Jump to content

Cisco 2811, VPDN + MS CHAP V2

axishire
 Share

Recommended Posts

axishire

axishire

Posted
Posted (edited)

Есть 2811, на ней настроен vpdn :

vpdn enable
!
vpdn-group VPDN
! Default L2TP VPDN group
! Default PPTP VPDN group
accept-dialin
  protocol any
  virtual-template 1
l2tp tunnel timeout no-session 15
!

и его виртуальный интерфейс

interface Virtual-Template1
ip unnumbered Loopback1
autodetect encapsulation ppp
peer default ip address pool VPNPOOL
ppp encrypt mppe auto required
ppp authentication ms-chap-v2
!
!

 

при использовании ppp authentication ms-chap все хорошо, при ms-chap-v2 винда ХР выдает ошибку 742 : удаленный компьютер не поддерживает требуемый тип шифрования (в настройках подключения явно задано ms-chap-v2, остальные галки сняты). Линуксовый pptp тоже не хочет работать с v2, логи :

Jul 12 16:56:52 leta pppd[16997]: pppd 2.4.5 started by root, uid 0
Jul 12 16:56:53 leta pppd[16997]: Using interface ppp0
Jul 12 16:56:53 leta pppd[16997]: Connect: ppp0 <--> /dev/pts/13
Jul 12 16:56:53 leta pptp[16998]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Jul 12 16:56:53 leta pptp[17005]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Jul 12 16:56:53 leta pptp[17005]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Jul 12 16:56:53 leta pptp[17005]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Jul 12 16:56:54 leta pptp[17005]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Jul 12 16:56:54 leta pptp[17005]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Jul 12 16:56:54 leta pptp[17005]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 40292).
Jul 12 16:56:57 leta pppd[16997]: CHAP authentication succeeded
Jul 12 16:56:57 leta pppd[16997]: Connection terminated.
Jul 12 16:56:57 leta pptp[16998]: anon warn[decaps_hdlc:pptp_gre.c:204]: short read (-1): Input/output error
Jul 12 16:56:57 leta pptp[16998]: anon warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log
Jul 12 16:56:57 leta pptp[17005]: anon log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
Jul 12 16:56:57 leta pptp[17005]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
Jul 12 16:56:57 leta pptp[17005]: anon log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
Jul 12 16:56:57 leta pppd[16997]: Exit.

логи на циске :

*Jan 11 21:16:13.927: PPTP       _____:________: TCP connect reqd from 0.0.0.0:3036
*Jan 11 21:16:13.935: L2X        _____:________: DB: adding cc with id 13534 (total 2)
*Jan 11 21:16:13.935: L2X        _____:________: DB: added cc with id 13534 (total 3)
*Jan 11 21:16:13.935: PPTP tnl   1000F:________: Tunnel created; peer initiated
*Jan 11 21:16:13.935: L2X        _____:________: l2x_open_socket: is called
*Jan 11 21:16:13.935: PPTP tnl   1000F:________: SCCRQ-ok -> state change wt-sccrq to estabd
*Jan 11 21:16:13.943: L2X        _____:________: DB: added session (cc id 13534, sess id 28020) (total 1)
*Jan 11 21:16:13.943: L2X        _____:________: l2x_open_socket: is called
*Jan 11 21:16:13.943: L2X        _____:________: DB: added session: rIP 93.80.127.25, rSession id 3036 (total 2)
*Jan 11 21:16:13.955: PPTP _____:1000F:________: sss-started -> state change start-sss to estabd
*Jan 11 21:16:13.959: PPTP _____:_____:________: L2X session data plane setup successful
*Jan 11 21:16:13.959: PPTP:(Tnl0:Sn28020)L2X setup sss switching
*Jan 11 21:16:13.959: L2X:Session DB (Tnl/Sn: 0/28020): Stored the switching session in the session DB
*Jan 11 21:16:13.959: PPTP:(Tnl0:Sn28020)L2X s/w switching session provisioned
L2X_ADJ: Vi4:allocated ctx, size 1
*Jan 11 21:16:14.059: PPTP:(Tnl0:Sn28020)L2TP
*Jan 11 21:16:14.059: PPTP:(Tnl0:Sn28020)L2X s/w switching session bound
*Jan 11 21:16:14.079: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to up
L2X_ADJ: Vi4:midchain adj reqd for ip 0.0.0.0, cid 0
L2X_ADJ: Vi4:midchain adj reqd for ip 0.0.0.0, cid 0
L2X_ADJ: Vi4:midchain adj repopulate, nothing to do
*Jan 11 21:16:14.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access4, changed state to up
*Jan 11 21:16:14.175: PPTP tnl   1000F:________: CC I msg 12 for unknown session
*Jan 11 21:16:15.115: PPTP tnl   1000F:________: StopCCRQ -> state change estabd to idle
*Jan 11 21:16:15.115: PPTP tnl   1000F:________: Shutting down tunnel
*Jan 11 21:16:15.123: L2TUN APP: uid:16handle/8207shutdown app session
*Jan 11 21:16:15.123: L2TUN APP: uid:16handle/8207Stopping service selection
*Jan 11 21:16:15.127: PPTP 00010:1000F:________: close -> state change estabd to terminal
*Jan 11 21:16:15.131: PPTP 00010:1000F:________: Destroying session
*Jan 11 21:16:15.131: L2X        _____:________: ERROR: Cannot remove invalid application context 0x49E59228 from socket
*Jan 11 21:16:15.131: PPTP 00010:_____:________: L2X request teardown data plane
*Jan 11 21:16:15.131: L2X        _____:________: DB: removed session: rIP 93.80.127.25, rSession id 3036 (total 1)
*Jan 11 21:16:15.131: L2X        _____:________: DB: removed session with id 28020 (total 0)
*Jan 11 21:16:15.131: PPTP tnl   1000F:________: no-sess -> state change idle to terminal
*Jan 11 21:16:15.131: PPTP tnl   1000F:________: Destroy tunnel
*Jan 11 21:16:15.131: PPTP       _____:________: No l2x in cc
*Jan 11 21:16:15.131: L2X        _____:________: DB: removed cc with id 13534 (total 2)
*Jan 11 21:16:15.131: PPTP       _____:________: Cant find tunnel 13534 in the DB
*Jan 11 21:16:15.139: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to down
*Jan 11 21:16:15.139: VPDN Failed to get session from socket handle 0000200F
*Jan 11 21:16:15.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access4, changed state to down
*Jan 11 21:16:15.143: PPTP:(Tnl0:Sn28020)L2X s/w switching session unbound
*Jan 11 21:16:15.143: PPTP:(Tnl0:Sn28020)Vi4 Block vaccess from being freed.
*Jan 11 21:16:15.147: PPTP:(Tnl0:Sn28020)L2X s/w switching session unprovisioned
L2X_ADJ: Vi4:midchain unstacking IP 0.0.0.0
L2X_ADJ: Vi4:removed ctx
*Jan 11 21:16:15.147: L2X:Session DB (Tnl/Sn: 0/28020): Removed the switching session from the session DB

Куда копать ?

 

upd:

http://paste.org.ru/?bj5sgd - более полный лог с кошки

при выключении mppe начинает работать.

Edited by axishire

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.