4. Как настроить PPTP client в pfSense 2.0?

Как настроить PPTP client в pfSense 2.0?

  • M

    нужно чтобы pfSense сервер через ADSL-модем конектился на PPTP-сервер провайдера, и уже через этот впн натил юзеров.

    если для проверки на WAN интерфейсе выбрать статический адрес и указать ADSL-модем как гейт, то из лана можно стандартным клиентом Windows законектится на PPTP-сервер провайдера.

    пробовал на WAN интерфейсе выбрать тип интерфейса PPTP, но линк не поднимается.
    тут (http://doc.pfsense.org/index.php/Can_I_use_pfSense's_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F) написано что PPTP на WAN интерфейсе был какойто нестандартный в pfSense 1.2.3, неужели в 2.0 такойже остался  ???

    гдето видел совет делать PPTP-линк через mpd или pptpclient, но с какой стороны к ним подходить не знаю.
    подскажите пошаговую инструкцию?
    pfSense 2.0-BETA1, built on Sun Apr 4 07:58:41 EDT 2010, FreeBSD 8.0-STABLE
    icq# 81-724-064

    0
  • M

    в Status - System logs такие сообщения повторяются много раз:
    Apr 13 15:08:25 opt1: Multi-link PPP daemon for FreeBSD
    Apr 13 15:08:25 opt1:
    Apr 13 15:08:25 opt1: process 1279 started, version 5.5 (root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org 19:51 31-Mar-2010)
    Apr 13 15:08:25 opt1: web: web is not running
    Apr 13 15:08:25 opt1: [opt1] Bundle: Interface ng0 created
    Apr 13 15:08:25 opt1: mpd_opt1.conf:19: Incorrect context for: 'set bundle no noretry'
    Apr 13 15:08:25 opt1: [opt1L1] Link: OPEN event
    Apr 13 15:08:25 opt1: [opt1L1] LCP: Open event
    Apr 13 15:08:25 opt1: [opt1L1] LCP: state change Initial –> Starting
    Apr 13 15:08:25 opt1: [opt1L1] LCP: LayerStart
    Apr 13 15:08:25 opt1: caught fatal signal term
    Apr 13 15:08:25 opt1: [opt1] IFACE: Close event
    Apr 13 15:08:25 opt1: [opt1] IPCP: Close event
    Apr 13 15:08:27 opt1: [opt1] Bundle: Shutdown
    Apr 13 15:08:27 opt1: [opt1L1] Link: Shutdown
    Apr 13 15:08:27 opt1: process 1279 terminated

    еще есть такие:
    Apr 13 15:25:49 opt1: Multi-link PPP daemon for FreeBSD
    Apr 13 15:25:49 opt1:
    Apr 13 15:25:49 opt1: process 60336 started, version 5.5 (root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org 19:51 31-Mar-2010)
    Apr 13 15:25:49 opt1: web: web is not running
    Apr 13 15:25:49 opt1: [opt1] Bundle: Interface ng0 created
    Apr 13 15:25:49 opt1: mpd_opt1.conf:19: Incorrect context for: 'set bundle no noretry'
    Apr 13 15:25:49 kernel: ng0: changing name to 'pptp1'
    Apr 13 15:25:49 opt1: [opt1L1] Link: OPEN event
    Apr 13 15:25:49 opt1: [opt1L1] LCP: Open event
    Apr 13 15:25:49 opt1: [opt1L1] LCP: state change Initial –> Starting
    Apr 13 15:25:49 opt1: [opt1L1] LCP: LayerStart

    Apr 13 15:25:53 apinger: Starting Alarm Pinger, apinger(3859)
    Apr 13 15:25:55 check_reload_status: syncing firewall
    Apr 13 15:25:57 check_reload_status: reloading filter
    Apr 13 15:26:03 apinger: ALARM: GW_OPT1(127.0.0.2) *** down ***
    Apr 13 15:26:18 check_reload_status: reloading filter

    Apr 13 15:27:04 opt1: [opt1L1] PPTP call failed
    Apr 13 15:27:04 opt1: [opt1L1] Link: DOWN event
    Apr 13 15:27:04 opt1: [opt1L1] LCP: Down event
    Apr 13 15:27:04 opt1: [opt1L1] Link: reconnection attempt 1 in 4 seconds
    Apr 13 15:27:08 opt1: [opt1L1] Link: reconnection attempt 1

    Apr 13 15:28:23 opt1: [opt1L1] PPTP call failed
    Apr 13 15:28:23 opt1: [opt1L1] Link: DOWN event
    Apr 13 15:28:23 opt1: [opt1L1] LCP: Down event
    Apr 13 15:28:23 opt1: [opt1L1] Link: reconnection attempt 2 in 1 seconds
    Apr 13 15:28:24 opt1: [opt1L1] Link: reconnection attempt 2

    0
  • M

    после добавления маршрута к серверу стало лучше:
    Apr 13 17:03:42 wan: [wanL1] Link: reconnection attempt 23
    Apr 13 17:03:42 wan: [wanL1] PPTP call successful
    Apr 13 17:03:42 wan: [wanL1] Link: UP event
    Apr 13 17:03:42 wan: [wanL1] LCP: Up event
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Starting –> Req-Sent
    Apr 13 17:03:42 wan: [wanL1] LCP: SendConfigReq #70
    Apr 13 17:03:42 wan: [wanL1] ACCMAP 0x000a0000
    Apr 13 17:03:42 wan: [wanL1] MRU 1500
    Apr 13 17:03:42 wan: [wanL1] MAGICNUM 98b1d095
    Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Configure Request #1 (Req-Sent)
    Apr 13 17:03:42 wan: [wanL1] MRU 1460
    Apr 13 17:03:42 wan: [wanL1] AUTHPROTO CHAP MD5
    Apr 13 17:03:42 wan: [wanL1] MAGICNUM 049f5c02
    Apr 13 17:03:42 wan: [wanL1] LCP: SendConfigAck #1
    Apr 13 17:03:42 wan: [wanL1] MRU 1460
    Apr 13 17:03:42 wan: [wanL1] AUTHPROTO CHAP MD5
    Apr 13 17:03:42 wan: [wanL1] MAGICNUM 049f5c02
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Req-Sent –> Ack-Sent
    Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Configure Ack #70 (Ack-Sent)
    Apr 13 17:03:42 wan: [wanL1] ACCMAP 0x000a0000
    Apr 13 17:03:42 wan: [wanL1] MRU 1500
    Apr 13 17:03:42 wan: [wanL1] MAGICNUM 98b1d095
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Ack-Sent –> Opened
    Apr 13 17:03:42 wan: [wanL1] LCP: auth: peer wants CHAP, I want nothing
    Apr 13 17:03:42 wan: [wanL1] LCP: LayerUp
    Apr 13 17:03:42 wan: [wanL1] CHAP: rec'd CHALLENGE #1 len: 27
    Apr 13 17:03:42 wan: [wanL1] Name: "cs7206"
    Apr 13 17:03:42 wan: [wanL1] CHAP: Using authname "oe63762"
    Apr 13 17:03:42 wan: [wanL1] CHAP: sending RESPONSE #1 len: 28
    Apr 13 17:03:42 wan: [wanL1] CHAP: rec'd FAILURE #1 len: 25
    Apr 13 17:03:42 wan: [wanL1] MESG: Authentication failed
    Apr 13 17:03:42 wan: [wanL1] LCP: authorization failed
    Apr 13 17:03:42 wan: [wanL1] LCP: parameter negotiation failed
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Opened –> Stopping
    Apr 13 17:03:42 wan: [wanL1] LCP: SendTerminateReq #71
    Apr 13 17:03:42 wan: [wanL1] LCP: LayerDown
    Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Terminate Request #2 (Stopping)
    Apr 13 17:03:42 wan: [wanL1] LCP: SendTerminateAck #72
    Apr 13 17:03:42 wan: [wanL1] LCP: rec'd Terminate Ack #71 (Stopping)
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Stopping –> Stopped
    Apr 13 17:03:42 wan: [wanL1] LCP: LayerFinish
    Apr 13 17:03:42 wan: [wanL1] PPTP call terminated
    Apr 13 17:03:42 wan: [wanL1] Link: DOWN event
    Apr 13 17:03:42 wan: [wanL1] LCP: Down event
    Apr 13 17:03:42 wan: [wanL1] LCP: state change Stopped –> Starting
    Apr 13 17:03:42 wan: [wanL1] LCP: LayerStart
    Apr 13 17:03:42 wan: [wanL1] Link: reconnection attempt 24 in 4 seconds

    это чтото с протоколом авторизации?
    сам сервер работает по простому CHAP и без шифрования
    может гдето в /var/etc/mpd_wan.conf надо шифрование отключить?

    0
  • M

    для проверки поднял локальный PPTP сервер на винде, но все равно не коннектится:
    Apr 13 22:32:46 wan: [wanL1] Link: reconnection attempt 2018
    Apr 13 22:32:46 wan: [wanL1] PPTP call successful
    Apr 13 22:32:46 wan: [wanL1] Link: UP event
    Apr 13 22:32:46 wan: [wanL1] LCP: Up event
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Starting –> Req-Sent
    Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigReq #197
    Apr 13 22:32:46 wan: [wanL1] ACCMAP 0x000a0000
    Apr 13 22:32:46 wan: [wanL1] MRU 1500
    Apr 13 22:32:46 wan: [wanL1] MAGICNUM 9d44088f
    Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Request #0 (Req-Sent)
    Apr 13 22:32:46 wan: [wanL1] MRU 1400
    Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
    Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
    Apr 13 22:32:46 wan: [wanL1] PROTOCOMP
    Apr 13 22:32:46 wan: [wanL1] ACFCOMP
    Apr 13 22:32:46 wan: [wanL1] CALLBACK 6
    Apr 13 22:32:46 wan: [wanL1] MP MRRU 1614
    Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
    Apr 13 22:32:46 wan: [wanL1] BACP
    Apr 13 22:32:46 wan: [wanL1] Not supported
    Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigRej #0
    Apr 13 22:32:46 wan: [wanL1] PROTOCOMP
    Apr 13 22:32:46 wan: [wanL1] ACFCOMP
    Apr 13 22:32:46 wan: [wanL1] CALLBACK 6
    Apr 13 22:32:46 wan: [wanL1] MP MRRU 1614
    Apr 13 22:32:46 wan: [wanL1] BACP
    Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Ack #197 (Req-Sent)
    Apr 13 22:32:46 wan: [wanL1] ACCMAP 0x000a0000
    Apr 13 22:32:46 wan: [wanL1] MRU 1500
    Apr 13 22:32:46 wan: [wanL1] MAGICNUM 9d44088f
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Req-Sent –> Ack-Rcvd
    Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Configure Request #1 (Ack-Rcvd)
    Apr 13 22:32:46 wan: [wanL1] MRU 1400
    Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
    Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
    Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
    Apr 13 22:32:46 wan: [wanL1] LCP: SendConfigAck #1
    Apr 13 22:32:46 wan: [wanL1] MRU 1400
    Apr 13 22:32:46 wan: [wanL1] AUTHPROTO CHAP MSOFTv2
    Apr 13 22:32:46 wan: [wanL1] MAGICNUM 3d2d01c8
    Apr 13 22:32:46 wan: [wanL1] ENDPOINTDISC [LOCAL] 46 e6 5e 9c 8c 6f 49 8f 9a cc 3d 43 da f4 42 1b 00 00 0
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Ack-Rcvd –> Opened
    Apr 13 22:32:46 wan: [wanL1] LCP: auth: peer wants CHAP, I want nothing
    Apr 13 22:32:46 wan: [wanL1] LCP: LayerUp
    Apr 13 22:32:46 wan: [wanL1] CHAP: rec'd CHALLENGE #0 len: 25
    Apr 13 22:32:46 wan: [wanL1] Name: "testServer"
    Apr 13 22:32:46 wan: [wanL1] CHAP: Using authname "testUser"
    Apr 13 22:32:46 wan: [wanL1] CHAP: sending RESPONSE #0 len: 62
    Apr 13 22:32:46 wan: [wanL1] CHAP: rec'd SUCCESS #0 len: 46
    Apr 13 22:32:46 wan: [wanL1] MESG: S=42B5D5524F105F99382DE275BD741B0C627FA9AA
    Apr 13 22:32:46 wan: [wanL1] LCP: authorization successful
    Apr 13 22:32:46 wan: [wanL1] Link: No actions defined
    Apr 13 22:32:46 wan: [wanL1] No bundle specified
    Apr 13 22:32:46 wan: [wanL1] link did not validate in bundle
    Apr 13 22:32:46 wan: [wanL1] LCP: parameter negotiation failed
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Opened –> Stopping
    Apr 13 22:32:46 wan: [wanL1] LCP: SendTerminateReq #198
    Apr 13 22:32:46 wan: [wanL1] LCP: LayerDown
    Apr 13 22:32:46 wan: [wanL1] rec'd proto CCP during terminate phase
    Apr 13 22:32:46 wan: [wanL1] rec'd proto IPCP during terminate phase
    Apr 13 22:32:46 wan: [wanL1] LCP: rec'd Terminate Ack #198 (Stopping)
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Stopping –> Stopped
    Apr 13 22:32:46 wan: [wanL1] LCP: LayerFinish
    Apr 13 22:32:46 wan: [wanL1] PPTP call terminated
    Apr 13 22:32:46 wan: [wanL1] Link: DOWN event
    Apr 13 22:32:46 wan: [wanL1] LCP: Down event
    Apr 13 22:32:46 wan: [wanL1] LCP: state change Stopped –> Starting
    Apr 13 22:32:46 wan: [wanL1] LCP: LayerStart
    Apr 13 22:32:46 wan: [wanL1] Link: reconnection attempt 2019 in 3 seconds

    почему так?

    0
  • Z

    вы пилот-испытатель? зачем вам бета-версия?

    если вы не хотите отлавливать и править баги (а вы явно сами этого не хотите), то не используйте такие версии

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy