Liebe Leute!
Ich habe hier einen SuSE 9.3-Rechner stehen, dem ich einen Zugang per VPN über PPTP spendieren will. Ich habe also pptpd installiert und nach der Anleitung in /usr/share/doc/packages/pptpd/LIESMICH.SuSE die Konfiguration gebaut.
Nun habe ich aber das Problem, daß die Verschlüsselung per MPPE nicht klappt, die Option wird nicht erkannt. Fehlermeldung siehe hier im Auszug aus der /var/log/messages:
Aug 7 15:37:32 roland kernel: PPP MPPE Compression module registered
Aug 7 15:37:33 roland pptpd[10687]: MGR: Manager process started
Aug 7 15:37:42 roland pptpd[10689]: MGR: Launching /usr/sbin/pptpctrl to handle client
Aug 7 15:37:42 roland pptpd[10687]: MGR: No free connection slots or IPs - no more clients can connect!
Aug 7 15:37:42 roland pptpd[10689]: CTRL: local address = 192.168.1.1
Aug 7 15:37:42 roland pptpd[10689]: CTRL: remote address = 192.168.1.2
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pppd speed = 115200
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pppd options file = /etc/ppp/options.ppp0
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Client 192.168.0.2 control connection started
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 1)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Made a START CTRL CONN RPLY packet
Aug 7 15:37:42 roland pptpd[10689]: CTRL: I wrote 156 bytes to the client.
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Sent packet to client
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 7)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: 0 min_bps, 1525 max_bps, 32 window size
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Made a OUT CALL RPLY packet
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Starting call (launching pppd, opening GRE)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pty_fd = 5
Aug 7 15:37:42 roland pptpd[10689]: CTRL: tty_fd = 6
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): Connection speed = 115200
Aug 7 15:37:42 roland pptpd[10689]: CTRL: I wrote 32 bytes to the client.
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): local address = 192.168.1.1
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Sent packet to client
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): remote address = 192.168.1.2
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 15)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Aug 7 15:37:42 roland pppd[10690]: In file /etc/ppp/options.ppp0: unrecognized option 'mppe-40'
Aug 7 15:37:42 roland pptpd[10689]: GRE: Bad checksum from pppd
Aug 7 15:37:42 roland pptpd[10689]: Error reading from pppd: Input/output error
Aug 7 15:37:42 roland pptpd[10689]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Client 192.168.0.2 control connection finished
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Exiting now
Aug 7 15:37:42 roland pptpd[10687]: MGR: Reaped child 10689
Ich habe hier einen SuSE 9.3-Rechner stehen, dem ich einen Zugang per VPN über PPTP spendieren will. Ich habe also pptpd installiert und nach der Anleitung in /usr/share/doc/packages/pptpd/LIESMICH.SuSE die Konfiguration gebaut.
Nun habe ich aber das Problem, daß die Verschlüsselung per MPPE nicht klappt, die Option wird nicht erkannt. Fehlermeldung siehe hier im Auszug aus der /var/log/messages:
Aug 7 15:37:32 roland kernel: PPP MPPE Compression module registered
Aug 7 15:37:33 roland pptpd[10687]: MGR: Manager process started
Aug 7 15:37:42 roland pptpd[10689]: MGR: Launching /usr/sbin/pptpctrl to handle client
Aug 7 15:37:42 roland pptpd[10687]: MGR: No free connection slots or IPs - no more clients can connect!
Aug 7 15:37:42 roland pptpd[10689]: CTRL: local address = 192.168.1.1
Aug 7 15:37:42 roland pptpd[10689]: CTRL: remote address = 192.168.1.2
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pppd speed = 115200
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pppd options file = /etc/ppp/options.ppp0
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Client 192.168.0.2 control connection started
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 1)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Made a START CTRL CONN RPLY packet
Aug 7 15:37:42 roland pptpd[10689]: CTRL: I wrote 156 bytes to the client.
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Sent packet to client
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 7)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: 0 min_bps, 1525 max_bps, 32 window size
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Made a OUT CALL RPLY packet
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Starting call (launching pppd, opening GRE)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: pty_fd = 5
Aug 7 15:37:42 roland pptpd[10689]: CTRL: tty_fd = 6
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): Connection speed = 115200
Aug 7 15:37:42 roland pptpd[10689]: CTRL: I wrote 32 bytes to the client.
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): local address = 192.168.1.1
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Sent packet to client
Aug 7 15:37:42 roland pptpd[10690]: CTRL (PPPD Launcher): remote address = 192.168.1.2
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Received PPTP Control Message (type: 15)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Aug 7 15:37:42 roland pppd[10690]: In file /etc/ppp/options.ppp0: unrecognized option 'mppe-40'
Aug 7 15:37:42 roland pptpd[10689]: GRE: Bad checksum from pppd
Aug 7 15:37:42 roland pptpd[10689]: Error reading from pppd: Input/output error
Aug 7 15:37:42 roland pptpd[10689]: CTRL: GRE read or PTY write failed (gre,pty)=(6,5)
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Client 192.168.0.2 control connection finished
Aug 7 15:37:42 roland pptpd[10689]: CTRL: Exiting now
Aug 7 15:37:42 roland pptpd[10687]: MGR: Reaped child 10689
Egal, welche mppe-Option ich in der /etc/ppp/options.ppp0 aktiviere, der Fehler bleibt entsprechend und der Windowsclient (XP mit SP2) verweigert die Verbindung mit der Meldung, daß der Server die angeforderte Verschlüsselung nicht unterstütze. Eine Verbindung mit auskommentierten mppe-Optionen und ohne clientseitig zwingend vorgeschriebene Verschlüsselung klappt. Es sind keine Firewalls im Spiel. Hat jemand eine zündende Idee?[/b]