Trying to make a vpdn setup work from a windows vpn client to a cisco 2600. I had this working for a while, but then after one minor config change by someone else it stopped working. That change shouldn't have broken anything, but I backed it out nonetheless and the connection is still not working again.
I think it's breaking during the LCP negotiation, before authentication even occurs. Here's what I get from PPP debugging. Notice that it never gets to the authentication phase. I will attach relevant portions of the config afterwards. genisis#show debug PPP: PPP detailed event debugging is on PPP authentication debugging is on PPP protocol errors debugging is on PPP protocol negotiation debugging is on genisis# genisis#term mon genisis# *Mar 1 02:26:32.559: Se0/0 PPP: Outbound cdp packet dropped, CDPCP state is Listen *Mar 1 02:26:39.415: EVT: Dynamic Bind 0 0x82C3989C *Mar 1 02:26:39.415: ppp13 EVT: Cstate 4 0x00000000 *Mar 1 02:26:39.415: ppp13 PPP: Using vpn set call direction *Mar 1 02:26:39.415: ppp13 PPP: Treating connection as a callin *Mar 1 02:26:39.415: ppp13 PPP: Phase is ESTABLISHING, Passive Open *Mar 1 02:26:39.415: ppp13 LCP: State is Listen *Mar 1 02:26:39.439: ppp13 EVT: Packet 0 0x8332C29C *Mar 1 02:26:39.439: ppp13 LCP: I CONFREQ [Listen] id 0 len 21 *Mar 1 02:26:39.439: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:39.439: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:39.439: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:39.439: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:39.439: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:39.439: ppp13 PPP: Authorization required *Mar 1 02:26:39.439: ppp13 LCP: O CONFREQ [Listen] id 1 len 15 *Mar 1 02:26:39.443: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:39.443: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:39.443: ppp13 LCP: O CONFREJ [Listen] id 0 len 7 *Mar 1 02:26:39.443: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:41.431: ppp13 EVT: Packet 0 0x830D1F30 *Mar 1 02:26:41.431: ppp13 LCP: I CONFREQ [REQsent] id 1 len 21 *Mar 1 02:26:41.431: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:41.431: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:41.431: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:41.431: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:41.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:41.431: ppp13 LCP: O CONFREJ [REQsent] id 1 len 7 *Mar 1 02:26:41.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:41.451: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:41.451: ppp13 LCP: O CONFREQ [REQsent] id 2 len 15 *Mar 1 02:26:41.451: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:41.451: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:43.467: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:43.467: ppp13 LCP: O CONFREQ [REQsent] id 3 len 15 *Mar 1 02:26:43.467: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:43.467: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:44.431: ppp13 EVT: Packet 0 0x830D2E1C *Mar 1 02:26:44.435: ppp13 LCP: I CONFREQ [REQsent] id 2 len 21 *Mar 1 02:26:44.435: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:44.435: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:44.435: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:44.435: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:44.435: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:44.435: ppp13 LCP: O CONFREJ [REQsent] id 2 len 7 *Mar 1 02:26:44.435: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:45.483: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:45.483: ppp13 LCP: O CONFREQ [REQsent] id 4 len 15 *Mar 1 02:26:45.483: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:45.483: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:47.499: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:47.499: ppp13 LCP: O CONFREQ [REQsent] id 5 len 15 *Mar 1 02:26:47.499: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:47.499: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:48.427: ppp13 EVT: Packet 0 0x830D3118 *Mar 1 02:26:48.431: ppp13 LCP: I CONFREQ [REQsent] id 3 len 21 *Mar 1 02:26:48.431: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:48.431: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:48.431: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:48.431: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:48.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:48.431: ppp13 LCP: O CONFREJ [REQsent] id 3 len 7 *Mar 1 02:26:48.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:49.515: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:49.515: ppp13 LCP: O CONFREQ [REQsent] id 6 len 15 *Mar 1 02:26:49.515: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:49.515: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:51.531: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:51.531: ppp13 LCP: O CONFREQ [REQsent] id 7 len 15 *Mar 1 02:26:51.531: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:51.531: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:52.431: ppp13 EVT: Packet 0 0x830CFB60 *Mar 1 02:26:52.431: ppp13 LCP: I CONFREQ [REQsent] id 4 len 21 *Mar 1 02:26:52.431: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:52.431: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:52.435: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:52.435: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:52.435: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:52.435: ppp13 LCP: O CONFREJ [REQsent] id 4 len 7 *Mar 1 02:26:52.435: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:53.547: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:53.547: ppp13 LCP: O CONFREQ [REQsent] id 8 len 15 *Mar 1 02:26:53.547: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:53.547: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:55.563: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:55.563: ppp13 LCP: O CONFREQ [REQsent] id 9 len 15 *Mar 1 02:26:55.563: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:55.563: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:56.431: ppp13 EVT: Packet 0 0x830D0D48 *Mar 1 02:26:56.431: ppp13 LCP: I CONFREQ [REQsent] id 5 len 21 *Mar 1 02:26:56.431: ppp13 LCP: MRU 1400 (0x01040578) *Mar 1 02:26:56.431: ppp13 LCP: MagicNumber 0x4FC8505D (0x05064FC8505D) *Mar 1 02:26:56.431: ppp13 LCP: PFC (0x0702) *Mar 1 02:26:56.431: ppp13 LCP: ACFC (0x0802) *Mar 1 02:26:56.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:56.431: ppp13 LCP: O CONFREJ [REQsent] id 5 len 7 *Mar 1 02:26:56.431: ppp13 LCP: Callback 6 (0x0D0306) *Mar 1 02:26:57.579: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:57.579: ppp13 LCP: O CONFREQ [REQsent] id 10 len 15 *Mar 1 02:26:57.579: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) *Mar 1 02:26:57.579: ppp13 LCP: MagicNumber 0x0F0968D2 (0x05060F0968D2) *Mar 1 02:26:59.595: ppp13 LCP: TIMEout: State REQsent *Mar 1 02:26:59.595: ppp13 LCP: O TERMREQ [REQsent] id 10 len 4 *Mar 1 02:26:59.595: ppp13 PPP: Phase is TERMINATING *Mar 1 02:26:59.595: ppp13 LCP: State is Listen *Mar 1 02:26:59.595: ppp13 EVT: Hard Disc 0 0x00000000 *Mar 1 02:26:59.595: ppp13 PPP: Sending Acct Event[Down] id[11] *Mar 1 02:26:59.595: ppp13 LCP: State is Closed *Mar 1 02:26:59.595: ppp13 PPP: Phase is DOWN *Mar 1 02:26:59.599: ppp13 EVT: Free PPP 0 0x00000000 ========== genisis#show run Building configuration... Current configuration : 2791 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname genisis ! boot-start-marker boot-end-marker ! logging buffered 4096 informational enable secret 5 xxxxxxxxxxxxxxxxxxxxxx. enable password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxx ! username johndoe password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx username angela password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx username admin privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxx no network-clock-participate slot 1 no network-clock-participate wic 0 aaa new-model ! ! aaa authentication ppp default local aaa authorization network default if-authenticated aaa session-id common ip subnet-zero no ip cef ! ! ip ftp username launchpad ip ftp password 7 045907071C3543480F no ip domain lookup no ip dhcp conflict logging ip dhcp excluded-address 10.10.2.150 10.10.2.255 ip dhcp excluded-address 10.10.2.0 10.10.2.50 ! ip dhcp pool genesis-pc-dhcp-pool network 10.10.2.0 255.255.255.0 dns-server 216.24.27.3 default-router 10.10.2.1 ! no ip bootp server ip audit po max-events 100 vpdn enable ! vpdn-group 1 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 local name gen-vpn ! no ftp-server write-enable ! ! ! voice call carrier capacity active ! voice class codec 1 codec preference 1 g711ulaw codec preference 2 g729r8 ! ! ! ! ! ! ! ! ! ! ! class-map match-all dscp-ef match ip dscp ef ! ! policy-map queue-on-dscp description Prioritizes voice traffic first, signalling next. class dscp-ef priority percent 75 class class-default fair-queue random-detect dscp-based ! ! ! ! ! ! interface FastEthernet0/0 ip address 24.235.18.81 255.255.255.240 secondary ip address 10.10.2.1 255.255.255.0 secondary ip address 24.235.1.17 255.255.255.248 no ip redirects ip nat inside service-policy output queue-on-dscp logging event subif-link-status duplex auto speed auto ! interface Serial0/0 description T1 to WinNET (UNE-DS1-003-004, HCFD.687777..NB) ip address 24.235.2.42 255.255.255.252 no ip redirects ip nat outside service-policy output queue-on-dscp encapsulation ppp logging event subif-link-status auto qos voip trust service-module t1 timeslots 1-24 ! interface Virtual-Template1 ip unnumbered FastEthernet0/0 ip mroute-cache peer default ip address pool VPN-IN ppp encrypt mppe 40 required ppp authentication ms-chap ! ip local pool VPN-IN 10.10.2.160 10.10.2.164 ip nat inside source list 50 interface Serial0/0 overload no ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 ! ! access-list 50 permit 10.10.2.0 0.0.0.255 ! rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice Drops" owner AutoQo ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 password 7 1415425B18072B2634 ! ! end genisis# _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
