pppd "peer refused to authenticate"
Figured it out.
The problem was giving the "auth" and "require-mschap-v2" options to pppd on the client end. Evidently only the server end must be configured to request authentication with the client configured to not request any kind of auth. What was happening was that the client asked the server to authenticate itself, which failed.
Related videos on Youtube
Moshev
Updated on September 18, 2022Comments
-
Moshev almost 2 years
I have a working pptpd+pppd server configured which currently has two Windows 7 clients successfully connecting. However, when I try to connect a linux client I'm getting a really weird exchange that ends with "peer refused to authenticate" on both the server and client end.
This is the log from the server:
pppd[8205]: using channel 51 pppd[8205]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfRej id=0x1 <auth chap MS-v2>] pppd[8205]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[8205]: sent [LCP ConfNak id=0x1 <auth pap>] pppd[8205]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[8205]: sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[8205]: sent [LCP EchoReq id=0x0 magic=0x20b0750f] pppd[8205]: sent [LCP TermReq id=0x3 "peer refused to authenticate"] pppd[8205]: rcvd [LCP EchoReq id=0x0 magic=0x23d6bed3] pppd[8205]: rcvd [LCP TermReq id=0x3 "peer refused to authenticate"] pppd[8205]: sent [LCP TermAck id=0x3] pppd[8205]: rcvd [LCP TermAck id=0x3] pptpd[8204]: CTRL: Reaping child PPP[8205]
And this is the log from the client:
pppd[12077]: pppd options in effect: pppd[12077]: debug # (from command line) pppd[12077]: holdoff 10 # (from /etc/ppp/peers/home1) pppd[12077]: persist # (from /etc/ppp/peers/home1) pppd[12077]: dump # (from command line) pppd[12077]: require-mschap-v2 # (from /etc/ppp/peers/home1) pppd[12077]: refuse-pap # (from /etc/ppp/peers/home1) pppd[12077]: refuse-mschap # (from /etc/ppp/peers/home1) pppd[12077]: name <redacted> # (from /etc/ppp/peers/home1) pppd[12077]: remotename <redacted> # (from /etc/ppp/peers/home1) pppd[12077]: # (from /etc/ppp/options) pppd[12077]: pty pptp <redacted> --nolaunchpppd # (from /etc/ppp/peers/home1) pppd[12077]: crtscts # (from /etc/ppp/options) pppd[12077]: # (from /etc/ppp/options) pppd[12077]: asyncmap 0 # (from /etc/ppp/options) pppd[12077]: lcp-echo-failure 4 # (from /etc/ppp/options) pppd[12077]: lcp-echo-interval 30 # (from /etc/ppp/options) pppd[12077]: hide-password # (from /etc/ppp/options) pppd[12077]: proxyarp # (from /etc/ppp/options) pppd[12077]: nobsdcomp # (from /etc/ppp/peers/home1) pppd[12077]: nodeflate # (from /etc/ppp/peers/home1) pppd[12077]: nomppe # (from /etc/ppp/peers/home1) pppd[12077]: noipx # (from /etc/ppp/options) pppd[12078]: pppd 2.4.5 started by <redacted>, uid 0 pppd[12078]: using channel 12 pppd[12078]: Using interface ppp0 pppd[12078]: Connect: ppp0 <--> /dev/pts/14 pptp[12079]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated pptp[12086]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established. pppd[12078]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>] pptp[12086]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply. pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 1920). pppd[12078]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>] pppd[12078]: No auth is possible pppd[12078]: sent [LCP ConfRej id=0x1 <auth chap MS-v2>] pppd[12078]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[12078]: sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[12078]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[12078]: rcvd [LCP ConfNak id=0x1 <auth pap>] pppd[12078]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[12078]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[12078]: sent [LCP EchoReq id=0x0 magic=0x23d6bed3] pppd[12078]: peer refused to authenticate: terminating link pppd[12078]: sent [LCP TermReq id=0x3 "peer refused to authenticate"] pppd[12078]: rcvd [LCP EchoReq id=0x0 magic=0x20b0750f] pppd[12078]: rcvd [LCP TermReq id=0x3 "peer refused to authenticate"] pppd[12078]: sent [LCP TermAck id=0x3] pppd[12078]: rcvd [LCP TermAck id=0x3] pppd[12078]: Connection terminated.
I'm really puzzled by these lines (from the server log):
pppd[8205]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfRej id=0x1 <auth chap MS-v2>] pppd[8205]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>] pppd[8205]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>] pppd[8205]: sent [LCP ConfNak id=0x1 <auth pap>] pppd[8205]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]
If I'm reading right, server requests mschap-v2 auth, then the client rejects that (why?); after that the client requests mschap-v2 auth, then the server rejects pap (wtf?) leading to both peers settling on no auth and the connection failing.
Can someone shed some light on what's happening here?
-
moioi about 10 yearsyou explain the reason, how do you resolve this problem?