Hello,
looks like the MAC-Box doesn't answer to the config-Request.
for test, try to activate PAP and MSCHAP.
PAP only for test because it is not encrypted !!!
Don't forget to edit the pap-secrets.
Is a Firewall running on the MAC ?
Is ther something like Ethereal on the MAC ?
If YES:
Can you "see" the packages: Trace for port 1723 and Proto 47 (GRE)
Is there an NAT-Router between the PPTPD-Server an the Client ?
BTW: GRE is the transportproto for your encrypted data. TCP 1723 is the
for Controll.
CU
Robert
-----Ursprüngliche Nachricht-----
Von: Lars Behrens [mailto:lars@brainlift.de]
Gesendet: Donnerstag, 24. Juni 2004 09:24
An: suse-security@suse.com
Betreff: [suse-security] PPP-Probleme mit PPTPD und Mac Airport
Hallo, Liste,
i got some problems with mac-os 10 clients on my poptop-server.
windows 2000 und XP are working well: fast and stable connection,
while the mac doesnt get to the ppp-connection properly.
mac-client (with the internal pptp-client, btw) gets an IP from the
server, then connects via pptp, than comes an LCP ConfReq-Message
(gre-pakete...!?), die kommen auch beim client an; der sagt dann
Jun 23 13:08:49 access pppd[5233]: sent [LCP ConfReq id=0x1 <pcomp>
<accomp>]
at this point theres a break for 30 seconds... than follows:
Jun 23 13:09:16 access last message repeated 9 times
Jun 23 13:09:19 access pppd[5233]: LCP: timeout sending Config-Requests
Jun 23 13:09:19 access pppd[5233]: Connection terminated.
Jun 23 13:09:19 access pppd[5233]: Exit.
Jun 23 13:09:19 access pptpd[5232]: Error reading from pppd:
Input/output error
Jun 23 13:09:19 access pptpd[5232]: CTRL: GRE read or PTY write failed
(gre,pty)=(6,5)
Jun 23 13:09:19 access pptpd[5232]: CTRL: Client 10.28.52.198 control
connection finished
Jun 23 13:09:19 access pptpd[5232]: CTRL: Exiting now
with tcpdump I can see, that the client receives packets:
07:42:54.513953 IP 10.28.52.1 > 10.28.52.197: call 1361 seq 7
gre-ppp-payload
07:42:54.513953 IP 10.28.52.1 > 10.28.52.197: call 1361 seq 8
gre-ppp-payload
after the 10th or so payload the connection shuts down from the servers
side:
Jun 23 13:09:16 access last message repeated 9 times
Jun 23 13:09:19 access pppd[5233]: LCP: timeout sending Config-Requests
Jun 23 13:09:19 access pppd[5233]: Connection terminated.
Jun 23 13:09:19 access pppd[5233]: Exit.
Jun 23 13:09:19 access pptpd[5232]: Error reading from pppd:
Input/output error
Jun 23 13:09:19 access pptpd[5232]: CTRL: GRE read or PTY write failed
(gre,pty)=(6,5)
Jun 23 13:09:19 access pptpd[5232]: CTRL: Client 10.28.52.198 control
connection finished
Jun 23 13:09:19 access pptpd[5232]: CTRL: Exiting now
tcpdump on the server says:
14:56:15.954532 access.hfk-bremen.de > 10.28.52.198: gre [KSv1] ID:0995
S:8 ppp: Conf-Req(1), MRU=1450, ACCM=00000000, Auth-Prot CHAP/MSCHAPv2,
Magic-Num=1a660c17, PFC, ACFC (D
and then nothing more....
system server: suse 9, poptop 1.1.2, pppd2.4.2, kernel 2.4.21,
ppp-module loaded.
system client: mac powerbook w/ internal airport extreme, pptp-client
by Apple (?).
firewall is shut down on both sides.
options.ppp0:
lock
debug
auth
+chap
-chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
asyncmap 0
proxyarp
mru 1450
mtu 1450
ipcp-accept-local
ipcp-accept-remote
thanx in advance for help!
greetings
lars behrens
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@suse.com
Security-related bug reports go to security@suse.de, not here