Recently I have been moving some nat/vpn equipment over to pfSense 1.2.3RC1.
At location A, I have two Soekris Net4801 appliances and 1.2.3RC1 embedded. They are independent units. One is the nat/firewall facing our DSL which is used for office surfing. The other is our primary VPN server and facing our bonded T1's, very little outgoing traffic on this unit. At location B, I installed 1.2.3RC1 from the live CD on an older dual PIII motherboard with dual Intel Nics. Not that it appears to matter, location B is using Radius for user authentication and location A uses the included user table and we set up PPTP vpn connectivity for end users. The issue I have is from location A through either of the Soekris appliances, I can not get a VPN connect(PPTP) to location B from WinXP or Linux(Ubuntu or openSuSE). We can connect to location B from other locations. Also at location A, I can connect (bypassing the Soekris units running pfSense embedded) to our T1's with a laptop running WinXP or Ubuntu(dual boot) and I can connect. I am getting no errors from the packet rules. From my reading of the logs at location B comparing a good vs bad connect, the attempt never successfully negotiates a connection and does not get to the user id/password stage. Below are what I thought were the revelent portions of the syslogs from the receiving pfSense computer. It's an older dual PIII computer with two Intel 10/100 nics. Any suggestions or is this a bug? Lyle Giese LCR Computer Services, Inc. Bad connect: Aug 5 08:14:07 vpngw mpd: [pt0] LCP: SendConfigReq #125 Aug 5 08:14:07 vpngw mpd: ACFCOMP Aug 5 08:14:07 vpngw mpd: PROTOCOMP Aug 5 08:14:07 vpngw mpd: MRU 1500 Aug 5 08:14:07 vpngw mpd: MAGICNUM 9f01cb88 Aug 5 08:14:07 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:14:07 vpngw mpd: MP MRRU 1600 Aug 5 08:14:07 vpngw mpd: MP SHORTSEQ Aug 5 08:14:07 vpngw mpd: ENDPOINTDISC [802.1] 00 e0 81 26 02 4a Aug 5 08:14:09 vpngw mpd: [pt0] LCP: SendConfigReq #126 Aug 5 08:14:09 vpngw mpd: ACFCOMP Aug 5 08:14:09 vpngw mpd: PROTOCOMP Aug 5 08:14:09 vpngw mpd: MRU 1500 Aug 5 08:14:09 vpngw mpd: MAGICNUM 9f01cb88 Aug 5 08:14:09 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:14:09 vpngw mpd: MP MRRU 1600 Aug 5 08:14:09 vpngw mpd: MP SHORTSEQ Aug 5 08:14:09 vpngw mpd: ENDPOINTDISC [802.1] 00 e0 81 26 02 4a Aug 5 08:14:09 vpngw mpd: pptp0-0: call cleared by peer Aug 5 08:14:09 vpngw mpd: pptp0-0: killing channel Aug 5 08:14:09 vpngw mpd: [pt0] PPTP call terminated Good connect: Aug 5 08:36:32 vpngw mpd: [pt1] LCP: rec'd Configure Request #0 link 0 (Req-Sent) Aug 5 08:36:32 vpngw mpd: MRU 1400 Aug 5 08:36:32 vpngw mpd: MAGICNUM 7f9a3790 Aug 5 08:36:32 vpngw mpd: PROTOCOMP Aug 5 08:36:32 vpngw mpd: ACFCOMP Aug 5 08:36:32 vpngw mpd: CALLBACK Aug 5 08:36:32 vpngw mpd: Not supported Aug 5 08:36:32 vpngw mpd: [pt1] LCP: SendConfigRej #0 Aug 5 08:36:32 vpngw mpd: CALLBACK Aug 5 08:36:32 vpngw mpd: [pt1] LCP: rec'd Configure Request #1 link 0 (Req-Sent) Aug 5 08:36:32 vpngw mpd: MRU 1400 Aug 5 08:36:32 vpngw mpd: MAGICNUM 7f9a3790 Aug 5 08:36:32 vpngw mpd: PROTOCOMP Aug 5 08:36:32 vpngw mpd: ACFCOMP Aug 5 08:36:32 vpngw mpd: [pt1] LCP: SendConfigAck #1 Aug 5 08:36:32 vpngw mpd: MRU 1400 Aug 5 08:36:32 vpngw mpd: MAGICNUM 7f9a3790 Aug 5 08:36:32 vpngw mpd: PROTOCOMP Aug 5 08:36:32 vpngw mpd: ACFCOMP Aug 5 08:36:32 vpngw mpd: [pt1] LCP: state change Req-Sent --> Ack-Sent Aug 5 08:36:34 vpngw mpd: [pt1] LCP: SendConfigReq #2 Aug 5 08:36:34 vpngw mpd: ACFCOMP Aug 5 08:36:34 vpngw mpd: PROTOCOMP Aug 5 08:36:34 vpngw mpd: MRU 1500 Aug 5 08:36:34 vpngw mpd: MAGICNUM 8c782bd4 Aug 5 08:36:34 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:36:34 vpngw mpd: MP MRRU 1600 Aug 5 08:36:34 vpngw mpd: MP SHORTSEQ Aug 5 08:36:34 vpngw mpd: ENDPOINTDISC [802.1] 00 e0 81 26 02 4a Aug 5 08:36:34 vpngw mpd: [pt1] LCP: rec'd Configure Reject #2 link 0 (Ack-Sent) Aug 5 08:36:34 vpngw mpd: MP MRRU 1600 Aug 5 08:36:34 vpngw mpd: MP SHORTSEQ Aug 5 08:36:34 vpngw mpd: ENDPOINTDISC [802.1] 00 e0 81 26 02 4a Aug 5 08:36:34 vpngw mpd: [pt1] LCP: SendConfigReq #3 Aug 5 08:36:34 vpngw mpd: ACFCOMP Aug 5 08:36:34 vpngw mpd: PROTOCOMP Aug 5 08:36:34 vpngw mpd: MRU 1500 Aug 5 08:36:34 vpngw mpd: MAGICNUM 8c782bd4 Aug 5 08:36:34 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:36:34 vpngw mpd: [pt1] LCP: rec'd Ident #3 link 0 (Ack-Sent) Aug 5 08:36:34 vpngw mpd: MESG: MSRAS-0-shuttle2 Aug 5 08:36:34 vpngw mpd: pptp1-0: ignoring SetLinkInfo Aug 5 08:36:36 vpngw mpd: [pt1] LCP: SendConfigReq #4 Aug 5 08:36:36 vpngw mpd: ACFCOMP Aug 5 08:36:36 vpngw mpd: PROTOCOMP Aug 5 08:36:36 vpngw mpd: MRU 1500 Aug 5 08:36:36 vpngw mpd: MAGICNUM 8c782bd4 Aug 5 08:36:36 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:36:36 vpngw mpd: pptp1-0: ignoring SetLinkInfo Aug 5 08:36:36 vpngw mpd: [pt1] LCP: rec'd Configure Request #4 link 0 (Ack-Sent) Aug 5 08:36:36 vpngw mpd: MRU 1400 Aug 5 08:36:36 vpngw mpd: MAGICNUM 7f9a3790 Aug 5 08:36:36 vpngw mpd: PROTOCOMP Aug 5 08:36:36 vpngw mpd: ACFCOMP Aug 5 08:36:36 vpngw mpd: [pt1] LCP: SendConfigAck #4 Aug 5 08:36:36 vpngw mpd: MRU 1400 Aug 5 08:36:36 vpngw mpd: MAGICNUM 7f9a3790 Aug 5 08:36:36 vpngw mpd: PROTOCOMP Aug 5 08:36:36 vpngw mpd: ACFCOMP Aug 5 08:36:36 vpngw mpd: [pt1] LCP: rec'd Configure Ack #4 link 0 (Ack-Sent) Aug 5 08:36:36 vpngw mpd: ACFCOMP Aug 5 08:36:36 vpngw mpd: PROTOCOMP Aug 5 08:36:36 vpngw mpd: MRU 1500 Aug 5 08:36:36 vpngw mpd: MAGICNUM 8c782bd4 Aug 5 08:36:36 vpngw mpd: AUTHPROTO CHAP MSOFTv2 Aug 5 08:36:36 vpngw mpd: [pt1] LCP: state change Ack-Sent --> Opened Aug 5 08:36:36 vpngw mpd: [pt1] LCP: phase shift ESTABLISH --> AUTHENTICATE --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
