[FUG-BR] mpd5 ok porem clientes com windows vista nao conectam

Ricardo Augusto de Souza Fri, 15 May 2009 12:02:48 -0700

Tenho um servidor mpd5 rodando em um FreeBSD 7.1 e seus clientes eram somente 
mikrotiks e tudo funcionava na boa.
Ontem precisei liberar acesso a este servidor mpd5 para alguns colaboradores da 
empresa e os que usavam Windows vista não conseguiram conectar.
Minha conf é:


Trinity# cat mpd.conf
startup:
set user admin mamamia admin
set console self 127.0.0.1 5005
set console open
set web self 0.0.0.0 5006
set web open

default:
   load pptp_server

pptp_server:
   create bundle template PPTP
   set iface enable proxy-arp
   set iface idle 1800
   set iface enable tcpmssfix
   set ipcp yes vjcomp
#   set ipcp dns 172.16.0.1
   set ippool add LANPOOL 172.16.0.2 172.16.0.10
   set ipcp ranges 172.16.0.1/32 ippool LANPOOL

# set bundle disable compression

  create link template Clients pptp
  set link latency 0
  set link action bundle PPTP
  set link enable multilink
#set link yes acfcomp protocomp
  set link no pap chap
  set link enable chap
# load radius
  set link keep-alive 10 60
  set link mtu 1460
  set pptp self 0.0.0.0
  set link enable incoming
set bundle enable compression
set bundle enable crypt-reqd
#set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless

Trinity#
PF.conf
pass in quick on $ext_if proto tcp from any to $ext_if port 1723 synproxy state

Trinity# /usr/local/sbin/mpd5
Multi-link PPP daemon for FreeBSD

process 91839 started, version 5.2 (r...@trinity.cmtsp.com.br 19:35 13-Apr-2009)
PPTP: waiting for connection on 0.0.0.0 1723
[Clients] [Clients-1] Accepting PPTP connection
[Clients-1] Link: OPEN event
[Clients-1] LCP: Open event
[Clients-1] LCP: state change Initial --> Starting
[Clients-1] LCP: LayerStart
[Clients-1] PPTP: attaching to peer's outgoing call
[Clients-1] Link: UP event
[Clients-1] LCP: Up event
[Clients-1] LCP: state change Starting --> Req-Sent
[Clients-1] LCP: SendConfigReq #1
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #2
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #3
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #4
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #5
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #6
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #7
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #8
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #9
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #10
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 1228bfbe
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: parameter negotiation failed
[Clients-1] LCP: state change Req-Sent --> Stopped
[Clients-1] LCP: LayerFinish
[Clients-1] PPTP call terminated
[Clients-1] Link: DOWN event
[Clients-1] LCP: Close event
[Clients-1] LCP: state change Stopped --> Closed
[Clients-1] LCP: Down event
[Clients-1] LCP: state change Closed --> Initial
[Clients-1] Link: SHUTDOWN event
[Clients-1] Link: Shutdown

Trinity# tcpdump -i bce0 -n 'dst port 1723'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bce0, link-type EN10MB (Ethernet), capture size 96 bytes
14:58:29.294273 IP 189.57.233.3.64422 > 200.143.111.113.1723: S 
2649093016:2649093                                             016(0) win 8192 
<mss 1460,nop,nop,sackOK>
14:58:29.315159 IP 189.57.233.3.64422 > 200.143.111.113.1723: . ack 3914778319 
win                                              64240
14:58:29.333534 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 0:156(156) ack 
1 w                                             in 64240: pptp 
CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_               
                              CHAN(0) FIRM_REV(0) [|pptp]
14:58:29.352812 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 156:324(168) 
ack 1                                             57 win 64084: pptp 
CTRL_MSGTYPE=OCRQ CALL_ID(10081) CALL_SER_NUM(4) MIN_BPS(300)                   
                           MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) 
RECV_WIN(64) PROC_DELAY(0) PH                                             
ONE_NO_LEN(0) [|pptp]
14:58:29.377619 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 324:348(24) ack 
18                                             9 win 64052: pptp 
CTRL_MSGTYPE=SLI PEER_CALL_ID(56800) SEND_ACCM(0xffffffff) REC                  
                           V_ACCM(0xffffffff)
14:58:49.369831 IP 189.57.233.3.64422 > 200.143.111.113.1723: P 348:364(16) ack 
33                                             7 win 63904: pptp 
CTRL_MSGTYPE=StopCCRQ REASON(1)
14:58:49.376121 IP 189.57.233.3.64422 > 200.143.111.113.1723: . ack 354 win 
63888
14:58:49.376609 IP 189.57.233.3.64422 > 200.143.111.113.1723: F 364:364(0) ack 
354

Agora a conexão de um cliente win XP  (funciona :
Trinity# /usr/local/sbin/mpd5
Multi-link PPP daemon for FreeBSD

process 91875 started, version 5.2 (r...@trinity.cmtsp.com.br 19:35 13-Apr-2009)
PPTP: waiting for connection on 0.0.0.0 1723
[Clients] [Clients-1] Accepting PPTP connection
[Clients-1] Link: OPEN event
[Clients-1] LCP: Open event
[Clients-1] LCP: state change Initial --> Starting
[Clients-1] LCP: LayerStart
[Clients-1] PPTP: attaching to peer's outgoing call
[Clients-1] Link: UP event
[Clients-1] LCP: Up event
[Clients-1] LCP: state change Starting --> Req-Sent
[Clients-1] LCP: SendConfigReq #1
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 01a6296d
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: rec'd Configure Request #0 (Req-Sent)
[Clients-1]   MRU 1400
[Clients-1]   MAGICNUM 36983bcc
[Clients-1]   PROTOCOMP
[Clients-1]   ACFCOMP
[Clients-1]   CALLBACK 6
[Clients-1] LCP: SendConfigRej #0
[Clients-1]   CALLBACK 6
[Clients-1] LCP: rec'd Configure Request #1 (Req-Sent)
[Clients-1]   MRU 1400
[Clients-1]   MAGICNUM 36983bcc
[Clients-1]   PROTOCOMP
[Clients-1]   ACFCOMP
[Clients-1] LCP: SendConfigAck #1
[Clients-1]   MRU 1400
[Clients-1]   MAGICNUM 36983bcc
[Clients-1]   PROTOCOMP
[Clients-1]   ACFCOMP
[Clients-1] LCP: state change Req-Sent --> Ack-Sent
[Clients-1] LCP: SendConfigReq #2
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 01a6296d
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: rec'd Configure Reject #2 (Ack-Sent)
[Clients-1]   MP MRRU 2048
[Clients-1]   MP SHORTSEQ
[Clients-1]   ENDPOINTDISC [802.1] 00 15 17 7b be f3
[Clients-1] LCP: SendConfigReq #3
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 01a6296d
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1] LCP: rec'd Configure Ack #3 (Ack-Sent)
[Clients-1]   ACFCOMP
[Clients-1]   PROTOCOMP
[Clients-1]   MRU 1500
[Clients-1]   MAGICNUM 01a6296d
[Clients-1]   AUTHPROTO CHAP MSOFTv2
[Clients-1] LCP: state change Ack-Sent --> Opened
[Clients-1] LCP: auth: peer wants nothing, I want CHAP
[Clients-1] CHAP: sending CHALLENGE #1 len: 21
[Clients-1] LCP: LayerUp
[Clients-1] LCP: rec'd Ident #2 (Opened)
[Clients-1]   MESG: MSRASV5.10
[Clients-1] LCP: rec'd Ident #3 (Opened)
[Clients-1]   MESG: MSRAS-0-SET7
[Clients-1] CHAP: rec'd RESPONSE #1 len: 61
[Clients-1]   Name: "rasouza"
[Clients-1] AUTH: Trying INTERNAL
[Clients-1] AUTH: INTERNAL returned: undefined
[Clients-1] CHAP: Auth return status: undefined
[Clients-1] CHAP: Response is valid
[Clients-1] CHAP: Reply message: S=C091C5287613CAF18BDFC87AE5276594C4613661
[Clients-1] CHAP: sending SUCCESS #1 len: 46
[Clients-1] LCP: authorization successful
[Clients-1] Link: Matched action 'bundle "PPTP" ""'
[Clients-1] Creating new bundle using template "PPTP".
[PPTP-1] Bundle: Interface ng1 created
[Clients-1] Link: Join bundle "PPTP-1"
[PPTP-1] Bundle: Status update: up 1 link, total bandwidth 64000 bps
[PPTP-1] IPCP: Open event
[PPTP-1] IPCP: state change Initial --> Starting
[PPTP-1] IPCP: LayerStart
[PPTP-1] IPCP: Up event
[PPTP-1] IPCP: state change Starting --> Req-Sent
[PPTP-1] IPCP: SendConfigReq #1
[PPTP-1]   IPADDR 172.16.0.1
[PPTP-1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[Clients-1] rec'd unexpected protocol CCP, rejecting
[PPTP-1] IPCP: rec'd Configure Request #5 (Req-Sent)
[PPTP-1]   IPADDR 0.0.0.0
[PPTP-1]     NAKing with 172.16.0.7
[PPTP-1]   PRIDNS 0.0.0.0
[PPTP-1]   PRINBNS 0.0.0.0
[PPTP-1]   SECDNS 0.0.0.0
[PPTP-1]   SECNBNS 0.0.0.0
[PPTP-1] IPCP: SendConfigRej #5
[PPTP-1]   PRIDNS 0.0.0.0
[PPTP-1]   PRINBNS 0.0.0.0
[PPTP-1]   SECDNS 0.0.0.0
[PPTP-1]   SECNBNS 0.0.0.0
[PPTP-1] IPCP: rec'd Configure Reject #1 (Req-Sent)
[PPTP-1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[PPTP-1] IPCP: SendConfigReq #2
[PPTP-1]   IPADDR 172.16.0.1
[PPTP-1] IPCP: rec'd Configure Request #6 (Req-Sent)
[PPTP-1]   IPADDR 0.0.0.0
[PPTP-1]     NAKing with 172.16.0.7
[PPTP-1] IPCP: SendConfigNak #6
[PPTP-1]   IPADDR 172.16.0.7
[PPTP-1] IPCP: rec'd Configure Ack #2 (Req-Sent)
[PPTP-1]   IPADDR 172.16.0.1
[PPTP-1] IPCP: state change Req-Sent --> Ack-Rcvd
[PPTP-1] IPCP: rec'd Configure Request #7 (Ack-Rcvd)
[PPTP-1]   IPADDR 172.16.0.7
[PPTP-1]     172.16.0.7 is OK
[PPTP-1] IPCP: SendConfigAck #7
[PPTP-1]   IPADDR 172.16.0.7
[PPTP-1] IPCP: state change Ack-Rcvd --> Opened
[PPTP-1] IPCP: LayerUp
[PPTP-1]   172.16.0.1 -> 172.16.0.7
[PPTP-1] IFACE: No interface to proxy arp on for 172.16.0.7
[PPTP-1] IFACE: Up event

-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd

[FUG-BR] mpd5 ok porem clientes com windows vista nao conectam

Responder a