1c05fa0b1bf0a906>, name = "LinuxVPNserver"]
Oct 20 10:00:25 semsor10 pppd[29889]: Warning - secret file
/etc/ppp/chap-secrets has world and/or group access
Oct 20 10:00:25 semsor10 pppd[29889]: sent [CHAP Response id=0xf6
<405605b87774ef89a5e63eb34cd75e62>, name = "test"]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [CHAP Success id=0xf6 "Access
granted"]
Oct 20 10:00:25 semsor10 pppd[29889]: CHAP authentication succeeded:
Access granted
Oct 20 10:00:25 semsor10 pppd[29889]: CHAP authentication succeeded
Oct 20 10:00:25 semsor10 pppd[29889]: sent [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 192.168.1.210>]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 10.10.10.1>]
Oct 20 10:00:25 semsor10 pppd[29889]: sent [IPCP ConfAck id=0x1
<compress VJ 0f 01> <addr 10.10.10.1>]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [IPCP ConfAck id=0x1
<compress VJ 0f 01> <addr 192.168.1.210>]
Oct 20 10:00:25 semsor10 pppd[29889]: Cannot determine ethernet address
for proxy ARP
Oct 20 10:00:25 semsor10 pppd[29889]: local  IP address 192.168.1.210
Oct 20 10:00:25 semsor10 pppd[29889]: remote IP address 10.10.10.1
Oct 20 10:00:25 semsor10 pppd[29889]: Script /etc/ppp/ip-up started (pid
29892)
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [IPCP TermReq id=0x2
"Unauthorized remote IP address"]
Oct 20 10:00:25 semsor10 pppd[29889]: IPCP terminated by peer
(Unauthorized remote IP address)
Oct 20 10:00:25 semsor10 pppd[29889]: Connect time 0.0 minutes.
Oct 20 10:00:25 semsor10 pppd[29889]: Sent 0 bytes, received 34 bytes.
Oct 20 10:00:25 semsor10 pppd[29889]: sent [IPCP TermAck id=0x2]
Oct 20 10:00:25 semsor10 pppd[29889]: rcvd [LCP TermReq id=0x2 "No
network protocols running"]
Oct 20 10:00:25 semsor10 pppd[29889]: LCP terminated by peer (No network
protocols running)
Oct 20 10:00:25 semsor10 pppd[29889]: sent [LCP TermAck id=0x2]
Oct 20 10:00:25 semsor10 pppd[29889]: Script /etc/ppp/ip-up finished
(pid 29892), status = 0x0
Oct 20 10:00:25 semsor10 pppd[29889]: Script /etc/ppp/ip-down started
(pid 29902)
Oct 20 10:00:26 semsor10 xl2tpd[29864]: control_finish: Connection
closed to 192.168.1.51, serial 2 ()
Oct 20 10:00:26 semsor10 xl2tpd[29864]: Terminating pppd: sending TERM
signal to pid 29889
Oct 20 10:00:26 semsor10 pppd[29889]: Terminating on signal 15
Oct 20 10:00:26 semsor10 pppd[29889]: Modem hangup
Oct 20 10:00:26 semsor10 pppd[29889]: Connection terminated.
Oct 20 10:00:26 semsor10 pppd[29889]: Waiting for 1 child processes...
Oct 20 10:00:26 semsor10 pppd[29889]:   script /etc/ppp/ip-down, pid 29902
Oct 20 10:00:26 semsor10 pppd[29889]: Script /etc/ppp/ip-down finished
(pid 29902), status = 0x0
Oct 20 10:00:26 semsor10 pppd[29889]: Exit.

Regards.
>
> Paul
>



More information about the Users mailing list