Configure ppp to Dial with call back - PPP

This is a discussion on Configure ppp to Dial with call back - PPP ; Hi all, I am trying to configure pppd to dial to an ISP (actually my company) that has to give me the call back. I have no experience with ppp so after getting the modem to work I decided to ...

+ Reply to Thread
Results 1 to 15 of 15

Thread: Configure ppp to Dial with call back

  1. Configure ppp to Dial with call back

    Hi all,

    I am trying to configure pppd to dial to an ISP (actually my company)
    that has to give me the call back.
    I have no experience with ppp so after getting the modem to work I
    decided to try kppp. I am using Fedora Core 3 and gnome.

    The problem I have with kppp is the following:

    1-I configure the connection and I detect the modem correctly
    2-I select to use PAP/CHAP authentication
    3-The modem dials correctly and after getting the CONNECT kppp starts
    pppd, then suddenly pppd dies and I get the following log:

    "
    Aug 11 18:03:28 localhost pppd[7147]: pppd 2.4.2 started by root, uid 0
    Aug 11 18:03:28 localhost pppd[7147]: Using interface ppp0
    Aug 11 18:03:28 localhost pppd[7147]: Connect: ppp0 <--> /dev/pts/1
    Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    25; Naking
    Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    13; Naking
    Aug 11 18:03:30 localhost pppd[7147]: EAP: peer reports authentication
    failure
    Aug 11 18:03:30 localhost pppd[7147]: Connection terminated.
    Aug 11 18:03:30 localhost pppd[7147]: Exit

    "

    So the NAS in my company side is using EAP, and I think that what this
    log means is that pppd does not understand the authentication that is
    being used over EAP. I read that pppd.2.4.3 includes support for
    MS-CHAP and I think this is what is being used because for sure the NAS
    in my company side is an NT or Win 2003 server, hence I downloaded and
    installed from the sources the pppd 2.4.3. Actually if I log as root
    and I type:

    #pppd --version
    I get:
    pppd version 2.4.3

    So pppd 2.4.3 seems to be correctly installed, then I don't understand
    why in the kppp log it keeps on appearing:

    "pppd 2.4.2 started by root, uid 0" (check the first line of the log)

    This is the first question:
    -Why kppp is not using ppp 2.4.3 and keeps on using the previously
    installed version ?

    Anyway I tried to configure the dial scripts on my own
    As a ppp script I have ppp_up:

    "
    modem 460800 crtscts
    connect '/usr/sbin/chat -v -f /etc/ppp/chat/isp'
    defaultroute
    user my_user_name
    "

    In /etc/ppp/peers, then I run "pppd call ppp_up"

    And I tried to possible dialing scripts (/etc/ppp/chat/isp):

    1-The first one is the one that appears in the pppd page, example
    section:

    ABORT "NO CARRIER"
    ABORT "NO DIALTONE"
    ABORT "ERROR"
    ABORT "NO ANSWER"
    ABORT "BUSY"
    TIMEOUT 90
    REPORT CARRIER
    "" at
    OK "atw1&d0&c1"
    OK
    atdt${ISP_number}
    "~"

    2-The second one is one I found in the internet they said was being
    used to configure the call back:

    '' AT
    OK 'AT${MODEM_INIT}'
    OK ATDT${ISP_PHONE}
    name: ${USER_NAME}
    word: ${USER_PASSWORD}
    back ATH
    TIMEOUT 90
    RING ATA
    '>' ppp

    with:
    MODEM_INIT="'AT&B1&D2&H1S0=0S10=50V1E1Q0'"

    None of the dialing scripts is working for me, when I run pppd for any
    of the scripts I only see in the console written "AT" (the first
    command) and after a while pppd dies and I can not type in the console
    anymore.

    Enabling the debug or logfile options I get:

    "Connect script failed"

    For any of the dialing scripts.

    So I don't know where is the mistake. Can you provide me a bit of light
    on this, or tell me where can I find a script that correctly configures
    the call back ?

    PS: I have a winmodem and I am using the snd_intel8x0m module and the
    slmodem-2.9.9d-alsa drivers. But as I said the modem does not seem to
    be the problem.


  2. Re: Configure ppp to Dial with call back

    "Dani Camps" writes:
    > Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    > 25; Naking
    > Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    > 13; Naking


    Type 25 is "PEAP" and 13 is "EAP-TLS." Neither is implemented in
    pppd.

    > So the NAS in my company side is using EAP, and I think that what this
    > log means is that pppd does not understand the authentication that is
    > being used over EAP.


    That's right.

    > I read that pppd.2.4.3 includes support for
    > MS-CHAP and I think this is what is being used because for sure the NAS
    > in my company side is an NT or Win 2003 server, hence I downloaded and
    > installed from the sources the pppd 2.4.3. Actually if I log as root
    > and I type:


    In that case you might want "refuse-eap" in your configuration.

    > -Why kppp is not using ppp 2.4.3 and keeps on using the previously
    > installed version ?


    No idea. I don't use kppp.

    > None of the dialing scripts is working for me, when I run pppd for any
    > of the scripts I only see in the console written "AT" (the first
    > command) and after a while pppd dies and I can not type in the console
    > anymore.


    It sounds like you're missing a device name in your configuration,
    such as "/dev/ttyS0".

    > PS: I have a winmodem and I am using the snd_intel8x0m module and the
    > slmodem-2.9.9d-alsa drivers. But as I said the modem does not seem to
    > be the problem.


    Eeek!

    Winmodems are awful beasts. In the rare cases where they "work" at
    all, they're frequent contributors to kernel panics and other mayhem.
    If you value your data at all, consider getting a real modem instead.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  3. Re: Configure ppp to Dial with call back

    Dani Camps wrote:
    > Hi all,


    > I am trying to configure pppd to dial to an ISP (actually my company)
    > that has to give me the call back.
    > I have no experience with ppp so after getting the modem to work I
    > decided to try kppp. I am using Fedora Core 3 and gnome.


    > The problem I have with kppp is the following:


    > 1-I configure the connection and I detect the modem correctly
    > 2-I select to use PAP/CHAP authentication
    > 3-The modem dials correctly and after getting the CONNECT kppp starts
    > pppd, then suddenly pppd dies and I get the following log:


    > "
    > Aug 11 18:03:28 localhost pppd[7147]: pppd 2.4.2 started by root, uid 0
    > Aug 11 18:03:28 localhost pppd[7147]: Using interface ppp0
    > Aug 11 18:03:28 localhost pppd[7147]: Connect: ppp0 <--> /dev/pts/1


    This is a connection to standard output. You need to specify /dev/ttySx
    as a pppd option, or perhaps a kppp configuration item, where ttySx is
    the device file required by the modem's serial device. Kppp is first
    and foremost a dialing front end to pppd.

    > Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    > 25; Naking
    > Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    > 13; Naking
    > Aug 11 18:03:30 localhost pppd[7147]: EAP: peer reports authentication
    > failure
    > Aug 11 18:03:30 localhost pppd[7147]: Connection terminated.
    > Aug 11 18:03:30 localhost pppd[7147]: Exit


    > "


    > So the NAS in my company side is using EAP, and I think that what this
    > log means is that pppd does not understand the authentication that is
    > being used over EAP. I read that pppd.2.4.3 includes support for
    > MS-CHAP and I think this is what is being used because for sure the NAS
    > in my company side is an NT or Win 2003 server, hence I downloaded and
    > installed from the sources the pppd 2.4.3. Actually if I log as root
    > and I type:


    > #pppd --version
    > I get:
    > pppd version 2.4.3


    > So pppd 2.4.3 seems to be correctly installed, then I don't understand
    > why in the kppp log it keeps on appearing:


    > "pppd 2.4.2 started by root, uid 0" (check the first line of the log)


    > This is the first question:
    > -Why kppp is not using ppp 2.4.3 and keeps on using the previously
    > installed version ?


    The two versions must be stored in different places. The standard pppd
    installs in /usr/sbin by default. No telling where the one kppp that
    uses is located. If you update the system 's file database regularly
    then try " locate pppd|grep bin|less " or similar.

    > Anyway I tried to configure the dial scripts on my own
    > As a ppp script I have ppp_up:


    > "
    > modem 460800 crtscts
    > connect '/usr/sbin/chat -v -f /etc/ppp/chat/isp'
    > defaultroute
    > user my_user_name
    > "


    I think 460800 is too large for the usual consumer grade serial device
    and could result in FIFO over-run if something is highly modem-compressed
    enough. Usually 115200 is used.

    > In /etc/ppp/peers, then I run "pppd call ppp_up"


    > And I tried to possible dialing scripts (/etc/ppp/chat/isp):


    > 1-The first one is the one that appears in the pppd page, example
    > section:


    > ABORT "NO CARRIER"
    > ABORT "NO DIALTONE"
    > ABORT "ERROR"
    > ABORT "NO ANSWER"
    > ABORT "BUSY"
    > TIMEOUT 90
    > REPORT CARRIER
    > "" at
    > OK "atw1&d0&c1"
    > OK
    > atdt${ISP_number}
    > "~"


    It's not the one in the man pages for either of the standard pppd
    versions 2.4.2 or 2.4.3, which only show a password/login script.

    I'd suggest using

    CONNECT \d\c

    instead of "~" for the last line, but that's not related to the problem
    you have here.

    > 2-The second one is one I found in the internet they said was being
    > used to configure the call back:


    > '' AT
    > OK 'AT${MODEM_INIT}'
    > OK ATDT${ISP_PHONE}
    > name: ${USER_NAME}
    > word: ${USER_PASSWORD}
    > back ATH
    > TIMEOUT 90
    > RING ATA
    > '>' ppp


    > with:
    > MODEM_INIT="'AT&B1&D2&H1S0=0S10=50V1E1Q0'"


    I hope "they" means your company.

    > None of the dialing scripts is working for me, when I run pppd for any
    > of the scripts I only see in the console written "AT" (the first
    > command) and after a while pppd dies and I can not type in the console
    > anymore.


    The console (standard output) won't reply to AT, a modem will.

    > Enabling the debug or logfile options I get:


    > "Connect script failed"


    > For any of the dialing scripts.


    > So I don't know where is the mistake. Can you provide me a bit of light
    > on this, or tell me where can I find a script that correctly configures
    > the call back ?


    The light from above should help. The chat callback script is not yet
    an issue.

    > PS: I have a winmodem and I am using the snd_intel8x0m module and the
    > slmodem-2.9.9d-alsa drivers. But as I said the modem does not seem to
    > be the problem.


    Double Eeek!

    --
    Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"

  4. Re: Configure ppp to Dial with call back

    Thanks guys for the replies,

    I fixed that Kppp was using the pppd2.4.2 instead of the 2.4.3, you
    were right there were two versions installed.
    I also fixed that when using Kppp pppd was not using the proper modem
    device, now it is using it /dev/ttySL0.

    I have this modem connection working in Windows so I did in Windows an
    ethereal capture and I saw that what is being used is CHAP
    authentication, so I configured Kppp to use CHAP. I configure Kppp to
    run pppd with the following options:

    ttySL0
    refuse-eap
    noauth (The ISP does not need to authenticate to us)

    Then it dials correctly but the CHAP authentication fails. Here a
    sample of the log:
    __________________________________________________ ______________________
    pppd 2.4.3 started by root, uid 0
    Using interface ppp0
    Connect: ppp0 <--> /dev/ttySL0
    ....
    rcvd [LCP ConfReq id=0x1 0x36343422> [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]

    sent [LCP ConfNak id=0x1 ]

    rcvd [LCP ConfReq id=0x2 0x36343422> [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]

    sent [LCP ConfAck id=0x2 0x36343422> [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]

    rcvd [CHAP Challenge id=0x0 <3a45558f98de528a88186e06619fc501>, name =
    "server_name"]

    sent [CHAP Response id=0x0 <3f79a345f5947f842ed7bc2e59acd6f3>, name =
    "user_name"]

    rcvd [CHAP Failure id=0x0 ""]

    CHAP authentication failed
    __________________________________________________ ______________________

    Where server_name and user_name stand for the real values. The point is
    that the same CHAP authentication in Windows with the same user_name
    and the same secret is working !
    I even have the /etc/ppp/chap-secrets file with this line:

    user_name server_name "secret" -

    So I can not understand why CHAP is failing here, is there any way to
    see which is the actual secret that my machine is using in the CHAP
    authentication ? Anyway I am sure is the correct secret then why could
    it be failing, the MD5 hash is done in a different way in the client
    and the server ???? I think that is not possible, isn't it ?

    Any idea will be appreciated.

    Thanks

    Dani


  5. Re: Configure ppp to Dial with call back

    Dani Camps wrote:
    > Thanks guys for the replies,


    > I fixed that Kppp was using the pppd2.4.2 instead of the 2.4.3, you
    > were right there were two versions installed.
    > I also fixed that when using Kppp pppd was not using the proper modem
    > device, now it is using it /dev/ttySL0.


    > I have this modem connection working in Windows so I did in Windows an
    > ethereal capture and I saw that what is being used is CHAP
    > authentication, so I configured Kppp to use CHAP. I configure Kppp to
    > run pppd with the following options:


    > ttySL0
    > refuse-eap
    > noauth (The ISP does not need to authenticate to us)


    The SL in ttySL0 relates to slmodem, I guess.

    > Then it dials correctly but the CHAP authentication fails. Here a
    > sample of the log:
    > __________________________________________________ ______________________
    > pppd 2.4.3 started by root, uid 0
    > Using interface ppp0
    > Connect: ppp0 <--> /dev/ttySL0
    > ...


    What you've left out could be significant. If pppd requested asyncmap 0
    (the pppd implementation default) and the peer accepted then the peer's
    ACCM - Asynchronous Character Control Map, or asyncmap - could be broken
    (it happens oftener than you might think) and cause the CHAP failure.

    If that did happen then I'd suggest using the pppd option

    asyncmap a0000

    in imitation of the peer's request seen below.

    > rcvd [LCP ConfReq id=0x1 > 0x36343422> > [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]


    If you are not doing Multilink PPP then I'd add the pppd nomp option.
    It will eliminate some negotiations and the seen in these
    messages.

    > sent [LCP ConfNak id=0x1 ]


    > rcvd [LCP ConfReq id=0x2 > 0x36343422> > [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]


    > sent [LCP ConfAck id=0x2 > 0x36343422> > [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]


    If you want a call back (ala CBCP) then you need to request that the peer
    call you back in this pppd script. There is a pppd callback option but
    it is undocumentated in the man pages and I've never used it. But I
    believe one form is

    callback number_to_call

    where number_to_call is your number.

    You'll need another script to answer the call back. Maybe it's the
    call-back script "they said was being used" in your first post, and
    maybe not. There's no sense in me speculating about how to handle
    the call back until you succeed in calling the workplace and actually
    get called back.

    > rcvd [CHAP Challenge id=0x0 <3a45558f98de528a88186e06619fc501>, name =
    > "server_name"]


    > sent [CHAP Response id=0x0 <3f79a345f5947f842ed7bc2e59acd6f3>, name =
    > "user_name"]


    > rcvd [CHAP Failure id=0x0 ""]


    > CHAP authentication failed
    > __________________________________________________ ______________________


    > Where server_name and user_name stand for the real values. The point is
    > that the same CHAP authentication in Windows with the same user_name
    > and the same secret is working !
    > I even have the /etc/ppp/chap-secrets file with this line:


    > user_name server_name "secret" -


    The "-" at the end may be a source of trouble (although not the current
    trouble). According to the pppd man pages it tells pppd to disallow all
    IP addresses for the "client" which, in the secrets file, really means
    the authenticatee: user_name. But it might just be a way of terminating
    the PPP link after authentication to allow the call back.

    > So I can not understand why CHAP is failing here, is there any way to
    > see which is the actual secret that my machine is using in the CHAP
    > authentication ? Anyway I am sure is the correct secret then why could
    > it be failing, the MD5 hash is done in a different way in the client
    > and the server ???? I think that is not possible, isn't it ?


    Why?: A broken ACCM in the peer PPP implementation, under the conditions
    described above, can cause CHAP failure. MD5 hash is MD5 hash, AFAIK.

    --
    Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"


  6. Re: Configure ppp to Dial with call back

    Thanks Clifford for the reply,

    I tried what you suggested, running pppd with the options

    asyncmap a000
    nomp

    In addition I have the options:
    ttySL0, refuse-eap, noauth

    But it keeps on failing, I attach the complete log:
    __________________________________________________ _____________________
    - pppd 2.4.3 started by root, uid 0

    - using channel 4

    - Using interface ppp0

    - Connect: ppp0 <--> /dev/ttySL0

    - sent [LCP ConfReq id=0x1
    ]

    - rcvd [LCP ConfReq id=0x0 0x5cef41cc> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    17 04 00 04>]

    - sent [LCP ConfRej id=0x0 < 17 04 00 04>]

    - rcvd [LCP ConfAck id=0x1
    ]

    - rcvd [LCP ConfReq id=0x1 0x5cef41cc> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    - sent [LCP ConfNak id=0x1 ]

    - rcvd [LCP ConfReq id=0x2 0x5cef41cc> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    - sent [LCP ConfAck id=0x2 0x5cef41cc> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    - rcvd [CHAP Challenge id=0x0 , name
    = "server_name"]

    - sent [CHAP Response id=0x0 <2ba04fbcddf776c1b565897ec6c9d8d3>, name =
    "user_name"]

    - rcvd [CHAP Failure id=0x0 ""]

    -CHAP authentication failed

    -sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]

    -rcvd [LCP TermReq id=0x4
    "\\\37777777757A\37777777714\000<\37777777715t\000\000\002\37777777663"]

    -sent [LCP TermAck id=0x4]

    -rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]

    -Connection terminated.

    -Exit.
    __________________________________________________ ______________________

    Do you have any idea of what else could be happening that makes CHAP to
    fail? I still using Kppp not my own dialing scripts but I don't thing
    that makes a difference since the only thing Kppp does is to call pppd.

    Could be something related with the Callback that is affecting the CHAP
    authentication ? There are some call back messages before the
    authentication.

    Thanks a lot

    Dani


  7. Re: Configure ppp to Dial with call back

    I found that when connecting against a Windows RAS if you want callback
    you must use a Windows propietary protocol called CBCP, ppp for linux
    does support this CBCP but it's not supported by default, so I hap to
    recompile pppd to add this support for CBCP.

    Now it is supported and I can use the callback option, everything is
    described here:
    http://www.mppmu.mpg.de/callback/linuxanalog.html

    I used the connection scripts they suggest in this page but the CHAP
    authentication keeps on failing :-(

    Here the current connection log:
    __________________________________________________ _____________________
    Serial connection established.

    using channel 15

    Using interface ppp0

    Connect: ppp0 <--> /dev/ttySL0

    sent [LCP ConfReq id=0x1 0x8b366639>
    ]

    rcvd [LCP ConfReq id=0x0 0xd820d7f> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    17 04 00 10>]

    sent [LCP ConfRej id=0x0 < 17 04 00 10>]

    rcvd [LCP ConfAck id=0x1 0x8b366639> ]

    rcvd [LCP ConfReq id=0x1 0xd820d7f> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    sent [LCP ConfNak id=0x1 ]

    rcvd [LCP ConfReq id=0x2 0xd820d7f> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    sent [LCP ConfAck id=0x2 0xd820d7f> [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]

    cbcp_lowerup

    want: 14

    rcvd [CHAP Challenge id=0x0 , name =
    "server_name"]

    sent [CHAP Response id=0x0 <3eb8c6914f68c6f523179798dc7786e5>, name =
    "user_name"]

    rcvd [CHAP Failure id=0x0 ""]

    CHAP authentication failed

    sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]

    rcvd [LCP TermReq id=0x4 0d 82 0d 7f 00 3c cd 74 00 00 02 b3]

    sent [LCP TermAck id=0x4]

    rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]

    Connection terminated.

    Could not negotiate Callback. RC=19
    __________________________________________________ ______________________
    I have the chap-secrets file configured and I have even tried using the
    password option, but it fails anyway.

    Any idea on what could be failing ?

    Thanks

    Dani


  8. Re: Configure ppp to Dial with call back

    Dani Camps wrote:
    > Thanks Clifford for the reply,


    > I tried what you suggested, running pppd with the options


    > asyncmap a000
    > nomp


    > In addition I have the options:
    > ttySL0, refuse-eap, noauth


    > But it keeps on failing, I attach the complete log:
    > __________________________________________________ _____________________
    > - pppd 2.4.3 started by root, uid 0


    > - using channel 4


    > - Using interface ppp0


    > - Connect: ppp0 <--> /dev/ttySL0


    > - sent [LCP ConfReq id=0x1
    > ]


    > - rcvd [LCP ConfReq id=0x0 > 0x5cef41cc> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    > 17 04 00 04>]


    > - sent [LCP ConfRej id=0x0 < 17 04 00 04>]


    Really curious, since in the previous log the peer didn't request
    , , or < 17 04 00 04>. Do you know why?

    Moreover, AIUI, it's pppd that should be requesting CBCP not the peer.
    The CBCP request should come from whichever side wants the other side
    to call it back. I could be wrong about that but I don't think so.

    Finally the Configure-Reject should have included the endpoint option,
    although I suppose that could be a bug in pppd 2.4.3.

    > - rcvd [LCP ConfAck id=0x1
    > ]


    > - rcvd [LCP ConfReq id=0x1 > 0x5cef41cc> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > - sent [LCP ConfNak id=0x1 ]


    > - rcvd [LCP ConfReq id=0x2 > 0x5cef41cc> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > - sent [LCP ConfAck id=0x2 > 0x5cef41cc> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > - rcvd [CHAP Challenge id=0x0 , name
    > = "server_name"]


    > - sent [CHAP Response id=0x0 <2ba04fbcddf776c1b565897ec6c9d8d3>, name =
    > "user_name"]


    > - rcvd [CHAP Failure id=0x0 ""]


    > -CHAP authentication failed


    > -sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]


    > -rcvd [LCP TermReq id=0x4
    > "\\\37777777757A\37777777714\000<\37777777715t\000\000\002\37777777663"]


    > -sent [LCP TermAck id=0x4]


    > -rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]


    > -Connection terminated.


    > -Exit.
    > __________________________________________________ ______________________


    > Do you have any idea of what else could be happening that makes CHAP to
    > fail? I still using Kppp not my own dialing scripts but I don't thing
    > that makes a difference since the only thing Kppp does is to call pppd.


    The obvious things that would cause CHAP authentication failure are
    that the username is wrong on one side or the other, or the secret
    is wrong on one side or the other. It could also fail if the peer
    doesn't have either one in it's CHAP secrets database.

    > Could be something related with the Callback that is affecting the CHAP
    > authentication ? There are some call back messages before the
    > authentication.


    Yes, I think that is another possibility. The side requesting CBCP
    may simply fail authentication because it expects to be called back
    and doesn't want to continue if CBCP is rejected, as was the case here.

    --
    Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"

  9. Re: Configure ppp to Dial with call back

    Dani Camps wrote:
    > I found that when connecting against a Windows RAS if you want callback
    > you must use a Windows propietary protocol called CBCP, ppp for linux
    > does support this CBCP but it's not supported by default, so I hap to
    > recompile pppd to add this support for CBCP.


    > Now it is supported and I can use the callback option, everything is
    > described here:
    > http://www.mppmu.mpg.de/callback/linuxanalog.html


    > I used the connection scripts they suggest in this page but the CHAP
    > authentication keeps on failing :-(


    > Here the current connection log:
    > __________________________________________________ _____________________
    > Serial connection established.


    > using channel 15


    > Using interface ppp0


    > Connect: ppp0 <--> /dev/ttySL0


    > sent [LCP ConfReq id=0x1 > 0x8b366639>
    > ]


    > rcvd [LCP ConfReq id=0x0 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    > 17 04 00 10>]


    Each side is asking for a call back. Does that make sense?!

    It becomes a guessing game for me now.

    > sent [LCP ConfRej id=0x0 < 17 04 00 10>]


    > rcvd [LCP ConfAck id=0x1 > 0x8b366639> ]


    > rcvd [LCP ConfReq id=0x1 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > sent [LCP ConfNak id=0x1 ]


    > rcvd [LCP ConfReq id=0x2 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > sent [LCP ConfAck id=0x2 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > cbcp_lowerup


    > want: 14


    > rcvd [CHAP Challenge id=0x0 , name =
    > "server_name"]


    > sent [CHAP Response id=0x0 <3eb8c6914f68c6f523179798dc7786e5>, name =
    > "user_name"]


    > rcvd [CHAP Failure id=0x0 ""]


    > CHAP authentication failed


    > sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]


    > rcvd [LCP TermReq id=0x4 0d 82 0d 7f 00 3c cd 74 00 00 02 b3]


    > sent [LCP TermAck id=0x4]


    > rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]


    > Connection terminated.


    > Could not negotiate Callback. RC=19
    > __________________________________________________ ______________________
    > I have the chap-secrets file configured and I have even tried using the
    > password option, but it fails anyway.


    > Any idea on what could be failing ?


    > Thanks


    > Dani



    --
    Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"
    PPP-Q&A links, downloads: http://ckite.no-ip.net/
    /* Editing with vi is a lot better than using a huge swiss army knife.
    Use =} to wrap paragraphs in vi. Or put map ^] !}fmt -72^M in
    ~/.exrc and use ^] to wrap to 72 columns or whatever you choose. */

  10. Re: Configure ppp to Dial with call back

    I sent an incomplete reply to this accidentally. Tried to cancel
    it after I realized what happened but canceling probably doesn't do
    much good. Sorry.

    Dani Camps wrote:
    > I found that when connecting against a Windows RAS if you want callback
    > you must use a Windows propietary protocol called CBCP, ppp for linux
    > does support this CBCP but it's not supported by default, so I hap to
    > recompile pppd to add this support for CBCP.


    > Now it is supported and I can use the callback option, everything is
    > described here:
    > http://www.mppmu.mpg.de/callback/linuxanalog.html


    I don't know whether this is specific for establishing a link between
    you and the other end or a generic recipe you found. I had forgotten
    about README.cbcp file found in the top directory of the pppd source.
    You might want to read that too if the above is a generic recipe.

    If it is specific for you and the other side then note the "0" (zero)
    in 0YOUR_NUMBER_HERE, it might be important. Or not, I've just never
    seen anything like that, or the "ext" in extYOURNAME.

    > I used the connection scripts they suggest in this page but the CHAP
    > authentication keeps on failing :-(


    > Here the current connection log:
    > __________________________________________________ _____________________
    > Serial connection established.


    > using channel 15


    > Using interface ppp0


    > Connect: ppp0 <--> /dev/ttySL0


    > sent [LCP ConfReq id=0x1 > 0x8b366639>
    > ]


    > rcvd [LCP ConfReq id=0x0 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    > 17 04 00 10>]


    Pppd now requests CBCP but the other end does too.

    > sent [LCP ConfRej id=0x0 < 17 04 00 10>]


    Pppd can only reject the other's CBCP request as before since pppd can
    only act as a CBCP-enabled client not a CBCP-enabled server.

    > rcvd [LCP ConfAck id=0x1 > 0x8b366639> ]


    The other side Acks the pppd LCP request, including the CBCP option.
    That's good, but the problem persists.

    > rcvd [LCP ConfReq id=0x1 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > sent [LCP ConfNak id=0x1 ]


    > rcvd [LCP ConfReq id=0x2 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > sent [LCP ConfAck id=0x2 > 0xd820d7f> > [local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    > cbcp_lowerup


    > want: 14


    > rcvd [CHAP Challenge id=0x0 , name =
    > "server_name"]


    > sent [CHAP Response id=0x0 <3eb8c6914f68c6f523179798dc7786e5>, name =
    > "user_name"]


    > rcvd [CHAP Failure id=0x0 ""]


    > CHAP authentication failed


    The CHAP failure causes termination of PPP negotiations, as it should.

    > sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]


    > rcvd [LCP TermReq id=0x4 0d 82 0d 7f 00 3c cd 74 00 00 02 b3]


    > sent [LCP TermAck id=0x4]


    > rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]


    > Connection terminated.


    > Could not negotiate Callback. RC=19
    > __________________________________________________ ______________________
    > I have the chap-secrets file configured and I have even tried using the
    > password option, but it fails anyway.


    > Any idea on what could be failing ?


    Sorry, none other than those previously mentioned.

    --
    Clifford Kite Email: "echo xvgr_yvahk-ccc@ri1.arg|rot13"
    /* The generation of random numbers is too important to be left
    to chance. */

  11. Re: Configure ppp to Dial with call back

    "Dani Camps" writes:

    >Hi all,


    >I am trying to configure pppd to dial to an ISP (actually my company)
    >that has to give me the call back.
    >I have no experience with ppp so after getting the modem to work I
    >decided to try kppp. I am using Fedora Core 3 and gnome.


    >The problem I have with kppp is the following:


    >1-I configure the connection and I detect the modem correctly
    >2-I select to use PAP/CHAP authentication
    >3-The modem dials correctly and after getting the CONNECT kppp starts
    >pppd, then suddenly pppd dies and I get the following log:


    You need to put
    debug
    into /etc/ppp/options and then put the line
    local2.*;daemon.* /var/log/ppplog
    and tehn do
    killall -1 syslogd
    Then post the output from a pppd connection attempt.



    >"
    >Aug 11 18:03:28 localhost pppd[7147]: pppd 2.4.2 started by root, uid 0
    >Aug 11 18:03:28 localhost pppd[7147]: Using interface ppp0
    >Aug 11 18:03:28 localhost pppd[7147]: Connect: ppp0 <--> /dev/pts/1
    >Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    >25; Naking
    >Aug 11 18:03:29 localhost pppd[7147]: EAP: unknown authentication type
    >13; Naking
    >Aug 11 18:03:30 localhost pppd[7147]: EAP: peer reports authentication
    >failure
    >Aug 11 18:03:30 localhost pppd[7147]: Connection terminated.
    >Aug 11 18:03:30 localhost pppd[7147]: Exit


    >"


    >So the NAS in my company side is using EAP, and I think that what this
    >log means is that pppd does not understand the authentication that is
    >being used over EAP. I read that pppd.2.4.3 includes support for
    >MS-CHAP and I think this is what is being used because for sure the NAS
    >in my company side is an NT or Win 2003 server, hence I downloaded and
    >installed from the sources the pppd 2.4.3. Actually if I log as root
    >and I type:


    >#pppd --version
    >I get:
    >pppd version 2.4.3


    >So pppd 2.4.3 seems to be correctly installed, then I don't understand
    >why in the kppp log it keeps on appearing:


    >"pppd 2.4.2 started by root, uid 0" (check the first line of the log)


    >This is the first question:
    >-Why kppp is not using ppp 2.4.3 and keeps on using the previously
    >installed version ?


    Try reading www.theory.phsyics.ubc.ca/ppp-linux.html



    >Anyway I tried to configure the dial scripts on my own
    >As a ppp script I have ppp_up:


    >"
    >modem 460800 crtscts
    >connect '/usr/sbin/chat -v -f /etc/ppp/chat/isp'
    >defaultroute
    >user my_user_name
    >"


    >In /etc/ppp/peers, then I run "pppd call ppp_up"


    >And I tried to possible dialing scripts (/etc/ppp/chat/isp):


    >1-The first one is the one that appears in the pppd page, example
    >section:


    >ABORT "NO CARRIER"
    >ABORT "NO DIALTONE"
    >ABORT "ERROR"
    >ABORT "NO ANSWER"
    >ABORT "BUSY"
    >TIMEOUT 90
    >REPORT CARRIER
    >"" at
    >OK "atw1&d0&c1"
    >OK
    >atdt${ISP_number}
    >"~"


    >2-The second one is one I found in the internet they said was being
    >used to configure the call back:


    >'' AT
    >OK 'AT${MODEM_INIT}'
    >OK ATDT${ISP_PHONE}
    >name: ${USER_NAME}
    >word: ${USER_PASSWORD}
    >back ATH
    >TIMEOUT 90
    >RING ATA
    >'>' ppp


    >with:
    >MODEM_INIT="'AT&B1&D2&H1S0=0S10=50V1E1Q0'"


    >None of the dialing scripts is working for me, when I run pppd for any
    >of the scripts I only see in the console written "AT" (the first
    >command) and after a while pppd dies and I can not type in the console
    >anymore.


    >Enabling the debug or logfile options I get:


    >"Connect script failed"


    >For any of the dialing scripts.


    >So I don't know where is the mistake. Can you provide me a bit of light
    >on this, or tell me where can I find a script that correctly configures
    >the call back ?


    >PS: I have a winmodem and I am using the snd_intel8x0m module and the
    >slmodem-2.9.9d-alsa drivers. But as I said the modem does not seem to
    >be the problem.


    It could be the modem. Note that you cannot simply copy connect scripts
    from teh net. They have to use the at commands your modem understands

  12. Re: Configure ppp to Dial with call back

    "Dani Camps" writes:

    >Thanks Clifford for the reply,


    >I tried what you suggested, running pppd with the options


    >asyncmap a000


    Uh, he said asyncmap a0000
    NOT asyncmap a000
    They are different. Very different.

    >nomp


    >In addition I have the options:
    >ttySL0, refuse-eap, noauth


    >But it keeps on failing, I attach the complete log:
    >__________________________________________________ _____________________
    >- pppd 2.4.3 started by root, uid 0


    >- using channel 4


    >- Using interface ppp0


    >- Connect: ppp0 <--> /dev/ttySL0


    >- sent [LCP ConfReq id=0x1
    > ]


    Ah, seems the above was a typo.


    >- rcvd [LCP ConfReq id=0x0 >0x5cef41cc> >[local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]> <
    >17 04 00 04>]


    >- sent [LCP ConfRej id=0x0 < 17 04 00 04>]


    >- rcvd [LCP ConfAck id=0x1
    > ]


    >- rcvd [LCP ConfReq id=0x1 >0x5cef41cc> >[local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    >- sent [LCP ConfNak id=0x1 ]


    >- rcvd [LCP ConfReq id=0x2 >0x5cef41cc> >[local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    >- sent [LCP ConfAck id=0x2 >0x5cef41cc> >[local:13.a7.bf.68.eb.6c.41.07.a2.55.d2.fb.c5.24.78 .da.00.00.00.00]>]


    >- rcvd [CHAP Challenge id=0x0 , name
    >= "server_name"]


    >- sent [CHAP Response id=0x0 <2ba04fbcddf776c1b565897ec6c9d8d3>, name =
    >"user_name"]


    >- rcvd [CHAP Failure id=0x0 ""]


    >-CHAP authentication failed


    >-sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]


    >-rcvd [LCP TermReq id=0x4
    >"\\\37777777757A\37777777714\000<\37777777715t\000\000\002\37777777663"]


    >-sent [LCP TermAck id=0x4]


    >-rcvd [LCP TermAck id=0x2 "Failed to authenticate ourselves to peer"]


    >-Connection terminated.


    >-Exit.
    >__________________________________________________ ______________________


    >Do you have any idea of what else could be happening that makes CHAP to
    >fail? I still using Kppp not my own dialing scripts but I don't thing
    >that makes a difference since the only thing Kppp does is to call pppd.


    The far side does not like either your username or your password. You have
    to take that up with your ISP. there is nothing we can do to fix that.



    >Could be something related with the Callback that is affecting the CHAP
    >authentication ? There are some call back messages before the
    >authentication.


    No.

    >Thanks a lot


    >Dani



  13. Re: Configure ppp to Dial with call back

    Dani Camps wrote:
    > rcvd [LCP ConfReq id=0x2 > 0x36343422> > [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]
    >
    > sent [LCP ConfAck id=0x2 > 0x36343422> > [local:6d.8e.2b.3f.45.da.46.ca.ac.4f.95.03.2d.b7.26 .c1.00.00.00.00]>]
    >
    > rcvd [CHAP Challenge id=0x0 <3a45558f98de528a88186e06619fc501>, name =
    > "server_name"]
    >
    > sent [CHAP Response id=0x0 <3f79a345f5947f842ed7bc2e59acd6f3>, name =
    > "user_name"]
    >
    > rcvd [CHAP Failure id=0x0 ""]

    ... maybe you should get some chap patch to pppd?
    There is plenty CHAP's;-) Regards
    Adam Przybyla

  14. Re: Configure ppp to Dial with call back

    Unruh wrote:
    > "Dani Camps" writes:
    >
    >>Hi all,

    >
    >>I am trying to configure pppd to dial to an ISP (actually my company)
    >>that has to give me the call back.
    >>I have no experience with ppp so after getting the modem to work I
    >>decided to try kppp. I am using Fedora Core 3 and gnome.

    >
    >>The problem I have with kppp is the following:

    >
    >>1-I configure the connection and I detect the modem correctly
    >>2-I select to use PAP/CHAP authentication
    >>3-The modem dials correctly and after getting the CONNECT kppp starts
    >>pppd, then suddenly pppd dies and I get the following log:

    >
    > You need to put
    > debug
    > into /etc/ppp/options and then put the line
    > local2.*;daemon.* /var/log/ppplog
    > and tehn do
    > killall -1 syslogd

    ... and try this patch:
    http://www.shorewall.net/pub/shorewa...2-fix.patch.gz
    Regards
    Adam Przybyla

  15. Re: Configure ppp to Dial with call back

    Thanks for replaying,

    I was told pppd should support mschap and encrypted passwords in order
    for the authentication to work. Is this supported by default in
    pppd2.4.3 or how can I check whether this is supported or not ?

    Thanks


+ Reply to Thread