Как настроить PPTP client в pfSense 2.0?
-
нужно чтобы pfSense сервер через ADSL-модем конектился на PPTP-сервер провайдера, и уже через этот впн натил юзеров.
если для проверки на WAN интерфейсе выбрать статический адрес и указать ADSL-модем как гейт, то из лана можно стандартным клиентом Windows законектится на PPTP-сервер провайдера.
пробовал на WAN интерфейсе выбрать тип интерфейса PPTP, но линк не поднимается.
тут (http://doc.pfsense.org/index.php/Can_I_use_pfSense's_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F) написано что PPTP на WAN интерфейсе был какойто нестандартный в pfSense 1.2.3, неужели в 2.0 такойже остался ???гдето видел совет делать PPTP-линк через mpd или pptpclient, но с какой стороны к ним подходить не знаю.
подскажите пошаговую инструкцию?
pfSense 2.0-BETA1, built on Sun Apr 4 07:58:41 EDT 2010, FreeBSD 8.0-STABLE
icq# 81-724-064
-
в Status - System logs такие сообщения повторяются много раз:
Apr 13 15:08:25 opt1: Multi-link PPP daemon for FreeBSD
Apr 13 15:08:25 opt1:
Apr 13 15:08:25 opt1: process 1279 started, version 5.5 (root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org 19:51 31-Mar-2010)
Apr 13 15:08:25 opt1: web: web is not running
Apr 13 15:08:25 opt1: [opt1] Bundle: Interface ng0 created
Apr 13 15:08:25 opt1: mpd_opt1.conf:19: Incorrect context for: 'set bundle no noretry'
Apr 13 15:08:25 opt1: [opt1L1] Link: OPEN event
Apr 13 15:08:25 opt1: [opt1L1] LCP: Open event
Apr 13 15:08:25 opt1: [opt1L1] LCP: state change Initial –> Starting
Apr 13 15:08:25 opt1: [opt1L1] LCP: LayerStart
Apr 13 15:08:25 opt1: caught fatal signal term
Apr 13 15:08:25 opt1: [opt1] IFACE: Close event
Apr 13 15:08:25 opt1: [opt1] IPCP: Close event
Apr 13 15:08:27 opt1: [opt1] Bundle: Shutdown
Apr 13 15:08:27 opt1: [opt1L1] Link: Shutdown
Apr 13 15:08:27 opt1: process 1279 terminatedеще есть такие:
Apr 13 15:25:49 opt1: Multi-link PPP daemon for FreeBSD
Apr 13 15:25:49 opt1:
Apr 13 15:25:49 opt1: process 60336 started, version 5.5 (root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org 19:51 31-Mar-2010)
Apr 13 15:25:49 opt1: web: web is not running
Apr 13 15:25:49 opt1: [opt1] Bundle: Interface ng0 created
Apr 13 15:25:49 opt1: mpd_opt1.conf:19: Incorrect context for: 'set bundle no noretry'
Apr 13 15:25:49 kernel: ng0: changing name to 'pptp1'
Apr 13 15:25:49 opt1: [opt1L1] Link: OPEN event
Apr 13 15:25:49 opt1: [opt1L1] LCP: Open event
Apr 13 15:25:49 opt1: [opt1L1] LCP: state change Initial –> Starting
Apr 13 15:25:49 opt1: [opt1L1] LCP: LayerStartApr 13 15:25:53 apinger: Starting Alarm Pinger, apinger(3859)
Apr 13 15:25:55 check_reload_status: syncing firewall
Apr 13 15:25:57 check_reload_status: reloading filter
Apr 13 15:26:03 apinger: ALARM: GW_OPT1(127.0.0.2) *** down ***
Apr 13 15:26:18 check_reload_status: reloading filterApr 13 15:27:04 opt1: [opt1L1] PPTP call failed
Apr 13 15:27:04 opt1: [opt1L1] Link: DOWN event
Apr 13 15:27:04 opt1: [opt1L1] LCP: Down event
Apr 13 15:27:04 opt1: [opt1L1] Link: reconnection attempt 1 in 4 seconds
Apr 13 15:27:08 opt1: [opt1L1] Link: reconnection attempt 1Apr 13 15:28:23 opt1: [opt1L1] PPTP call failed
Apr 13 15:28:23 opt1: [opt1L1] Link: DOWN event
Apr 13 15:28:23 opt1: [opt1L1] LCP: Down event
Apr 13 15:28:23 opt1: [opt1L1] Link: reconnection attempt 2 in 1 seconds
Apr 13 15:28:24 opt1: [opt1L1] Link: reconnection attempt 2…
-
после добавления маршрута к серверу стало лучше:
Apr 13 17:03:42 wan: [wanL1] Link: reconnection attempt 23
Apr 13 17:03:42 wan: [wanL1] PPTP call successful
Apr 13 17:03:42 wan: [wanL1] Link: UP event
Apr 13 17:03:42 wan: [wanL1] LCP: Up event
Apr 13 17:03:42 wan: [wanL1] LCP: state change Starting –> Req-Sent
Apr 13 17:03:42 wan: [wanL1] LCP: SendConfigReq #70
Apr 13 17:03:42 wan: [wanL1] ACCMAP 0x000a0000
Apr 13 17:03:42 wan: [wanL1] MRU 1500
Apr 13 17:03:42 wan: [wanL1] MAGICNUM 98b1d095
Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Configure Request #1 (Req-Sent)
Apr 13 17:03:42 wan: [wanL1] MRU 1460
Apr 13 17:03:42 wan: [wanL1] AUTHPROTO CHAP MD5
Apr 13 17:03:42 wan: [wanL1] MAGICNUM 049f5c02
Apr 13 17:03:42 wan: [wanL1] LCP: SendConfigAck #1
Apr 13 17:03:42 wan: [wanL1] MRU 1460
Apr 13 17:03:42 wan: [wanL1] AUTHPROTO CHAP MD5
Apr 13 17:03:42 wan: [wanL1] MAGICNUM 049f5c02
Apr 13 17:03:42 wan: [wanL1] LCP: state change Req-Sent –> Ack-Sent
Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Configure Ack #70 (Ack-Sent)
Apr 13 17:03:42 wan: [wanL1] ACCMAP 0x000a0000
Apr 13 17:03:42 wan: [wanL1] MRU 1500
Apr 13 17:03:42 wan: [wanL1] MAGICNUM 98b1d095
Apr 13 17:03:42 wan: [wanL1] LCP: state change Ack-Sent –> Opened
Apr 13 17:03:42 wan: [wanL1] LCP: auth: peer wants CHAP, I want nothing
Apr 13 17:03:42 wan: [wanL1] LCP: LayerUp
Apr 13 17:03:42 wan: [wanL1] CHAP: rec'd CHALLENGE #1 len: 27
Apr 13 17:03:42 wan: [wanL1] Name: "cs7206"
Apr 13 17:03:42 wan: [wanL1] CHAP: Using authname "oe63762"
Apr 13 17:03:42 wan: [wanL1] CHAP: sending RESPONSE #1 len: 28
Apr 13 17:03:42 wan: [wanL1] CHAP: rec'd FAILURE #1 len: 25
Apr 13 17:03:42 wan: [wanL1] MESG: Authentication failed
Apr 13 17:03:42 wan: [wanL1] LCP: authorization failed
Apr 13 17:03:42 wan: [wanL1] LCP: parameter negotiation failed
Apr 13 17:03:42 wan: [wanL1] LCP: state change Opened –> Stopping
Apr 13 17:03:42 wan: [wanL1] LCP: SendTerminateReq #71
Apr 13 17:03:42 wan: [wanL1] LCP: LayerDown
Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Terminate Request #2 (Stopping)
Apr 13 17:03:42 wan: [wanL1] LCP: SendTerminateAck #72
Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Terminate Ack #71 (Stopping)
Apr 13 17:03:42 wan: [wanL1] LCP: state change Stopping –> Stopped
Apr 13 17:03:42 wan: [wanL1] LCP: LayerFinish
Apr 13 17:03:42 wan: [wanL1] PPTP call terminated
Apr 13 17:03:42 wan: [wanL1] Link: DOWN event
Apr 13 17:03:42 wan: [wanL1] LCP: Down event
Apr 13 17:03:42 wan: [wanL1] LCP: state change Stopped –> Starting
Apr 13 17:03:42 wan: [wanL1] LCP: LayerStart
Apr 13 17:03:42 wan: [wanL1] Link: reconnection attempt 24 in 4 secondsэто чтото с протоколом авторизации?
сам сервер работает по простому CHAP и без шифрования
может гдето в /var/etc/mpd_wan.conf надо шифрование отключить?
-
для проверки поднял локальный PPTP сервер на винде, но все равно не коннектится:
Apr 13 22:32:46 wan: [wanL1] Link: reconnection attempt 2018
Apr 13 22:32:46 wan: [wanL1] PPTP call successful
Apr 13 22:32:46 wan: [wanL1] Link: UP event
Apr 13 22:32:46 wan: [wanL1] LCP: Up event
Apr 13 22:32:46 wan: [wanL1] LCP: state change Starting –> Req-Sent
Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigReq #197
Apr 13 22:32:46 wan: [wanL1] ACCMAP 0x000a0000
Apr 13 22:32:46 wan: [wanL1] MRU 1500
Apr 13 22:32:46 wan: [wanL1] MAGICNUM 9d44088f
Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Request #0 (Req-Sent)
Apr 13 22:32:46 wan: [wanL1] MRU 1400
Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
Apr 13 22:32:46 wan: [wanL1] PROTOCOMP
Apr 13 22:32:46 wan: [wanL1] ACFCOMP
Apr 13 22:32:46 wan: [wanL1] CALLBACK 6
Apr 13 22:32:46 wan: [wanL1] MP MRRU 1614
Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
Apr 13 22:32:46 wan: [wanL1] BACP
Apr 13 22:32:46 wan: [wanL1] Not supported
Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigRej #0
Apr 13 22:32:46 wan: [wanL1] PROTOCOMP
Apr 13 22:32:46 wan: [wanL1] ACFCOMP
Apr 13 22:32:46 wan: [wanL1] CALLBACK 6
Apr 13 22:32:46 wan: [wanL1] MP MRRU 1614
Apr 13 22:32:46 wan: [wanL1] BACP
Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Ack #197 (Req-Sent)
Apr 13 22:32:46 wan: [wanL1] ACCMAP 0x000a0000
Apr 13 22:32:46 wan: [wanL1] MRU 1500
Apr 13 22:32:46 wan: [wanL1] MAGICNUM 9d44088f
Apr 13 22:32:46 wan: [wanL1] LCP: state change Req-Sent –> Ack-Rcvd
Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Request #1 (Ack-Rcvd)
Apr 13 22:32:46 wan: [wanL1] MRU 1400
Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigAck #1
Apr 13 22:32:46 wan: [wanL1] MRU 1400
Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
Apr 13 22:32:46 wan: [wanL1] LCP: state change Ack-Rcvd –> Opened
Apr 13 22:32:46 wan: [wanL1] LCP: auth: peer wants CHAP, I want nothing
Apr 13 22:32:46 wan: [wanL1] LCP: LayerUp
Apr 13 22:32:46 wan: [wanL1] CHAP: rec'd CHALLENGE #0 len: 25
Apr 13 22:32:46 wan: [wanL1] Name: "testServer"
Apr 13 22:32:46 wan: [wanL1] CHAP: Using authname "testUser"
Apr 13 22:32:46 wan: [wanL1] CHAP: sending RESPONSE #0 len: 62
Apr 13 22:32:46 wan: [wanL1] CHAP: rec'd SUCCESS #0 len: 46
Apr 13 22:32:46 wan: [wanL1] MESG: S=42B5D5524F105F99382DE275BD741B0C627FA9AA
Apr 13 22:32:46 wan: [wanL1] LCP: authorization successful
Apr 13 22:32:46 wan: [wanL1] Link: No actions defined
Apr 13 22:32:46 wan: [wanL1] No bundle specified
Apr 13 22:32:46 wan: [wanL1] link did not validate in bundle
Apr 13 22:32:46 wan: [wanL1] LCP: parameter negotiation failed
Apr 13 22:32:46 wan: [wanL1] LCP: state change Opened –> Stopping
Apr 13 22:32:46 wan: [wanL1] LCP: SendTerminateReq #198
Apr 13 22:32:46 wan: [wanL1] LCP: LayerDown
Apr 13 22:32:46 wan: [wanL1] rec'd proto CCP during terminate phase
Apr 13 22:32:46 wan: [wanL1] rec'd proto IPCP during terminate phase
Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Terminate Ack #198 (Stopping)
Apr 13 22:32:46 wan: [wanL1] LCP: state change Stopping –> Stopped
Apr 13 22:32:46 wan: [wanL1] LCP: LayerFinish
Apr 13 22:32:46 wan: [wanL1] PPTP call terminated
Apr 13 22:32:46 wan: [wanL1] Link: DOWN event
Apr 13 22:32:46 wan: [wanL1] LCP: Down event
Apr 13 22:32:46 wan: [wanL1] LCP: state change Stopped –> Starting
Apr 13 22:32:46 wan: [wanL1] LCP: LayerStart
Apr 13 22:32:46 wan: [wanL1] Link: reconnection attempt 2019 in 3 secondsпочему так?
-
вы пилот-испытатель? зачем вам бета-версия?
если вы не хотите отлавливать и править баги (а вы явно сами этого не хотите), то не используйте такие версии