Le 12/12/2012 23:55, Joseph Mays a écrit : > BTW, yes, I am aware that I left the passwords for ftp etc in the config. > They've already been changed. >
Hello, Here is my config which works perfectly with the window native PPTP client : vpdn enable ! vpdn-group vpn ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 interface Virtual-Template1 ip unnumbered FastEthernet0/0 autodetect encapsulation ppp peer default ip address pool vpn ppp encrypt mppe auto ppp authentication ms-chap-v2 Best regards, > ----- Original Message ----- > From: "Joseph Mays" <[email protected]> > To: <[email protected]> > Sent: Wednesday, December 12, 2012 5:12 PM > Subject: [c-nsp] pptp connection to 2600 with Windows VPN failing. > > >> Trying to make a vpdn setup work from a windows vpn client to a cisco >> 2600. I had this working for a while, but then after one minor config >> change by someone else it stopped working. That change shouldn't have >> broken anything, but I backed it out nonetheless and the connection is >> still not working again. >> >> I think it's breaking during the LCP negotiation, before authentication >> even occurs. Here's what I get from PPP debugging. Notice that it never >> gets to the authentication phase. I will attach relevant portions of the >> config afterwards. >> >> genisis#show debug >> PPP: >> PPP detailed event debugging is on >> PPP authentication debugging is on >> PPP protocol errors debugging is on >> PPP protocol negotiation debugging is on >> >> >> >> genisis# >> genisis#term mon >> genisis# >> *Mar 1 02:26:32.559: Se0/0 PPP: Outbound cdp packet dropped, CDPCP state >> is Listen >> *Mar 1 02:26:39.415: EVT: Dynamic Bind 0 0x82C3989C >> *Mar 1 02:26:39.415: ppp13 EVT: Cstate 4 0x00000000 >> *Mar 1 02:26:39.415: ppp13 PPP: Using vpn set call direction >> *Mar 1 02:26:39.415: ppp13 PPP: Treating connection as a callin >> *Mar 1 02:26:39.415: ppp13 PPP: Phase is ESTABLISHING, Passive Open >> *Mar 1 02:26:39.415: ppp13 LCP: State is Listen >> *Mar 1 02:26:39.439: ppp13 EVT: Packet 0 0x8332C29C >> *Mar 1 02:26:39.439: ppp13 LCP: I CONFREQ [Listen] id 0 len 21 >> *Mar 1 02:26:39.439: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:39.439: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:39.439: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:39.439: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:39.439: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:39.439: ppp13 PPP: Authorization required >> *Mar 1 02:26:39.439: ppp13 LCP: O CONFREQ [Listen] id 1 len 15 >> *Mar 1 02:26:39.443: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:39.443: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:39.443: ppp13 LCP: O CONFREJ [Listen] id 0 len 7 >> *Mar 1 02:26:39.443: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:41.431: ppp13 EVT: Packet 0 0x830D1F30 >> *Mar 1 02:26:41.431: ppp13 LCP: I CONFREQ [REQsent] id 1 len 21 >> *Mar 1 02:26:41.431: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:41.431: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:41.431: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:41.431: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:41.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:41.431: ppp13 LCP: O CONFREJ [REQsent] id 1 len 7 >> *Mar 1 02:26:41.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:41.451: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:41.451: ppp13 LCP: O CONFREQ [REQsent] id 2 len 15 >> *Mar 1 02:26:41.451: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:41.451: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:43.467: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:43.467: ppp13 LCP: O CONFREQ [REQsent] id 3 len 15 >> *Mar 1 02:26:43.467: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:43.467: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:44.431: ppp13 EVT: Packet 0 0x830D2E1C >> *Mar 1 02:26:44.435: ppp13 LCP: I CONFREQ [REQsent] id 2 len 21 >> *Mar 1 02:26:44.435: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:44.435: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:44.435: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:44.435: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:44.435: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:44.435: ppp13 LCP: O CONFREJ [REQsent] id 2 len 7 >> *Mar 1 02:26:44.435: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:45.483: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:45.483: ppp13 LCP: O CONFREQ [REQsent] id 4 len 15 >> *Mar 1 02:26:45.483: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:45.483: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:47.499: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:47.499: ppp13 LCP: O CONFREQ [REQsent] id 5 len 15 >> *Mar 1 02:26:47.499: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:47.499: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:48.427: ppp13 EVT: Packet 0 0x830D3118 >> *Mar 1 02:26:48.431: ppp13 LCP: I CONFREQ [REQsent] id 3 len 21 >> *Mar 1 02:26:48.431: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:48.431: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:48.431: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:48.431: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:48.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:48.431: ppp13 LCP: O CONFREJ [REQsent] id 3 len 7 >> *Mar 1 02:26:48.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:49.515: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:49.515: ppp13 LCP: O CONFREQ [REQsent] id 6 len 15 >> *Mar 1 02:26:49.515: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:49.515: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:51.531: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:51.531: ppp13 LCP: O CONFREQ [REQsent] id 7 len 15 >> *Mar 1 02:26:51.531: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:51.531: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:52.431: ppp13 EVT: Packet 0 0x830CFB60 >> *Mar 1 02:26:52.431: ppp13 LCP: I CONFREQ [REQsent] id 4 len 21 >> *Mar 1 02:26:52.431: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:52.431: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:52.435: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:52.435: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:52.435: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:52.435: ppp13 LCP: O CONFREJ [REQsent] id 4 len 7 >> *Mar 1 02:26:52.435: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:53.547: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:53.547: ppp13 LCP: O CONFREQ [REQsent] id 8 len 15 >> *Mar 1 02:26:53.547: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:53.547: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:55.563: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:55.563: ppp13 LCP: O CONFREQ [REQsent] id 9 len 15 >> *Mar 1 02:26:55.563: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:55.563: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:56.431: ppp13 EVT: Packet 0 0x830D0D48 >> *Mar 1 02:26:56.431: ppp13 LCP: I CONFREQ [REQsent] id 5 len 21 >> *Mar 1 02:26:56.431: ppp13 LCP: MRU 1400 (0x01040578) >> *Mar 1 02:26:56.431: ppp13 LCP: MagicNumber 0x4FC8505D >> (0x05064FC8505D) >> *Mar 1 02:26:56.431: ppp13 LCP: PFC (0x0702) >> *Mar 1 02:26:56.431: ppp13 LCP: ACFC (0x0802) >> *Mar 1 02:26:56.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:56.431: ppp13 LCP: O CONFREJ [REQsent] id 5 len 7 >> *Mar 1 02:26:56.431: ppp13 LCP: Callback 6 (0x0D0306) >> *Mar 1 02:26:57.579: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:57.579: ppp13 LCP: O CONFREQ [REQsent] id 10 len 15 >> *Mar 1 02:26:57.579: ppp13 LCP: AuthProto MS-CHAP (0x0305C22380) >> *Mar 1 02:26:57.579: ppp13 LCP: MagicNumber 0x0F0968D2 >> (0x05060F0968D2) >> *Mar 1 02:26:59.595: ppp13 LCP: TIMEout: State REQsent >> *Mar 1 02:26:59.595: ppp13 LCP: O TERMREQ [REQsent] id 10 len 4 >> *Mar 1 02:26:59.595: ppp13 PPP: Phase is TERMINATING >> *Mar 1 02:26:59.595: ppp13 LCP: State is Listen >> *Mar 1 02:26:59.595: ppp13 EVT: Hard Disc 0 0x00000000 >> *Mar 1 02:26:59.595: ppp13 PPP: Sending Acct Event[Down] id[11] >> *Mar 1 02:26:59.595: ppp13 LCP: State is Closed >> *Mar 1 02:26:59.595: ppp13 PPP: Phase is DOWN >> *Mar 1 02:26:59.599: ppp13 EVT: Free PPP 0 0x00000000 >> >> >> ========== >> >> genisis#show run >> Building configuration... >> >> Current configuration : 2791 bytes >> ! >> version 12.3 >> service timestamps debug datetime msec >> service timestamps log datetime msec >> service password-encryption >> ! >> hostname genisis >> ! >> boot-start-marker >> boot-end-marker >> ! >> logging buffered 4096 informational >> enable secret 5 xxxxxxxxxxxxxxxxxxxxxx. >> enable password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxx >> ! >> username johndoe password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx >> username angela password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> username admin privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxx >> no network-clock-participate slot 1 >> no network-clock-participate wic 0 >> aaa new-model >> ! >> ! >> aaa authentication ppp default local >> aaa authorization network default if-authenticated >> aaa session-id common >> ip subnet-zero >> no ip cef >> ! >> ! >> ip ftp username launchpad >> ip ftp password 7 045907071C3543480F >> no ip domain lookup >> no ip dhcp conflict logging >> ip dhcp excluded-address 10.10.2.150 10.10.2.255 >> ip dhcp excluded-address 10.10.2.0 10.10.2.50 >> ! >> ip dhcp pool genesis-pc-dhcp-pool >> network 10.10.2.0 255.255.255.0 >> dns-server 216.24.27.3 >> default-router 10.10.2.1 >> ! >> no ip bootp server >> ip audit po max-events 100 >> vpdn enable >> ! >> vpdn-group 1 >> ! Default PPTP VPDN group >> accept-dialin >> protocol pptp >> virtual-template 1 >> local name gen-vpn >> ! >> no ftp-server write-enable >> ! >> ! >> ! >> voice call carrier capacity active >> ! >> voice class codec 1 >> codec preference 1 g711ulaw >> codec preference 2 g729r8 >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> class-map match-all dscp-ef >> match ip dscp ef >> ! >> ! >> policy-map queue-on-dscp >> description Prioritizes voice traffic first, signalling next. >> class dscp-ef >> priority percent 75 >> class class-default >> fair-queue >> random-detect dscp-based >> ! >> ! >> ! >> ! >> ! >> ! >> interface FastEthernet0/0 >> ip address 24.235.18.81 255.255.255.240 secondary >> ip address 10.10.2.1 255.255.255.0 secondary >> ip address 24.235.1.17 255.255.255.248 >> no ip redirects >> ip nat inside >> service-policy output queue-on-dscp >> logging event subif-link-status >> duplex auto >> speed auto >> ! >> interface Serial0/0 >> description T1 to WinNET (UNE-DS1-003-004, HCFD.687777..NB) >> ip address 24.235.2.42 255.255.255.252 >> no ip redirects >> ip nat outside >> service-policy output queue-on-dscp >> encapsulation ppp >> logging event subif-link-status >> auto qos voip trust >> service-module t1 timeslots 1-24 >> ! >> interface Virtual-Template1 >> ip unnumbered FastEthernet0/0 >> ip mroute-cache >> peer default ip address pool VPN-IN >> ppp encrypt mppe 40 required >> ppp authentication ms-chap >> ! >> ip local pool VPN-IN 10.10.2.160 10.10.2.164 >> ip nat inside source list 50 interface Serial0/0 overload >> no ip http server >> no ip http secure-server >> ip classless >> ip route 0.0.0.0 0.0.0.0 Serial0/0 >> ! >> ! >> access-list 50 permit 10.10.2.0 0.0.0.255 >> ! >> rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for >> Voice Drops" owner AutoQo >> ! >> ! >> ! >> ! >> ! >> ! >> ! >> line con 0 >> line aux 0 >> line vty 0 4 >> password 7 1415425B18072B2634 >> ! >> ! >> end >> >> genisis# >> _______________________________________________ >> cisco-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > -- Christophe Lucas http://www.clucas.fr/blog/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
