Tomsk Sysadmins Forum

Unix => Администрирование => Topic started by: mac on June 21, 2008, 23:26:12

Title: Помогите поднять vpn на FreeBSD
Post by: mac on June 21, 2008, 23:26:12
Имеется FreeBSD 7.0-CURRENT, mpd 4.3 (из портов), pf - отключил, VPN - Новые телесистемы

mpd.conf

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']startup:
   set console port 5005
   set console ip 0.0.0.0
   set console user name password
   set console open

default:
   load nts

nts:
   new -i ng0 nts nts
   set iface idle 0   
   set iface up-script /usr/local/etc/mpd4/default_add
   set iface down-script /usr/local/etc/mpd4/default_del
   set bundle disable multilink
   set bundle enable compression
   set bundle disabble crypt-reqd
   set auth authname "name"
   set auth password "passwor"
   set link yes acfcomp protocomp
   set link disable chap pap
   set link accept chap pap
   set link yes pap
   set link no chap
   set link mtu 1460
   set link keep-alive 10 75
   set ipcp yes vjcomp
   set ipcp ranges 0.0.0.0/0 0.0.0.0/0
   set ccp yes mppc
   set ccp yes mpp-e40
   set ccp yes mpp-e128
   set ccp yes mpp-stateless
   open

mpd.links

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']nts:
        set link type pptp
        set pptp peer 82.117.160.3
        set pptp enable originate incoming outcall

default_add

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']#!/bin/sh
#

default_route_old=`route -n get default 2>&1 | grep gateway | awk '{print $2}'`
if [ $default_route_old ]; then
  echo $default_route_old > /var/tmp/default_route_old
  route -nq change default $4
else
  rm -f /var/tmp/default_route_old
  route -nq add default $4
fi

default_del

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']#!/bin/sh
#

if [ -r /var/tmp/default_route_old ]; then
  default_route_old=`cat /var/tmp/default_route_old`
  rm -f /var/tmp/default_route_old
  route -nq change default $default_route_old
else
  route -nq delete default
fi

mpd.log

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']Jun 21 23:01:02 class mpd: process 3706 terminated
Jun 21 23:01:02 class mpd: Multi-link PPP daemon for FreeBSD
Jun 21 23:01:02 class mpd:  
Jun 21 23:01:02 class mpd: process 3858 started, version 4.3
Jun 21 23:01:02 class mpd: CONSOLE: listening on 0.0.0.0 5005
Jun 21 23:01:02 class mpd: PPTP: waiting for connection on 0.0.0.0
Jun 21 23:01:02 class mpd: [nts] using interface ng0
Jun 21 23:01:02 class mpd: [nts] link: OPEN event
Jun 21 23:01:02 class mpd: [nts] LCP: Open event
Jun 21 23:01:02 class mpd: [nts] LCP: state change Initial --> Starting
Jun 21 23:01:02 class mpd: [nts] LCP: LayerStart
Jun 21 23:01:02 class mpd: pptp0: connecting to 82.117.160.3 1723
Jun 21 23:01:02 class mpd: pptp0: connected to 82.117.160.3 1723
Jun 21 23:01:02 class mpd: pptp0: attached to connection with 82.117.160.3 1723
Jun 21 23:01:02 class mpd: pptp0-0: outgoing call connected at 64000 bps
Jun 21 23:01:02 class mpd: [nts] PPTP call successful
Jun 21 23:01:02 class mpd: [nts] link: UP event
Jun 21 23:01:02 class mpd: [nts] link: origination is local
Jun 21 23:01:02 class mpd: [nts] LCP: Up event
Jun 21 23:01:02 class mpd: [nts] LCP: state change Starting --> Req-Sent
Jun 21 23:01:02 class mpd: [nts] LCP: SendConfigReq #1
Jun 21 23:01:02 class mpd:  ACFCOMP
Jun 21 23:01:02 class mpd:  PROTOCOMP
Jun 21 23:01:02 class mpd:  ACCMAP 0x000a0000
Jun 21 23:01:02 class mpd:  MRU 1500
Jun 21 23:01:02 class mpd:  MAGICNUM ffd7e4a4
Jun 21 23:01:02 class mpd:  AUTHPROTO PAP
Jun 21 23:01:02 class mpd: [nts] LCP: rec'd Configure Request #1 (Req-Sent)
Jun 21 23:01:02 class mpd:  MRU 1400
Jun 21 23:01:02 class mpd:  AUTHPROTO PAP
Jun 21 23:01:02 class mpd:  MAGICNUM 410ab911
Jun 21 23:01:02 class mpd: [nts] LCP: SendConfigAck #1
Jun 21 23:01:02 class mpd:  MRU 1400
Jun 21 23:01:02 class mpd:  AUTHPROTO PAP
Jun 21 23:01:02 class mpd:  MAGICNUM 410ab911
Jun 21 23:01:02 class mpd: [nts] LCP: state change Req-Sent --> Ack-Sent
Jun 21 23:01:02 class mpd: [nts] LCP: rec'd Configure Ack #1 (Ack-Sent)
Jun 21 23:01:02 class mpd:  ACFCOMP
Jun 21 23:01:02 class mpd:  PROTOCOMP
Jun 21 23:01:02 class mpd:  ACCMAP 0x000a0000
Jun 21 23:01:02 class mpd:  MRU 1500
Jun 21 23:01:02 class mpd:  MAGICNUM ffd7e4a4
Jun 21 23:01:02 class mpd:  AUTHPROTO PAP
Jun 21 23:01:02 class mpd: [nts] LCP: state change Ack-Sent --> Opened
Jun 21 23:01:02 class mpd: [nts] LCP: auth: peer wants PAP, I want PAP
Jun 21 23:01:02 class mpd: [nts] PAP: using authname "name"
Jun 21 23:01:02 class mpd: [nts] PAP: sending REQUEST len:14
Jun 21 23:01:02 class mpd: [nts] LCP: LayerUp
Jun 21 23:01:02 class mpd: [nts] PAP: rec'd ACK #1
Jun 21 23:01:02 class mpd: [nts] LCP: rec'd Terminate Request #2 (Opened)
Jun 21 23:01:02 class mpd: [nts] LCP: state change Opened --> Stopping
Jun 21 23:01:02 class mpd: [nts] AUTH: Cleanup
Jun 21 23:01:02 class mpd: [nts] LCP: SendTerminateAck #2
Jun 21 23:01:02 class mpd: [nts] LCP: LayerDown
Jun 21 23:01:02 class mpd: pptp0-0: peer call disconnected res=lost carrier err=none
Jun 21 23:01:02 class mpd: pptp0-0: killing channel
Jun 21 23:01:02 class mpd: [nts] PPTP call terminated
Jun 21 23:01:02 class mpd: [nts] link: DOWN event
Jun 21 23:01:02 class mpd: [nts] LCP: Close event
Jun 21 23:01:02 class mpd: [nts] LCP: state change Stopping --> Closing
Jun 21 23:01:02 class mpd: [nts] LCP: Down event
Jun 21 23:01:02 class mpd: [nts] LCP: LayerFinish
Jun 21 23:01:02 class mpd: [nts] LCP: state change Closing --> Initial
Jun 21 23:01:02 class mpd: pptp0: closing connection with 82.117.160.3 1723
Jun 21 23:01:02 class mpd: pptp0: got StopCtrlConnRequest: reason=zero?
Jun 21 23:01:02 class mpd: pptp0: killing connection with 82.117.160.3 1723


Может кто-нибудь подскажет как решить проблему?
Title: Помогите поднять vpn на FreeBSD
Post by: Petya on June 28, 2008, 15:51:49
У меня подобного свойства проблема.  Правда с mpd5.1 и на шестерке (6.3 RELEASE).
Quote
startup:
        set user foo bar admin
        set user foo1 bar1
        set console self 127.0.0.1 5005
        set console open
        set web self 0.0.0.0 5006
        set web open

default:
        load 1

1:
        create bundle static B1
        set ipcp ranges 0.0.0.0/0 0.0.0.0/0

        create link static L1 pptp
        set link action bundle B1

        set auth authname "имя"
        set auth password "пароль"
        set link yes acfcomp protocomp
        set link yes pap
        set link mtu 1460
        set link keep-alive 10 60
        set link max-redial 0
        set pptp disable windowing
        set pptp peer vpn.nts.su
        open

Лог выдает следующее
Quote
# mpd5
Multi-link PPP daemon for FreeBSD

process 2498 started, version 5.1 ([email protected] 15:31 11-Apr-2008)
CONSOLE: listening on 127.0.0.1 5005
web: listening on 0.0.0.0 5006
[B1] Bundle: Interface ng0 created
[L1] [L1] Link: OPEN event
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
[L1] PPTP call successful
[L1] Link: UP event
[L1] Link: origination is local
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0768247a
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Request #1 (Req-Sent)
[L1]   MRU 1400
[L1]   AUTHPROTO PAP
[L1]   MAGICNUM 6f2f300d
[L1] LCP: SendConfigAck #1
[L1]   MRU 1400
[L1]   AUTHPROTO PAP
[L1]   MAGICNUM 6f2f300d
[L1] LCP: state change Req-Sent --> Ack-Sent
[L1] LCP: rec'd Configure Ack #1 (Ack-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 0768247a
[L1]   AUTHPROTO PAP
[L1] LCP: state change Ack-Sent --> Opened
[L1] LCP: auth: peer wants PAP, I want PAP
[L1] PAP: using authname "имя"
[L1] PAP: sending REQUEST #1 len: 18
[L1] LCP: LayerUp
[L1] PAP: rec'd ACK #1 len: 5
[L1] LCP: rec'd Terminate Request #2 (Opened)
[L1] LCP: state change Opened --> Stopping
[L1] LCP: SendTerminateAck #2
[L1] LCP: LayerDown
[L1] PPTP call terminated
[L1] Link: DOWN event
[L1] LCP: Down event
[L1] LCP: state change Stopping --> Starting
[L1] Link: reconnection attempt 1 in 3 seconds
caught fatal signal int
[B1] IFACE: Close event
[B1] IPCP: Close event
[L1] LCP: Close event
[L1] LCP: state change Starting --> Initial
[L1] LCP: LayerFinish
[B1] Bundle: Shutdown
[L1] Link: Shutdown
И так далее...
Самое печальное в том, что явным образом не видно в чем ошибка.
З.Ы.: аналогичный (различается только методом аутидентификации) конфиг для подключения к vneska.net отлично работает.
Title: Помогите поднять vpn на FreeBSD
Post by: mac on June 30, 2008, 19:43:50
Решение проблемы нашлось. Теперь все выглядит примерно вот так

mpd.conf
[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']startup:
   set console port 5005
   set console ip 0.0.0.0
   set console user name password
   set console open

default:
   load nts

nts:
   new -i ng0 nts nts
   set iface idle 0   
   set iface up-script /usr/local/etc/mpd4/default_add
   set iface down-script /usr/local/etc/mpd4/default_del
   set bundle disable multilink
   set bundle enable compression
   set auth authname "name"
   set auth password "password"
   set link mtu 1460
   set link keep-alive 10 75
   set ipcp yes vjcomp
   set ipcp ranges 0.0.0.0/0 0.0.0.0/0
   open

default_add

[div class=\'codetop\']CODE[div class=\'codemain\' style=\'height:200px;white-space:pre;overflow:auto\']#!/bin/sh
#

default_route_old=`route -n get default 2>&1 | grep gateway | awk '{print $2}'`
if [ $default_route_old ]; then
  echo $default_route_old > /var/tmp/default_route_old
  route delete $4
  route add $4 $default_route_old
  route -nq change default $4
else
  rm -f /var/tmp/default_route_old
    route delete $4
  route add $4 $default_route_old
  route -nq change default $4
fi