[ previous ] [ next ] [ threads ]
 
 From:  Mr Terry O'Connor <coast1 at telstra dot com>
 To:  james at mckeand dot biz
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: RE: [m0n0wall] Problems with PPTP, Capitive Portal and Radious
 Date:  Tue, 16 Nov 2004 13:12:51 +1000
Success at last...

I have a working PPTP server authenticating against the local users file.  I do have a few issues to
resolve with the radius server and it appears that it may be the problem at this stage. 

What Unix based open source radius servers are being used ?  I have been using Cistron Radius V1.6.6
and it looks like this might be a little buggy.


regards

Terry O'Connor

----- Original Message -----
From: "James W. McKeand" <james at mckeand dot biz>
Date: Tuesday, November 16, 2004 0:44 am
Subject: RE: [m0n0wall] Problems with PPTP, Capitive Portal and Radious

> As soon as you enable the m0n0wall PPTP server (with or without
> RADIUS) or redirect PPTP to local server, you should be able to see
> PPTP in the interface dropdown when creating rules. A PPTP "section"
> on the rules page will not be created until you manually add a rule
> allowing traffic on the interface. Thus the note on the bottom of the
> PPTP page "Note: don't forget to add a firewall rule to permit traffic
> from PPTP clients!"
> 
> _________________________________
> James W. McKeand
> 
> 
> -----Original Message-----
> From: Mr Terry O'Connor [coast1 at telstra dot com] 
> Sent: Monday, November 15, 2004 12:11 AM
> To: cbuechler at gmail dot com
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Problems with PPTP, Capitive Portal and
> Radious
> 
> 
> Chris
> 
> The server end IP address is 192.168.2.1 so I would exect that I
> should be able to ping this address from my laptop when connected via
> PPTP.  
> 
> Sadly I do not see a PPTP Interface in the Firewall rules.  
> 
> I will try this again tonight just to double check but I was looking
> for the PPTP Interface when I was connected.
> 
> As for the radius server, I have been using Cistron Radius V1.6.6
> 
> Regards
> 
> 
> Terry O'Connor
> 
> ----- Original Message -----
> From: Chris Buechler <cbuechler at gmail dot com>
> Date: Monday, November 15, 2004 7:21 am
> Subject: Re: [m0n0wall] Problems with PPTP, Capitive Portal and
> Radious
> 
> > On Sun, 14 Nov 2004 17:15:09 +1000, Terry O'Connor 
> > <coast1 at bigpond dot com> wrote:
> > > 
> > > My problems are as follows :
> > > 
> > > When I establish a PPTP session from a host on the Internet I 
> > can establish
> > > a session and authenitcate via the local Users database without
> any
> > > problems.  When I check the IP configuration details on the 
> > Windows 2000
> > > workstation establishing the PPTP session (ipconfig) I get :
> > > 
> > >         IPAddress 192.168.2.16
> > >         Netmask: 255.255.255.255
> > >         Gateway 192.168.2.16
> > > 
> > 
> > Is 192.168.2.x your LAN subnet?
> > 
> > 
> > > I cannot ping anything but the local interface. I would have 
> > thought that I
> > > could ping any host on the LAN segment.
> > > 
> > 
> > If it's within your LAN subnet and you have firewall rules that let
> > the PPTP clients access the LAN (as shown here:
> > http://m0n0.ch/wall/docbook/faq-pptprules.html), then yes.
> > 
> > 
> > > 
> > > The second issue is that I cannot get the Radius to 
> authenticate 
> > either.> Radius messages are sent to the Radius Server.  I am 
> > unsure as to what the
> > > correct Radius reply items should be for PPTP users.
> > > 
> > > The third issue is similar to the above in that I am unsure of 
> > the correct
> > > radius reply items needed to successfully authenticate and I 
> am 
> > unsure about
> > > the authentication web page as every time I try to 
> authenticate 
> > I am not
> > > seeing any radiusd authentication requests being passed to the 
> > radiusd> server.
> > > 
> > 
> > Not much to getting RADIUS to work.  Just need to make sure your
> > secret is set appropriately, and that PAP is enabled.  Other than
> > that, defaults should work.  What RADIUS server are you using?
> > 
> > -Chris
> > 
> > -----------------------------------------------------------------
> --
> > --
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > 
> > 
>                                                                   
>   
> 
> 
> -------------------------------------------------------------------
> --
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> -------------------------------------------------------------------
> --
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>