URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 61262
[ Назад ]

Исходное сообщение
"Не работает vpn канал!!!"
Отправлено int21 , 26-Окт-05 17:23

Привет всем!
Есть в распоряжении 2 Linux сервера. На одном стоит pptpd сервер на другом, соответсвенно pptd клиент.При попытке соединится с сервером соединения не происходит. В логах сервера вот такие записи (см. ниже). Если в качестве клиента использовать клиент win 2000, то соединение происходит и все работает. В чем проблема?
Oct 26 17:15:44 localhost pptpd[4534]: CTRL: Client 192.168.0.222 control connection started
Oct 26 17:15:45 localhost pptpd[4534]: CTRL: Starting call (launching pppd, opening GRE)
Oct 26 17:15:45 localhost pppd[4535]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Oct 26 17:15:45 localhost kernel: application bug: pppd(4535) has SIGCHLD set to SIG_IGN but calls wait().
Oct 26 17:15:45 localhost kernel: (see the NOTES section of 'man 2 wait'). Workaround activated.
Oct 26 17:15:45 localhost pppd[4535]: pppd 2.4.3 started by root, uid 0
Oct 26 17:15:45 localhost pppd[4535]: Using interface ppp0
Oct 26 17:15:45 localhost pppd[4535]: Connect: ppp0 <--> /dev/pts/1
Oct 26 17:15:45 localhost pptpd[4534]: GRE: Bad checksum from pppd.
Oct 26 17:15:45 localhost /etc/hotplug/net.agent: assuming ppp0 is already up
Oct 26 17:15:47 localhost pppd[4535]: peer refused to authenticate: terminating link
Oct 26 17:15:47 localhost pppd[4535]: Connection terminated.
Oct 26 17:15:47 localhost pppd[4535]: Exit.
Oct 26 17:15:47 localhost pptpd[4534]: GRE: read(fd=4,buffer=804e6e0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Oct 26 17:15:47 localhost pptpd[4534]: CTRL: PTY read or GRE write failed (pty,gre)=(4,5)
Oct 26 17:15:47 localhost pptpd[4534]: CTRL: Client 192.168.0.222 control connection finished
Oct 26 17:15:47 localhost /etc/hotplug/net.agent: NET unregister event not supported

Содержание

Не работает vpn канал!!!,Morph, 18:45 , 26-Окт-05
- Не работает vpn канал!!!,int21, 08:42 , 27-Окт-05

Сообщения в этом обсуждении

"Не работает vpn канал!!!"
Отправлено Morph , 26-Окт-05 18:45

>Привет всем!
>Есть в распоряжении 2 Linux сервера. На одном стоит pptpd сервер на
>другом, соответсвенно pptd клиент.При попытке соединится с сервером соединения не происходит.
>В логах сервера вот такие записи (см. ниже). Если в качестве
>клиента использовать клиент win 2000, то соединение происходит и все работает.
>В чем проблема?
>
>Oct 26 17:15:44 localhost pptpd[4534]: CTRL: Client 192.168.0.222 control connection started
>Oct 26 17:15:45 localhost pptpd[4534]: CTRL: Starting call (launching pppd, opening GRE)
>
>Oct 26 17:15:45 localhost pppd[4535]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
>Oct 26 17:15:45 localhost kernel: application bug: pppd(4535) has SIGCHLD set to
>SIG_IGN but calls wait().
>Oct 26 17:15:45 localhost kernel: (see the NOTES section of 'man 2
>wait'). Workaround activated.
>Oct 26 17:15:45 localhost pppd[4535]: pppd 2.4.3 started by root, uid 0
>
>Oct 26 17:15:45 localhost pppd[4535]: Using interface ppp0
>Oct 26 17:15:45 localhost pppd[4535]: Connect: ppp0 <--> /dev/pts/1
>Oct 26 17:15:45 localhost pptpd[4534]: GRE: Bad checksum from pppd.
>Oct 26 17:15:45 localhost /etc/hotplug/net.agent: assuming ppp0 is already up
>Oct 26 17:15:47 localhost pppd[4535]: peer refused to authenticate: terminating link
>Oct 26 17:15:47 localhost pppd[4535]: Connection terminated.
>Oct 26 17:15:47 localhost pppd[4535]: Exit.
>Oct 26 17:15:47 localhost pptpd[4534]: GRE: read(fd=4,buffer=804e6e0,len=8196) from PTY failed: status =
>-1 error = Input/output error, usually caused by unexpected termination of
>pppd, check option syntax and pppd logs
>Oct 26 17:15:47 localhost pptpd[4534]: CTRL: PTY read or GRE write failed
>(pty,gre)=(4,5)
>Oct 26 17:15:47 localhost pptpd[4534]: CTRL: Client 192.168.0.222 control connection finished
>Oct 26 17:15:47 localhost /etc/hotplug/net.agent: NET unregister event not supported
эээ...pap\chap-secrets в порядке? опции pppd на обозрение плиз

"Не работает vpn канал!!!"
Отправлено int21 , 27-Окт-05 08:42

Привожу файл /etc/ppp/options.pptpd
###############################################################################
# $Id: options.pptpd,v 1.5 2004/04/23 07:11:33 quozl Exp $
#
# Sample Poptop PPP options file /etc/ppp/options.pptpd
# Options used by PPP when a connection arrives from a client.
# This file is pointed to by /etc/pptpd.conf option keyword.
# Changes are effective on the next connection.  See "man pppd".
#
# You are expected to change this file to suit your system.  As
# packaged, it requires PPP 2.4.2 and the kernel MPPE module.
###############################################################################

# Authentication
# Name of the local system for authentication purposes
# (must match the second field in /etc/ppp/chap-secrets entries)
name pptpd
# Strip the domain prefix from the username before authentication.
# (applies if you use pppd with chapms-strip-domain patch)
#chapms-strip-domain

# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use.)

# BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o
# {{{
refuse-pap
refuse-chap
refuse-mschap
# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
# Challenge Handshake Authentication Protocol, Version 2] authentication.
require-mschap-v2
# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
#require-mppe-128
# }}}

# OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o
# {{{
#-chap
#-chapms
# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
# Challenge Handshake Authentication Protocol, Version 2] authentication.
#+chapms-v2
# Require MPPE encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
#mppe-40    # enable either 40-bit or 128-bit, not both
#mppe-128
#mppe-stateless
# }}}

# Network and Routing
# If pppd is acting as a server for Microsoft Windows clients, this
# option allows pppd to supply one or two DNS (Domain Name Server)
# addresses to the clients.  The first instance of this option
# specifies the primary DNS address; the second instance (if given)
# specifies the secondary DNS address.
#ms-dns 10.0.0.1
#ms-dns 10.0.0.2
# If pppd is acting as a server for Microsoft Windows or "Samba"
# clients, this option allows pppd to supply one or two WINS (Windows
# Internet Name Services) server addresses to the clients.  The first
# instance of this option specifies the primary WINS address; the
# second instance (if given) specifies the secondary WINS address.
#ms-wins 10.0.0.3
#ms-wins 10.0.0.4
# Add an entry to this system's ARP [Address Resolution Protocol]
# table with the IP address of the peer and the Ethernet address of this
# system.  This will have the effect of making the peer appear to other
# systems to be on the local ethernet.
# (you do not need this if your PPTP server is responsible for routing
# packets to the clients -- James Cameron)
proxyarp

# Logging
# Enable connection debugging facilities.
# (see your syslog configuration for where pppd sends to)
#debug
# Print out all the option values which have been set.
# (often requested by mailing list to verify options)
#dump

# Miscellaneous
# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
# access.
lock
# Disable BSD-Compress compression
nobsdcomp
Привожу также chap-secrets
# Secrets for authentication using CHAP
# client    server    secret            IP addresses
  user            pptpd   user                192.168.1.13