Skip to content
peap-ms-chap v2 patch for linux pppd
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information. update readme Nov 7, 2018
peap.patch remove gcrypt.h dep Jan 28, 2018


Patch for PPP daemon that implements PEAP-MS-CHAP v2 auth


Patch modifies default setup location, from /usr/local to /usr. So make sure you run a proper pppd after installation.

wget -c
tar -xvf ppp-2.4.7.tar.gz
cd ppp-2.4.7
patch -p1 < peap.patch
sudo apt-get install gnutls-dev
sudo make install

Here is how to configure peer in /etc/ppp/peers/:

pty "pptp <SERVER> --nolaunchpppd"
ipparam <TUNNEL>

And chap file /etc/ppp/chap-secrets:

# client        server  secret                  IP addresses * password *

If you specify a login in different manner(without @) you'll get a segmentation fault, I didn't have much time to implement proper error checking

Here is how to connect:

pon <TUNNEL>

or for debugging:

pppd call <TUNNEL> debug nodetach 

more on PEAP

You might need to reconfigure RRAS server and configure the EAP Payload Size and set MTU to 1344. EAP doesn't support fragmentation per RFC but Microsoft implemented EAP fragmentation, however Linux PPP daemon doesn't support it, and will discard packets that are larger than MRU MTU negotiated during LCP

You can’t perform that action at this time.