Народ всем привет, есть mpd5 сервер который крутится на freebsd 6.4
Могу подключиться по pptp к этому серверу с linux fedora, но с
Windows 7 соединение не устанавливается...
startup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console self 127.0.0.1 5005
set user xxx yyy admin
set console open
#WEB managment
set web self 0.0.0.0 5006
set web enable auth
set web open
#Netflow options
#set netflow peer 127.0.0.1 9996
#set netflow peer timeouts 60 120
# Calling-Station-Id = "10.0.4.16 / 00:18:f3:5a:9f:6a / em0"
set link enable report-macdefault:
load pptp_client
load pptp_serverpptp_client:
create bundle static B1
set iface up-script /usr/local/etc/mpd5/up.sh
set iface route default
set ipcp ranges 0.0.0.0/0 0.0.0.0/0set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set bundle enable crypt-reqd
set mppc yes statelesscreate link static L1 pptp
set link action bundle B1
set auth authname "login"
set auth password "password"
set link max-redial 0
set link mtu 1460
set link keep-alive 20 75set pptp peer server_2
set pptp disable windowing
open
pptp_server:# Define dynamic IP address pool.
set ippool add pool1 192.168.170.1 192.168.170.254# Create clonable bundle template named B
create bundle template B
set iface disable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set iface enable netflow-in netflow-out
set ipcp yes vjcomp# Specify IP address pool for dynamic assigment.
set ipcp ranges 192.168.170.0/32 ippool pool1
set ipcp dns <ip_address_provaidera_1> <ip_address_provaidera_2># The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless# Create clonable link template named L
create link template L pptp# Set bundle template to use
set link action bundle B# Multilink adds some overhead, but gives full 1500 MTU.
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60#
set link fsm-timeout 5# We reducing link mtu to avoid GRE packet fragmentation
set link mtu 1460# Configure PPTP
set pptp self <ip_address_1>:1723
set pptp self <ip_address_2>:1723set auth max-logins 1
load server_commonserver_common:
set link enable incoming
set link no acfcomp protocompload radius
#radius:
#set radius config /usr/local/etc/raddb/radiusd.conf
set radius server localhost xxxyyy 1812 1813
set radius retries 3
set radius timeout 10
set radius me 127.0.0.1
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set auth disable internal
set radius enable message-authenticЧерез Linux fedora, установка проходит успешно!!!
вол лог сервера что твориться в момент подключения
Aug 16 14:22:19 root mpd: [L-3] Accepting PPTP connection
Aug 16 14:22:19 root mpd: [L-3] Link: OPEN event
Aug 16 14:22:19 root mpd: [L-3] LCP: Open event
Aug 16 14:22:19 root mpd: [L-3] LCP: state change Initial --> Starting
Aug 16 14:22:19 root mpd: [L-3] LCP: LayerStart
Aug 16 14:22:19 root mpd: [L-3] PPTP: attaching to peer's outgoing call
Aug 16 14:22:19 root mpd: [L-3] Link: UP event
Aug 16 14:22:19 root mpd: [L-3] LCP: Up event
Aug 16 14:22:19 root mpd: [L-3] LCP: state change Starting --> Req-Sent
Aug 16 14:22:19 root mpd: [L-3] LCP: SendConfigReq #1
Aug 16 14:22:19 root mpd: [L-3] MRU 1500
Aug 16 14:22:19 root mpd: [L-3] MAGICNUM e6ca1b5d
Aug 16 14:22:19 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:22:19 root mpd: [L-3] MP MRRU 2048
Aug 16 14:22:19 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:22:19 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:22:19 root mpd: [L-3] LCP: rec'd Configure Request #1 (Req-Sent)
Aug 16 14:22:19 root mpd: [L-3] ACCMAP 0x00000000
Aug 16 14:22:19 root mpd: [L-3] MAGICNUM 7e36a106
Aug 16 14:22:19 root mpd: [L-3] PROTOCOMP
Aug 16 14:22:19 root mpd: [L-3] ACFCOMP
Aug 16 14:22:19 root mpd: [L-3] LCP: SendConfigRej #1
Aug 16 14:22:19 root mpd: [L-3] PROTOCOMP
Aug 16 14:22:19 root mpd: [L-3] ACFCOMP
Aug 16 14:22:19 root mpd: [L-3] LCP: rec'd Configure Request #2 (Req-Sent)
Aug 16 14:22:19 root mpd: [L-3] ACCMAP 0x00000000
Aug 16 14:22:19 root mpd: [L-3] MAGICNUM 7e36a106
Aug 16 14:22:19 root mpd: [L-3] LCP: SendConfigAck #2
Aug 16 14:22:19 root mpd: [L-3] ACCMAP 0x00000000
Aug 16 14:22:19 root mpd: [L-3] MAGICNUM 7e36a106
Aug 16 14:22:19 root mpd: [L-3] LCP: state change Req-Sent --> Ack-Sent
Aug 16 14:22:22 root mpd: [L-3] LCP: rec'd Configure Request #2 (Ack-Sent)
Aug 16 14:22:22 root mpd: [L-3] ACCMAP 0x00000000
Aug 16 14:22:22 root mpd: [L-3] MAGICNUM 7e36a106
Aug 16 14:22:22 root mpd: [L-3] LCP: SendConfigAck #2
Aug 16 14:22:22 root mpd: [L-3] ACCMAP 0x00000000
Aug 16 14:22:22 root mpd: [L-3] MAGICNUM 7e36a106
Aug 16 14:22:24 root mpd: [L-3] LCP: SendConfigReq #2
Aug 16 14:22:24 root mpd: [L-3] MRU 1500
Aug 16 14:22:24 root mpd: [L-3] MAGICNUM e6ca1b5d
Aug 16 14:22:24 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:22:24 root mpd: [L-3] MP MRRU 2048
Aug 16 14:22:24 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:22:24 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:22:24 root mpd: [L-3] LCP: rec'd Configure Reject #2 (Ack-Sent)
Aug 16 14:22:24 root mpd: [L-3] MP MRRU 2048
Aug 16 14:22:24 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:22:24 root mpd: [L-3] LCP: SendConfigReq #3
Aug 16 14:22:24 root mpd: [L-3] MRU 1500
Aug 16 14:22:24 root mpd: [L-3] MAGICNUM e6ca1b5d
Aug 16 14:22:24 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:22:24 root mpd: [L-3] LCP: rec'd Configure Ack #3 (Ack-Sent)
Aug 16 14:22:24 root mpd: [L-3] MRU 1500
Aug 16 14:22:24 root mpd: [L-3] MAGICNUM e6ca1b5d
Aug 16 14:22:24 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:22:24 root mpd: [L-3] LCP: state change Ack-Sent --> Opened
Aug 16 14:22:24 root mpd: [L-3] LCP: auth: peer wants nothing, I want CHAP
Aug 16 14:22:24 root mpd: [L-3] CHAP: sending CHALLENGE #1 len: 21
Aug 16 14:22:24 root mpd: [L-3] LCP: LayerUp
Aug 16 14:22:24 root mpd: [L-3] CHAP: rec'd RESPONSE #1 len: 61
Aug 16 14:22:24 root mpd: [L-3] Name: "login"
Aug 16 14:22:24 root mpd: [L-3] AUTH: Trying RADIUS
Aug 16 14:22:24 root mpd: [L-3] RADIUS: Authenticating user 'login'
Aug 16 14:22:24 root mpd: [L-3] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'login'
Aug 16 14:22:24 root mpd: [L-3] AUTH: RADIUS returned: authenticated
Aug 16 14:22:24 root mpd: [L-3] CHAP: Auth return status: authenticated
Aug 16 14:22:24 root mpd: [L-3] CHAP: Reply message: S=4E695663AC6D8484AF0F76CDDF43CD78E7BE7EC9
Aug 16 14:22:24 root mpd: [L-3] CHAP: sending SUCCESS #1 len: 46
Aug 16 14:22:24 root mpd: [L-3] LCP: authorization successful
Aug 16 14:22:24 root mpd: [L-3] Link: Matched action 'bundle "B" ""'
Aug 16 14:22:24 root mpd: [L-3] Creating new bundle using template "B".
Aug 16 14:22:24 root mpd: [B-3] Bundle: Interface ng2 created
Aug 16 14:22:24 root mpd: [L-3] Link: Join bundle "B-3"
Aug 16 14:22:24 root mpd: [B-3] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Aug 16 14:22:24 root mpd: [B-3] IPCP: Open event
Aug 16 14:22:24 root mpd: [B-3] IPCP: state change Initial --> Starting
Aug 16 14:22:24 root mpd: [B-3] IPCP: LayerStart
Aug 16 14:22:24 root mpd: [B-3] CCP: Open event
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Initial --> Starting
Aug 16 14:22:24 root mpd: [B-3] CCP: LayerStart
Aug 16 14:22:24 root mpd: [B-3] IPCP: Up event
Aug 16 14:22:24 root mpd: [B-3] IPCP: Got IP 192.168.170.2 from pool "pool1" for peer
Aug 16 14:22:24 root mpd: [B-3] IPCP: state change Starting --> Req-Sent
Aug 16 14:22:24 root mpd: [B-3] IPCP: SendConfigReq #1
Aug 16 14:22:24 root mpd: [B-3] IPADDR 192.168.170.0
Aug 16 14:22:24 root mpd: [B-3] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 16 14:22:24 root mpd: [B-3] CCP: Up event
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Starting --> Req-Sent
Aug 16 14:22:24 root mpd: [B-3] CCP: SendConfigReq #1
Aug 16 14:22:24 root mpd: [B-3] MPPC
Aug 16 14:22:24 root mpd: [B-3] 0x01000060:MPPE(40, 128 bits), stateless
Aug 16 14:22:24 root mpd: [B-3] CCP: rec'd Configure Request #1 (Req-Sent)
Aug 16 14:22:24 root mpd: [B-3] DEFLATE
Aug 16 14:22:24 root mpd: [B-3] 0x7800: w:7, m:8, c:0
Aug 16 14:22:24 root mpd: [B-3] DEFLATE24
Aug 16 14:22:24 root mpd: [B-3] Not supported
Aug 16 14:22:24 root mpd: [B-3] BSD
Aug 16 14:22:24 root mpd: [B-3] Not supported
Aug 16 14:22:24 root mpd: [B-3] CCP: SendConfigRej #1
Aug 16 14:22:24 root mpd: [B-3] DEFLATE
Aug 16 14:22:24 root mpd: [B-3] 0x7800: w:7, m:8, c:0
Aug 16 14:22:24 root mpd: [B-3] DEFLATE24
Aug 16 14:22:24 root mpd: [B-3] BSD
Aug 16 14:22:24 root mpd: [B-3] IPCP: rec'd Configure Request #1 (Req-Sent)
Aug 16 14:22:24 root mpd: [B-3] COMPPROTO VJCOMP, 16 comp. channels, allow comp-cid
Aug 16 14:22:24 root mpd: [B-3] IPADDR 0.0.0.0
Aug 16 14:22:24 root mpd: [B-3] NAKing with 192.168.170.2
Aug 16 14:22:24 root mpd: [B-3] PRIDNS 0.0.0.0
Aug 16 14:22:24 root mpd: [B-3] NAKing with ip_address_provaidera_1
Aug 16 14:22:24 root mpd: [B-3] SECDNS 0.0.0.0
Aug 16 14:22:24 root mpd: [B-3] NAKing with ip_address_provaidera_2
Aug 16 14:22:24 root mpd: [B-3] IPCP: SendConfigNak #1
Aug 16 14:22:24 root mpd: [B-3] IPADDR 192.168.170.2
Aug 16 14:22:24 root mpd: [B-3] PRIDNS ip_address_provaidera_1
Aug 16 14:22:24 root mpd: [B-3] SECDNS ip_address_provaidera_2
Aug 16 14:22:24 root mpd: [B-3] IPCP: rec'd Configure Ack #1 (Req-Sent)
Aug 16 14:22:24 root mpd: [B-3] IPADDR 192.168.170.0
Aug 16 14:22:24 root mpd: [B-3] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 16 14:22:24 root mpd: [B-3] IPCP: state change Req-Sent --> Ack-Rcvd
Aug 16 14:22:24 root mpd: [B-3] CCP: rec'd Configure Reject #1 (Req-Sent)
Aug 16 14:22:24 root mpd: [B-3] MPPC
Aug 16 14:22:24 root mpd: [B-3] 0x01000060:MPPE(40, 128 bits), stateless
Aug 16 14:22:24 root mpd: [B-3] CCP: SendConfigReq #2
Aug 16 14:22:24 root mpd: [B-3] CCP: rec'd Configure Request #2 (Req-Sent)
Aug 16 14:22:24 root mpd: [B-3] CCP: SendConfigAck #2
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Req-Sent --> Ack-Sent
Aug 16 14:22:24 root mpd: [B-3] IPCP: rec'd Configure Request #2 (Ack-Rcvd)
Aug 16 14:22:24 root mpd: [B-3] COMPPROTO VJCOMP, 16 comp. channels, allow comp-cid
Aug 16 14:22:24 root mpd: [B-3] IPADDR 192.168.170.2
Aug 16 14:22:24 root mpd: [B-3] 192.168.170.2 is OK
Aug 16 14:22:24 root mpd: [B-3] PRIDNS ip_address_provaidera_1
Aug 16 14:22:24 root mpd: [B-3] SECDNS ip_address_provaidera_2
Aug 16 14:22:24 root mpd: [B-3] IPCP: SendConfigAck #2
Aug 16 14:22:24 root mpd: [B-3] COMPPROTO VJCOMP, 16 comp. channels, allow comp-cid
Aug 16 14:22:24 root mpd: [B-3] IPADDR 192.168.170.2
Aug 16 14:22:24 root mpd: [B-3] PRIDNS ip_address_provaidera_1
Aug 16 14:22:24 root mpd: [B-3] SECDNS ip_address_provaidera_2
Aug 16 14:22:24 root mpd: [B-3] IPCP: state change Ack-Rcvd --> Opened
Aug 16 14:22:24 root mpd: [B-3] IPCP: LayerUp
Aug 16 14:22:24 root mpd: [B-3] 192.168.170.0 -> 192.168.170.2
Aug 16 14:22:24 root mpd: [B-3] IFACE: Up event
Aug 16 14:22:24 root mpd: [B-3] CCP: rec'd Configure Ack #2 (Ack-Sent)
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Ack-Sent --> Opened
Aug 16 14:22:24 root mpd: [B-3] CCP: LayerUp
Aug 16 14:22:24 root mpd: [B-3] CCP: No compression negotiated
Aug 16 14:22:24 root mpd: [B-3] CCP: parameter negotiation failed
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Opened --> Stopping
Aug 16 14:22:24 root mpd: [B-3] CCP: SendTerminateReq #3
Aug 16 14:22:24 root mpd: [B-3] CCP: LayerDown
Aug 16 14:22:24 root mpd: [L-3] RADIUS: Accounting user 'login' (Type: 1)
Aug 16 14:22:24 root mpd: [L-3] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'login'
Aug 16 14:22:24 root mpd: [B-3] CCP: rec'd Terminate Ack #3 (Stopping)
Aug 16 14:22:24 root mpd: [B-3] CCP: state change Stopping --> Stopped
Aug 16 14:22:24 root mpd: [B-3] CCP: LayerFinish
Через Windows 7, весит окно проверка имени пользователя и пароля, потом 800 ошибка,
вол лог сервера что твориться в момент подключения
Aug 16 14:19:20 root mpd: [L-3] Link: OPEN event
Aug 16 14:19:20 root mpd: [L-3] LCP: Open event
Aug 16 14:19:20 root mpd: [L-3] LCP: state change Initial --> Starting
Aug 16 14:19:20 root mpd: [L-3] LCP: LayerStart
Aug 16 14:19:20 root mpd: [L-3] PPTP: attaching to peer's outgoing call
Aug 16 14:19:20 root mpd: [L-3] Link: UP event
Aug 16 14:19:20 root mpd: [L-3] LCP: Up event
Aug 16 14:19:20 root mpd: [L-3] LCP: state change Starting --> Req-Sent
Aug 16 14:19:20 root mpd: [L-3] LCP: SendConfigReq #1
Aug 16 14:19:20 root mpd: [L-3] MRU 1500
Aug 16 14:19:20 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:20 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:20 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:20 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:20 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:25 root mpd: [L-3] LCP: SendConfigReq #2
Aug 16 14:19:25 root mpd: [L-3] MRU 1500
Aug 16 14:19:25 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:25 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:25 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:25 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:25 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:30 root mpd: [L-3] LCP: SendConfigReq #3
Aug 16 14:19:30 root mpd: [L-3] MRU 1500
Aug 16 14:19:30 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:30 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:30 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:30 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:30 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:35 root mpd: [L-3] LCP: SendConfigReq #4
Aug 16 14:19:35 root mpd: [L-3] MRU 1500
Aug 16 14:19:35 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:35 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:35 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:35 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:35 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:40 root mpd: [L-3] LCP: SendConfigReq #5
Aug 16 14:19:40 root mpd: [L-3] MRU 1500
Aug 16 14:19:40 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:40 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:40 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:40 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:40 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:45 root mpd: [L-3] LCP: SendConfigReq #6
Aug 16 14:19:45 root mpd: [L-3] MRU 1500
Aug 16 14:19:45 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:45 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:45 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:45 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:45 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:50 root mpd: [L-3] LCP: SendConfigReq #7
Aug 16 14:19:50 root mpd: [L-3] MRU 1500
Aug 16 14:19:50 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:50 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:50 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:50 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:50 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:55 root mpd: [L-3] LCP: SendConfigReq #8
Aug 16 14:19:55 root mpd: [L-3] MRU 1500
Aug 16 14:19:55 root mpd: [L-3] MAGICNUM 4fdd7dcd
Aug 16 14:19:55 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Aug 16 14:19:55 root mpd: [L-3] MP MRRU 2048
Aug 16 14:19:55 root mpd: [L-3] MP SHORTSEQ
Aug 16 14:19:55 root mpd: [L-3] ENDPOINTDISC [802.1] 4c 00 10 54 12 6f
Aug 16 14:19:57 root mpd: [L-3] PPTP call terminated
Aug 16 14:19:57 root mpd: [L-3] Link: DOWN event
Aug 16 14:19:57 root mpd: [L-3] LCP: Close event
Aug 16 14:19:57 root mpd: [L-3] LCP: state change Req-Sent --> Closing
Aug 16 14:19:57 root mpd: [L-3] LCP: SendTerminateReq #9
Aug 16 14:19:57 root mpd: [L-3] LCP: Down event
Aug 16 14:19:57 root mpd: [L-3] LCP: LayerFinish
Aug 16 14:19:57 root mpd: [L-3] LCP: state change Closing --> Initial
Aug 16 14:19:57 root mpd: [L-3] Link: SHUTDOWN event
Aug 16 14:19:57 root mpd: [L-3] Link: Shutdown
> set ipcp ranges 192.168.170.0/32 ippool pool1Может винда не может это "переварить"?
> Windows 7 соединение не устанавливается...
> Aug 16 14:19:55 root mpd: [L-3] AUTHPROTO CHAP MSOFTv2ms-chap-v2 она хочет, а не просто chap
Внёс изменения в mpd5 на сервере.
# Multilink adds some overhead, but gives full 1500 MTU.
set link enable multilink
set link yes acfcomp protocomp
#set link no pap chap
#set link enable chap
set link keep-alive 10 60
#######################
set link no pap
set link no chap
set link no chap-md5
set link no chap-msv1
set link yes chap-msv2
set link mtu 1500
set link fsm-timeout 5Всё равно через винду 2003, 7 немогу подключиться ошибка таже без изменений, как то странно даже.
> как то странно даже.Ничего странного.
Это ваш конфиг mpd странный.Может я что-то упустил из школьного курса информатики, но записи
set ippool add pool1 192.168.170.1 192.168.170.254
set ipcp ranges 192.168.170.0/32 ippool pool1
в контексте mpd выглядят некорректно.Открываем дефолтный конфигурационный файл mpd и в секции pptp_server в самом начале читаем:
Предположим, у вас есть частная офисная сеть 192.168.1.0/24 и машина, на которой запущен mpd с IP-адресом 192.168.1.1,которая также видна извне по IP-адресу 1.2.3.4.
Мы хотим разрешить клиенту соединяться с IP-адресом 1.2.3.4 из Интернета через PPTP. Мы назначим клиенту IP-адрес 192.168.1.50 и
прокси-ARP для этого адреса, так, чтобы виртуальное PPP-соединение было с локальным адресом 192.168.1.1 и удалённым 192.168.1.50.
С точки зрения клиента, это выглядит так, будто клиентская машина находится в сети 192.168.1.0/24, хотя в реальности она
расположена где-то далеко в Интернете.
Поэтому, правильно будет так:
set ippool add pool1 192.168.170.2 192.168.170.254
set ipcp ranges 192.168.170.1/32 ippool pool1Смотрим далее.
Для чего выделяете отельную секцию server_common ?
В ней указываете опции
set link enable incoming
set link no acfcomp protocomp
По дефолту их можно указать и в основной секции pptp_serverСледом же вообще нечто странное:
в секции server_common подгружаете секцию load radius
А сама секция закомментирована
#radius:
??Сам конфиг перегружен, в нём дополнительно указаны и
set global enable tcp-wrapper и
set link enable report-mac и
set iface enable netflow-in netflow-out
Это что, всё реально нужно? Или это тупой копипаст со старого чужого конфига?И потом, отступы в конфиге неравномерные, "лесенкой", сформированные где tab'ом, где полу-tab'ом, где пробелом.
А mpd очень капризный в этом плане.Попробуйте, для начала, загрузить стандартный, рекомендованный дефолтный mpd конфиг.
Он подходит и срабатывает почти во всех случаях.
Если результат будет положительным, постепенно начинайте добавлять дополнительные опции.
Но только те, которые действительно нужны, а не от "фонаря".
Проверяйте после каждого изменения.Вот дефолтный вариант:
startup:
# настраиваем пользователей mpd
set user admin foobar admin
set user foo bar
# настраиваем консоль
set console self 127.0.0.1 5005
set console open
# настраиваем веб-сервер
set web self 0.0.0.0 5006
set web open
default:
# VPN CLIENT
load pptp_client# VPN SERVER
load pptp_server
pptp_client:
create bundle static B1
set iface up-script /usr/local/etc/mpd5/up.sh
set iface route default
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set bundle enable crypt-reqd
set mppc yes stateless
create link static L1 pptp
set link action bundle B1
set auth authname "login"
set auth password "password"
set link max-redial 0
set link mtu 1460
set link keep-alive 20 75
set pptp peer server_2
set pptp disable windowing
open
pptp_server:
# определяем пул динамических IP-адресов
set ippool add pool1 192.168.170.2 192.168.170.254
# создаём клонируемый шаблон слоя с именем B
create bundle template B
set iface enable proxy-arp
# разорвать соединение при простое 0 - отключить опцию
set iface idle 0
set iface enable tcpmssfix
# разрешить компрессию заголовков Van Jacobson TCP
set ipcp yes vjcomp# указываем IP-адрес для динамического назначения
set ipcp ranges 192.168.170.1/32 ippool pool1# следующие пять строк включают шифрование Microsoft Point-to-Point encryption
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless# создаём клонируемый шаблон связи с именем L
create link template L pptp
# установить связь со слоем
set link action bundle B# multilink добавляет некоторые накладные расходы, но предоставляет полные 1500 MTU
set link enable multilink
set link yes acfcomp protocompset link no pap chap eap
set link yes chap# уменьшаем mtu, чтобы избежать фрагментации GRE пакетов
set link mtu 1460
set link keep-alive 10 75
set link max-redial -1# настраиваем PPTP
set pptp self 1.2.3.4
# разрешаем принимать входящие вызовы
set link enable incoming
Оставьте по одной пустой строке после каждой секции и в конце конфигурационного файла mpd
Проверьте, в случае неудачи, попробуйте убрать следующие строки
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes statelessВообще, с вышеприведённым файлом, 7 подключается с созданным по дефолту VPN подключением.
Можно попробовать поиграться с виндовыми настройками VPN соединения во вкладке "Безопасность"
Установить в выпадающей менюшке "Шифрование данных:" "необязательное (подключаться даже без шифрования)"
"Галочки" в чекбоксах можно не менять.