Re: PPP auth failed after connection

Ray Chandler <chandler3@xxxxxxx> · Thu, 5 Aug 2010 08:53:39 +0000 (GMT)

Thanks. I've now tried that, but it hasn't fixed the problem - still get ppp 
authorisation failed and lost carrier after initial connection.

________________________________
From: Marvin Stodolsky <marvin.stodolsky@xxxxxxxxx>
To: Ray Chandler <chandler3@xxxxxxx>
Cc: linmodems list <discuss@xxxxxxxxxxxxx>
Sent: Wednesday, 4 August, 2010 23:27:32
Subject: Re: PPP auth failed after connection

re: kppp appeared to keep
the connection open, with the time indicator moving on and the telephone line
occupied until I cancelled kppp. But it was no good because despite the
'connection' I couldn't get access to any websites or email.
-------
Do
$ ifconfig
if blocks for eth0 or wlan0 are shown, these must be closed before
dialout, or DNS services for PPP will fail
Shutdown with ROOT commands like:
ifconfig eth0 down
if config wlan0 down

MarvS

On Wed, Aug 4, 2010 at 5:12 AM, Ray Chandler <chandler3@xxxxxxx> wrote:
> Thank you again. I have tried all your suggestions but still no success.
> Below is the wvdial.out content as requested. It got this far then nothing
> further happened for ages and there was still no connection.
>
> I have also tried kppp as well as gnomeppp and wvdial, and while gnomeppp and
> wvdial produced the same results - apparrently connecting then dropping out
> immediately with a "ppp authorization failed" message - kppp appeared to keep
> the connection open, with the time indicator moving on and the telephone line
> occupied until I cancelled kppp. But it was no good because despite the
> 'connection' I couldn't get access to any websites or email.
>
> ray@ray-laptop:~$ sudo wvdial 2>&1 | tee wvdial.out
> [sudo] password for ray:
> --> WvDial: Internet dialer version 1.60
> --> Initializing modem.
> --> Sending: ATZ
> ATZ
> OK
> --> Modem initialized.
> --> Sending: ATDT08456600919
> --> Waiting for carrier.
> ATDT08456600919
> CONNECT 57600
> User Access Verification
> login:
> --> Carrier detected.  Waiting for prompt.
> login:
> --> Looks like a login prompt.
> --> Sending: ukf5041550
> ukf5041550
> Password:
> --> Looks like a password prompt.
> --> Sending: (password)
> PPP authorization failed.
> NO CARRIER
> --> Don't know what to do!  Starting pppd and hoping for the best.
> --> Starting pppd at Wed Aug  4 09:45:40 2010
> --> Pid of pppd: 3066
>
>
>
>
> ----- Original Message ----
>> From: Antonio Olivares <olivares14031@xxxxxxxxx>
>> To: Ray Chandler <chandler3@xxxxxxx>
>> Cc: linmodems list <discuss@xxxxxxxxxxxxx>
>> Sent: Wednesday, 4 August, 2010 0:10:04
>> Subject: Re: PPP auth failed after connection
>>
>> Ray,
>>
>> I am trying to see how I can help.  Here are some things you  can do:
>>
>> Add the following to the file /etc/resolv.conf.  Open it  with
>> $ sudo gedit /etc/wvdial
>>
>> nameserver 195.188.107.40
>> nameserver  195.188.107.42
>>
>> add the above to the file and save it.
>>
>> I have found  this information here:
>>
>> http://www.ukfantastic.net/techsupport.html
>> and
>> http://www.ukfantastic.net/mac.html
>>
>> Maybe you would need to change  username from
>>
>> --> Looks like a login prompt.
>> --> Sending: chandler5@xxxxxxx
>>
>> to  ukfchandler5
>>
>> and see if you can login in.  Add a line
>>
>> Carrier  Check = no
>>
>> to your /etc/wvdial.conf file and this time I kindly ask you  to do the
>> following:
>>
>> # wvdial 2>&1 | tee wvdial.out
>> or
>> $  sudo wvdial 2>&1 | tee wvdial.out
>>
>> Send us wvdial.out.
>> Also  while dialing out, have another terminal shell open with
>> $ sudo tail -f  /var/log/messages
>>
>> or
>> # tail -f /var/log/messages
>>
>> Hope we can  help you fix this issue.
>>
>> Regards,
>>
>> Antonio
>>
>> On 8/3/10, Ray  Chandler <chandler3@xxxxxxx> wrote:
>> > Thank  you. Here is the options file:
>> >
>> > # /etc/ppp/options
>> >  #
>> > # Originally created by Jim Knoble <jmknoble@xxxxxxxxxxxxxxxxxxxxx>
>> >  # Modified for Debian by alvar Bray <alvar@xxxxxxxxxxx>
>> > # Modified for  PPP Server setup by Christoph Lameter <clameter@xxxxxxxxxx>
>> > #
>> >  # To quickly see what options are active in this file, use this command:
>> >  #   egrep -v '#|^ *$' /etc/ppp/options
>> >
>> > # Specify which DNS  Servers the incoming Win95 or WinNT Connection should
>> > use
>> > # Two  Servers can be remotely configured
>> > # ms-dns 192.168.1.1
>> > # ms-dns  192.168.1.2
>> >
>> > # Specify which WINS Servers the incoming connection  Win95 or WinNT should
>> > use
>> > # ms-wins 192.168.1.50
>> > #  ms-wins 192.168.1.51
>> >
>> > # Run the executable or shell command  specified after pppd has
>> > # terminated the link.  This script could,  for example, issue commands
>> > # to the modem to cause it to hang up if  hardware modem control signals
>> > # were not available.
>> > #disconnect  "chat -- \d+++\d\c OK ath0 OK"
>> >
>> > # async character map -- 32-bit  hex; each bit is a character
>> > # that needs to be escaped for pppd to  receive it.  0x00000001
>> > # represents '\x01', and 0x80000000  represents '\x1f'.
>> > asyncmap 0
>> >
>> > # Require the peer to  authenticate itself before allowing network
>> > # packets to be sent or  received.
>> > # Please do not disable this setting. It is expected to be  standard in
>> > # future releases of pppd. Use the call option (see manpage)  to disable
>> > # authentication for specific peers.
>> > # auth
>> >  noauth
>> >
>> > # ... Unfortunately, fixing this properly in the peers  file
>> > # (/etc/ppp/peers/ppp0, typically) is apparently incompatible with  the
>> > # paradigm used by gnome-system-tools and system-tools-backend  for
>> > # managing the peers files.  So in Ubuntu Feisty we change the  default.
>> >
>> > # Use hardware flow control (i.e. RTS/CTS) to control  the flow of data
>> > # on the serial port.
>> > crtscts
>> >
>> > #  Use software flow control (i.e. XON/XOFF) to control the flow of data
>> > #  on the serial port.
>> > #xonxoff
>> >
>> > # Specifies that certain  characters should be escaped on transmission
>> > # (regardless of whether  the peer requests them to be escaped with its
>> > # async control character  map).  The characters to be escaped are
>> > # specified as a list of  hex numbers separated by commas.  Note that
>> > # almost any character  can be specified for the escape option, unlike
>> > # the asyncmap option  which only allows control characters to be
>> > # specified.  The  characters which may not be escaped are those with hex
>> > # values 0x20 -  0x3f or 0x5e.
>> > #escape 11,13,ff
>> >
>> > # Don't use the modem  control lines.
>> > #local
>> >
>> > # Specifies that pppd should use a  UUCP-style lock on the serial device
>> > # to ensure exclusive access to the  device.
>> > lock
>> >
>> > # Don't show the passwords when logging the  contents of PAP packets.
>> > # This is the default.
>> >  hide-password
>> >
>> > # When logging the contents of PAP packets, this  option causes pppd to
>> > # show the password string in the log  message.
>> > #show-password
>> >
>> > # Use the modem control  lines.  On Ultrix, this option implies hardware
>> > # flow control, as  for the crtscts option.  (This option is not fully
>> > #  implemented.)
>> > modem
>> >
>> > # Set the MRU [Maximum Receive Unit]  value to <n> for negotiation.  pppd
>> > # will ask the peer to  send packets of no more than <n> bytes. The
>> > # minimum MRU value is  128.  The default MRU value is 1500.  A value of
>> > # 296 is  recommended for slow links (40 bytes for TCP/IP header + 256
>> > # bytes of  data).
>> > #mru 542
>> >
>> > # Set the interface netmask to  <n>, a 32 bit netmask in "decimal dot"
>> > # notation (e.g.  255.255.255.0).
>> > #netmask 255.255.255.0
>> >
>> > # Disables the  default behaviour when no local IP address is specified,
>> > # which is to  determine (if possible) the local IP address from the
>> > # hostname. With  this option, the peer will have to supply the local IP
>> > # address during  IPCP negotiation (unless it specified explicitly on the
>> > # command line  or in an options file).
>> > #noipdefault
>> >
>> > # Enables the  "passive" option in the LCP.  With this option, pppd will
>> > # attempt  to initiate a connection; if no reply is received from the
>> > # peer, pppd  will then just wait passively for a valid LCP packet from
>> > # the peer  (instead of exiting, as it does without this option).
>> >  #passive
>> >
>> > # With this option, pppd will not transmit LCP packets  to initiate a
>> > # connection until a valid LCP packet is received from the  peer (as for
>> > # the "passive" option with old versions of pppd).
>> >  #silent
>> >
>> > # Don't request or allow negotiation of any options for  LCP and IPCP
>> > # (use default values).
>> > #-all
>> >
>> > #  Disable Address/Control compression negotiation (use default, i.e.
>> > #  address/control field disabled).
>> > #-ac
>> >
>> > # Disable asyncmap  negotiation (use the default asyncmap, i.e. escape
>> > # all control  characters).
>> > #-am
>> >
>> > # Don't fork to become a background  process (otherwise pppd will do so
>> > # if a serial device is  specified).
>> > #-detach
>> >
>> > # Disable IP address negotiation  (with this option, the remote IP
>> > # address must be specified with an  option on the command line or in
>> > # an options file).
>> >  #-ip
>> >
>> > # Disable IPCP negotiation and IP communication. This  option should
>> > # only be required if the peer is buggy and gets confused  by requests
>> > # from pppd for IPCP negotiation.
>> >  #noip
>> >
>> > # Disable magic number negotiation.  With this  option, pppd cannot
>> > # detect a looped-back line.
>> >  #-mn
>> >
>> > # Disable MRU [Maximum Receive Unit] negotiation (use  default, i.e.
>> > # 1500).
>> > #-mru
>> >
>> > # Disable protocol  field compression negotiation (use default, i.e.
>> > # protocol field  compression disabled).
>> > #-pc
>> >
>> > # Require the peer to  authenticate itself using PAP.
>> > #+pap
>> >
>> > # Don't agree to  authenticate using PAP.
>> > #-pap
>> >
>> > # Require the peer to  authenticate itself using CHAP [Cryptographic
>> > # Handshake Authentication  Protocol] authentication.
>> > #+chap
>> >
>> > # Don't agree to  authenticate using CHAP.
>> > #-chap
>> >
>> > # Disable negotiation of  Van Jacobson style IP header compression (use
>> > # default, i.e. no  compression).
>> > #-vj
>> >
>> > # Increase debugging level (same as  -d).  If this option is given, pppd
>> > # will log the contents of all  control packets sent or received in a
>> > # readable form.  The packets  are logged through syslog with facility
>> > # daemon and level debug. This  information can be directed to a file by
>> > # setting up /etc/syslog.conf  appropriately (see syslog.conf(5)).  (If
>> > # pppd is compiled with  extra debugging enabled, it will log messages
>> > # using facility local2  instead of daemon).
>> > #debug
>> >
>> > # Append the domain name  <d> to the local host name for authentication
>> > # purposes.   For example, if gethostname() returns the name porsche,
>> > # but the fully  qualified domain name is porsche.Quotron.COM, you would
>> > # use the domain  option to set the domain name to Quotron.COM.
>> > #domain  <d>
>> >
>> > # Enable debugging code in the kernel-level PPP  driver.  The argument n
>> > # is a number which is the sum of the  following values: 1 to enable
>> > # general debug messages, 2 to request  that the contents of received
>> > # packets be printed, and 4 to request  that the contents of transmitted
>> > # packets be printed.
>> > #kdebug  n
>> >
>> > # Set the MTU [Maximum Transmit Unit] value to <n>.  Unless the peer
>> > # requests a smaller value via MRU negotiation, pppd  will request that
>> > # the kernel networking code send data packets of no  more than n bytes
>> > # through the PPP network interface.
>> > #mtu  <n>
>> >
>> > # Set the name of the local system for authentication  purposes to <n>.
>> > # This is a privileged option. With this option,  pppd will use lines in 
the
>> > # secrets files which have <n> as the  second field when looking for a
>> > # secret to use in authenticating the  peer. In addition, unless overridden
>> > # with the user option, <n>  will be used as the name to send to the peer
>> > # when authenticating the  local system to the peer. (Note that pppd does
>> > # not append the domain  name to <n>.)
>> > #name <n>
>> >
>> > # Enforce the use of  the hostname as the name of the local system for
>> > # authentication  purposes (overrides the name option).
>> > #usehostname
>> >
>> > # Set  the assumed name of the remote system for authentication purposes
>> > # to  <n>.
>> > #remotename <n>
>> >
>> > # Add an entry to this  system's ARP [Address Resolution Protocol]
>> > # table with the IP address  of the peer and the Ethernet address of this
>> > # system.
>> >  proxyarp
>> >
>> > # Use the system password database for authenticating  the peer using
>> > # PAP. Note: mgetty already provides this option. If this  is specified
>> > # then dialin from users using a script under Linux to fire  up ppp wont
>> > work.
>> > # login
>> >
>> > # If this option is  given, pppd will send an LCP echo-request frame to the
>> > # peer every n  seconds. Normally the peer should respond to the
> echo-request
>> > # by  sending an echo-reply. This option can be used with the
>> > #  lcp-echo-failure option to detect that the peer is no longer connected.
>> >  lcp-echo-interval 30
>> >
>> > # If this option is given, pppd will  presume the peer to be dead if n
>> > # LCP echo-requests are sent without  receiving a valid LCP echo-reply.
>> > # If this happens, pppd will terminate  the connection.  Use of this
>> > # option requires a non-zero value for  the lcp-echo-interval parameter.
>> > # This option can be used to enable  pppd to terminate after the physical
>> > # connection has been broken (e.g.,  the modem has hung up) in
>> > # situations where no hardware modem control  lines are available.
>> > lcp-echo-failure 4
>> >
>> > # Set the LCP  restart interval (retransmission timeout) to <n> seconds
>> > #  (default 3).
>> > #lcp-restart <n>
>> >
>> > # Set the maximum  number of LCP terminate-request transmissions to <n>
>> > # (default  3).
>> > #lcp-max-terminate <n>
>> >
>> > # Set the maximum  number of LCP configure-request transmissions to <n>
>> > # (default  10).
>> > #lcp-max-configure <n>
>> >
>> > # Set the maximum  number of LCP configure-NAKs returned before starting
>> > # to send  configure-Rejects instead to <n> (default 10).
>> > #lcp-max-failure  <n>
>> >
>> > # Set the IPCP restart interval (retransmission  timeout) to <n>
>> > # seconds (default 3).
>> > #ipcp-restart  <n>
>> >
>> > # Set the maximum number of IPCP terminate-request  transmissions to <n>
>> > # (default 3).
>> > #ipcp-max-terminate  <n>
>> >
>> > # Set the maximum number of IPCP configure-request  transmissions to <n>
>> > # (default 10).
>> > #ipcp-max-configure  <n>
>> >
>> > # Set the maximum number of IPCP configure-NAKs  returned before starting
>> > # to send configure-Rejects instead to  <n> (default 10).
>> > #ipcp-max-failure <n>
>> >
>> > #  Set the PAP restart interval (retransmission timeout) to <n>  seconds
>> > # (default 3).
>> > #pap-restart <n>
>> >
>> > #  Set the maximum number of PAP authenticate-request transmissions to
>> > #  <n> (default 10).
>> > #pap-max-authreq <n>
>> >
>> > # Set  the maximum time that pppd will wait for the peer to authenticate
>> > #  itself with PAP to <n> seconds (0 means no limit).
>> > #pap-timeout  <n>
>> >
>> > # Set the CHAP restart interval (retransmission  timeout for
>> > # challenges) to <n> seconds (default 3).
>> >  #chap-restart <n>
>> >
>> > # Set the maximum number of CHAP  challenge transmissions to <n>
>> > # (default 10).
>> >  #chap-max-challenge
>> >
>> > # If this option is given, pppd will  rechallenge the peer every <n>
>> > # seconds.
>> > #chap-interval  <n>
>> >
>> > # With this option, pppd will accept the peer's idea  of our local IP
>> > # address, even if the local IP address was specified in  an option.
>> > #ipcp-accept-local
>> >
>> > # With this option, pppd  will accept the peer's idea of its (remote) IP
>> > # address, even if the  remote IP address was specified in an option.
>> >  #ipcp-accept-remote
>> >
>> > # Disable the IPXCP and IPX  protocols.
>> > # To let pppd pass IPX packets comment this out --- you'll  probably also
>> > # want to install ipxripd, and have the Internal IPX  Network option 
enabled
>> > # in your kernel.   /usr/doc/HOWTO/IPX-HOWTO.gz contains more info.
>> > noipx
>> >
>> > #  Exit once a connection has been made and terminated. This is the
> default,
>> > # unless the `persist' or `demand' option has been  specified.
>> > #nopersist
>> >
>> > # Do not exit after a connection  is terminated; instead try to reopen
>> > # the connection.
>> >  #persist
>> >
>> > # Terminate after n consecutive failed connection  attempts.
>> > # A value of 0 means no limit. The default value is  10.
>> > #maxfail <n>
>> >
>> > # Initiate the link only on  demand, i.e. when data traffic is present.
>> > # With this option, the  remote IP address must be specified by the user on
>> > # the command line or  in an options file.  Pppd will initially configure
>> > # the interface  and enable it for IP traffic without connecting to the
> peer.
>> > # When  traffic is available, pppd will connect to the peer and perform
>> > #  negotiation, authentication, etc.  When this is completed, pppd  will
>> > # commence passing data packets (i.e., IP packets) across the  link.
>> > #demand
>> >
>> > # Specifies that pppd should disconnect if  the link is idle for <n>
> seconds.
>> > # The link is idle when no data  packets (i.e. IP packets) are being sent 
or
>> > # received.  Note: it  is not advisable to use this option with the persist
>> > # option without  the demand option.  If the active-filter option is given,
>> > # data  packets which are rejected by the specified activity filter also
>> > # count  as the link being idle.
>> > #idle <n>
>> >
>> > # Specifies how  many seconds to wait before re-initiating the link after
>> > # it  terminates.  This option only has any effect if the persist or 
 demand
>> > # option is used.  The holdoff period is not applied if the  link was
>> > # terminated because it was idle.
>> > #holdoff  <n>
>> >
>> > # Wait for up n milliseconds after the connect script  finishes for a valid
>> > # PPP packet from the peer.  At the end of  this time, or when a valid PPP
>> > # packet is received from the peer, pppd  will commence negotiation by
>> > # sending its first LCP packet.  The  default value is 1000 (1 second).
>> > # This wait period only applies if the  connect or pty option is used.
>> > #connect-delay <n>
>> >
>> >  # Packet filtering: for more information, see pppd(8)
>> > # Any packets  matching the filter expression will be interpreted as link
>> > # activity,  and will cause a "demand" connection to be activated, and 
reset
>> > # the  idle connection timer. (idle option)
>> > # The filter expression is akin to  that of tcpdump(1)
>> > #active-filter  <filter-expression>
>> >
>> > # ---<End of  File>---
>> >
>> >
>> >
>> >  ________________________________
>> > From: Antonio Olivares <olivares14031@xxxxxxxxx>
>> >  To: Ray Chandler <chandler3@xxxxxxx>
>> > Cc: linmodems  list <discuss@xxxxxxxxxxxxx>
>> > Sent:  Tuesday, 3 August, 2010 15:42:38
>> > Subject: Re: PPP auth failed after  connection
>> >
>> > Ray,
>> >
>> > There are several options that  are mutually exclusive.  You may have
>> > that case, Can you send us  what is in /etc/ppp/options, post output of
>> > $ cat  /etc/ppp/options
>> >
>> > and also try to read Jacques' excellent  troubleshooting guide:
>> >
>> > http://linmodems.technion.ac.il/post-install.html
>> >
>> >  Regards,
>> >
>> > Antonio
>> >
>> > On Tue, Aug 3, 2010 at 1:55 AM,  Ray Chandler <chandler3@xxxxxxx> wrote:
>> >>  Following the instructions on linmodems.org, and using the generic 
 driver
>> >> recommended (my specific ubuntu 10.04 kernel is not listed,  so I 
installed
>> >> the
>> >> generic), I have got the winmodem  dialling and connecting, but then it
>> >>  drops
>> >>out
>> >>
>> >> because of a PPP problem. Any tips  about fixing this? The ppp options 
file
>> >> nas
>> >> "noauth"  set. Here's the log from Gnome PPP (I get the same info if 
 using
>> >>wvdial
>> >>
>> >> direct):
>> >>
>> >>  --> WvDial: Internet dialer version 1.60
>> >> --> Cannot set  information for serial port.
>> >> --> Initializing modem.
>> >>  --> Sending: ATZ
>> >> ATZ
>> >> OK
>> >> --> Sending:  ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
>> >> ATQ0 V1 E1 S0=0 &C1  &D2 +FCLASS=0
>> >> OK
>> >> --> Modem  initialized.
>> >> --> Sending: ATM1L3DT08456600923
>> >> -->  Waiting for carrier.
>> >> ATM1L3DT08456600923
>> >> CONNECT  460800
>> >> --> Carrier  detected.  Waiting for  prompt.
>> >> User Access Verification
>> >> login:
>> >>  --> Looks like a login prompt.
>> >> --> Sending: chandler5@xxxxxxx
>> >> chandler5@xxxxxxx
>> >>  Password:
>> >> --> Looks like a password prompt.
>> >> -->  Sending: (password)
>> >> PPP authorization failed.
>> >> -->  Connected, but carrier signal lost!  Retrying...
>> >> -->  Sending: ATM1L3DT08456600923
>> >> --> Waiting for carrier.
>> >>  NO CARRIER
>> >>
>> >> Thanks, Ray
>> >>
>> >
>> >
>> R0
>
3