Indeed the account that was being used to authenticate had expired. All working great now. Thanks guys -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Pascal Hambourg Sent: Wednesday, 8 November 2006 11:09 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: PPTP issue Hello, Jason Neurohr a écrit : > Hello, trying to connect to pptp server through linux iptables firewall. > I have the ip_conntrack_pptp and ip_nat_pptp modules loaded. Anyone know > what the below means and how to fix it? [...] > 20:10:31.180676 IP pptpserver > xxxxxxxx: GREv1, call 4131, seq 3, > length 48: CHAP, Challenge (0x01), id 2, Value > bf1e69be064b99fd81c1810a9d05b0e5, Name 192.168.10.22 The server asks for authentication using CHAP. > 20:10:31.219988 IP xxxxxxxx > pptpserver: GREv1, call 0, seq 3, ack 3, > length 55: CHAP, Response (0x02), id 2, Value > 50e507db3f5f8330dc3622846e7ffbb3, Name aaa__aaaaaaa The client sends the authentication using CHAP, name aaa__aaaaaaa. > 20:10:31.249508 IP pptpserver > xxxxxxxx: GREv1, call 4131, seq 4, ack > 3, length 64: CHAP, Fail (0x04), id 2, Msg CHAP authentication failure, > unit 578938[|chap] "CHAP authentication failure" means that the PPTP client failed to authenticate itself on the server. Probably wrong login/password. The TCP connection and GRE tunnel communications seem OK so I don't think this has anything to do with Netfilter/iptables.
