On Sat, 28 Mar 2020 01:46:41 +0300
Vitaliy Makkoveev <[email protected]> wrote:
> Can you try latest snapshot?
Unfortunately, the box that runs npppd is the most important machine on
my network (GRE/IPsec hub for multiple branch offices), I can't take the
risk.
> Can you share your npppd.conf?
Below, I have redacted sensitive information. Perhaps it is worth
mentioning that npppd listens on IP address of CARP interface.
---npppd.conf.start---
# GLOBAL
set max-session 200
set user-max-session 1
# TUNNEL
tunnel EXAMPLEORG protocol pptp {
listen on IP.ADD.RE.SS
pptp-hostname vpn.example.org
pptp-vendor-name "openbsd-npppd"
ingress-filter yes
pipex no
mppe required
mppe-key-length 128
mppe-key-state stateless
idle-timeout 1800
}
# IPCP
ipcp KAPPASTAR {
pool-address "IP.ADD.RE.SS/24"
dns-servers IP.ADD.RE.SS
allow-user-selected-address no
}
# INTERFACE
interface tun1 address IP.ADD.RE.SS ipcp EXAMPLEORG
# AUTHENTICATION
authentication RADIUS type radius {
strip-nt-domain yes
strip-atmark-realm yes
authentication-server {
address IP.ADD.RE.SS secret "ThisIsNotRealPassword"
}
accounting-server {
address IP.ADD.RE.SS secret "ThisIsNotRealPassword"
}
}
bind tunnel from EXAMPLEORG authenticated by RADIUS to tun1
---npppd.conf.end---
Thank you in advance for looking into it.
--
Before enlightenment - chop wood, draw water.
After enlightenment - chop wood, draw water.
Marko Cupać
https://www.mimar.rs/
