[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [suse-security] PPP-Probleme mit PPTPD und Mac Airport



Hello,

looks like the MAC-Box doesn't answer to the config-Request.
for test, try to activate PAP and MSCHAP.
PAP only for test because it is not encrypted !!!
Don't forget to edit the pap-secrets.

Is a Firewall running on the MAC ?
Is ther something like Ethereal on the MAC ?
	If YES:
	Can you "see" the packages: Trace for port 1723 and Proto 47 (GRE)
Is there an NAT-Router between the PPTPD-Server an the Client ?

BTW:	GRE is the transportproto for your encrypted data. TCP 1723 is the
	for Controll.

CU
Robert




-----Ursprüngliche Nachricht-----
Von: Lars Behrens [mailto:lars@xxxxxxxxxxxx]
Gesendet: Donnerstag, 24. Juni 2004 09:24
An: suse-security@xxxxxxxx
Betreff: [suse-security] PPP-Probleme mit PPTPD und Mac Airport


Hallo, Liste,

  i got some problems with mac-os 10 clients on my poptop-server.
  windows 2000 und XP are working well: fast and stable connection, 
while the mac doesnt get to the ppp-connection properly.

mac-client (with the internal pptp-client, btw) gets an IP from the 
server, then connects via pptp, than comes an LCP ConfReq-Message 
(gre-pakete...!?), die kommen auch beim client an; der sagt dann

   Jun 23 13:08:49 access pppd[5233]: sent [LCP ConfReq id=0x1 <mru 
1450> <asyncmap 0x0> <auth chap 81> <magic 0x68c8b366> <pcomp> 
<accomp>]

at this point theres a break for 30 seconds... than follows:

  Jun 23 13:09:16 access last message repeated 9 times
  Jun 23 13:09:19 access pppd[5233]: LCP: timeout sending Config-Requests
  Jun 23 13:09:19 access pppd[5233]: Connection terminated.
  Jun 23 13:09:19 access pppd[5233]: Exit.
  Jun 23 13:09:19 access pptpd[5232]: Error reading from pppd: 
Input/output error
  Jun 23 13:09:19 access pptpd[5232]: CTRL: GRE read or PTY write failed 
(gre,pty)=(6,5)
  Jun 23 13:09:19 access pptpd[5232]: CTRL: Client 10.28.52.198 control 
connection finished
  Jun 23 13:09:19 access pptpd[5232]: CTRL: Exiting now

with tcpdump I can see, that the client receives packets:

07:42:54.513953 IP 10.28.52.1 > 10.28.52.197: call 1361 seq 7 
gre-ppp-payload
07:42:54.513953 IP 10.28.52.1 > 10.28.52.197: call 1361 seq 8 
gre-ppp-payload

after the 10th or so payload the connection shuts down from the servers 
side:

Jun 23 13:09:16 access last message repeated 9 times
Jun 23 13:09:19 access pppd[5233]: LCP: timeout sending Config-Requests
Jun 23 13:09:19 access pppd[5233]: Connection terminated.
Jun 23 13:09:19 access pppd[5233]: Exit.
Jun 23 13:09:19 access pptpd[5232]: Error reading from pppd: 
Input/output error
Jun 23 13:09:19 access pptpd[5232]: CTRL: GRE read or PTY write failed 
(gre,pty)=(6,5)
Jun 23 13:09:19 access pptpd[5232]: CTRL: Client 10.28.52.198 control 
connection finished
Jun 23 13:09:19 access pptpd[5232]: CTRL: Exiting now

tcpdump on the server says:

14:56:15.954532 access.hfk-bremen.de > 10.28.52.198: gre [KSv1] ID:0995 
S:8 ppp: Conf-Req(1), MRU=1450, ACCM=00000000, Auth-Prot CHAP/MSCHAPv2, 
Magic-Num=1a660c17, PFC, ACFC (D

and then nothing more....

  system server: suse 9, poptop 1.1.2, pppd2.4.2, kernel 2.4.21, 
ppp-module loaded.

  system client: mac powerbook w/ internal airport extreme, pptp-client 
by Apple (?).

  firewall is shut down on both sides.

  options.ppp0:

  lock
  debug
  auth
  +chap
  -chapms
  +chapms-v2
  mppe-40
  mppe-128
  mppe-stateless
  asyncmap 0
  proxyarp
  mru 1450
  mtu 1450
  ipcp-accept-local
  ipcp-accept-remote

thanx in advance for help!

greetings

  lars behrens


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here