Schönen Guten Abend,
Nach längerem Rumprobieren, muss ich nun leider feststellen,
dass ich wieder "pptpclient" noch "mpd5" dazu bringen kann
mir eine pptp-Verbindung zum Arbeitgebernetz aufzubauen [1]
pptpclient streikt, weil es keine gre-Pakete bekommt.
Konfiguration ist mir zu mühsam, bleibt also mpd5:
Dieser verbindet sich auch brav (siehe log unten).
Nur:
% ping <server im Zielnetz>
ping: sendto: Cannot allocate memory
ping: sendto: Cannot allocate memory
ping: sendto: Cannot allocate memory
% telnet <http-server im zielnetz> 80
Trying w.x.y.z...
Nach dem echo-Timeout fällt dann auch die PPTP-Verbindung wieder
in sich zusammen.
Firewall (pf) ist aus (pfctl -d)
Zielserver ist ein Microsoft RAS Server.
Der übliche Text: Unter Windows XP (selbe Maschine, Dualboot)
funktioniert der Zugang problemlos.
Weiß hier jemand Abhilfe? "Wer googlet, der findet", war
bisher nicht von Erfolg gekrönt.
Kernel ist ein stripped-down GENERIC-7.0-PRELEASE, Problem
lässt sich allerdings bis nach 6.2-RELEASE und eventuell weiter
zurückverfolgen.
Netgraph-module sind geladen:
38 1 0xc97ac000 4000 ng_socket.ko
39 8 0xc97b0000 b000 netgraph.ko
40 1 0xc97df000 4000 ng_mppc.ko
41 1 0xc97e3000 2000 rc4.ko
42 1 0xc97e5000 3000 ng_iface.ko
43 1 0xc97ec000 7000 ng_ppp.ko
44 1 0xc97f3000 3000 ng_tee.ko
45 1 0xc97f6000 4000 ng_pptpgre.ko
46 1 0xc97fa000 5000 ng_ksocket.ko
47 1 0xc9906000 3000 ng_tcpmss.ko
% kldload if_gre
ändert auch (warum auch) nichts an der Situation.
Mit der mtu-Spielen bringt auch nichts.
Grüße,
Peter
-------------------------------------
[b-pptp] Bundle: Interface ng0 created
[b-pptp] [b-pptp] Link: OPEN event
[b-pptp] LCP: Open event
[b-pptp] LCP: state change Initial --> Starting
[b-pptp] LCP: LayerStart
[b-pptp] PPTP call successful
[b-pptp] Link: UP event
[b-pptp] Link: origination is local
[b-pptp] LCP: Up event
[b-pptp] LCP: state change Starting --> Req-Sent
[b-pptp] LCP: SendConfigReq #1
ACFCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM 1997f520
[b-pptp] LCP: rec'd Configure Request #0 (Req-Sent)
AUTHPROTO CHAP MSOFTv2
[b-pptp] LCP: SendConfigAck #0
AUTHPROTO CHAP MSOFTv2
[b-pptp] LCP: state change Req-Sent --> Ack-Sent
[b-pptp] LCP: SendConfigReq #2
ACFCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM 1997f520
[b-pptp] LCP: rec'd Configure Nak #2 (Ack-Sent)
ACCMAP 0x000a0000
[b-pptp] LCP: SendConfigReq #3
ACFCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM 1997f520
[b-pptp] LCP: rec'd Configure Ack #3 (Ack-Sent)
ACFCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM 1997f520
[b-pptp] LCP: state change Ack-Sent --> Opened
[b-pptp] LCP: auth: peer wants CHAP, I want nothing
[b-pptp] LCP: LayerUp
[b-pptp] CHAP: rec'd CHALLENGE #1 len: 21
Name: ""
Using authname "xxxxxxxx"
[b-pptp] CHAP: sending RESPONSE #1 len: 61
[b-pptp] CHAP: rec'd CHALLENGE #2 len: 21
Name: ""
Using authname "xxxxxxxx"
[b-pptp] CHAP: sending RESPONSE #2 len: 61
[b-pptp] CHAP: rec'd SUCCESS #2 len: 46
MESG: S=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
[b-pptp] LCP: authorization successful
[b-pptp] Link: Matched action 'bundle "b-pptp" ""'
[b-pptp] Bundle: Status update: up 1 link, total bandwidth 64000 bps
[b-pptp] IPCP: Open event
[b-pptp] IPCP: state change Initial --> Starting
[b-pptp] IPCP: LayerStart
[b-pptp] CCP: Open event
[b-pptp] CCP: state change Initial --> Starting
[b-pptp] CCP: LayerStart
[b-pptp] IPCP: Up event
[b-pptp] IPCP: state change Starting --> Req-Sent
[b-pptp] IPCP: SendConfigReq #1
IPADDR 0.0.0.0
[b-pptp] CCP: Up event
[b-pptp] CCP: state change Starting --> Req-Sent
[b-pptp] CCP: SendConfigReq #1
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: rec'd Configure Request #0 (Req-Sent)
MPPC
0x01000060:MPPE(40, 128 bits), stateless
[b-pptp] CCP: SendConfigNak #0
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: rec'd Configure Nak #1 (Req-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: SendConfigReq #2
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: rec'd Configure Request #1 (Req-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: SendConfigAck #1
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: state change Req-Sent --> Ack-Sent
[b-pptp] CCP: rec'd Configure Ack #2 (Ack-Sent)
MPPC
0x01000040:MPPE(128 bits), stateless
[b-pptp] CCP: state change Ack-Sent --> Opened
[b-pptp] CCP: LayerUp
Compress using: mppc (MPPE(128 bits), stateless)
Decompress using: mppc (MPPE(128 bits), stateless)
[b-pptp] IPCP: SendConfigReq #2
IPADDR 0.0.0.0
[b-pptp] IPCP: rec'd Configure Request #1 (Req-Sent)
IPADDR w.x.y.z
w.x.y.z is OK
[b-pptp] IPCP: SendConfigAck #1
IPADDR w.x.y.z
[b-pptp] IPCP: state change Req-Sent --> Ack-Sent
[b-pptp] IPCP: SendConfigReq #3
IPADDR 0.0.0.0
[b-pptp] IPCP: rec'd Configure Nak #3 (Ack-Sent)
IPADDR w.x.y.z
w.x.y.z is OK
[b-pptp] IPCP: SendConfigReq #4
IPADDR w.x.y.z
[b-pptp] IPCP: rec'd Configure Ack #4 (Ack-Sent)
IPADDR w.x.y.z
[b-pptp] IPCP: state change Ack-Sent --> Opened
[b-pptp] IPCP: LayerUp
w.x.y.z -> w.x.y.z
[b-pptp] IFACE: Up event
-------------------------------------
default:
load pptp
pptp:
# logging
log auth
log bund iface
log ccp ecp chat
log ipcp ipv6cp
log lcp link
log phys rep
log console
# bundle
create bundle static b-pptp
set bundle enable ipcp
set bundle disable ipv6cp
set bundle yes compression
set bundle no encryption
set bundle no crypt-reqd
# ipcp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set ipcp accept vjcomp
set ipcp disable vjcomp
# interfaces
set iface route <zielnetz>
set iface disable on-demand
set iface disable proxy-arp
set iface enable tcpmssfix
set iface disable nat
# compression control
set ccp no pred1
set ccp accept deflate
set ccp disable deflate
set ccp yes mppc
set mppc no compress
set mppc no e40
set mppc no e56
set mppc yes e128
set mppc yes stateless
#######
# link
#######
create link static b-pptp pptp
set link action bundle b-pptp
set link mtu 1300
set link keep-alive 20 75
set link max-redial 3
set link no pap
set link no chap
set link no chap-md5
set link accept chap-msv1
set link disable chap-msv1
set link accept chap-msv2
set link disable chap-msv2
set link accept protocomp
set link disable protocomp
# authentication
set auth authname "xxxxxxxxx"
set auth password "yyyyyyyyyyyyyy"
# pptp
set pptp peer <vpn>
set pptp disable windowing
open
-------------------------------------
[1] Ja, ich weiß pptp ist unsicher, aber es ist das einzige, was ich
zur Verfügung habe und Einflussnahme auf die Entscheider will
ich gar nicht erst versuchen. Wir sind dort (aus gutem Grund)
definitiv nicht Prio 1 und damit kann ich leben.
-- Der Pessimist ist jemand, der vorzeitig die Wahrheit erzählt. -- Cyrano de Bergerac To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org with "unsubscribe de-bsd-questions" in the body of the messageReceived on Tue 15 Jan 2008 - 22:48:25 CET