[FUG-BR] mpd5 ok porem clientes com windows vista nao conectam
Ricardo Augusto de Souza
ricardo.souza em cmtsp.com.br
Quarta Maio 13 15:03:58 BRT 2009
Tenho um servidor mpd5 rodando em um FreeBSD 7.1 e seus clientes eram somente mikrotiks e tudo funcionava na boa.
Ontem precisei liberar acesso a este servidor mpd5 para alguns colaboradores da empresa e os que usavam Windows vista não conseguiram conectar.
Minha conf é:
Trinity# cat mpd.conf
startup:
set user admin mamamia admin
set console self 127.0.0.1 5005
set console open
set web self 0.0.0.0 5006
set web open
default:
load pptp_server
pptp_server:
create bundle template PPTP
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
# set ipcp dns 172.16.0.1
set ippool add LANPOOL 172.16.0.2 172.16.0.10
set ipcp ranges 172.16.0.1/32 ippool LANPOOL
# set bundle disable compression
create link template Clients pptp
set link latency 0
set link action bundle PPTP
set link enable multilink
#set link yes acfcomp protocomp
set link no pap chap
set link enable chap
# load radius
set link keep-alive 10 60
set link mtu 1460
set pptp self 0.0.0.0
set link enable incoming
set bundle enable compression
set bundle enable crypt-reqd
#set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
Trinity#
PF.conf
pass in quick on $ext_if proto tcp from any to $ext_if port 1723 synproxy state
Trinity# /usr/local/sbin/mpd5
Multi-link PPP daemon for FreeBSD
process 91839 started, version 5.2 (root em Trinity.cmtsp.com.br 19:35 13-Apr-2009)
PPTP: waiting for connection on 0.0.0.0 1723
[Clients] [Clients-1] Accepting PPTP connection
[Clients-1] Link: OPEN event
[Clients-1] LCP: Open event
[Clients-1] LCP: state change Initial --> Starting
[Clients-1] LCP: LayerStart
[Clients-1] PPTP: attaching to peer's outgoing call
[Clients-1] Link: UP event
[Clients-1] LCP: Up event
[Clients-1] LCP: state change Starting --> Req-Sent
[Clients-1] LCP: SendConfigReq #1
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #2
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #3
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #4
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #5
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #6
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #7
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #8
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #9
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #10
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 1228bfbe
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: parameter negotiation failed
[Clients-1] LCP: state change Req-Sent --> Stopped
[Clients-1] LCP: LayerFinish
[Clients-1] PPTP call terminated
[Clients-1] Link: DOWN event
[Clients-1] LCP: Close event
[Clients-1] LCP: state change Stopped --> Closed
[Clients-1] LCP: Down event
[Clients-1] LCP: state change Closed --> Initial
[Clients-1] Link: SHUTDOWN event
[Clients-1] Link: Shutdown
Trinity# tcpdump -i bce0 -n 'dst port 1723'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bce0, link-type EN10MB (Ethernet), capture size 96 bytes
14:58:29.294273 IP 189.57.233.3.64422 > 200.143.111.113.1723: S 2649093016:2649093 016(0) win 8192 <mss 1460,nop,nop,sackOK>
14:58:29.315159 IP 189.57.233.3.64422 > 200.143.111.113.1723: . ack 3914778319 win 64240
14:58:29.333534 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 0:156(156) ack 1 w in 64240: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_ CHAN(0) FIRM_REV(0) [|pptp]
14:58:29.352812 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 156:324(168) ack 1 57 win 64084: pptp CTRL_MSGTYPE=OCRQ CALL_ID(10081) CALL_SER_NUM(4) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PH ONE_NO_LEN(0) [|pptp]
14:58:29.377619 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 324:348(24) ack 18 9 win 64052: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(56800) SEND_ACCM(0xffffffff) REC V_ACCM(0xffffffff)
14:58:49.369831 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 348:364(16) ack 33 7 win 63904: pptp CTRL_MSGTYPE=StopCCRQ REASON(1)
14:58:49.376121 IP 189.57.233.3.64422 > 200.143.111.113.1723: . ack 354 win 63888
14:58:49.376609 IP 189.57.233.3.64422 > 200.143.111.113.1723: F 364:364(0) ack 354
Agora a conexão de um cliente win XP (funciona :
Trinity# /usr/local/sbin/mpd5
Multi-link PPP daemon for FreeBSD
process 91875 started, version 5.2 (root em Trinity.cmtsp.com.br 19:35 13-Apr-2009)
PPTP: waiting for connection on 0.0.0.0 1723
[Clients] [Clients-1] Accepting PPTP connection
[Clients-1] Link: OPEN event
[Clients-1] LCP: Open event
[Clients-1] LCP: state change Initial --> Starting
[Clients-1] LCP: LayerStart
[Clients-1] PPTP: attaching to peer's outgoing call
[Clients-1] Link: UP event
[Clients-1] LCP: Up event
[Clients-1] LCP: state change Starting --> Req-Sent
[Clients-1] LCP: SendConfigReq #1
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 01a6296d
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: rec'd Configure Request #0 (Req-Sent)
[Clients-1] MRU 1400
[Clients-1] MAGICNUM 36983bcc
[Clients-1] PROTOCOMP
[Clients-1] ACFCOMP
[Clients-1] CALLBACK 6
[Clients-1] LCP: SendConfigRej #0
[Clients-1] CALLBACK 6
[Clients-1] LCP: rec'd Configure Request #1 (Req-Sent)
[Clients-1] MRU 1400
[Clients-1] MAGICNUM 36983bcc
[Clients-1] PROTOCOMP
[Clients-1] ACFCOMP
[Clients-1] LCP: SendConfigAck #1
[Clients-1] MRU 1400
[Clients-1] MAGICNUM 36983bcc
[Clients-1] PROTOCOMP
[Clients-1] ACFCOMP
[Clients-1] LCP: state change Req-Sent --> Ack-Sent
[Clients-1] LCP: SendConfigReq #2
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 01a6296d
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: rec'd Configure Reject #2 (Ack-Sent)
[Clients-1] MP MRRU 2048
[Clients-1] MP SHORTSEQ
[Clients-1] ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #3
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 01a6296d
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] LCP: rec'd Configure Ack #3 (Ack-Sent)
[Clients-1] ACFCOMP
[Clients-1] PROTOCOMP
[Clients-1] MRU 1500
[Clients-1] MAGICNUM 01a6296d
[Clients-1] AUTHPROTO CHAP MSOFTv2
[Clients-1] LCP: state change Ack-Sent --> Opened
[Clients-1] LCP: auth: peer wants nothing, I want CHAP
[Clients-1] CHAP: sending CHALLENGE #1 len: 21
[Clients-1] LCP: LayerUp
[Clients-1] LCP: rec'd Ident #2 (Opened)
[Clients-1] MESG: MSRASV5.10
[Clients-1] LCP: rec'd Ident #3 (Opened)
[Clients-1] MESG: MSRAS-0-SET7
[Clients-1] CHAP: rec'd RESPONSE #1 len: 61
[Clients-1] Name: "rasouza"
[Clients-1] AUTH: Trying INTERNAL
[Clients-1] AUTH: INTERNAL returned: undefined
[Clients-1] CHAP: Auth return status: undefined
[Clients-1] CHAP: Response is valid
[Clients-1] CHAP: Reply message: S=C091C5287613CAF18BDFC87AE5276594C4613661
[Clients-1] CHAP: sending SUCCESS #1 len: 46
[Clients-1] LCP: authorization successful
[Clients-1] Link: Matched action 'bundle "PPTP" ""'
[Clients-1] Creating new bundle using template "PPTP".
[PPTP-1] Bundle: Interface ng1 created
[Clients-1] Link: Join bundle "PPTP-1"
[PPTP-1] Bundle: Status update: up 1 link, total bandwidth 64000 bps
[PPTP-1] IPCP: Open event
[PPTP-1] IPCP: state change Initial --> Starting
[PPTP-1] IPCP: LayerStart
[PPTP-1] IPCP: Up event
[PPTP-1] IPCP: state change Starting --> Req-Sent
[PPTP-1] IPCP: SendConfigReq #1
[PPTP-1] IPADDR 172.16.0.1
[PPTP-1] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[Clients-1] rec'd unexpected protocol CCP, rejecting
[PPTP-1] IPCP: rec'd Configure Request #5 (Req-Sent)
[PPTP-1] IPADDR 0.0.0.0
[PPTP-1] NAKing with 172.16.0.7
[PPTP-1] PRIDNS 0.0.0.0
[PPTP-1] PRINBNS 0.0.0.0
[PPTP-1] SECDNS 0.0.0.0
[PPTP-1] SECNBNS 0.0.0.0
[PPTP-1] IPCP: SendConfigRej #5
[PPTP-1] PRIDNS 0.0.0.0
[PPTP-1] PRINBNS 0.0.0.0
[PPTP-1] SECDNS 0.0.0.0
[PPTP-1] SECNBNS 0.0.0.0
[PPTP-1] IPCP: rec'd Configure Reject #1 (Req-Sent)
[PPTP-1] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[PPTP-1] IPCP: SendConfigReq #2
[PPTP-1] IPADDR 172.16.0.1
[PPTP-1] IPCP: rec'd Configure Request #6 (Req-Sent)
[PPTP-1] IPADDR 0.0.0.0
[PPTP-1] NAKing with 172.16.0.7
[PPTP-1] IPCP: SendConfigNak #6
[PPTP-1] IPADDR 172.16.0.7
[PPTP-1] IPCP: rec'd Configure Ack #2 (Req-Sent)
[PPTP-1] IPADDR 172.16.0.1
[PPTP-1] IPCP: state change Req-Sent --> Ack-Rcvd
[PPTP-1] IPCP: rec'd Configure Request #7 (Ack-Rcvd)
[PPTP-1] IPADDR 172.16.0.7
[PPTP-1] 172.16.0.7 is OK
[PPTP-1] IPCP: SendConfigAck #7
[PPTP-1] IPADDR 172.16.0.7
[PPTP-1] IPCP: state change Ack-Rcvd --> Opened
[PPTP-1] IPCP: LayerUp
[PPTP-1] 172.16.0.1 -> 172.16.0.7
[PPTP-1] IFACE: No interface to proxy arp on for 172.16.0.7
[PPTP-1] IFACE: Up event
Mais detalhes sobre a lista de discussão freebsd