MPD5.6 PPPoE проблемы с авторизацией.

All Activity

MPD5.6 PPPoE проблемы с авторизацией. DVR (Модель Rvi R04-LA) не хочет поднимать сессию с mpd

Reply to this topic

roysbike

Posted January 31, 2013

Freebsd 9.1 . MPD5.6 Используем только PPPoE . Роутеры и win unix машины авторизируются без проблем. Клиент захотел PPPoE на DVR (Модель Rvi R04-LA) и не поднимает сессию

startup:
   set user admin masterkey admin
   set console self 0.0.0.0 5005
   set console open
   set web self 0.0.0.0 5006
   set web open
   set radsrv peer 172.29.0.3 masterkey
   set radsrv open

default:
   #load pptp_server
   #load l2tp_server
   load pppoe_server

pptp_server:
   #set ippool add poolvpn 172.16.1.2 172.16.254.254
   set ippool add poolvpn 192.168.0.30 192.168.254.254
   create bundle template BP
   #set iface down-script /usr/local/etc/mpd5/scripts/pg_down.sh
   set iface idle 0
   set iface enable tcpmssfix
   set iface enable proxy-arp
   #set ipcp ranges 172.16.1.1/32 ippool poolvpn
   set ipcp ranges 192.168.0.29/32 ippool poolvpn
   set ipcp no vjcomp
   #set ipcp dns 192.168.0.12
   set ipcp dns 172.30.0.14 172.30.0.13
   set bundle enable compression
   set ccp yes mppc
   set mppc yes e40
   set mppc yes e128
   set mppc yes stateless
   #log +echo +radius +rep +auth +bund +iface +link
   create link template L pptp
   #load radius
   set link enable report-mac
   set link action bundle BP
   set link disable multilink
   set link yes acfcomp protocomp
   set link no pap chap
   set link yes chap chap-msv2 chap-msv1
   set link keep-alive 30 180
   set link max-children 3000
   load radius
   set link mtu 1460
   set link enable peer-as-calling
   set pptp self  172.29.0.9
   set link enable incoming

l2tp_server

       set ippool add poolvpn 192.168.0.30 192.168.254.254
       create bundle template BL
       #set iface down-script /usr/local/etc/mpd5/scripts/pg_down.sh
       #set bundle disable ipv6cp
       set iface enable proxy-arp
       set iface idle 0 
       set iface enable tcpmssfix
       set iface enable proxy-arp
       set ipcp no vjcomp
       set ipcp ranges 192.168.0.29/32 ippool poolvpn
       #set ipcp dns 192.168.0.12
       set ipcp dns 172.30.0.14 172.30.0.13
#       log +echo +radius +rep +auth +bund +iface +link
       create link template LL l2tp
       set link enable report-mac
       set link enable peer-as-calling
       set link action bundle BL
       set link disable multilink
       set link yes acfcomp protocomp
       set link no pap 
       set link enable chap chap-msv2 chap-msv1 
       set link keep-alive 30 180
       set l2tp self 172.29.0.9
       load radius
       set link enable incoming

pppoe_server

   create bundle template PP
   #set iface down-script /usr/local/etc/mpd5/scripts/pg_down.sh
   set iface idle 0
   set iface enable tcpmssfix
   set iface enable proxy-arp
   set ipcp no vjcomp
   set ipcp dns 172.30.0.14 
   set ipcp ranges 172.30.0.2/32 172.30.0.0/16
   create link template common pppoe
   load radius
   set link disable multilink
   set link action bundle PP
   set link yes acfcomp protocomp
   set link disable  pap eap chap-msv1
   set link enable chap chap-msv2 chap-md5
   #set link keep-alive 10 80
   set pppoe service "*"


#vlan290
create link template vlan290 common
set pppoe iface vlan290
set link enable incoming

radius:
   #set radius config /usr/local/etc/mpd5/radius.conf
   set radius server 172.30.0.10  genbypfhflbec 1812 1813
   set radius retries 3
   set radius timeout 10
   set radius identifier mpd
   set radius me 172.30.0.2
   set auth disable internal
   set auth enable radius-auth
   #ACCT
   set auth enable radius-acct
   set auth acct-update 120

Лог MPD

Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] Accepting PPPoE connection
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] Link: OPEN event
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: Open event
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: state change Initial --> Starting
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: LayerStart
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] PPPoE: connection successful
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] Link: UP event
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: Up event
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: state change Starting --> Req-Sent
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #1
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:48 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:49 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Request #1 (Req-Sent)
Jan 31 13:46:49 pppoe2 mpd: [vlan290-643]   MAGICNUM 0d1a66d8
Jan 31 13:46:49 pppoe2 mpd: [vlan290-643] LCP: SendConfigAck #1
Jan 31 13:46:49 pppoe2 mpd: [vlan290-643]   MAGICNUM 0d1a66d8
Jan 31 13:46:49 pppoe2 mpd: [vlan290-643] LCP: state change Req-Sent --> Ack-Sent
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #2 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #3
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #3 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #4
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #4 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #5
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #5 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #6
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #6 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #7
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #7 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #8
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #8 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #9
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #9 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: SendConfigReq #10
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   PROTOCOMP
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MRU 1492
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   MAGICNUM bfd580d1
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #10 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643]   AUTHPROTO CHAP MSOFTv2
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: not converging
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: parameter negotiation failed
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: state change Ack-Sent --> Stopped
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: LayerFinish
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] Link: DOWN event
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: Close event
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: state change Stopped --> Closed
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: Down event
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: state change Closed --> Initial
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] Link: SHUTDOWN event
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] Link: Shutdown

Share this post

Link to post

Share on other sites

s.lobanov

Posted January 31, 2013

разрешите PAP

Share this post

Link to post

Share on other sites

roysbike

Posted January 31, 2013

разрешите PAP

разрешал , тоже самое

Share this post

Link to post

Share on other sites

s.lobanov

Posted January 31, 2013

разрешите PAP

разрешал , тоже самое

А какое сообщение тогда появляется вместо

Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #7 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] AUTHPROTO CHAP MSOFTv2

Share this post

Link to post

Share on other sites

roysbike

Posted January 31, 2013 (edited)

разрешите PAP

разрешал , тоже самое

А какое сообщение тогда появляется вместо

Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] LCP: rec'd Configure Reject #7 (Ack-Sent)
Jan 31 13:46:50 pppoe2 mpd: [vlan290-643] AUTHPROTO CHAP MSOFTv2

Incoming PPPoE connection request via vlan290: for service "" from 90:02:a9:89:09:85
[vlan290-3] Accepting PPPoE connection
[vlan290-3] Link: OPEN event
[vlan290-3] LCP: Open event
[vlan290-3] LCP: state change Initial --> Starting
[vlan290-3] LCP: LayerStart
[vlan290-3] PPPoE: connection successful
[vlan290-3] Link: UP event
[vlan290-3] LCP: Up event
[vlan290-3] LCP: state change Starting --> Req-Sent
[vlan290-3] LCP: SendConfigReq #1
[vlan290-3]   PROTOCOMP
[vlan290-3]   MRU 1492
[vlan290-3]   MAGICNUM bc4932e0
[vlan290-3]   AUTHPROTO CHAP MSOFTv2
[vlan290-3] LCP: rec'd Configure Request #1 (Req-Sent)
[vlan290-3]   MAGICNUM 6449e99a
[vlan290-3] LCP: SendConfigAck #1
[vlan290-3]   MAGICNUM 6449e99a
[vlan290-3] LCP: state change Req-Sent --> Ack-Sent
[vlan290-3] LCP: SendConfigReq #2
[vlan290-3]   PROTOCOMP
[vlan290-3]   MRU 1492
[vlan290-3]   MAGICNUM bc4932e0
[vlan290-3]   AUTHPROTO CHAP MSOFTv2
[vlan290-3] LCP: rec'd Configure Reject #2 (Ack-Sent)

Подключилось, если только оставить разрешить только PAP

Edited January 31, 2013 by roysbike

Share this post

Link to post

Share on other sites

roysbike

Posted January 31, 2013

Подключилось . если только set link enable chap . Если добавляю pap и chap. то не хочет

Share this post

Link to post

Share on other sites

s.lobanov

Posted January 31, 2013

roysbike

Что-то из логов не видно, что ваш сервер предлагает и PAP и CHAP при согласовании параметров соединения.

Выложите .pcap-файл, когда разрешён и pap и chap

Share this post

Link to post

Share on other sites

roysbike

Posted January 31, 2013 (edited)

roysbike

Что-то из логов не видно, что ваш сервер предлагает и PAP и CHAP при согласовании параметров соединения.

Выложите .pcap-файл, когда разрешён и pap и chap

я не точно сказал. работает когда

set link no chap-msv2 chap-msv1
set link enable chap-md5

Edited January 31, 2013 by roysbike

Share this post

Link to post

Share on other sites

s.lobanov

Posted January 31, 2013

Покажите логи и .pcap-дамп инициализации при

set link enable pap chap-md5 chap-msv1 chap-msv2

Share this post

Link to post

Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

Followers 0

Go to topic listing Программное обеспечение, биллинг и *unix системы

Sign In

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Share this post

Link to post

Share on other sites

Join the conversation