vpn ppp ??

d0minus · Posted: Mon Oct 10, 2005 12:05 pm Post subject: vpn ppp ??

Привет
У меня проблема с vpn u ppp. Я никак немогу приконектитса к серверу(vpn win server
Linux client(kvpnc)------local_net----iptables(nat)--------internet------Win_vpn_server

/etc/ppp/peers/MyPeer

pty "pptp remote_server_ip --nolaunchpppd"
name remote_domain\\user #DOMAIN\\USERNAME
require-mschap-v2
remotename remote_vpn_server_name #??
file /etc/ppp/options.MyPeer
ipparam MyPeer #tunnel name

/etc/ppp/options.MyPeer

lock
noauth
nobsdcomp
nodeflate
mppe required,stateless
mtu 1000
mru 1000
lcp-echo-failure 10
lcp-echo-interval 10

/etc/ppp/chap-secrets

remote_domain\\user MyPeer pass *
MyPeer remote_domain\\user pass *

PC return me :
Code:

ba · l33t Joined: 25 May 2003 Posts: 804

а ядро у тебя отпатчено для поддержки mppc и mppe?

[edit]
и в remotename надо писать MyPeer, который из /etc/ppp/chap-secrets

d0minus · Posted: Mon Oct 10, 2005 1:31 pm Post subject:

2 ba Спасибо
Проблема была в remotename

d0minus · Posted: Tue Oct 11, 2005 3:35 pm Post subject:

я поспешыл проблема осталась : у меня неполучаетса пропынгать другую машыну но связь и интерфейс поднимаютса

using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <magic 0xb5cac119> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <auth chap MS-v2> <magic 0x6c383273> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:72.b5.8e.b2.12.fa.45.ec.a9.a2.71.f2.fe.cd.45.9d.00.00.00.00]> < 17 04 03 86>]
sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 03 86>]
rcvd [LCP ConfNak id=0x1 <mru 1500>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xb5cac119> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <auth chap MS-v2> <magic 0x6c383273> <pcomp> <accomp> <endpoint [local:72.b5.8e.b2.12.fa.45.ec.a9.a2.71.f2.fe.cd.45.9d.00.00.00.00]>]
sent [LCP ConfAck id=0x1 <auth chap MS-v2> <magic 0x6c383273> <pcomp> <accomp> <endpoint [local:72.b5.8e.b2.12.fa.45.ec.a9.a2.71.f2.fe.cd.45.9d.00.00.00.00]>]
rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0xb5cac119> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xb5cac119]
rcvd [CHAP Challenge id=0x0 <1fcaf19461bc082780f7ead024f16bd7>, name = "NYSERVER010"]
sent [CHAP Response id=0x0 <89d587391e9318589c3a107d971908480000000000000000841fb9988996062162a8aa1dfb412d4813304175cd6a8ac900>, name = "wlink\\vzazulya"]
rcvd [LCP EchoRep id=0x0 magic=0x6c383273]
rcvd [CHAP Success id=0x0 "S=4704E332BE0F9639229DEB541D548C394A9F2A4A"]
sent [CCP ConfReq id=0x1 <mppe +H +M +S +L -D +C>]
rcvd [CCP ConfReq id=0x3 <mppe +H -M -S -L -D +C>]
sent [CCP ConfNak id=0x3 <mppe +H +M +S +L -D +C>]
rcvd [IPCP ConfReq id=0x4 <addr 172.16.9.52>]
sent [IPCP TermAck id=0x4]
rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D +C>]
sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D +C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D +C>]
sent [CCP ConfAck id=0x5 <mppe +H -M +S -L -D +C>]
rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D +C>]
MPPC/MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.2.79>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 192.168.2.79>]
rcvd [IPCP ConfAck id=0x2 <addr 192.168.2.79>]
rcvd [IPCP ConfReq id=0x6 <addr 172.16.9.52>]
sent [IPCP ConfAck id=0x6 <addr 172.16.9.52>]
local IP address 192.168.2.79
remote IP address 172.16.9.52
Script /etc/ppp/ip-up started (pid 7958)
Script /etc/ppp/ip-up finished (pid 7958), status = 0x1
ччTerminating on signal 2.
Script /etc/ppp/ip-down started (pid 7974)
MPPE disabled
sent [LCP TermReq id=0x3 "MPPE disabled"]
sent [LCP TermReq id=0x4 "MPPE disabled"]
Script pptp 69.64.217.209 --nolaunchpppd finished (pid 7891), status = 0x0
Script /etc/ppp/ip-down finished (pid 7974), status = 0x1
Modem hangup
Connection terminated.
Connect time 2.3 minutes.
Sent 80 bytes, received 112 bytes.
Connect time 2.3 minutes.
Sent 80 bytes, received 112 bytes.

сontrol+с

d0minus · Posted: Wed Oct 12, 2005 10:20 am Post subject:

Что с моим mppe ?
я использовал Howto http://gentoo-wiki.com/HOWTO_PPTP_VPN_client_%28Microsoft-compatible_with_mppe%29

Code:
strings `which pppd`|grep -i mppe

set_mppe_enc_types
mppe_recv_key
mppe_keys_set
mppe_send_key
mppe_set_keys
request MPPE encryption
+mppe
nomppe
don't allow MPPE encryption
-mppe
MPPE disabled, closing LCP
MPPE disabled by peer
MPPC/MPPE
MPPE disabled
mppe %s %s %s %s %s %s
Too many MPPE errors
You require MPPE but you have switched off all encryption key lengths.
invalid parameter '%s' for mppe option
MPPE required but peer negotiation failed
MPPE required, but kernel has no support.
MPPE required but not available
MPPE required, but keys are not available. Possible plugin problem?
MPPE required, but MS-CHAP[v2] auth not performed.
MPPE required, but auth done in both directions.
MPPE required but not available in kernel
MPPE required but cannot negotiate MPPE key length
Cannot negotiate MPPE key length
Too many MPPE errors, closing LCP

kon · Posted: Wed Oct 12, 2005 11:40 am Post subject:

поставь mtu и mru в 1300 попробуй.

d0minus · Posted: Wed Oct 12, 2005 11:53 am Post subject:

2 kon непомогло

ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.2.41 P-t-P:172.16.9.52 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1300 Metric:1
RX packets:21 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:568 (568.0 b) TX bytes:576 (576.0 b)

route

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.9.52 * 255.255.255.255 UH 0 0 0 ppp0
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
172.16.0.0 * 255.255.0.0 U 0 0 0 ppp0
loopback localhost 255.0.0.0 UG 0 0 0 lo
default 192.168.2.1 0.0.0.0 UG 0 0 0 eth0

fank · Posted: Wed Oct 12, 2005 1:38 pm Post subject:

дефолтным маршрутом сделай твой впн сервер, а на сеть 192.*.*.* повесь отдельный шлюз
всё у тя работает, ток пакеты не туда идут

d0minus · Posted: Thu Oct 13, 2005 6:55 am Post subject:

local network 192.168.2.0/24
remote network 172.16.0.0/16
local gateway 192.168.2.1
remote vpn server 69.64.217.209
dns 194.44.214.32

Kernel IP routing table
Destination | | Gateway ||Genmask || Flags Metric ||Ref || Use Iface
192.168.2.1 | | 192.168.2.1 || 255.255.255.255|| UGH || 0|| 0 || 0 ||eth0
172.16.9.52 || 0.0.0.0 ||255.255.255.255 ||UH || 0 || 0 || 0|| ppp0
194.44.214.0 ||192.168.2.1 || 255.255.255.0 ||UG || 0 || 0 || 0 ||eth0
192.168.2.0 || 0.0.0.0 ||255.255.255.0| |U || 0 || 0 || 0 ||eth0
69.0.0.0 ||192.168.2.1 || 255.0.0.0 || UG || 0 || 0 || 0 ||eth0
127.0.0.0 ||127.0.0.1 || 255.0.0.0 ||UG || 0 || 0 || 0 ||lo
default ||172.16.9.52 || 0.0.0.0 ||UG || 0 || 0 || 0 ||ppp0

Неработа╓т

d0minus · Posted: Thu Oct 13, 2005 9:04 am Post subject:

fank · 172.16.9.52

пардон, описка вышла, надо так

d0minus · Posted: Thu Oct 13, 2005 1:15 pm Post subject:

d0minus · inet addr:172.16.9.51

2 fank ОГРОМНОЕ СПАСИБО

Я ёё победил :lol:

d0minus · Posted: Thu Oct 13, 2005 5:12 pm Post subject:

Кстати fank подскажы плз хорош╕й vpn client c поддержкой ррtр[/code]

fank · Posted: Sat Oct 15, 2005 10:26 am Post subject:

рад был помочь

не могу тебе, к сожалению, ничего особо посоветовать в плане выбора клиента
сам пользую pptpclient, вручную правил конфиги, убил много времени и сил на чтение доков, зато добился именно такого состояния соединения, какое мне нужно и не жалуюсь теперь

немножко побаиваюсь gui в этом плане, почему и сбежал с винды по причине неприятия политики тщательного упрятывания нужных настроек за красивой мордой окошек сам_знаешь_какой_корпорацией :wink:

мой совет - если есть время, почитай ман на ppp и pptp
если нет - используй гуй, вроде Kvpnc или встроенный в pptpclient