Thomas Huber(miracu...@gmail.com) on 2019.02.26 14:22:33 +0100: > with chap the tcpdump looks like this: > > #tcpdump -nevvs1500 -i vlan0 > tcpdump: listening on vlan0, link-type EN10MB > 13:54:44.118903 00:0d:b9:43:43:b4 88:a2:5e:1e:52:88 8864 36: PPPoE-Session > code Session, version 1, type 1, id 0x00a9, length 16 > LCP Configure-Request Id=0x24: Magic-Number=988888519 > Max-Rx-Unit=1492 > 13:54:49.120414 00:0d:b9:43:43:b4 88:a2:5e:1e:52:88 8864 36: PPPoE-Session > code Session, version 1, type 1, id 0x00a9, length 16 > LCP Configure-Request Id=0x25: Magic-Number=988888519 > Max-Rx-Unit=1492 > 13:54:55.122239 00:0d:b9:43:43:b4 88:a2:5e:1e:52:88 8864 36: PPPoE-Session > code Session, version 1, type 1, id 0x00a9, length 16 > LCP Configure-Request Id=0x26: Magic-Number=988888519 > Max-Rx-Unit=1492 > 13:55:02.124396 00:0d:b9:43:43:b4 88:a2:5e:1e:52:88 8864 36: PPPoE-Session > code Session, version 1, type 1, id 0x00a9, length 16 > LCP Configure-Request Id=0x27: Magic-Number=988888519 > Max-Rx-Unit=1492 > .... > > but no connection esblished. > > On Tue, 26 Feb 2019 at 13:02, Stuart Henderson <s...@spacehopper.org> wrote: > > > On 2019/02/26 12:36, Thomas Huber wrote: > > > Hi Stuart, > > > > > > and thanks for your help. > > > I tried yout suggestion but didn??t solve the problem. > > > here is the tcpdump output (i just stripped the account credentials) but > > I can not read it. > > > Maybe you can spot something here: > > > > > > # tcpdump -nevvs1500 -i em0 > > > tcpdump: listening on em0, link-type EN10MB > > > > Reformatted a bit: > > > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xf6: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Request Id=0xab: Max-Rx-Unit=1492 > > Auth-Prot=PAP Magic-Number=526788746 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xf6: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Ack Id=0xab: Max-Rx-Unit=1492 > > Auth-Prot=PAP Magic-Number=526788746 > > OPENBSD -> JUNIPER: PAP Authenticate-Request Id=0xf7: Peer-Id=xxxx > > Passwd=xxxx > > OPENBSD -> JUNIPER: PAP Authenticate-Request Id=0xf8: Peer-Id=xxxx > > Passwd=xxxx > > JUNIPER -> OPENBSD: LCP Configure-Request Id=0x02: Max-Rx-Unit=1492 > > Auth-Prot=CHAP/MD5 Magic-Number=3828540274 > > OPENBSD -> JUNIPER: LCP Configure-Nak Id=0x02: Auth-Prot=PAP > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xf9: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xf9: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xfa: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xfa: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xfb: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xfb: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xfc: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xfc: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xfd: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xfd: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Request Id=0x03: Max-Rx-Unit=1492 > > Auth-Prot=CHAP/MD5 Magic-Number=3430741983 > > OPENBSD -> JUNIPER: LCP Configure-Nak Id=0x03: Auth-Prot=PAP > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xfe: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xfe: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > OPENBSD -> JUNIPER: LCP Configure-Request Id=0xff: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > JUNIPER -> OPENBSD: LCP Configure-Ack Id=0xff: Magic-Number=1818005467 > > Max-Rx-Unit=1492 > > > > It looks like this could be as simple as the other side needing CHAP > > instead of PAP. Please try that next. > >
Two possibilities not mentioned yet: some providers want specific values in the priority field of the vlan packets, maybe try playing with the txprio option could help. The other thing is: if your provider (Vodafone) uses CHAP cauthentication, you run into a problem, because you connect through Deutsche Telekom. The way this works is, that you authenticate with DTAG, who wants PAP. They notice your @vodafone handle and they hand your authentication off to that providers radius service. Unfortunatly if they have different authentication protocols, this does not work, because the openbsd pppoe wont switch from PAP to CHAP. /Benno
