Re: poptop on OpenBSD 5.3
I approve Wesley, if you use OpenBSD 5.3 you should use npppd it's simpler than poptop and have nearly the same functionalities -- Best regards, Loïc BLOT, UNIX systems, security and network expert http://www.unix-experience.fr Le lundi 05 août 2013 à 08:46 +0400, Wesley MOUEDINE ASSABY a écrit : Hi, Why not use the embedded package in OpenBSD 5.3 : npppd ?? conf files : /etc/npppd/npppd.conf and npppd-users Below a link that will help you on : http://fr.slideshare.net/GiovanniBechis/npppd-easy-vpn-with-openbsd Cheers, Wesley Le 2013-08-05 4:48, Alvaro Mantilla Gimenez a écrit : Hi, I am trying to configure poptop on OpenBSD 5.3 without success. I've installed the package and configured the files as the /usr/local/share/doc/pkg-readmes/poptop-1.3.4p4 says but didn't work so I started to change things here and there without success. These are the facts: /etc/pptpd.conf: stimeout 10 noipparam logwtmp localip 5.5.5.1 remoteip 5.5.5.2-102 /etc/ppp/options: lock auth usehostname proxyarp +MSChap-V2 mppe-128 mppe-stateless /etc/ppp/ppp.conf: default: set log Phase Chat LCP IPCP CCP tun command set speed 115200 pptp: set log phase tun enable proxy set dns 8.8.8.8 8.8.4.4 set ifaddr 5.5.5.1 5.5.5.0/0 255.255.255.0 set timeout 0 enable chap enable MSChapV2 And here the error: pptpd[25764]: CTRL: Starting call (launching pppd, opening GRE) ppp[14716]: Phase: Using interface: tun0 ppp[14716]: Phase: deflink: Created in closed state ppp[14716]: tun0: Command: default: set speed 115200 ppp[14716]: tun0: Command: pptp: set log phase tun ppp[14716]: tun0: Phase: PPP Started (direct mode). ppp[14716]: tun0: Phase: bundle: Establish ppp[14716]: tun0: Phase: deflink: closed - opening ppp[14716]: tun0: Phase: deflink: Connected! ppp[14716]: tun0: Phase: deflink: opening - carrier ppp[14716]: tun0: Phase: deflink: carrier - lcp ppp[14716]: tun0: Phase: bundle: Authenticate ppp[14716]: tun0: Phase: deflink: his = none, mine = CHAP 0x81 ppp[14716]: tun0: Phase: Chap Output: CHALLENGE ppp[14716]: tun0: Phase: Chap Input: RESPONSE (49 bytes from testuser) ppp[14716]: tun0: Phase: Chap Output: SUCCESS ppp[14716]: tun0: Phase: deflink: lcp - open ppp[14716]: tun0: Phase: bundle: Network ppp[14716]: tun0: Phase: deflink: open - lcp ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Phase: bundle: Terminate pptpd[25764]: CTRL: EOF or bad error reading ctrl packet length. pptpd[25764]: CTRL: couldn't read packet header (exit) pptpd[25764]: CTRL: CTRL read failed ppp[14716]: tun0: Phase: deflink: read (0): Got zero bytes ppp[14716]: tun0: Phase: deflink: Disconnected! ppp[14716]: tun0: Phase: deflink: Connect time: 1 secs: 354 octets in, 364 octets out ppp[14716]: tun0: Phase: deflink: 7 packets in, 11 packets out ppp[14716]: tun0: Phase: total 718 bytes/sec, peak 0 bytes/sec on Sun Aug 4 18:23:07 2013 ppp[14716]: tun0: Phase: deflink: lcp - closed ppp[14716]: tun0: Phase: bundle: Dead ppp[14716]: tun0: Phase: PPP Terminated (normal). pptpd[25764]: CTRL: Client truncated_ip control connection finished So far I think is not an authentication problem (the authentication process seems to be success) and it is a network related issue. However, I do not how to fix it according to the three lines on the output: ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable I enabled and applied on sysctl.conf: net.inet.gre.allow=1 net.inet.gre.wccp=1 Also, I added the pf.conf lines needed to allow traffic from 1723 and GRE connections and, to be sure, let all traffic from 5.5.5.0 network pass through the firewall on tun0. Any help? What I am missing? Thanks in advance, Alvaro [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Pfsync bulk for 6 states takes 13 minutes
Hello, I reproduced the problem on: OpenBSD 5.4 (GENERIC.MP) #41: Tue Jul 30 15:30:02 MDT 2013 pfsync takes as much time as whith OpenBSD 5.3. If you have any ideas why is that happening, please let me know. I have a test env with physical access prepared specially to solve this case. Remote access for OpenBSD developers is an option too. Aug 5 09:56:43 pfw1 /bsd: root on wd0a (89609dda54f2ae25.a) swap on wd0b dump on wd0b Aug 5 09:56:43 pfw1 /bsd: carp: carp10 demoted group carp by 1 to 129 (carpdev) Aug 5 09:56:43 pfw1 /bsd: carp: pfsync0 demoted group carp by 32 to 161 (pfsync init) Aug 5 09:56:43 pfw1 /bsd: carp: pfsync0 demoted group pfsync by 32 to 32 (pfsync init) Aug 5 09:56:43 pfw1 /bsd: carp: pfsync0 demoted group carp by 1 to 162 (pfsync bulk start) Aug 5 09:56:43 pfw1 /bsd: carp: pfsync0 demoted group pfsync by 1 to 33 (pfsync bulk start) Aug 5 09:56:43 pfw1 savecore: no core dump Aug 5 09:56:45 pfw1 /bsd: carp10: state transition: INIT - BACKUP Aug 5 09:56:45 pfw1 /bsd: carp: carp10 demoted group carp by -1 to 161 (carpdev) Aug 5 09:57:00 pfw1 /bsd: carp10: state transition: BACKUP - MASTER Aug 5 09:57:00 pfw1 /bsd: carp10: state transition: MASTER - BACKUP Aug 5 10:00:01 pfw1 newsyslog[9921]: logfile turned over Aug 5 10:00:01 pfw1 newsyslog[9921]: logfile turned over Aug 5 10:00:01 pfw1 syslogd: restart Aug 5 10:10:06 pfw1 /bsd: carp: pfsync0 demoted group carp by -1 to 32 (pfsync bulk done) Aug 5 10:10:06 pfw1 /bsd: carp: pfsync0 demoted group pfsync by -1 to 32 (pfsync bulk done) Aug 5 10:10:06 pfw1 /bsd: carp: pfsync0 demoted group carp by -32 to 0 (pfsync init) Aug 5 10:10:06 pfw1 /bsd: carp: pfsync0 demoted group pfsync by -32 to 0 (pfsync init) Aug 5 10:10:08 pfw1 /bsd: carp10: state transition: BACKUP - MASTER Regards -- Dariusz Binkul 2013/8/2 Kenneth R Westerback kwesterb...@rogers.com On Fri, Aug 02, 2013 at 12:04:24PM +0200, Dariusz Binkul wrote: Hello, I have 2 openbsd systems (OpenBSD 5.3 (GENERIC.MP) #62: Tue Mar 12 18:21:20 MDT 2013) in active-backup configuration. During boot of OS, pfsync bulk takes 13 minutes to sync with master server no matter how many states there are to sync. I've reproduced this problem in my testing environment. Even with no traffic (only 6 states in PF State Table) pfsync bulk took 13 minutes. As you have a test setup, you might get more immediate attention if you reproduced the problem on the latest 5.4 snapshot. Ken
OpenBSD-current on MacBookPro9,2 Xorg acpilk-ed
Hi all, I've installed OpenBSD-current to MacBookPro 9,2 (Mid-2012). It seems to be working without problems. Howoever Xorg locks after some random time at acpilk (process state in top). So I've decided to debug it. Set ddb.console=1 in /etc/sysctl.conf, however was unable to jump to ddb debugger with ddb.trigger: # sysctl ddb.console ddb.console=1 # sysctl ddb.trigger=1 sysctl: ddb.trigger: Operation not supported by device I'm connected from another OpenBSD box via ssh. Kernel is GENERIC.MP and have ddb enabled. I'm obviously doing something wrong, could someone please push me a bit? Thanks a lot, m dmesg: OpenBSD 5.4-current (GENERIC.MP) #1: Sun Aug 4 05:01:53 MDT 2013 r...@njorun.merlyn.cz:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error 99clock_battery,memory_size,fixed_disk real mem = 8475721728 (8083MB) avail mem = 8242368512 (7860MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (63 entries) bios0: vendor Apple Inc. version MBP91.88Z.00D3.B08.1208081132 date 08/08/2012 bios0: Apple Inc. MacBookPro9,2 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT DMAR MCFG acpi0: wakeup devices P0P2(S3) PEG1(S3) EC__(S4) GMUX(S3) HDEF(S3) RP01(S3) GIGE(S3) SDXC(S3) RP02(S3) ARPT(S3) RP03(S3) EHC1(S3) EHC2(S3) XHC1(S3) ADP1(S4) LID0(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2494.72 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,X SAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 99MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2494.33 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,X SAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2494.33 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,X SAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 1, core 0, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2494.33 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX ,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,X SAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiec0 at acpi0 acpimcfg0 at acpi0 addr 0xe000, bus 0-154 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 4 (P0P2) acpiprt2 at acpi0: bus -1 (PEG1) acpiprt3 at acpi0: bus 1 (RP01) acpiprt4 at acpi0: bus 2 (RP02) acpiprt5 at acpi0: bus 3 (RP03) acpicpu0 at acpi0: C3, C1, PSS acpicpu1 at acpi0: C3, C1, PSS acpicpu2 at acpi0: C3, C1, PSS acpicpu3 at acpi0: C3, C1, PSS acpibat0 at acpi0: BAT0 model 3545797981023400290 type 3545797981528607052 oem 3545797981528673619 acpiac0 at acpi0: AC unit online acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB acpivideo0 at acpi0: IGPU acpivout0 at acpivideo0: DD02 cpu0: Enhanced SpeedStep 2494 MHz: speeds: 2501, 2500, 2400, 2300, 2200, 2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200 MHz memory map conflict 0xe00f8000/0x1000 memory map conflict 0xfed1c000/0x4000 memory map conflict 0xffe7/0x3 pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Core 3G Host rev 0x09 ppb0 at pci0 dev 1 function 0 Intel Xeon E3-1200v2 PCIE rev 0x09: msi pci1 at ppb0 bus 4 ppb1 at pci1 dev 0 function 0 vendor Intel, unknown product 0x1513 rev 0x00 pci2 at ppb1 bus 5 ppb2 at pci2 dev 0 function 0 vendor Intel, unknown product 0x1513 rev 0x00: msi pci3 at ppb2 bus 6 vendor Intel, unknown product 0x1513 (class system subclass miscellaneous, rev 0x00) at pci3 dev 0 function 0 not configured ppb3
Re: ifconfig(8) --frontend
On Sun, Aug 04, 2013 at 12:07:29PM +0200, Mirco Richter wrote: Is there some GUI-front-end for (at least) the wlan related functionality of ifconfig? Not a GUI, but I'm using a script called wiconfig which is discussed at: http://undeadly.org/cgi?action=articlesid=20120113172334 Currently I'm running it on a ThinkPad T500 with CURRENT and an old HP laptop running 5.3 RELEASE. Works great. I can suspend my laptop at home, go over to my girlfriends place and, upon resume, it'll automatically connect to her WiFi. The same thing if there are no WiFi available except for my Android phone in hotspot-mode. There a some security concerns though. Read the article at Undeadly. Regards, Erling (No need to argue here, about the flexability of ifconfig and the restrictions of any GUI-approach) The point is, that using OBSD as a workstation on a laptop, requires a lot of authentification at different WPA/WEP encrypted wlan networks, some with PSK, some in enterprise mode and whoknowswhatelse ... Doing this on the terminal is simply a waste of time and it would be rational to have a GUI for at least this subset of the full ifconfig functionality. Does anyone know of an approach here? For now dependencies like GTK || qt doesn't matter /mirco
Re: Sector offset values for softraid volumes
On Sun, Aug 04, 2013 at 06:24:33AM -0700, Chris Cappuccio wrote: Erling Westenvik [erling.westen...@gmail.com] wrote: physical disks: sd0a: 64 + N-64 sd1a: 64 + N-64 RAID 1 volume: sd2a: 64 + 64 + N-128 CRYPTO volume: sd3a: 64 + 64 + 64 + N-196 The space wasted on large disks is negligible but I would really like to know at which level the 64 sector offset may be set to 0. I believe the offset is for fdisk to store the MBR and first stage boot loader. The BIOS uses it, OpenBSD does not. I bet you'll be ok with a 0 offset on raid sd2a and sd3a (and only a disklabel, no fdisk). The softraid manual shows using fdisk -i on the raid volumes, and I hope that's just a mistake. Thanks. My lack of knowledge about harddisk geometry, MBR's and disklabel partitioning is almost embarrasing and I'm sorry that I forgot to specify that the architecture is i386. It was the manpage for softraid that made me ask. As you state, it shows using fdisk -iy, something which confused me since I've seen examples of disklabels with both offsets of 0 and 64. I'll do some tests with different setups. Regards, Erling The sparc/sparc64 platforms are good places to look because they don't get touched by the BIOS (sounds like softraid) and therefore use don't use fdisk, mbr, BIOS. (Some years ago someone gave me two Sun Sparc stations complete with 21 monitors, keyboard and everything. I'm ashamed to tell that I threw them away when moving house. It was before I got serious with OpenBSD..) They're slso good because these platforms were designed ground-up to run BSD, boots a fourth interpreter as its first program (OBP), and know how to charge up the old boot blocks without compatibility glue in-between. Here's a disklabel from my Sun Fire T1000. Unlike fdisk, no space needs to be cut out for disklabel, which already owns the first 16 sectors in the FFS layout. # /dev/rsd0c: type: SCSI disk: SCSI disk label: ST31000524AS duid: 6f7f7705c7253071 flags: vendor bytes/sector: 512 sectors/track: 127 tracks/cylinder: 16 sectors/cylinder: 2032 cylinders: 36366 total sectors: 1953525168 boundstart: 0 boundend: 1953525168 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 20990560 4.2BSD 2048 163841 # / b: 17040352 2099056swap # none c: 19535251680 unused d: 8390128 19139408 4.2BSD 2048 163841 # /tmp e: 41420288 27529536 4.2BSD 2048 163841 # /var f: 4196080 68949824 4.2BSD 2048 163841 # /usr g: 2099056 73145904 4.2BSD 2048 163841 # /usr/X11R6 h: 20972272 75244960 4.2BSD 2048 163841 # /usr/local i: 4196080 96217232 4.2BSD 2048 163841 # /usr/src j: 4196080100413312 4.2BSD 2048 163841 # /usr/obj k: 1848914768104609392 4.2BSD 8192 655361 # /home
Re: OpenBSD-current on MacBookPro9,2 Xorg acpilk-ed
On Mon, Aug 05, 2013 at 01:25:25PM +0200, Milan Bartos wrote: I've installed OpenBSD-current to MacBookPro 9,2 (Mid-2012). Did you have any trouble installing? I have the same computer and have never been able to install anything other than OS X due to what I think is a BIOS bug. When booting from BIOS emulation, the screen flashes with bootloader messages (both with OpenBSD or with various Linux CD images). Then it goes blank. The system does boot though. I can type commands (e.g. set the link state on ethernet), and the system obviously responds. Recent OpenBSD snapshots and Linux even have the screen come back after bootup with a framebuffer. Unfortunately the OpenBSD install CD doesn't include framebuffer drivers. Did you have similar trouble? Or did it just work? - Martin
Re: OpenBSD-current on MacBookPro9,2 Xorg acpilk-ed
Hi Martin, On 5 August 2013 15:59, Martin Brandenburg mar...@martinbrandenburg.com wrote: On Mon, Aug 05, 2013 at 01:25:25PM +0200, Milan Bartos wrote: I've installed OpenBSD-current to MacBookPro 9,2 (Mid-2012). Did you have any trouble installing? I have the same computer and have never been able to install anything other than OS X due to what I think is a BIOS bug. When booting from BIOS emulation, the screen flashes with bootloader messages (both with OpenBSD or with various Linux CD images). Then it goes blank. The system does boot though. I can type commands (e.g. set the link state on ethernet), and the system obviously responds. Recent OpenBSD snapshots and Linux even have the screen come back after bootup with a framebuffer. Unfortunately the OpenBSD install CD doesn't include framebuffer drivers. Did you have similar trouble? Or did it just work? I've installed it without any problem and have not faced any screen flashing. Installing from -current bsd.rd worked even without framebuffer. After installation, framebuffer is present and working. But I've done everything with -current, I wasn't able to even boot without kernel panic (some ACPI related stuff) when using 5.3. m. - Martin
Re: Compilers in OpenBSD
On Wed, Jul 31, 2013 at 09:19:11PM +, Miod Vallat wrote: A few of our developers have, over the years, become unafraid of gcc, and able to investigate issues, backport fixes, and fix or work around bugs: I'll only mention niklas@, espie@, etoh@ and otto@, and hope the few others will forgive me for not listing their names. This has not been an easy road, to say the least. Now, another few of our developers are working on building a similar knowledge of llvm. I wish them a lot of luck, and I will try to join them in the near future. In the meantime I am not sure they feel confident enough to support switching the most popular OpenBSD platforms from gcc to llvm. I'm still somewhat afraid of gcc. I actively hate some of the changes they've made in the attribute code between 2.95 and 4.2. I've completely given up trying to cooperate with the FSF on this. They only accept changes to -current, and they take long enough to review it and complain about style issue that most often, you have to prepare the patch again. It is also a complete waste of time, since the GPLv2 version is now totally unsupported, so any change we give back will become more of the hated GPLv3 code base. At least LLVM/clang is under a sane licence. And it hasn't suffered thru years of paranoia (but if we disentangle the front and back-end, some evil evil commercial outfit may use it to write a proprietary back-end of gcc) So, even if it's a lot of work, even if some platforms are not supported (yet) by llvm/clang, at least the work we put into it won't be pure OpenBSD work that's a complete waste of time where upstream is concerned...
Re: poptop on OpenBSD 5.3
Hi Wesley, Loïc, Thanks for the advice. I didn't know about npppd. It seems an interesting option. I am going to try that. Cheers, Alvaro 2013/8/4 Loïc BLOT loic.b...@unix-experience.fr I approve Wesley, if you use OpenBSD 5.3 you should use npppd it's simpler than poptop and have nearly the same functionalities -- Best regards, Loïc BLOT, UNIX systems, security and network expert http://www.unix-experience.fr Le lundi 05 août 2013 à 08:46 +0400, Wesley MOUEDINE ASSABY a écrit : Hi, Why not use the embedded package in OpenBSD 5.3 : npppd ?? conf files : /etc/npppd/npppd.conf and npppd-users Below a link that will help you on : http://fr.slideshare.net/GiovanniBechis/npppd-easy-vpn-with-openbsd Cheers, Wesley Le 2013-08-05 4:48, Alvaro Mantilla Gimenez a écrit : Hi, I am trying to configure poptop on OpenBSD 5.3 without success. I've installed the package and configured the files as the /usr/local/share/doc/pkg-readmes/poptop-1.3.4p4 says but didn't work so I started to change things here and there without success. These are the facts: /etc/pptpd.conf: stimeout 10 noipparam logwtmp localip 5.5.5.1 remoteip 5.5.5.2-102 /etc/ppp/options: lock auth usehostname proxyarp +MSChap-V2 mppe-128 mppe-stateless /etc/ppp/ppp.conf: default: set log Phase Chat LCP IPCP CCP tun command set speed 115200 pptp: set log phase tun enable proxy set dns 8.8.8.8 8.8.4.4 set ifaddr 5.5.5.1 5.5.5.0/0 255.255.255.0 set timeout 0 enable chap enable MSChapV2 And here the error: pptpd[25764]: CTRL: Starting call (launching pppd, opening GRE) ppp[14716]: Phase: Using interface: tun0 ppp[14716]: Phase: deflink: Created in closed state ppp[14716]: tun0: Command: default: set speed 115200 ppp[14716]: tun0: Command: pptp: set log phase tun ppp[14716]: tun0: Phase: PPP Started (direct mode). ppp[14716]: tun0: Phase: bundle: Establish ppp[14716]: tun0: Phase: deflink: closed - opening ppp[14716]: tun0: Phase: deflink: Connected! ppp[14716]: tun0: Phase: deflink: opening - carrier ppp[14716]: tun0: Phase: deflink: carrier - lcp ppp[14716]: tun0: Phase: bundle: Authenticate ppp[14716]: tun0: Phase: deflink: his = none, mine = CHAP 0x81 ppp[14716]: tun0: Phase: Chap Output: CHALLENGE ppp[14716]: tun0: Phase: Chap Input: RESPONSE (49 bytes from testuser) ppp[14716]: tun0: Phase: Chap Output: SUCCESS ppp[14716]: tun0: Phase: deflink: lcp - open ppp[14716]: tun0: Phase: bundle: Network ppp[14716]: tun0: Phase: deflink: open - lcp ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Phase: bundle: Terminate pptpd[25764]: CTRL: EOF or bad error reading ctrl packet length. pptpd[25764]: CTRL: couldn't read packet header (exit) pptpd[25764]: CTRL: CTRL read failed ppp[14716]: tun0: Phase: deflink: read (0): Got zero bytes ppp[14716]: tun0: Phase: deflink: Disconnected! ppp[14716]: tun0: Phase: deflink: Connect time: 1 secs: 354 octets in, 364 octets out ppp[14716]: tun0: Phase: deflink: 7 packets in, 11 packets out ppp[14716]: tun0: Phase: total 718 bytes/sec, peak 0 bytes/sec on Sun Aug 4 18:23:07 2013 ppp[14716]: tun0: Phase: deflink: lcp - closed ppp[14716]: tun0: Phase: bundle: Dead ppp[14716]: tun0: Phase: PPP Terminated (normal). pptpd[25764]: CTRL: Client truncated_ip control connection finished So far I think is not an authentication problem (the authentication process seems to be success) and it is a network related issue. However, I do not how to fix it according to the three lines on the output: ppp[14716]: tun0: Warning: ff01:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable ppp[14716]: tun0: Warning: ff02:4::: Change route failed: errno: Network is unreachable I enabled and applied on sysctl.conf: net.inet.gre.allow=1 net.inet.gre.wccp=1 Also, I added the pf.conf lines needed to allow traffic from 1723 and GRE connections and, to be sure, let all traffic from 5.5.5.0 network pass through the firewall on tun0. Any help? What I am missing? Thanks in advance, Alvaro [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]