[ previous ] [ next ] [ threads ]
 
 From:  Angus Jordan <angus dot jordan at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  FreeBSD PPTP Client
 Date:  Wed, 6 Jul 2005 09:32:32 -0700 
Hello all,

I have a client that is running FreeBSD on his desktop PC at home. He would 
like to VPN into the office network which is running m0n0wall as the 
firewall. I have lots of other clients that are using Windows at home doing 
the same thing, and they use PPTP to connect in without any issues at all. I 
suggested that he try out MPD to VPN into the office from Freebsd, but he 
told me that he is having problems with it. So, I've setup a test 
environment at home and I am having the same problems. I put a laptop 
outside of my home firewall (to eliminate any NAT problems there could be), 
configured MPD(v3.18) as best as I can figure from the documentation and I 
get no connection. Here is the configuration:

Note: 1.2.3.4 <http://1.2.3.4> is my laptop's local IP address,
5.6.7.8<http://5.6.7.8>is the public IP of m0n0wall at the office, and
10.5.1.1 <http://10.5.1.1> is the IP that the m0n0wall PPTP server has in 
"Server Address" on the m0n0wall admin PPTP page.

mpd.conf
--
vpn:
new -i ng0 vpn vpn
set iface disable on-demand
set iface enable proxy-arp
set iface enable tcpmssfix
set iface addrs 1.2.3.4 <http://1.2.3.4> 10.5.1.1 <http://10.5.1.1>
set iface idle 1800
set bundle enable multilink
set bundle yes crypt-reqd
set bundle authname "username"
set bundle password "xxxxxxxx"
set link yes acfcomp protocomp
set link mtu 1460
set link no pap chap
set link enable chap-msv2
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp ranges 0.0.0.0/0 <http://0.0.0.0/0> 10.5.1.1/0 <http://10.5.1.1/0>
set ipcp enable req-pri-dns req-sec-dns
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e128
set ccp yes mpp-stateless

mpd.links
--
vpn:
set link type pptp
set pptp self 1.2.3.4 <http://1.2.3.4>
set pptp peer 5.6.7.8 <http://5.6.7.8>
set pptp enable originate outcall

Here are the errors I am getting (shortened of course):
...
[vpn] LCP: SendConfigRej #33
AUTHPROTO CHAP MSOFTv2
[vpn] LCP: rec'd Configure Reject #5 link 0 (Req-Sent)
AUTHPROTO CHAP MSOFTv2
[vpn] LCP: SendConfigReq #6
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM e0271688
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 11 d8 3a 67 11
[vpn] LCP: rec'd Configure Request #34 link 0 (Req-Sent)
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 37cc4c14
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
MP SHORTSEQ
ENDPOINTDISC [802.1] 00 50 bf 17 55 59
[vpn] LCP: not converging
[vpn] LCP: parameter negotiation failed
[vpn] LCP: state change Req-Sent --> Stopped
[vpn] LCP: LayerFinish
[vpn] device: CLOSE event in state UP
pptp0-0: clearing call
...

As far as I can tell, it cannot get an IP address from the office m0n0wall. 
Does anyone have any ideas that I can try out?

Thanks in advance,
Angus Jordan