Re: FreeBSD+Win2K+Wireless LAN

[Jasper Wallace]

On Wed, 12 Jun 2002, Kim Okasawa wrote:

>
> Thanks for the info.  I added the route to the FreeBSD box and it can now
> ping the notebook computer but NOT vice versa (i.e. notebook cannot ping the
> FBSD box.)  Any idea what might be wrong?  Thanks.

Probably some firewalling somewhere blocking the ping packets.

since you can ping from FreeBSD -> notebook then the win2k box is forwarding
packets ok.

The other thing to try would be to run a packet sniffer on the FreeBSD
machine when the notebook is trying to ping it and see what you get.

> BTW, I did set the Win2K's 2nd NIC's gateway to 172.16.0.1.  Sorry for the
> typo.

-- 
Internet Vision  Internet Consultancy   Tel: 020 7589 4500
60 Albert Court& Web developmentFax: 020 7589 4522
Prince Consort Road   [EMAIL PROTECTED]
London SW7 2BE   http://www.ivision.co.uk/


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

digiboard pc/8i

[hantu]

dear ,..
i have old digiboard card pc/8i adapter, but my freebsd can't detect it :(
i'm using fbsd 45R
i was compile new kernel with add line with this :
OPTIONS NDGBPORTS=8
OPTIONS COM_MULTIPORT
device dgb0

i can't write "device dgb0 at isa? bla... bla...
because if i write this my kernel can't be compile with error message " no
isa ... bla.. bla.. on that line".

i need help, please

regards

newbie


Message sent using
MAIL 0.0


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: digiboard pc/8i

[hantu]

On Thu, 13 Jun 2002, Jonathan Lemon wrote:

> In article [EMAIL PROTECTED]> you 
>write:
> >
> >dear ,..
> >i have old digiboard card pc/8i adapter, but my freebsd can't detect it :(
> >i'm using fbsd 45R
> >i was compile new kernel with add line with this :
> >OPTIONS NDGBPORTS=8
> >OPTIONS COM_MULTIPORT
> >device dgb0
> >
> >i can't write "device dgb0 at isa? bla... bla...
> >because if i write this my kernel can't be compile with error message " no
> >isa ... bla.. bla.. on that line".
>
> Make sure that you have "device   isa0" in your config file as well.
> --
> Jonathan
>

the problem was fix it but, still can't detect digiboard :(
any suggestion ?

thanks

regards
saaal


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Bluetooth stack for FreeBSD

[Maksim Yevmenkin]

[cc: [EMAIL PROTECTED]]

Hackers,

Another developer snapshot is available at 

http://www.geocities.com/m_evmenkin/ngbt-fbsd-20020613.tar.gz

This release is for -current DP1 only. I had to 
downgrade back to DP1 due to huge amount of changes
in -current. 

Brief list of changes

- Basic support for USB devices. I got myself a
  3Com USB Bluetooth dongle (aka ToothBrush :)

- Make everything GCC 3.X friendly.

- Minor bug fixes

As always, i would like to get some feedback. I'm very
interested to hear from people who familiar with FreeBSD
kernel, Netgraph, Bluetooth and/or USB.

thanks,
max

__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: Bluetooth stack for FreeBSD

[Julian Elischer]

what a coincidence!

I was just discussing this with people here at USENIX and I'd like to
start the process for committing this.

Do you think it deserves a separate directory under netgraph,
or maybe a netbluetooth directory.

the documentation needs to be made 'commit-ready' too, as well as some
examples ready to put in /usr/share/examples/netgraph.



On Thu, 13 Jun 2002, Maksim Yevmenkin wrote:

> [cc: [EMAIL PROTECTED]]
> 
> Hackers,
> 
> Another developer snapshot is available at 
> 
> http://www.geocities.com/m_evmenkin/ngbt-fbsd-20020613.tar.gz
> 
> This release is for -current DP1 only. I had to 
> downgrade back to DP1 due to huge amount of changes
> in -current. 
> 
> Brief list of changes
> 
> - Basic support for USB devices. I got myself a
>   3Com USB Bluetooth dongle (aka ToothBrush :)
> 
> - Make everything GCC 3.X friendly.
> 
> - Minor bug fixes
> 
> As always, i would like to get some feedback. I'm very
> interested to hear from people who familiar with FreeBSD
> kernel, Netgraph, Bluetooth and/or USB.
> 
> thanks,
> max
> 
> __
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message
> 


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: Bluetooth stack for FreeBSD

[Maksim Yevmenkin]

Julian,

> I was just discussing this with people here at USENIX and I'd like to
> start the process for committing this.

Oh, gee, thanks :) but, i'm not so sure about committing. There 
are several important bits and pieces that needed to be done. First
of all, i do want to see properly tested code with all documentation
in the tree. I cannot say this about current snapshots.

Things that MUST be fixed *before* commiting (IMO) sorted by 
priority

- Documentation, examples & man pages
- Multiple control hooks for HCI/L2CAP nodes
- HCI/L2CAP tools
 
> Do you think it deserves a separate directory under netgraph,
> or maybe a netbluetooth directory.

I'd rather not put it under netbluetooth, because it is a Netgraph
specific code. It probably makes sense to put it somewhere under
netgraph directory.
 
> the documentation needs to be made 'commit-ready' too, as well as some
> examples ready to put in /usr/share/examples/netgraph.

yeah, i know... i really should spend some time and write all
documentation.

thanks,
max


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: mpd for pptp - can't connect

[Archie Cobbs]

[ moving discussion to freebsd-net ]

Dan Langille writes:
> A while back, mpd was suggested as a pptp client.  I've started looking at 
> it.  However, I'm having trouble getting it to connect.  The office has a 
> MS server and I'm trying to connect using mpd.  FWIW, I can connect via 
> pptp-client.
> 
> The office IP is 1.2.3.4
> My dual homed gateway has an internal address of 192.168.0.21 (ie. that's 
> my default address for boxes on the home LAN).
> The office server has internal address of 10.0.0.18
> I can connect using MS CHAP V2, MPPE 128, MPPC from my W2K box.
> 
> Of note, I see this in the logs but don't know the significance: "pptp0: 
> CID 0xbc51 in SetLinkInfo not found"

That can be safely ignored. Just another harmless Windows bug.

> vpn:
> new -i ng1 vpn vpn
> set iface disable on-demand
> set iface addrs 192.168.0.21 10.0.1.18
> set iface idle 0
> set iface route 10.0.1.0/24
> set pptp peer 1.2.3.4
> set bundle disable multilink
> set bundle authname dan
> set bundle password secret
> set link yes acfcomp protocomp
> set link no pap
> set link enable chap
  
> set link accept chap
> set ipcp no vjcomp

Try "set link disable chap" instead. The Windows box may be
getting confused when you try to authenticate it.

-Archie

__
Archie Cobbs * Packet Design * http://www.packetdesign.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: mpd for pptp - can't connect

[Dan Langille]

On Thu, 13 Jun 2002, Archie Cobbs wrote:

> [ moving discussion to freebsd-net ]
>
> Dan Langille writes:
> > A while back, mpd was suggested as a pptp client.  I've started looking at
> > it.  However, I'm having trouble getting it to connect.  The office has a
> > MS server and I'm trying to connect using mpd.  FWIW, I can connect via
> > pptp-client.
> >
> > The office IP is 1.2.3.4
> > My dual homed gateway has an internal address of 192.168.0.21 (ie. that's
> > my default address for boxes on the home LAN).
> > The office server has internal address of 10.0.0.18
> > I can connect using MS CHAP V2, MPPE 128, MPPC from my W2K box.
> >
> > Of note, I see this in the logs but don't know the significance: "pptp0:
> > CID 0xbc51 in SetLinkInfo not found"
>
> That can be safely ignored. Just another harmless Windows bug.
>
> > vpn:
> > new -i ng1 vpn vpn
> > set iface disable on-demand
> > set iface addrs 192.168.0.21 10.0.1.18
> > set iface idle 0
> > set iface route 10.0.1.0/24
> > set pptp peer 1.2.3.4
> > set bundle disable multilink
> > set bundle authname dan
> > set bundle password secret
> > set link yes acfcomp protocomp
> > set link no pap
> > set link enable chap
> 
> > set link accept chap
> > set ipcp no vjcomp
>
> Try "set link disable chap" instead. The Windows box may be
> getting confused when you try to authenticate it.

Thanks.

[root@bast:/home/dan] # /usr/local/sbin/mpd
Multi-link PPP for FreeBSD, by Archie L. Cobbs.
Based on iij-ppp, by Toshiharu OHNO.
mpd: pid 88277, version 3.8 ([EMAIL PROTECTED] 06:56 13-Jun-2002)
[vpn] ppp node is "mpd88277-vpn"
[vpn] using interface ng1
[vpn] IFACE: Open event
[vpn] IPCP: Open event
[vpn] IPCP: state change Initial --> Starting
[vpn] IPCP: LayerStart
[vpn:vpn] [vpn] bundle: OPEN event in state CLOSED
[vpn] opening link "vpn"...
[vpn] link: OPEN event
[vpn] LCP: Open event
[vpn] LCP: state change Initial --> Starting
[vpn] LCP: LayerStart
[vpn] device: OPEN event in state DOWN
pptp0: connecting to 1.2.3.4:1723
[vpn] device is now in state OPENING
pptp0: connected to 1.2.3.4:1723
pptp0: attached to connection with 1.2.3.4:1723
pptp0-0: outgoing call connected at 14808325 bps
[vpn] PPTP call successful
[vpn] device: UP event in state OPENING
[vpn] device is now in state UP
[vpn] link: UP event
[vpn] link: origination is local
[vpn] LCP: Up event
[vpn] LCP: state change Starting --> Req-Sent
[vpn] LCP: phase shift DEAD --> ESTABLISH
[vpn] LCP: SendConfigReq #1
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 3edcfa59
[vpn] LCP: rec'd Configure Request #0 link 0 (Req-Sent)
 AUTHPROTO CHAP MSOFTv2
 MAGICNUM 7ef15c22
 PROTOCOMP
 ACFCOMP
 CALLBACK
   Not supported
 MP MRRU 1614
 ENDPOINTDISC [LOCAL] 71 35 8f ec 71 33 4c 72 b2 5e 3e c3 c4 1f 11 c5 00
00 00 00
 UNKNOWN[23] len=4
[vpn] LCP: SendConfigRej #0
 CALLBACK
 MP MRRU 1614
 UNKNOWN[23] len=4
[vpn] LCP: rec'd Configure Ack #1 link 0 (Req-Sent)
 ACFCOMP
 PROTOCOMP
 MRU 1500
 MAGICNUM 3edcfa59
[vpn] LCP: state change Req-Sent --> Ack-Rcvd
[vpn] LCP: rec'd Configure Request #1 link 0 (Ack-Rcvd)
 AUTHPROTO CHAP MSOFTv2
 MAGICNUM 7ef15c22
 PROTOCOMP
 ACFCOMP
 ENDPOINTDISC [LOCAL] 71 35 8f ec 71 33 4c 72 b2 5e 3e c3 c4 1f 11 c5 00
00 00 00
[vpn] LCP: SendConfigAck #1
 AUTHPROTO CHAP MSOFTv2
 MAGICNUM 7ef15c22
 PROTOCOMP
 ACFCOMP
 ENDPOINTDISC [LOCAL] 71 35 8f ec 71 33 4c 72 b2 5e 3e c3 c4 1f 11 c5 00
00 00 00
[vpn] LCP: state change Ack-Rcvd --> Opened
[vpn] LCP: phase shift ESTABLISH --> AUTHENTICATE
[vpn] LCP: auth: peer wants CHAP, I want nothing
[vpn] LCP: LayerUp
pptp0: CID 0xf158 in SetLinkInfo not found
[vpn] CHAP: rec'd CHALLENGE #0
 Name: "ROGERT"
 Using authname "dan"
[vpn] CHAP: sending RESPONSE
[vpn] CHAP: rec'd SUCCESS #0
 MESG: S=BABBB2EEDA09AEB119FD3A08673B8AAC8C4587E8
[vpn] LCP: authorization successful
[vpn] LCP: phase shift AUTHENTICATE --> NETWORK
[vpn] up: 1 link, total bandwidth 64000 bps
[vpn] IPCP: Up event
[vpn] IPCP: state change Starting --> Req-Sent
[vpn] IPCP: SendConfigReq #1
 IPADDR 192.168.0.21
[vpn] rec'd unexpected protocol CCP on link 0, rejecting
[vpn] IPCP: rec'd Configure Request #4 link 0 (Req-Sent)
 IPADDR 10.0.1.18
   10.0.1.18 is OK
[vpn] IPCP: SendConfigAck #4
 IPADDR 10.0.1.18
[vpn] IPCP: state change Req-Sent --> Ack-Sent
[vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
 IPADDR 10.0.1.26
   10.0.1.26 is unacceptable
[vpn] IPCP: SendConfigReq #2
 IPADDR 192.168.0.21
pptp0: CID 0xf158 in SetLinkInfo not found
[vpn] LCP: rec'd Terminate Request #5 link 0 (Opened)
[vpn] LCP: state change Opened --> Stopping
[vpn] LCP: phase shift NETWORK --> TERMINATE
[vpn] up: 0 links, total bandwidth 9600 bps
[vpn] IPCP: Down event
[vpn] IPCP: state change Ack-Sent --> Starting
[vpn] LCP: SendTerminateAck #2
[vpn] LCP: LayerDown
[vpn] LCP: rec'd Terminate Request #6 link 0 (Stopping)
[vpn] LCP: SendTerminateAck #3
[vpn] LCP: state change Stopping -->

Re: netgraph encryption?

[Archie Cobbs]

Lars Eggert writes:
> > ng_mppc(4) implements lame-strength encryption.
> 
> I looked briefly at ng_mppc but and was under the impression it needed a 
> ppp node above it. The packets I'd like to feed to an encryption node 
> are UDP (and soon TCP and IP). Or am I wrong?

In reality you can feed it anything you want. It's not PPP specific.

You would however have to rig up a node that handles packets going
out and returning on the same hook (ng_bpf(4) could be configured
to do this).

-Archie

__
Archie Cobbs * Packet Design * http://www.packetdesign.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: digiboard pc/8i

[Brian Somers]

What does dgb say when you boot with -v ?

I have one of these boards here - it worked last time I tried it

On Thu, 13 Jun 2002 23:08:53 +0700 (WIT), hantu <[EMAIL PROTECTED]> wrote:
> 
> 
> On Thu, 13 Jun 2002, Jonathan Lemon wrote:
> 
> > In article [EMAIL PROTECTED]> 
>you write:
> > >
> > >dear ,..
> > >i have old digiboard card pc/8i adapter, but my freebsd can't detect it :(
> > >i'm using fbsd 45R
> > >i was compile new kernel with add line with this :
> > >OPTIONS NDGBPORTS=8
> > >OPTIONS COM_MULTIPORT
> > >device dgb0
> > >
> > >i can't write "device dgb0 at isa? bla... bla...
> > >because if i write this my kernel can't be compile with error message " no
> > >isa ... bla.. bla.. on that line".
> >
> > Make sure that you have "device isa0" in your config file as well.
> > --
> > Jonathan
> >
> 
> the problem was fix it but, still can't detect digiboard :(
> any suggestion ?
> 
> thanks
> 
> regards
> saaal

-- 
Brian <[EMAIL PROTECTED]>   <[EMAIL PROTECTED]>
  
Don't _EVER_ lose your sense of humour !   

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: mpd for pptp - can't connect

[Archie Cobbs]

Dan Langille writes:
> [vpn] rec'd unexpected protocol CCP on link 0, rejecting

The peer wants to do MPPE encryption but you haven't enabled it.

> [vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
>  IPADDR 10.0.1.26
>10.0.1.26 is unacceptable

You need to relax your 'set ipcp ranges' as the peer wants to
assign you an IP address and you're not letting it.

It looks like you cut & pasted from the 'vpn' configuration
instead of the 'pptp client' configuration.. ?

-Archie

__
Archie Cobbs * Packet Design * http://www.packetdesign.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

ipfw rewrite - new snapshot available

['Luigi Rizzo']

[Bcc to -net]

Hi,
as I mentioned in a posting to -net a few days ago, over the past
weeks I have done an extensive rewrite of the ipfw code (both userland
and kernel) in an attempt to make it faster, more flexible and more
manageable.

The code is now almost ready for commit, so I would appreciate
some feedback if any of you feels like trying it and, even
better, run some performance test. You can fetch the code from

http://info.iet.unipi.it/~luigi/ipfw5.20020613.tgz

This is for a -current after May 15th, and replaces

sys/netinet/ip_fw.c
sys/netinet/ip_fw.h
sys/netinet/ip_dummynet.c
sbin/ipfw/ipfw.c

The idea behind this work was to replace the old ipfw rules
(macroinstructions) with a set of microinstructions, each of them
performing a single operation such as matching an address, or a
port range, or a protocol flag, etc.  -- much in the spirit of BPF
and derivatives -- and to let the userland front-end compile ipfw(8)
commands into an appropriate set of microinstructions.

There are several advantages in using this technique: first of all,
instructions are typically shorter and faster, because the old
code had to check for the presence of all the possible options
(there are over 25 of them!) in a rule, whereas the new one can
simply do just the things that are required.

I have implemented all the actions (accept/deny/pipe/divert/forward
...) and almost all the 25+ (ouch!) different options that can be
specified in a rule. The syntax for the userland program is 100%
backward compatible.

I have also implemented a few extensions to demonstrate the flexibility
of the new approach: you can put "or" connectives between fields,
so you can write things like

ipfw add allow ip from host1 or host2 or host3 or not net1/24 to any

and the like, and this greatly simplifies writing rulesets as
you can imagine.

Other extensions (in the form of address sets, multiple rule
chains to be used on layer-2 and layer-3 firewalls, etc. will
be trivial to implement.

cheers
luigi

---+-
  Luigi RIZZO, [EMAIL PROTECTED]  . Dip. di Ing. dell'Informazione
  http://www.iet.unipi.it/~luigi/  . Universita` di Pisa
  TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy)
  Mobile   +39-347-0373137
---+-

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: mpd for pptp - can't connect

[Dan Langille]

On Thu, 13 Jun 2002, Archie Cobbs wrote:

> Dan Langille writes:
> > [vpn] rec'd unexpected protocol CCP on link 0, rejecting
>
> The peer wants to do MPPE encryption but you haven't enabled it.
>
> > [vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
> >  IPADDR 10.0.1.26
> >10.0.1.26 is unacceptable
>
> You need to relax your 'set ipcp ranges' as the peer wants to
> assign you an IP address and you're not letting it.

I did have: set ipcp ranges 192.168.0.21/32 10.0.1.18/32

I just tried: set ipcp ranges 10.0.1.0/24 10.0.1.0/24

[vpn] CHAP: sending RESPONSE
[vpn] CHAP: rec'd SUCCESS #0
 MESG: S=A900924089CB64D1C2696C418A9D5392FE7F289F
[vpn] LCP: authorization successful
[vpn] LCP: phase shift AUTHENTICATE --> NETWORK
[vpn] up: 1 link, total bandwidth 64000 bps
[vpn] IPCP: Up event
[vpn] IPCP: state change Starting --> Req-Sent
[vpn] IPCP: SendConfigReq #1
 IPADDR 10.0.1.0
[vpn] rec'd unexpected protocol CCP on link 0, rejecting
[vpn] IPCP: rec'd Configure Request #4 link 0 (Req-Sent)
 IPADDR 10.0.1.18
   10.0.1.18 is OK
[vpn] IPCP: SendConfigAck #4
 IPADDR 10.0.1.18
[vpn] IPCP: state change Req-Sent --> Ack-Sent
[vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
 IPADDR 10.0.1.26
   10.0.1.26 is OK
[vpn] IPCP: SendConfigReq #2
 IPADDR 10.0.1.26
[vpn] LCP: rec'd Terminate Request #5 link 0 (Opened)
[vpn] LCP: state change Opened --> Stopping
[vpn] LCP: phase shift NETWORK --> TERMINATE
[vpn] up: 0 links, total bandwidth 9600 bps
[vpn] IPCP: Down event
[vpn] IPCP: state change Ack-Sent --> Starting
[vpn] LCP: SendTerminateAck #2
[vpn] LCP: LayerDown
pptp0: CID 0x4ac3 in SetLinkInfo not found
[vpn] LCP: rec'd Terminate Request #6 link 0 (Stopping)
[vpn] LCP: SendTerminateAck #3
[vpn] LCP: state change Stopping --> Stopped
[vpn] LCP: phase shift TERMINATE --> ESTABLISH
[vpn] LCP: LayerFinish
[vpn] device: CLOSE event in state UP
pptp0-0: clearing call
[vpn] device is now in state CLOSING
[vpn] device: DOWN event in state CLOSING
[vpn] device is now in state DOWN
[vpn] link: DOWN event
[vpn] LCP: Down event
[vpn] LCP: state change Stopped --> Starting
[vpn] LCP: phase shift ESTABLISH --> DEAD
[vpn] LCP: LayerStart
[vpn] device: OPEN event in state DOWN
[vpn] pausing 9 seconds before open
[vpn] device is now in state DOWN
[vpn] device: OPEN event in state DOWN
[vpn] device is now in state DOWN
pptp0-0: peer call disconnected res=zero? err=none
pptp0-0: killing channel
pptp0: closing connection with 1.2.3.4:1723

> It looks like you cut & pasted from the 'vpn' configuration
> instead of the 'pptp client' configuration.. ?

Yes.  I am already running ppp for my DSL connection.  mpd is just for a
VPN to the office.





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: mpd for pptp - can't connect

[Archie Cobbs]

Dan Langille writes:
> > > [vpn] rec'd unexpected protocol CCP on link 0, rejecting
> >
> > The peer wants to do MPPE encryption but you haven't enabled it.
> >
> > > [vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
> > >  IPADDR 10.0.1.26
> > >10.0.1.26 is unacceptable
> >
> > You need to relax your 'set ipcp ranges' as the peer wants to
> > assign you an IP address and you're not letting it.
> 
> I did have: set ipcp ranges 192.168.0.21/32 10.0.1.18/32
> 
> I just tried: set ipcp ranges 10.0.1.0/24 10.0.1.0/24
> 
> [vpn] CHAP: sending RESPONSE
> [vpn] CHAP: rec'd SUCCESS #0
>  MESG: S=A900924089CB64D1C2696C418A9D5392FE7F289F
> [vpn] LCP: authorization successful
> [vpn] LCP: phase shift AUTHENTICATE --> NETWORK
> [vpn] up: 1 link, total bandwidth 64000 bps
> [vpn] IPCP: Up event
> [vpn] IPCP: state change Starting --> Req-Sent
> [vpn] IPCP: SendConfigReq #1
>  IPADDR 10.0.1.0
> [vpn] rec'd unexpected protocol CCP on link 0, rejecting
> [vpn] IPCP: rec'd Configure Request #4 link 0 (Req-Sent)
>  IPADDR 10.0.1.18
>10.0.1.18 is OK
> [vpn] IPCP: SendConfigAck #4
>  IPADDR 10.0.1.18
> [vpn] IPCP: state change Req-Sent --> Ack-Sent
> [vpn] IPCP: rec'd Configure Nak #1 link 0 (Ack-Sent)
>  IPADDR 10.0.1.26
>10.0.1.26 is OK
> [vpn] IPCP: SendConfigReq #2
>  IPADDR 10.0.1.26
> [vpn] LCP: rec'd Terminate Request #5 link 0 (Opened)
 ^^^

The windows box is still hanging up on you. Did you try turning
on MPPE encryption? See mpd.conf.sample for how to do so.

-Archie

__
Archie Cobbs * Packet Design * http://www.packetdesign.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: netgraph encryption?

[Lars Eggert]

Archie Cobbs wrote:
>>I looked briefly at ng_mppc but and was under the impression it needed a 
>>ppp node above it. The packets I'd like to feed to an encryption node 
>>are UDP (and soon TCP and IP). Or am I wrong?
> 
> In reality you can feed it anything you want. It's not PPP specific.
> 
> You would however have to rig up a node that handles packets going
> out and returning on the same hook (ng_bpf(4) could be configured
> to do this).

OK, I'll look into it. Or I'll try to find an undergrad to build 
ng_blowfish :-)

As an aside, do netgraph interfaces have problems with multicast? I've 
seen crashes using both mrouted and pim6dd when I had a netgraph 
interface configured. I'll try to produce a dump next time.

Lars
-- 
Lars Eggert <[EMAIL PROTECTED]>   USC Information Sciences Institute



smime.p7s
Description: S/MIME Cryptographic Signature

Re: netgraph encryption?

[Archie Cobbs]

Lars Eggert writes:
> As an aside, do netgraph interfaces have problems with multicast? I've 
> seen crashes using both mrouted and pim6dd when I had a netgraph 
> interface configured. I'll try to produce a dump next time.

Not that I know of..

If you can get a stack trace I'd be interested in taking a look.

-Archie

__
Archie Cobbs * Packet Design * http://www.packetdesign.com

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: netgraph encryption?

[Julian Elischer]

I haven't seen a problem with multicast and netgraph but 
that doesn't mean there isn't a problem. Let us see if there is a
traceback.

On Thu, 13 Jun 2002, Lars Eggert wrote:

> Archie Cobbs wrote:
> >>I looked briefly at ng_mppc but and was under the impression it needed a 
> >>ppp node above it. The packets I'd like to feed to an encryption node 
> >>are UDP (and soon TCP and IP). Or am I wrong?
> > 
> > In reality you can feed it anything you want. It's not PPP specific.
> > 
> > You would however have to rig up a node that handles packets going
> > out and returning on the same hook (ng_bpf(4) could be configured
> > to do this).
> 
> OK, I'll look into it. Or I'll try to find an undergrad to build 
> ng_blowfish :-)
> 
> As an aside, do netgraph interfaces have problems with multicast? I've 
> seen crashes using both mrouted and pim6dd when I had a netgraph 
> interface configured. I'll try to produce a dump next time.
> 
> Lars
> -- 
> Lars Eggert <[EMAIL PROTECTED]>   USC Information Sciences Institute
> 


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message