Hello Roland, > > sorry, die mail sollte eigentlich an die ML gehen. Aber wenn es dir > nichts ausmacht, machen wir so weiter... Hatte ich auch so geplant, da du aber an mich direkt geschrieben hattest... also wieder an die Liste...
@list: Something went wrong, so this thread will continue at list. > >>>>if I set mppe required i get the error: > >>>>unrecognized option 'require-mppe-128' > >>> > >>>It seems that your kernel has no support for 128 bit encryption, so you > >>>have to activate option 'refuse 128 bit encryption'. > >> > >>i had patched my Kernel before, thats not the problem with mppe, with a > >>pptp script and the right options file everything is working, too. But > >>not with kvpnc, and thats the tool i want to use! :-( > >>I've played a bit with my configuration and now i get the errormessage: > >>debug: /usr/sbin/pppd: In file /etc/ppp/options: unrecognized option > >>'mppe-128' > > > >Really strange. Which pppd version you are using? (here: pppd version > > 2.4.3) > > I had 2.4.2 now upgraded up to 2.4.3-r6 with mppe support too. > >In pppd manual I found: > >--- snip --- > >mppe-stateful > >Allow MPPE to use stateful mode. Stateless mode is still attempted first. > >The default is to disallow stateful mode. > > > >[...] > >require-mppe > >Require the use of MPPE (Microsoft Point to Point Encryption). This > > option disables all other compression types. This option enables both > > 40-bit and 128-bit encryption. In order for MPPE to successfully come > > up, you must have authenticated with either MS-CHAP or MS-CHAPv2. This > > option is presently only supported under Linux, and only if your kernel > > has been configured to include MPPE support. > > > >[...] > > very interesting, here a prt from my pppd manpage: > This was also written in manpage of 2.4.2: > mppe subopt1[,subopt2[,subopt3[..]]] > Modify MPPE (Microsoft Point to Point Encryption) > parameters. In > order for MPPE to successfully come up, you must have > authenti- > cated with either MS-CHAP or MS-CHAPv2. By default > MPPE is > optional, it means that pppd will not propose MPPE to the > peer, > but will negotiate MPPE if peer wants that. You can > change this > using required suboption. This option is presently > only sup- > ported under Linux, and only if your kernel has been > configured > to include MPPE support. > > MPPE suboptions: > required - require MPPE; disconnect if peer doesn't > support it, > stateless - try to negotiate stateless mode; default is > state- > ful, > no40 - disable 40 bit keys, > no56 - disable 56 bit keys, > no128 - disable 128 bit keys > > require-mppe isn't there and cant be regnonize by kvpnc :-( Can you send me your manpage? Which distribution you are using? I have Debian unstable. > >>to use that vpn connection with my pptp script i had to put > >> > >><loginname> luftbruecke <password> * > >>luftbruecke <loginname> <password> * > >> > >>and i open it with: > >>pptp luftbruecke.inf.fu-berlin.de name <loginname> noauth defaultroute > >> > >>with no /etc/ppp/options > > > >I think you need this: > >- nomppe > >Disables MPPE (Microsoft Point to Point Encryption). > >=> [ ] require MPPE > >This will deactivate MPPPE options. > > > >=> [ ] Allow stateful mode > I have to correct my last mail a little bit. With my script, I got a connection but I can't do anything with it. > > >Sorry but currently I dont have a VPN server for testing... > Thanks for your help,... > ... I also have problems with the cisco client too :-( > If you can help me there, then my first problem has be solved. > I've imported a PCF file by checking Pre shared key.. > I dont had to enter a group password. I have less knowledge at Cisco VPN, sorry. > Now I enter user name and password and by trying to establish a connection i got: > VpncScript: /root/.kde3.4/share/apps/kvpnc/vpnc-script.VPN via ZEDAT, > Freie Universit??t Berlin > info: Benutzerdefinierter lokaler Port "14195" wird benutzt > info: Benutzerdefinierte IKE-Gruppe "dh2" wird benutzt > info: UDP wird benutzt. > info: Es wird versucht, zu Server "vpn.fu-berlin.de" (160.45.252.202) > mit Benutzer "rhoepfn" und IPSec ID "hybrid-default" zu verbinden... > info: "vpnc" ist gestartet. > > It stucks in connection state and after timeout it changes to disconnected, go to advanced settings and disable userdefinied port (small bug in import but should work too). Enable 'use udp (NAT-T)' (you need this because you are behind a nat router). If it fails too, increase the connection timeout (at university sometimes the concentrator laggs 20 sec before answer. > I also have tried to forward port 14195 from my router to my local machine in lan. Is this nessary? No. Only if you have vpnc 2.x without nat-t (udp) support. > I also had to recompile my kernel to have tun support. Right. > Schöne Grüße an Wernigerode. Danke ;) Best regards Christoph -- Linux User Group Wernigerode http://www.lug-wr.de/
pgp2PLOh5M9tm.pgp
Description: PGP signature
