-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"CHAP authentication succeeded" followed by "Authentication failed" #335
Comments
@paulusmack, @nomis, @enaess: What do you think? |
@Bidski you're asking the "server" to authenticate too and it's unable to do that. Read the documentation. @Neustradamus I don't think you understand or use PPP or you could have diagnosed this common problem yourself without sending messages to developers. |
@nomis can you direct me to the part of the documentation that I should be reading? I have tried adding |
@nomis is right, your local pppd configuration is sending a LCP config request to the server asking it to authenticate using MSCHAPv2. The client session receives a CHAP SUCCESS packet (session: 0x01) from the server, however; the client is also sending repeated CHAP CHALLENGE to the server asking it to authenticate itself (session: 0x52), the server responds with a CHAP response and an empty name before it finally the client sends a LCP Term Request and terminates the tunnel. I'd say, post your configuration here for both xsl2tpd and pppd for the current session (and any option files). |
Here is
And here is my ppp options file
As I said earlier, I have tried many different variations of options and settings, these are just my most recent attempts. I have tried setting |
How are your server setup? Are you dialing into a Windows server via L2TP? Even if you are, specifying "noccp" and the options "require-mppe" and "mppe-stateful" is a no-op. Don't think it would change anything. |
I believe it is a Cisco server (probably running on Widows). I don't have the specifics of the server setup apart from the details that they provide everyone else (who is connecting from Windows and is also very little information -- L2TP/IPSec with a PSK). If you can tell me details that I need to know I can ask for them.
As I said earlier, things aren't working and I am not sure on the specifics for why, so I started trying many many different options, none of the made any difference. |
I do have a setup for SSTP and could easily switch it to L2TP on my windows server to test with. I'll need some time to configure this though ... |
If I add this line to
And if I remove this from
Then the connection comes up and I get a
And
However, I am unable to set up a route so that all VPN traffic (should be anything on
I am also unable to ping any IP addresses that should be available through the VPN. System logs now show
The "Can not find tunnel" and "unable to find call or tunnel to handle packet" are repeated many times so I cut them out for brevity. Are these problems still part of the previous problems I was seeing or is this more to do with xl2tpd or something else now? |
@paulusmack, @enaess: What do you think? |
Sorry, I haven't used xl2tpd. I don't know anything about how to configure it. The best I can suggest is to add the 'dump' option to /etc/ppp/options, try to connect, then look in the logs for which options are enabled to see if there are any that shouldn't be there. |
Looks to me that the user were able to overcome the authentication issues he had. Now, it's up to the xl2tpd to send forward these packets. Why it is having problem passing udp packets to the remote host with "permission denied" is likely a problem on xl2tpd side. Have he tried to ask someone on their mailing list? |
I did manage to eventually resolve this issue and I can now successfully establish a connection |
what is fix with this |
Some more information can be found here. IIRC one of the main issues was that I had configured PPP but not XL2TP |
I am trying to setup a L2TP/IPSec client on Arch Linux. The IPSec connection appears to work fine, but when setting up the L2TP connection on top of the IPSec connection I see the following output and I have no idea what to make of it. I'm not sure if this is a bug or just bad settings on my part, but after hours of googling and trying variations of the settings I am getting nowhere.
What is failing here? Why is it failing? How can I get further information?
pppd version 2.4.9
xl2tpd version 1.3.17
IPSec version Linux strongSwan U5.9.4/K5.16.5-arch1-1
The text was updated successfully, but these errors were encountered: