Terry Lambert <[EMAIL PROTECTED]> wrote:
>
> Archie Cobbs wrote:
> > Thomas David Rivers writes:
> > > If I add
> > > enable MSChapV2
> > > in /etc/ppp/ppp.conf - then our ppp client requires that the
> > > peer (the Microsoft VPN server) authenticate using MSChapV2. But,
> > > the Microsoft VPN peer refuses that (it's configured to not use
> > > MSChapV2.
> >
> > Don't you want something like "allow MSChapV2" and "disable MSChapV2" ?
>
> The MS PAP/CHAP stuff never made it to RFC because of the
> protocol layering violations.
>
> I think the problem T.D.R. is seeing are a result of not
> having some covert channel, which is *not* MSChapV2, to get
> a session key for the VPN session.
>
> I guess we need to see a packet trace for a Windows machine
> being successful, and a FreeBSD machine being unsuccessful,
> in order to run a side-by-side comparison.
Believe me! I've asked for such a thingy... apparently,
the "magic software" needed to do a packet trace on Windows
isn't installed on the server.
- Dave Rivers -
--
[EMAIL PROTECTED] Work: (919) 676-0847
Get your mainframe programming tools at http://www.dignus.com
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
