Le Tue, 01 Oct 2002 12:08:16 -0500
J. Buck Caldwell a écrit :
> >> Is anyone using PoPToP with NetBSD to connect Win9x VPN clients? I'm
> >> having trouble getting it set up. I can initiate the connection, but
> >it> fails before sucessfully connecting.
> > 
> > Does your firewall let GRE packets in ? (It's an IP protocol, number
> > 47).
> 
> This machine is behind my firewall, and is on the same segment (but
> different subnet) as the machine I'm trying to connect from - and no,
> the router between the subnets is not blocking any ports. This is a
> test, because it's a lot easier to do with the two machines 5 feet away
> from each other than 10 miles apart(seeing as how my existing firewall
> blocks telnet).

I understand, but it's quite common to filter out non TCP/UDP/ICMP
packets.

> >> I'm using NetBSD 1.6-i386. I've installed the ppp-mppe package,
> >renamed> then linked/usr/sbin/pppd to /usr/pkg/sbin/pppd, modload'ed
> >mppe.o, and> started /usr/pkg/sbin/pptpd. The configs are below:
> > 
> > You don't have to link /usr/sbin/pppd. pptpd is aware of which pppd
> > call.
> 
> I can't agree - I tried it without doing the link, and pppd complained
> about the +chapms &etc lines in the /etc/ppp/options - so it was calling
> the stock pppd.

There's a simpler way of doing this : 'make install POPTOP_USE_MPPE=yes'
in net/poptop. Then poptop is ./configure'd with the correct path to pppd.

Anyway, that's not the source of your problem. The first thing to do is
removing the 'require-chap' line of your pppd config. I'm not sure if it
is possible to negociate Microsoft's encryption when not using Microsoft's
own "tweaks" of CHAP. It it still doesn't work, try without encryption,
using PAP, using either version of CHAP-MS and so. Thus it'll be easier to
tell where the problem lies.

And I thought I had ran through all PoPToP issues this summer :o)

cube

-- 
That's how I did it, Anton. I never saved anything
for the swim back.
Vincent/Jerome, in Gattaca.