Re: npppd(8) and PROXY_AUTHEN_CHALLENGE bad length with Juniper

2021-03-08 Thread YASUOKA Masahiko
edit-dynamic-profiles-chap.html the max challenge length can be configured 63 at the maximum. I'm thinking change the limit in npppd to 96. On Mon, 8 Mar 2021 20:33:21 + Ryan Freeman wrote: > Thank you for the reply! I have been given permission to show a bit > more about our setup.

Re: npppd(8) and PROXY_AUTHEN_CHALLENGE bad length with Juniper

2021-03-06 Thread YASUOKA Masahiko
NGTH/2 messsage=none > > [1] at some point over the course of debugging, I did notice that this > error would /sometimes/ print on the connections from the 'old' equipment, > but would continue to work anyway: > > Mar 5 10:21:44 edge9 npppd[35209]: ppp id=4108 layer=chap proto=unknown > "Proxy Authen Challenge" is too long. > > This now also prints on all the 'new equipment' successful connections since > disabling the AVP_MAXLEN_CHECK. -- YASUOKA Masahiko http://yasuoka.net/~yasuoka/ mailto:yasu...@yasuoka.net mobile:090-8801-1637

Re: npppd - changing clients' route table

2021-02-21 Thread YASUOKA Masahiko
tmask 255.255.255.0 { option classless-ms-static-routes 10.109.3.0/24 192.168.255.254; option classless-static-routes10.109.3.0/24 192.168.255.254; } --- $ doas /usr/sbin/dhcpd -u255.255.255.255 -c /etc/dhcpd-l2tp.conf > On Sun, 21 Feb 2021 23:18:19 +0900 (JST) > YASUOKA Masahiko wrote:

Re: npppd - changing clients' route table

2021-02-21 Thread YASUOKA Masahiko
Hello, On Sat, 20 Feb 2021 21:14:24 +0100 Radek wrote: > I have a router with VPN server (npppd). LAN net is 10.109.3.0/24, gw > 10.109.3.254, the VPN net is 10.109.4.0/24, gw 10.109.4.254. > If the client is conencted to VPN all client's traffic to 10.0.0.0/8 goes via > 10.109.4.254 > >

Re: npppd - problem with simultaneous sessions

2021-01-08 Thread YASUOKA Masahiko
.Z.13 > } X.Y.Z.13 ? Or a NAT is there? It is directly connected do X.Y.Z.13, no NAT. On Thu, 07 Jan 2021 16:27:57 +0900 (JST) YASUOKA Masahiko wrote: Hi, On Wed, 6 Jan 2021 21:33:49 +0100 Radek wrote: > I have a box with relatively fresh install of 68/amd64, fully > syspatched

Re: npppd - problem with simultaneous sessions

2021-01-06 Thread YASUOKA Masahiko
Hi, On Wed, 6 Jan 2021 21:33:49 +0100 Radek wrote: I have a box with relatively fresh install of 68/amd64, fully syspatched. There is a npppd server running on it. The problem is that I can have only one nppp session at one time. If the second vpn user connects the box, the first nppp

Re: OpenBSD UEFI on QEMU emulator

2020-10-22 Thread YASUOKA Masahiko
On Fri, 23 Oct 2020 09:59:24 +0800 Kevin Shell wrote: > I want to try out OpenBSD UEFI. > How to install OpenBSD with UEFI boot on qemu? > The install68.iso has no UEFI support. > My following command on Linux can't boot OpenBSD UEFI. > > qemu-system-x86_64 -enable-kvm \ >

Re: EFI boot on Dell PowerEdge R610

2020-06-17 Thread YASUOKA Masahiko
Hi, On Wed, 17 Jun 2020 00:37:48 -0700 Johan Hattne wrote: > On 2020-05-29 17:01, Johan Hattne wrote: >> >>> On May 28, 2020, at 20:38, YASUOKA Masahiko >>> wrote: >>> >>> Hi, >>> >>> On Thu, 28 May 2020 09:46:23 -0700 >>

Re: EFI boot on Dell PowerEdge R610

2020-05-28 Thread YASUOKA Masahiko
Hi, On Thu, 28 May 2020 09:46:23 -0700 Johan Hattne wrote: >> On May 28, 2020, at 06:42, Nick Holland wrote: >> >> On 2020-05-28 05:15, Johan Hattne wrote: >>> On 2020-05-28 00:56, Johan Hattne wrote: >>>> On 2020-05-28 00:43, YASUOKA Masahiko wrote: >

Re: EFI boot on Dell PowerEdge R610

2020-05-28 Thread YASUOKA Masahiko
Hi, On Wed, 27 May 2020 22:32:58 -0700 Johan Hattne wrote: > I've been trying to boot the 6.7 installation media from USB via EFI > on a Dell PowerEdge R610. The screen goes blank and then the thing > resets (so no kernel output or anything). I can boot the same stick > via BIOS. > > I've

Re: UEFI Issue

2019-07-29 Thread YASUOKA Masahiko
On Tue, 16 Jul 2019 18:32:28 + Charlie Burnett wrote: > Hey, I'm looking to get OpenBSD working in UEFI only mode on newer Thinkpad > X1 devices, because for whatever reason it hangs when loading into memory > without CSM enabled, and some of the X1 devices no longer have a CSM > option. Does

Re: cvs2gitdump dumps core when trying process src

2017-12-24 Thread YASUOKA Masahiko
Hi, On Sun, 24 Dec 2017 03:32:05 +0530 Dinesh Thirumurthy wrote: >> The conversion on github is done with cvs2gitdump. > > git2cvsdump dumps core on latest current. > I am stumped after some basic investigation. > > /usr/local/bin/cvs2gitdump dumps core. (snip) >

Re: Boot installation problem on laptop with Intel N3350 CPU

2017-10-13 Thread YASUOKA Masahiko
On Fri, 13 Oct 2017 14:50:50 +0900 (JST) YASUOKA Masahiko <yasu...@openbsd.org> wrote: > On Thu, 12 Oct 2017 00:46:20 -0400 > Ken Withee <wit...@protonmail.ch> wrote: >> I had something similar and had to change to legacy in bios or something >> like that. >

Re: Boot installation problem on laptop with Intel N3350 CPU

2017-10-12 Thread YASUOKA Masahiko
On Thu, 12 Oct 2017 00:46:20 -0400 Ken Withee wrote: > I had something similar and had to change to legacy in bios or something like > that. > > Sent from ProtonMail Mobile > > On Wed, Oct 11, 2017 at 4:51 PM, Pedro Ramos wrote: > >> Hello, I am

Re: Change Time zones cause ddb in 6.2 snapshot

2017-10-03 Thread YASUOKA Masahiko
The problem is fixed https://marc.info/?l=openbsd-cvs=150702971726161=2 Thank you for your report. On Fri, 29 Sep 2017 18:33:50 +0800 "Fung" wrote: > snapshots/amd64/ > Build date: 1506531075 - Wed Sep 27 16:51:15 UTC 2017 > > how to repeat the problem > > # config -ef /bsd

Re: OpenBSD 6.1: BOOTIA32 3.32 issue

2017-05-14 Thread YASUOKA Masahiko
On Fri, 12 May 2017 16:15:52 +0200 Michele Curti <michele.cu...@gmail.com> wrote: > On Fri, May 12, 2017 at 06:01:35PM +0900, YASUOKA Masahiko wrote: >> > And something like this? >> >> Yes. What we need to do is comparing the device path node before >> M

Re: OpenBSD 6.1: BOOTIA32 3.32 issue

2017-05-12 Thread YASUOKA Masahiko
On Fri, 12 May 2017 09:33:04 +0200 Michele Curti wrote: > On Fri, May 12, 2017 at 07:27:45AM +0200, Michele Curti wrote: >> >> The efi_device_path_cmp() compares only a path node. >> I tried the following diff just to see if I undestood something, >> hd0 is now set

Re: OpenBSD 6.1: BOOTIA32 3.32 issue

2017-05-11 Thread YASUOKA Masahiko
On Thu, 11 May 2017 23:45:17 +0200 Michele Curti wrote: > On Wed, May 10, 2017 at 08:35:28PM +0200, Patrick Wildt wrote: >> >> I don't think this is the correct fix. It might solve your issue, but I >> don't think it's completely right. So EFI has those so called

Re: OpenBSD 6.1: BOOTIA32 3.32 issue

2017-05-11 Thread YASUOKA Masahiko
Hi, Thank you for your tests, On Thu, 11 May 2017 07:40:42 +0200 Michele Curti wrote: > On Wed, May 10, 2017 at 08:35:28PM +0200, Patrick Wildt wrote: >> On Wed, May 10, 2017 at 03:14:30PM +0200, Stefan Sperling wrote: >> > On Tue, May 09, 2017 at 09:47:14PM +0200,

Re: OpenBSD 6.1: BOOTIA32 3.32 issue

2017-05-10 Thread YASUOKA Masahiko
Hi, On Tue, 9 May 2017 10:20:03 +0200 Michele Curti wrote: > I also tried a fresh install, but things do not change. > Boot fails and when I do a "machine diskinfo" I got a lot of "?" > symbols (a video here https://www.youtube.com/watch?v=fsomNX-oFTQ ) Hanging on

Re: non-PAP in radiusd

2017-01-11 Thread YASUOKA Masahiko
On Tue, 10 Jan 2017 01:50:31 + Pete Zabagel wrote: > I noticed in the radiusd.conf man page that the bsdauth module only > supports PAP: > > "It only supports PAP, password based authentication." > > Is there a specific reason as to why CHAP isn't implemented?

Re: macbook EFI bootloader

2016-12-29 Thread YASUOKA Masahiko
On Tue, 27 Dec 2016 18:24:38 -0800 Byron Klippert wrote: > This setup gets as far as shown below and then stops... > > probing: pc0 mem[572K 64K 3039M 11M 60K 48K] > disk: hd0 >>> OpenBSD/amd64 BOOTIA32 3.32 > boot> > booting hd0a:/bsd: 6979304+2212872+258624+0+765952 >

Re: OpenBSD Current on MacBook Air 7,1

2016-12-29 Thread YASUOKA Masahiko
Hi, On Mon, 12 Dec 2016 20:19:19 +0100 Piotr Isajew wrote: > There seems to be a problem with a bootloader though. Once the > system is installed on the SSD, the bootloader just stucks after > probing HDDs. Also it's not possible to boot from the > installation USB anymore. I'd

Re: BL460c G1 issues

2016-08-03 Thread YASUOKA Masahiko
On Tue, 24 May 2016 16:02:21 -0400 Steve Shockley wrote: > I have an HP BL460c blade I'm using with OpenBSD. I was able to get > 5.8 to install by disabling ACPI; since I'm lazy I didn't submit a bug > report. I tried to upgrade to 5.9 (and -current), but booting

Re: uefi boot

2016-07-12 Thread YASUOKA Masahiko
Hi, On Tue, 12 Jul 2016 21:17:20 -0300 Friedrich Locke wrote: > I wonder if that's possible to boot obsd amd64 5.9 CD on a computer whose > bios is setted to boot UEFI secure mode off. 5.9 CD doesn't support UEFI boot. If the computer doesn't have legacy mode BIOS,

Re: uefi

2016-07-01 Thread YASUOKA Masahiko
On Thu, 30 Jun 2016 10:41:39 -0300 Friedrich Locke wrote: > i would like to know if there is anyone in this list that is running > Windows and OBSD 5.9 amd 64 on the same machine with UEFI and doing, > naturally, multiboot. Both my vaio laptops and dell desktop boot

Re: L2TP/IPSec via npppd won't work with Android 6.0.1

2016-03-30 Thread YASUOKA Masahiko
On Tue, 29 Mar 2016 11:37:14 +0200 Mattieu Baptiste wrote: > On Tue, Mar 29, 2016 at 5:43 AM, Sly Midnight wrote: >> I don't mean to bring up an old thread, but I was wondering if anyone >> else was experiencing issues with OpenBSD 5.8 and Android

Re: L2TP/IPSec via npppd won't work with Android 5.x

2016-02-21 Thread YASUOKA Masahiko
Hi, On Mon, 22 Feb 2016 00:26:11 +0800 Jiahao Dai wrote: > I am a new openBSD user and I found it's extramly difficult to setup a > L2TP/IPSec(IKEv1) Road Warrior server to getting work with Android devices. > > I followed the tutorial here Configuring L2TP Over IPSec on

Re: npppd pppx0 VPN Client can access wan but cannot access lan

2015-12-18 Thread YASUOKA Masahiko
Hi, On Sat, 19 Dec 2015 01:11:40 - "torsten" wrote: > I'm, running OpenBSD 5.8, npppd, mpath and have tried the same on 5.7 and 5.3. > npppd is works fine and clients can connect using windows pptp client. > The Client has the pptp connection set as default gateway

Re: "panic: ipintr no HDR" when attempting to connect OpenBSD running l2tp/IPsec

2015-12-03 Thread YASUOKA Masahiko
Can you check "net.pipex.enable"? pppxwrite() is not used if "net.pipex.enable=1". --yasuoka

Re: Failure to boot install media using bootia32.efi

2015-12-02 Thread YASUOKA Masahiko
On Tue, 1 Dec 2015 20:41:15 + Callum Davies wrote: > I have two "devices" using IA32 UEFI firmware with 64-bit > hardware. An Asus EeeBook X502TA and qemu-system-x86_64 with > an IA32 TianoCore firmware. Neither of these will boot from > snapshots/amd64/install58.fs. >

Re: UEFI boot-looping on Asus M5A97 LE R2.0 motherboard

2015-11-26 Thread YASUOKA Masahiko
On Wed, 11 Nov 2015 15:33:06 -0500 "Joe Gidi" wrote: > I recently installed a UEFI-capable Asus M5A97 LE R2.0 motherboard in one > of my systems and tried to boot the November 11th amd64 miniroot58.fs > image to test UEFI booting. I get to the bootloader, but it appears to

Re: UEFI boot-looping on Asus M5A97 LE R2.0 motherboard

2015-11-26 Thread YASUOKA Masahiko
Hi, On Thu, 26 Nov 2015 09:57:12 -0500 "Joe Gidi" <j...@entropicblur.com> wrote: > On Thu, November 26, 2015 5:20 am, YASUOKA Masahiko wrote: >> On Wed, 11 Nov 2015 15:33:06 -0500 >> "Joe Gidi" <j...@entropicblur.com> wrote: >>> I recently

Re: UEFI boot-looping on Asus M5A97 LE R2.0 motherboard

2015-11-26 Thread YASUOKA Masahiko
On Thu, 26 Nov 2015 11:10:33 -0500 "Joe Gidi" <j...@entropicblur.com> wrote: > On Thu, November 26, 2015 10:59 am, YASUOKA Masahiko wrote: >> On Thu, 26 Nov 2015 09:57:12 -0500 >> "Joe Gidi" <j...@entropicblur.com> wrote: >>> On Thu, Novemb

Re: UEFI boot-looping on Asus M5A97 LE R2.0 motherboard

2015-11-26 Thread YASUOKA Masahiko
On Thu, 26 Nov 2015 11:51:03 -0500 "Joe Gidi" <j...@entropicblur.com> wrote: > On Thu, November 26, 2015 11:27 am, YASUOKA Masahiko wrote: >> On Thu, 26 Nov 2015 11:10:33 -0500 >> "Joe Gidi" <j...@entropicblur.com> wrote: >>> On Thu, Novembe

Re: installboot with amd64 root on softraid crypto, NOT 'a' partition

2015-11-09 Thread YASUOKA Masahiko
On Sun, 8 Nov 2015 21:22:04 -0800 Nathan Wheeler wrote: > I ran into this exact same issue when I was trying to create a > rollback install with CRYPTO for a sort of appliance I develop/manage > for my company. We only have remote access with console and remote > hands

Re: installboot with amd64 root on softraid crypto, NOT 'a' partition

2015-11-08 Thread YASUOKA Masahiko
On Sun, 8 Nov 2015 11:52:48 +0100 Stefan Sperling wrote: > On Sat, Nov 07, 2015 at 07:57:05PM -0500, Jonathan Thornburg wrote: >> At this point the machine can boot and run sd1[aeg] fine. *But* if I >> enter "boot sr1d:/bsd" at the "boot>" prompt, the machine boots sd1[aeg], >>

Re: (U)EFI install and boot not finding hd0a:/bsd

2015-11-03 Thread YASUOKA Masahiko
On Sun, 01 Nov 2015 10:09:37 -0800 Bryan Vyhmeister wrote: > Perhaps this is related to something else but on my 2013 MacBook Air > with an OpenBSD-only EFI install, boot fails to attempt booting from > hd0a:/bsd but instead tries fd0a:/bsd several times. I tried adding >

Re: (U)EFI install and boot not finding hd0a:/bsd

2015-11-03 Thread YASUOKA Masahiko
On Tue, 03 Nov 2015 10:14:08 -0800 Bryan Vyhmeister <br...@bsdjournal.net> wrote: > On Tue, Nov 3, 2015, at 03:23 AM, YASUOKA Masahiko wrote: >> I fixed the problem with the booted device on cvs repository. >> Thank for your report. >> >> > Is thi

Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)

2015-10-05 Thread YASUOKA Masahiko
t 4 configuration 1 interface 1 "Microsoft Comfort > Curve Keyboard 3000" rev 2.00/1.70 addr 2 > uhidev1: iclass 3/0, 1 report id > uhid at uhidev1 reportid 1 not configured > umass0 at uhub2 port 2 configuration 1 interface 0 " Patriot Memory" > rev 2.00/1.00 addr

Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)

2015-09-23 Thread YASUOKA Masahiko
On Wed, 23 Sep 2015 14:40:52 -0500 Brian Conway wrote: >> This picture shows >> >> Load address: Loader Data (2) 0xd0 for 4096KB FATAL >> >> This is what I want to know. 0xd0 + 4M is overlapping the kernel >> area. >> >> I think the following diff or >> >>

Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)

2015-09-22 Thread YASUOKA Masahiko
On Tue, 22 Sep 2015 14:20:22 -0500 Brian Conway wrote: >> Can you try the diff following or >> >> http://yasuoka.net/~yasuoka/BOOTX64.EFI >> >> ? Then enter "machine memory" on "boot> " prompt and check the last line. >> It shows whether the memory area for kernel is

Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)

2015-09-22 Thread YASUOKA Masahiko
Hi, On Thu, 17 Sep 2015 20:47:22 -0500 Brian Conway wrote: > The NUC 2820 I was previously testing snapshots with has moved on to a > better place (and lacked any meaningful serial console support), but > here are some logs from an MSI AM1I motherboard, both the

Re: Native EFI Bootloader Support

2015-09-15 Thread YASUOKA Masahiko
On Tue, 15 Sep 2015 23:35:16 +0100 Toby Slight wrote: > On 15 September 2015 at 18:09, Chris Cappuccio wrote: >> Sounds like a bug in the brand new EFI boot blocks which affects your uefi >> firmware and not some others. It seems all of your tests are

Re: Native EFI Bootloader Support

2015-09-13 Thread YASUOKA Masahiko
Hi, Thank you for your report. Can you provide a result of machine memory machine disk on boot prompt? >>> Also, is it normal that the resolution is a tiny cropped box in >>> the middle of the screen? The resolution is limitted to 100x31 or 80x25 since efifb was too slow at least on my

Re: npppd and vpn connections on the same network

2014-12-01 Thread YASUOKA Masahiko
Yes. But there is a bug with Windows clients. See http://marc.info/?l=openbsd-miscm=141627574522930w=2 On Mon, 1 Dec 2014 12:42:41 +0100 Christer Solskogen christer.solsko...@gmail.com wrote: Hi! Is it possible to setup npppd so that the clients are on the same network as the local

Re: npppd and vpn connections on the same network

2014-12-01 Thread YASUOKA Masahiko
On Mon, 1 Dec 2014 11:38:31 -0500 trondd tro...@gmail.com wrote: I had this set up for an Android and an OSX client. Ignore the networks part and configure the connections for the end points. I took the npppd assigned IPs out of my DHCP range. I think I misunderstood your question. You want

Re: Concurrent L2TP/IPSEC connections for Windows Clients behind a shared NAT

2014-11-18 Thread YASUOKA Masahiko
On Sat, 15 Nov 2014 00:48:44 + James McGoodwin jmcgood...@kobo.com wrote: However Windows clients are limited to only one connection at a time. Subsequent connections cause the current session to die and be replaced by the new one. (snip) In short, many security associations (for each

Re: npppd Ipsec L2TP mtu issues.

2014-09-16 Thread YASUOKA Masahiko
On Mon, 15 Sep 2014 20:22:25 +0200 Jens Hansen jensh...@gmail.com wrote: Thank you for your response. I've investegated a little further, I see the following in /var/log/messages on the l2tp npppd server: l2tpd ctrl=1 timeout waiting ack for hello packets. l2tpd ctrl=1 call=28732

Re: npppd Ipsec L2TP mtu issues.

2014-09-13 Thread YASUOKA Masahiko
Hi, On Sun, 7 Sep 2014 21:00:31 +0200 Jens Hansen jensh...@gmail.com wrote: I can successfully connect to my opensbsd 5.5. isakmpd / npppd IPSEC L2TP vpn setup. But (not knowing too much about netwoking) i think i'm having a mtu problem. I can do low volume traffic fine, but transmitting

Re: Custom kernel with PIPEX without IPSEC failed to compile

2014-06-22 Thread YASUOKA Masahiko
On Sun, 22 Jun 2014 15:06:59 +0600 Ivan Solonin iss...@gmail.com wrote: I tried to compile custom kernel in the 5.5 release of OpenBSD on landisk platform with PIPEX, but found requirment of IPSEC by PIPEX. As I've found in file /sys/netinet/udp_usrreq.c it uses IPSEC only with L2TP to

Re: npppd security

2014-05-29 Thread YASUOKA Masahiko
On Wed, 28 May 2014 22:04:34 +0300 Mike Jackson m...@netauth.com wrote: If npppd tunnel listen address can't be changed and l2tp-ipsec-require isn't supported, You can change the listen address by npppd.conf: tunnel L2TP protocol l2tp { listen on xxx.xxx.xxx.xxx } l2tp-ipsec-require

Re: pipex and npppd syslog

2014-05-28 Thread YASUOKA Masahiko
On Tue, 27 May 2014 20:03:54 +0200 Marko Cupać marko.cu...@mimar.rs wrote: I have relatively busy npppd pptp server, and it logs a lot of output into /var/log/messages. How can I move npppd and pipex log messages into separate file? As far as syslog.conf(5), you can use !!npppd for that

Re: PPTP after removing of userland ppp(8)

2014-03-19 Thread YASUOKA Masahiko
On Thu, 20 Mar 2014 00:39:50 +0200 Атанас Владимиров don.na...@gmail.com wrote: I was running PPTP client pptp-1.7.2p4 with userland ppp(8). It was a basic setup from pptp(8) manual page and specifically PPTP on a router example. What are my alternatives to run PPTP to connect to Microsoft VPN

Re: npppd with two pppx interfaces causes kernel panic

2014-03-19 Thread YASUOKA Masahiko
On Wed, 19 Mar 2014 16:45:46 -0700 Paul B. Henson hen...@acm.org wrote: After successfully setting up an L2TP VPN with npppd and pppx, I tried to add a second VPN subnet with a different authentication base. I was working remotely, and after starting npppd in debug mode: pppx will be fixed.

Re: npppd with two pppx interfaces causes kernel panic

2014-03-19 Thread YASUOKA Masahiko
On Wed, 19 Mar 2014 21:05:35 -0700 Paul B. Henson hen...@acm.org wrote: On Thu, Mar 20, 2014 at 10:22:51AM +0900, YASUOKA Masahiko wrote: pppx will be fixed. Great :). This is a known bug then? It's new for me. I had not even try MAKEDEV pppx1 yet. Should I just keep an eye

Re: ospfd and L2VPN routes

2014-03-05 Thread YASUOKA Masahiko
On Sat, 1 Mar 2014 18:23:08 -0800 Paul B. Henson hen...@acm.org wrote: On Sat, Mar 01, 2014 at 01:48:06PM +0900, YASUOKA Masahiko wrote: on the other side? Right now it looks like the client is setting a route to 10.0.0.0/8 across the tunnel, that should actually be 10.128.0.0/16, would

Re: ospfd and L2VPN routes

2014-03-05 Thread YASUOKA Masahiko
On Sat, 1 Mar 2014 18:42:11 -0800 Paul B. Henson hen...@acm.org wrote: On Sat, Mar 01, 2014 at 07:41:10PM +0900, YASUOKA Masahiko wrote: I could repeat the problem. ospfd seems not to be able to use routes set by npppd. The problem seems to be come from pppx(4)'s behavior of its link state

Re: ospfd and L2VPN routes

2014-03-05 Thread YASUOKA Masahiko
On Wed, 5 Mar 2014 10:50:10 -0800 Paul B. Henson hen...@acm.org wrote: From: YASUOKA Masahiko Sent: Wednesday, March 05, 2014 1:48 AM framed-ip-netmask in npppd-user to set the netmask of the route to the PPP link. But it is not to set the client netmask (on iPhone). AFAIK to set

Re: ospfd and L2VPN routes

2014-03-05 Thread YASUOKA Masahiko
On Wed, 5 Mar 2014 10:55:51 -0800 Paul B. Henson hen...@acm.org wrote: From: YASUOKA Masahiko Sent: Wednesday, March 05, 2014 3:20 AM % ospfctl show fib | grep 128 *56 10.128.120.0/24 127.0.0.1 *56 10.128.120.213/3210.0.0.1 Interesting, not only does it show

Re: ospfd and L2VPN routes

2014-03-01 Thread YASUOKA Masahiko
On Fri, 28 Feb 2014 12:41:16 -0800 Paul B. Henson hen...@acm.org wrote: I'm currently setting up an L2TP VPN with npppd. I've got the VPN piece working, and can send packets between the client and the openbsd box running the vpn. However, I'm currently using ospfd for routing between the rest

Re: ospfd and L2VPN routes

2014-02-28 Thread YASUOKA Masahiko
On Fri, 28 Feb 2014 12:41:16 -0800 Paul B. Henson hen...@acm.org wrote: I'm currently setting up an L2TP VPN with npppd. I've got the VPN piece working, and can send packets between the client and the openbsd box running the vpn. However, I'm currently using ospfd for routing between the rest

Re: npppd ipcp pool address configuration

2014-02-28 Thread YASUOKA Masahiko
Hi, On Fri, 28 Feb 2014 11:54:07 -0800 Paul B. Henson hen...@acm.org wrote: According to the npppd.conf man page: pool-address address-range | address-mask [for dynamic | static] Specify the IP address space that is pooled for this IPCP setting. The address

Re: ospfd and L2VPN routes

2014-02-28 Thread YASUOKA Masahiko
On Fri, 28 Feb 2014 19:42:26 -0800 Paul B. Henson hen...@acm.org wrote: On Sat, Mar 01, 2014 at 11:23:01AM +0900, YASUOKA Masahiko wrote: I'm not sure whether it works. Can you try it by static route? A static route on the network on the other side of the openbsd box? I'm sure that would

Re: L2TP VPN / pf

2014-02-27 Thread YASUOKA Masahiko
On Thu, 27 Feb 2014 13:51:10 -0800 Paul B. Henson hen...@acm.org wrote: From: YASUOKA Masahiko Sent: Wednesday, February 26, 2014 8:46 PM sysctl net.pipex.enable=1 Hmm, yeah, that... I had updated my /etc/sysctl.conf with that change, but the system had not been rebooted since I did

Re: L2TP VPN / pf

2014-02-26 Thread YASUOKA Masahiko
Hi, On Wed, 26 Feb 2014 16:32:34 -0800 Paul B. Henson hen...@acm.org wrote: I currently have the following in pf.conf: - pass quick proto { esp, ah } from any to any pass in quick on em1 proto udp from any to 96.251.22.154 port {500, 4500, 1701} keep state set skip on enc0 set skip

Re: VPN Between OpenBSD and iOS

2013-12-30 Thread YASUOKA Masahiko
Hi, On Sun, 29 Dec 2013 20:58:03 -0500 Matt Carlson obsda0...@mpcarlson.com wrote: # grep -v ^# /etc/ipsec.conf ike passive esp transport \ proto udp \ from any to any port 1701 \ main auth hmac-sha1 enc aes group modp1024 \ quick auth hmac-sha1 enc aes-256 \ psk 1

Re: NPPPD and IPSec

2013-12-16 Thread YASUOKA Masahiko
Hi, On Mon, 2 Dec 2013 19:34:57 +0200 (IST) Or Elimelech o...@xwise.com wrote: I'm having trouble configuring Windows clients with l2tp over ipsec, This config works great on OSX/iOS/Android/Linux I do not know which type of auth/enc/group I should use for Windows clients I currently

Re: NPPPD and IPSec

2013-12-16 Thread YASUOKA Masahiko
The mail I replied to was too old.. sorry. On Mon, 16 Dec 2013 18:52:25 +0900 (JST) YASUOKA Masahiko yasu...@yasuoka.net wrote: On Mon, 2 Dec 2013 19:34:57 +0200 (IST) Or Elimelech o...@xwise.com wrote: I'm having trouble configuring Windows clients with l2tp over ipsec, This config works

Re: NPPPD

2013-12-09 Thread YASUOKA Masahiko
On Mon, 9 Dec 2013 09:38:50 +0200 (IST) Or Elimelech o...@xwise.com wrote: I've configured nppd server and clients for Linux, Android, iOS, OSX and Windows. This works on all platforms when routing all traffic through VPN except for Windows clients. Usually npppd can work with Windows client

Re: VPN suggestions

2013-11-11 Thread YASUOKA Masahiko
On Sun, 10 Nov 2013 02:31:39 +0200 Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: On 08/11/13 17:50, YASUOKA Masahiko wrote: What I'm wondering is what you guys do to setup the ipsec path of the tunnel. One option is to use a unique pre-shared key for all clients. But this is probably

Re: VPN suggestions

2013-11-08 Thread YASUOKA Masahiko
On Fri, 08 Nov 2013 14:38:33 +0200 Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: Playing around with npppd was straight forward and I was quite impressed with it. Good job. Thanks. EAP-TLS would also be a very nice feature to have. Do you mean npppd should *directly* authenticate the

Re: npppd / pppoe server troubles

2013-10-17 Thread YASUOKA Masahiko
Hi, On Wed, 16 Oct 2013 21:10:25 +0200 Gruel Bruno b.gr...@sdnet.info wrote: As i thought that it's doesn't read my users file i changed the username password but nothing else. Yes, the log shows the session is terminated because the passwords are mismatched. I checked by below snapshots,

Re: npppd / pppoe server troubles

2013-10-16 Thread YASUOKA Masahiko
Hi, On Wed, 16 Oct 2013 13:39:31 +0200 Gruel Bruno b.gr...@sdnet.info wrote: ### On OBSD 5.3 release : (snip) Segmentation fault After de DISCOVERY message the server crash with Segmentation fault This bug had been fixed on April 16. PPPoE server (by npppd) on 5.3 is completely broken.

Re: Hang possibly related to pipex

2013-07-08 Thread YASUOKA Masahiko
Hi, On Wed, 3 Jul 2013 13:55:45 +0200 Marko Cupać marko.cu...@mimar.rs wrote: In last 10 days machine hanged twice. I do not have hang message from the first time, but this time i read this: uvm_fault(0xd8f5f680, 0x0, 0, 3) - e kernel: page fault trap, code=0 Stopped at

Re: npppd, L2TP to Iphone, eap?

2013-07-02 Thread YASUOKA Masahiko
Hi, On Sun, 30 Jun 2013 15:03:58 + Brad Brad braddeic...@hotmail.com wrote: Hi, setting up npppd I get the following in the logs when connecting from Iphone 5 Jun 30 22:23:43 fire53 npppd[17905]: ppp id=0 layer=lcp No authentication protocols are agreeable.  peer's auth proto=eap If

Re: NPPPD with intermediate LTS

2013-05-14 Thread YASUOKA Masahiko
Hi, On Mon, 13 May 2013 15:28:38 +0100 Joe Holden li...@rewt.org.uk wrote: YASUOKA Masahiko wrote: On Wed, 08 May 2013 12:32:16 +0100 Joe Holden li...@rewt.org.uk wrote: YASUOKA Masahiko wrote: On Tue, 07 May 2013 22:38:46 +0100 Joe Holden li...@rewt.org.uk wrote: 2013-05-07 22:29:03:INFO

Re: NPPPD with intermediate LTS

2013-05-09 Thread YASUOKA Masahiko
On Wed, 08 May 2013 12:32:16 +0100 Joe Holden li...@rewt.org.uk wrote: YASUOKA Masahiko wrote: On Tue, 07 May 2013 22:38:46 +0100 Joe Holden li...@rewt.org.uk wrote: I'm testing out npppd as a termination device which is being fed from existing LACs (in this particular setup, mpd on FreeBSD

Re: NPPPD with intermediate LTS

2013-05-07 Thread YASUOKA Masahiko
Hi, On Tue, 07 May 2013 22:38:46 +0100 Joe Holden li...@rewt.org.uk wrote: I'm testing out npppd as a termination device which is being fed from existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC begins LCP to challenge the client for it's username in order to lookup the

Re: OpenBSD 5.3 npppd pppoe segmantation fault

2013-04-21 Thread YASUOKA Masahiko
Hi, Thank you for your feedbacks. On Sun, 21 Apr 2013 16:09:36 +0900 trick star freeu...@inbox.com wrote: I have question. npppd pppx session need the inet6? No, it doesn't matter the inet6. I usually kill the interface's inet6. npppd pppoe connection for tun0 work. but, pppx0's didn't

Re: OpenBSD 5.3 npppd pppoe segmantation fault

2013-04-20 Thread YASUOKA Masahiko
Hi, On Sat, 20 Apr 2013 01:00:14 +0900 trick star freeu...@inbox.com wrote: hi, I have problem in the OpenBSD -snapshots 5.3 npppd pppoe setting! server's npppd was down for segmantation fault. when client to attache the server. before -current version was fine. but new -snapshots is suck.

Re: npppd not communicating in 5.2

2013-03-06 Thread YASUOKA Masahiko
Hi, On Tue, 5 Mar 2013 16:35:51 -0500 Jason Markowitz jma...@gmail.com wrote: I'm receiving the following errors when attempting to establish a vpn session via l2tp, the ipsec side works fine and phase 1 authenticates perfectly, i dont see pf blocking anything in pf log (egress wide open,

Re: current snapshot pipex kernel panic

2013-02-13 Thread YASUOKA Masahiko
On Wed, 26 Sep 2012 14:44:58 +0900 (JST) YASUOKA Masahiko yasu...@yasuoka.net wrote: On Tue, 25 Sep 2012 16:16:12 +0200 csszep css...@gmail.com wrote: I wanted to try a simple npppd setup and i got a panic. I'm looking into this problem and fixing it. But it will take more days. oops, I

Re: npppd radius on current jan 21

2013-01-31 Thread YASUOKA Masahiko
On Wed, 30 Jan 2013 12:07:05 +0100 mxb m...@alumni.chalmers.se wrote: Yasuoka forgot to commit his fix. I have it working. Oops, I forgot about that fix... I've commited. Also here is the diff. Thanks, Index: npppd_auth.c ===

Re: npppd with tun interface not work on i386?

2013-01-30 Thread YASUOKA Masahiko
Hi, On Tue, 29 Jan 2013 20:20:24 +0100 csszep css...@gmail.com wrote: I tried to start npppd with the default config with tun0 interface on my Alix board: I get the following error message: # npppd -d 2013-01-29 19:54:38:NOTICE: Starting npppd pid=13464 version=5.0.0 2013-01-29

Re: npppd as pptpdserver

2012-10-17 Thread YASUOKA Masahiko
Hi, On Tue, 16 Oct 2012 22:29:44 +0400 pavel pocheptsov lilit-aibo...@mail.ru wrote: http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/npppd/Attic/HOWTO_PIPEX_NPPPD.txt?rev=1.3;content-type=text%2Fplain (snip) # uname -vrp 5.1 GENERIC.MP#188 i386 HOWTO_PIPEX_NPPPD.txt revsion 1.3

Re: npppd, framed_ip_address

2012-10-01 Thread YASUOKA Masahiko
On Sat, 29 Sep 2012 02:27:07 -0400 Andrew Ngo andrew@gmail.com wrote: On 28 September 2012 03:17, YASUOKA Masahiko yasu...@yasuoka.netjavascript:; wrote: On Thu, 27 Sep 2012 13:41:52 -0400 Andrew Ngo andrew@gmail.com javascript:; wrote: (By the way, the daemon goes absolutely bananas

Re: npppd, framed_ip_address

2012-09-28 Thread YASUOKA Masahiko
Hi, On Thu, 27 Sep 2012 13:41:52 -0400 Andrew Ngo andrew@gmail.com wrote: Hm. I can't seem to get npppd to map users to static addresses in the npppd-users file, after trying various permutations of pool-address ##-## for static and such. The client is an iPhone running iOS 6.0, and is

Re: current snapshot pipex kernel panic

2012-09-25 Thread YASUOKA Masahiko
Hello, On Tue, 25 Sep 2012 16:16:12 +0200 csszep css...@gmail.com wrote: I wanted to try a simple npppd setup and i got a panic. I'm looking into this problem and fixing it. But it will take more days. To workaround the problem, please add mppe no to the tunnel configuration. --yasuoka

Re: Microsoft Wireless Mobile Mouse 3500

2012-09-24 Thread YASUOKA Masahiko
On Mon, 24 Sep 2012 15:45:15 -0700 Justin Lindberg justin.lindb...@gmail.com wrote: I recently bought a Microsoft Wireless Mobile Mouse 3500, and I assumed it would work like most any other mouse on OpenBSD. Unfortunately it did not. After googling, I found a patch on the following page,

Re: npppd and iOS 5.1.1 on OpenBSD 5.1

2012-08-15 Thread YASUOKA Masahiko
Hi, real.local.concentrate: tun0 this should be realm.local.concentrate: tun0 I hope this will help you. --yasuoka On Wed, 15 Aug 2012 09:11:06 -0700 Johan Beisser j...@caustic.org wrote: I've hit a bit of a wall digging around getting L2TP working with OpenBSD 5.1. I've enabled

Re: npppd with EAP-TLS for PPTP

2012-03-01 Thread YASUOKA Masahiko
Hi, On Wed, 29 Feb 2012 12:52:40 +0100 Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote: since there is the limitation in npppd that it doesn't support multiple clients behind the same NAT host for IPSec/L2TP, I'm looking into using PPTP with EAP-TLS authentication. But I'm

Re: linux stronswan/xl2tpd client to IPSec/npppd

2012-01-19 Thread YASUOKA Masahiko
On Thu, 19 Jan 2012 14:10:03 +0100 Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote: On Thursday, January 19, 2012 02:23 CET, YASUOKA Masahiko yasu...@yasuoka.net wrote: On Thu, 19 Jan 2012 02:14:48 +0900 (JST) YASUOKA Masahiko yasu...@yasuoka.net wrote: To enable 'pppx mode', add

Re: linux stronswan/xl2tpd client to IPSec/npppd

2012-01-18 Thread YASUOKA Masahiko
Hello, On Tue, 17 Jan 2012 11:57:07 +0100 Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote: npppd doesn't implement AVP38, but reading the RFC, it seems, since its not mandatory, that should not be a problem. xl2tpd is wrong, requiring AVP 38 as mandatory. I belive this is a bug of

Re: linux stronswan/xl2tpd client to IPSec/npppd

2012-01-18 Thread YASUOKA Masahiko
Hi, On Thu, 19 Jan 2012 02:14:48 +0900 (JST) YASUOKA Masahiko yasu...@yasuoka.net wrote: On Tue, 17 Jan 2012 11:57:07 +0100 Sebastian Reitenbach sebas...@l00-bugdead-prods.de wrote: If you don't like this limitation, you can use 'pppx mode'. In 'pppx mode' npppd will create a pppx interface

Re: NPPPD/L2TP IPsec problems

2011-12-18 Thread YASUOKA Masahiko
Hi, On Fri, 16 Dec 2011 15:38:14 +0200 lilit-aibolit lilit-aibo...@mail.ru wrote: 29.09.2011 16:30, YASUOKA Masahiko P?P8QP5Q: On Mon, 26 Sep 2011 15:20:50 +0200 Martin Poulsenmar...@dividebyzero.dk wrote: This is my setup: client (Windows XP) NAT - internet - OpenBSD

Re: NPPPD/L2TP IPsec problems

2011-09-29 Thread YASUOKA Masahiko
On Mon, 26 Sep 2011 15:20:50 +0200 Martin Poulsen mar...@dividebyzero.dk wrote: I have been playing around a little with the npppd daemon having setup a L2TP server for test and learning purposes. The connection is running in an IPsec tunnel and it works great and runs very fine when used on a

Re: npppd as L2TP client

2011-09-27 Thread YASUOKA Masahiko
On Mon, 26 Sep 2011 22:22:13 -0700 (PDT) Matt S maschwa...@yahoo.com wrote: Is it possible to use npppd as an L2TP client or in a configuration where both vpn endpoints are OpenBSD based? Thank you in advance. No, currently npppd supports server side only. --yasuoka

Re: npppd OpenBSD 5.0

2011-09-20 Thread YASUOKA Masahiko
Hello, I'm a maintainer of npppd. On Tue, 20 Sep 2011 14:51:52 +0200 wessels wessels...@gmail.com wrote: I did a test install of OpenBSD 5.0 and noticed that npppd is present in the source tree but isn't compiled nor installed. I rebuild everything using yesterdays sources from CVS. A manual

Re: LAC LNS server with OpenBSD

2011-08-18 Thread YASUOKA Masahiko
Hi, On Thu, 18 Aug 2011 13:11:19 +0200 Andre Keller a...@list.ak.cx wrote: Am 18.08.2011 07:51, schrieb YASUOKA Masahiko: npppd supports `LNS' only and it supports `compulsory tunnel' (or `accept dialin'). So currently npppd can become `R3' on above picture but it can not become `R2

  1   2   >