[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] mppe encryption with pptpd under suse 7.2



Hi list,

I try to build a vpn server with the PoPToP VPN Server.

installed software:

ppp-2.4.0-93
pptpd-1.1.2-60

/etc/pptpd.conf

 option /etc/ppp/options
 debug
 localip 192.168.0.1
 remoteip 192.168.1.100-199
 listen 10.0.0.1

/etc/ppp/options

 lock
 debug
 auth
 refuse-chap
 refuse-chap
 refuse-pap
 refuse-chap-md5
 refuse-chapms
 require-chapms-v2
 mppe-128
 mppe-stateless
 nodeflate
 nobsdcomp
 nopredictor1

When I try to establish a connection from a windows
2000 client I get the following log entries:

--
May 12 15:20:15 cps pptpd[1166]: MGR: Launching /usr/sbin/pptpctrl to handle client
May 12 15:20:15 cps pptpd[1166]: CTRL: local address = 192.168.0.1
May 12 15:20:15 cps pptpd[1166]: CTRL: remote address = 192.168.1.100
May 12 15:20:15 cps pptpd[1166]: CTRL: pppd options file = /etc/ppp/options
May 12 15:20:15 cps pptpd[1166]: CTRL: Client 10.0.0.2 control connection
started
May 12 15:20:15 cps pptpd[1166]: CTRL: Received PPTP Control Message (type: 1)
May 12 15:20:15 cps pptpd[1166]: CTRL: Made a START CTRL CONN RPLY packet
May 12 15:20:15 cps pptpd[1166]: CTRL: I wrote 156 bytes to the client.
May 12 15:20:15 cps pptpd[1166]: CTRL: Sent packet to client
May 12 15:20:15 cps pptpd[1166]: CTRL: Received PPTP Control Message (type: 7)
May 12 15:20:15 cps pptpd[1166]: CTRL: 0 min_bps, 1525 max_bps, 32 window size
May 12 15:20:15 cps pptpd[1166]: CTRL: Made a OUT CALL RPLY packet
May 12 15:20:15 cps pptpd[1166]: CTRL: Starting call (launching pppd, opening GRE)
May 12 15:20:15 cps pptpd[1166]: CTRL: pty_fd = 5
May 12 15:20:15 cps pptpd[1166]: CTRL: tty_fd = 6
May 12 15:20:15 cps pptpd[1167]: CTRL (PPPD Launcher): Connection speed = 115200May 12 15:20:15 cps pptpd[1167]: CTRL (PPPD Launcher): local address = 192.168.0.1
May 12 15:20:15 cps pptpd[1167]: CTRL (PPPD Launcher): remote address = 192.168.1.100
May 12 15:20:15 cps pptpd[1166]: CTRL: I wrote 32 bytes to the client.
May 12 15:20:15 cps pptpd[1166]: CTRL: Sent packet to client
May 12 15:20:15 cps pptpd[1166]: CTRL: Received PPTP Control Message (type: 15)
May 12 15:20:15 cps pptpd[1166]: CTRL: Got a SET LINK INFO packet with standard
ACCMs
May 12 15:20:15 cps modprobe: modprobe: Can't locate module char-major-108
May 12 15:20:15 cps pppd[1167]: The remote system is required to authenticate itself
May 12 15:20:15 cps pppd[1167]: but I couldn't find any suitable secret (password) for it to use to do so.
May 12 15:20:15 cps pppd[1167]: (None of the available passwords would let it use an IP address.)
May 12 15:20:15 cps pptpd[1166]: Error reading from pppd: Input/output error
May 12 15:20:15 cps pptpd[1166]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
May 12 15:20:15 cps pptpd[1166]: CTRL: Client 10.0.0.2 control connection
finished
May 12 15:20:15 cps pptpd[1166]: CTRL: Exiting now
May 12 15:20:15 cps pptpd[1164]: MGR: Reaped child 1166
--

I tried to use various settings, like chapms-v2 authentication
with weak encryption (40 bit), chap authentication without
encryption... but it seems like I overlook something.  

if anyone could give me a hint in the right direction.

TIA

marc






--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here