Hi I am trying to use kvpnc to connect to my work VPN. The server is a Windows ISA server. I have selected the "require MPPE" option. At connection time unfortunately, with debug, the log file says: Nov 29 14:29:35 [pppd] sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x15190f75> <accomp>] Nov 29 14:29:35 [pppd] MPPE required, but MS-CHAP[v2] auth not performed. Nov 29 14:29:35 [pppd] sent [LCP TermReq id=0x2 "MPPE required but not available "] Nov 29 14:29:36 [pppd] rcvd [LCP EchoReq id=0x0 magic=0x15190f75] Nov 29 14:29:36 [pppd] rcvd [LCP TermReq id=0x3 "peer refused to authenticate"] I added my CHAP "secret" with pptp-command. Adding the secret does not add the "*" for IP address coloum in the "/etc/ppp/chap-secrets file, is this normal? Another question is the format of the domain\username. In the secret file for chap, the example was "domain\\username". Should this be the same for the "user" value in the peer file? I read online that the NT Domain part must be left blank, but the domain added as prefix, as described above, to the username. Is this still valid? The kernel module ppp_mppe loads fine, and the modinfo gives filename: /lib/modules/2.6.30-tuxonice-r4/kernel/drivers/net/ppp_mppe.ko version: 1.0.2 alias: ppp-compress-18 license: Dual BSD/GPL description: Point-to-Point Protocol Microsoft Point-to-Point Encryption support author: Frank Cusack <fcusack@xxxxxxxxxxx> srcversion: 75D9E5320BB61153D0F4AF5 depends: ppp_generic vermagic: 2.6.30-tuxonice-r4 SMP mod_unload modversions 686 4KSTACKS pppd version is 2.4.4 pptp version is 1.7.2 # lsmod |grep ppp ppp_deflate 4188 0 ppp_async 7496 0 crc_ccitt 1796 1 ppp_async ppp_mppe 6088 0 ppp_generic 21568 4 ppp_deflate,bsd_comp,ppp_async,ppp_mppe slhc 5156 1 ppp_generic The peer file is attached as kvpnc.txt, and the secrets file looks like this: # Secrets for authentication using CHAP # client server secret IP addresses myworkdomain\\djh myworkdomain ***** myworkdomain myworkdomain\\djh ***** Notice that the connection server is called server.myworkdomain.co.za, but the domain I specified as myworkdomain (without .co.za) Any help will be much appreciated. Thanks Diederik
# generated by kvpnc. Do not edit it. # profile: myworkdomain.co.za # name of tunnel, used to select lines in secrets files remotename myworkdomain.co.za # name of tunnel, used to name /var/run pid file linkname kvpc.myworkdomain.co.za # name of tunnel, passed to ip-up scripts ipparam kvpnc.myworkdomain.co.za # data stream for pppd to use pty "/usr/sbin/pptp --loglevel 1 myworkdomain.co.za --nolaunchpppd" # domain and username, used to select lines in secrets files name "myworkdomain\myworkusername" # use MPPE encryption require-mppe nomppe-stateful require-mppe-128 # we do not require the peer to authenticate itself noauth # we want to see what happen nodetach # lock the device lock # Do not use BSD compression nobsdcomp # Do not use deflate method nodeflate # replace defaultroute defaultroute # default MTU mtu 1500 # default MRU mru 1500 # disable Microsoft Point-to-Point Compression (MPPC) (i.e. for compatibility with watchguard firebox) nopcomp # kernel level debug kdebug 0 # refuse EAP refuse-eap
