3 дня и 3 ночи танцевал вокруг mpd, обшарил пол гугла, но так и не получилось...
Помогите
Есть домашний сервер на котором:
FreeBSD 7.0 i386 ядро пересобрано.
AthlonXP 2000, 128M RAM. для squid, mysql, ftp, httpd i samba на 5 пользователей деже больше чем
vr0 - моя сеть 172.16.254.0/24( мой пк и wifi)
rl0 - сеть для 4 пользователей 172.17.254.0/24
rl2 - локалка 10.193.16.0/255.255.240.0
ng0 - adsl dynip
ng1 - vpn к серверу провайдера нужен для реального и постоянного белого ip 77.120.132.xx
ng2 - vpn на работу
ngх - интерфейс для pptp подключений извне
tun0 - openvpn
что у меня получилось:
adsl (ng0) поднимается без проблем(с 1 раза стал)
tun0 - openvpn работает, но плохо что он поднимает только 1 интерфейс, а не для каждого пользователя отдельно(если несколько в онлайне)
что у меня не работает
1)
pptp server - вот для него настройка mpd.conf
Код: Выделить всё
pptp_server1:
# set ippool add pool1 172.16.250.50 172.16.250.99
create bundle template B3
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
# set ipcp ranges 172.16.250.0/24 ippool pool1
set ipcp ranges 172.25.250.1
#172.25.250.2/32
set ipcp dns 172.16.254.254
# set iface up-script "/usr/local/etc/mpd/up.sh"
# set iface down-script "/usr/local/etc/mpd5/down.sh"
set bundle yes crypt-reqd
set bundle enable compression
set ccp yes mppc
# set mppc yes e40
# set mppc yes e128
# set mppc yes stateless
set bundle enable crypt-reqd
set ccp yes mpp-stateless
create link template L pptp
# set link type pptp
set auth acct-update 300
set link action bundle B3
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 60 180
set link mtu 1460
set pptp self 172.16.254.254
set link enable incoming
# set pptp disable originate
2)[root@freebsd ~]# mpd
Multi-link PPP daemon for FreeBSD
process 72501 started, version 5.0b1 (root@freebsd.org 02:04 8-Dec-2007)
Usage: set ipcp ranges self/width peer/width
PPTP: waiting for connection on 172.16.254.254
[L-1] Accepting PPTP connection
[L-1] link: OPEN event
[L-1] LCP: Open event
[L-1] LCP: state change Initial --> Starting
[L-1] LCP: LayerStart
[L-1] PPTP: attaching to peer's outgoing call
[L-1] link: UP event
[L-1] link: origination is remote
[L-1] LCP: Up event
[L-1] LCP: state change Starting --> Req-Sent
[L-1] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 00f67e00
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
ENDPOINTDISC [802.1] 00 10 5a 73 af b6
[L-1] LCP: rec'd Configure Request #0 (Req-Sent)
MRU 1400
MAGICNUM 3c267a7f
PROTOCOMP
ACFCOMP
CALLBACK 6
MP MRRU 1614
ENDPOINTDISC [LOCAL] 79 7d f7 21 08 c6 40 b4 a1 9c e5 ca 7f ce b5 14 00 00 0
[L-1] LCP: SendConfigRej #0
CALLBACK 6
[L-1] LCP: rec'd Configure Request #1 (Req-Sent)
MRU 1400
MAGICNUM 3c267a7f
PROTOCOMP
ACFCOMP
MP MRRU 1614
ENDPOINTDISC [LOCAL] 79 7d f7 21 08 c6 40 b4 a1 9c e5 ca 7f ce b5 14 00 00 0
[L-1] LCP: SendConfigNak #1
MP MRRU 1600
[L-1] LCP: rec'd Configure Request #2 (Req-Sent)
MRU 1400
MAGICNUM 3c267a7f
PROTOCOMP
ACFCOMP
MP MRRU 1600
ENDPOINTDISC [LOCAL] 79 7d f7 21 08 c6 40 b4 a1 9c e5 ca 7f ce b5 14 00 00 0
[L-1] LCP: SendConfigAck #2
MRU 1400
MAGICNUM 3c267a7f
PROTOCOMP
ACFCOMP
MP MRRU 1600
ENDPOINTDISC [LOCAL] 79 7d f7 21 08 c6 40 b4 a1 9c e5 ca 7f ce b5 14 00 00 0
[L-1] LCP: state change Req-Sent --> Ack-Sent
[L-1] LCP: SendConfigReq #2
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 00f67e00
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
ENDPOINTDISC [802.1] 00 10 5a 73 af b6
[L-1] LCP: rec'd Configure Ack #2 (Ack-Sent)
ACFCOMP
PROTOCOMP
MRU 1500
MAGICNUM 00f67e00
AUTHPROTO CHAP MSOFTv2
MP MRRU 1600
ENDPOINTDISC [802.1] 00 10 5a 73 af b6
[L-1] LCP: state change Ack-Sent --> Opened
[L-1] LCP: auth: peer wants nothing, I want CHAP
[L-1] CHAP: sending CHALLENGE len:17
[L-1] LCP: LayerUp
[L-1] LCP: rec'd Ident #3 (Opened)
[L-1] LCP: rec'd Ident #4 (Opened)
[L-1] CHAP: rec'd RESPONSE #1
Name: "aaa"
[L-1] AUTH: Auth-Thread started
[L-1] AUTH: Trying INTERNAL
[L-1] AUTH: INTERNAL returned undefined
[L-1] AUTH: Auth-Thread finished normally
[L-1] CHAP: ChapInputFinish: status undefined
Response is valid
Reply message: S=B9EE9AE444F04359C11C8197C96E13A5C34FE242
[L-1] CHAP: sending SUCCESS len:42
[L-1] LCP: authorization successful
[L-1] Matched link action 'bundle "B3" ""'
[L-1] Creating new bundle using template "B3".
[B3-1] using interface ng1
[B3-1] Bundle up: 1 link, total bandwidth 64000 bps
[B3-1] IPCP: Open event
[B3-1] IPCP: state change Initial --> Starting
[B3-1] IPCP: LayerStart
[B3-1] CCP: Open event
[B3-1] CCP: state change Initial --> Starting
[B3-1] CCP: LayerStart
[B3-1] IPCP: Up event
[B3-1] IPCP: state change Starting --> Req-Sent
[B3-1] IPCP: SendConfigReq #1
IPADDR 172.19.254.254
COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B3-1] CCP: Up event
[B3-1] CCP: state change Starting --> Req-Sent
[B3-1] CCP: SendConfigReq #1
[L-1] AUTH: Accounting-Thread started
[L-1] AUTH: Accounting-Thread finished normally
[B3-1] CCP: rec'd Configure Request #5 (Req-Sent)
MPPC
0x010000e1:MPPC, MPPE(40, 56, 128 bits), stateless
[B3-1] CCP: SendConfigRej #5
MPPC
0x010000e1:MPPC, MPPE(40, 56, 128 bits), stateless
[B3-1] IPCP: rec'd Configure Request #6 (Req-Sent)
IPADDR 0.0.0.0
no IP address available for peer!
NAKing with 0.0.0.0
PRIDNS 0.0.0.0
NAKing with 172.16.254.254
PRINBNS 0.0.0.0
SECDNS 0.0.0.0
SECNBNS 0.0.0.0
[B3-1] IPCP: SendConfigRej #6
PRINBNS 0.0.0.0
SECDNS 0.0.0.0
SECNBNS 0.0.0.0
[B3-1] IPCP: rec'd Configure Reject #1 (Req-Sent)
COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B3-1] IPCP: SendConfigReq #2
IPADDR 172.19.254.254
[B3-1] CCP: rec'd Configure Nak #1 (Req-Sent)
MPPC
0x00000000:
[B3-1] CCP: SendConfigReq #2
[L-1] LCP: rec'd Terminate Request #7 (Opened)
[L-1] LCP: state change Opened --> Stopping
[L-1] AUTH: Accounting data for user aaa: 2 seconds, 92 octets in, 108 octets out
[B3-1] Bundle up: 0 links, total bandwidth 9600 bps
[B3-1] IPCP: Close event
[B3-1] IPCP: state change Req-Sent --> Closing
[B3-1] IPCP: SendTerminateReq #3
[B3-1] error writing len 8 frame to bypass: Network is down
[B3-1] CCP: Close event
[B3-1] CCP: state change Req-Sent --> Closing
[B3-1] CCP: SendTerminateReq #3
[B3-1] error writing len 8 frame to bypass: Network is down
[B3-1] IPCP: Down event
[B3-1] IPCP: LayerFinish
[B3-1] No NCPs left. Closing links...
[B3-1] IPCP: state change Closing --> Initial
[B3-1] CCP: Down event
[B3-1] CCP: LayerFinish
[B3-1] CCP: state change Closing --> Initial
[B3-1] Bundle shutdown
[L-1] AUTH: Cleanup
[L-1] LCP: SendTerminateAck #3
[L-1] LCP: LayerDown
[L-1] AUTH: Accounting-Thread started
[L-1] AUTH: Accounting-Thread finished normally
[L-1] LCP: rec'd Terminate Request #8 (Stopping)
[L-1] LCP: SendTerminateAck #4
[L-1] LCP: state change Stopping --> Stopped
[L-1] LCP: LayerFinish
[L-1] PPTP call terminated
[L-1] link: DOWN event
[L-1] LCP: Close event
[L-1] LCP: state change Stopped --> Closed
[L-1] LCP: Down event
[L-1] LCP: state change Closed --> Initial
[L-1] link: SHUTDOWN event
q
[L] CONSOLE: root: q
Console closed.
caught fatal signal term
process 72501 terminated
pptp соединние на работу - вот для него настройка mpd.conf
вот лог соединенияtele:
#
# PPTP client: only outgoing calls, auto reconnect,
# ipcp-negotiated address, one-sided authentication,
# default route points on ISP's end
#
create bundle static B2
# new -i ng2 vpn vpn
new -i ng2 pptp pptp
# set iface route default
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set ipcp yes vjcom
# Enable Microsoft Point-to-Point encryption (MPPE)
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set bundle enable crypt-reqd
set ccp yes mpp-stateless
# set link mtu 1460
# set pptp disable windowing
create link static L2 pptp
set auth authname dn
set auth password {}
set link max-redial 0
set link yes chap-msv2
set link yes eap
set link yes chap-msv1
set link yes chap-md5
set link yes chap
set link yes pap
set link keep-alive 20 75
set link action bundle B2
# set pptp self 77.120.132.хх
set pptp peer vpn.tххххs.com.ua
open
пробовал комментировать разные протоколы аудентификации непомогает[root@freebsd ~]# mpd
Multi-link PPP daemon for FreeBSD
process 78962 started, version 5.0b1 (root@freebsd.org 02:04 8-Dec-2007)
[B2] using interface ng1
mpd.conf:138: Unknown command: 'new'. Try "help".
[L2] link: OPEN event
[L2] LCP: Open event
[L2] LCP: state change Initial --> Starting
[L2] LCP: LayerStart
[L2] PPTP call successful
[L2] link: UP event
[L2] link: origination is local
[L2] LCP: Up event
[L2] LCP: state change Starting --> Req-Sent
[L2] LCP: SendConfigReq #1
ACFCOMP
PROTOCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM d87ab76e
AUTHPROTO CHAP MSOFTv2
[L2] LCP: rec'd Configure Request #0 (Req-Sent)
MRU 1400
AUTHPROTO EAP
MAGICNUM 4c2d604c
PROTOCOMP
ACFCOMP
CALLBACK 6
MP MRRU 1614
ENDPOINTDISC [LOCAL] 87 43 cd 99 dc 3b 45 b5 81 a6 e2 fd 38 bb 42 72 00 00 0
BACP
Not supported
[L2] LCP: SendConfigRej #0
CALLBACK 6
MP MRRU 1614
BACP
[L2] LCP: rec'd Configure Ack #1 (Req-Sent)
ACFCOMP
PROTOCOMP
ACCMAP 0x000a0000
MRU 1500
MAGICNUM d87ab76e
AUTHPROTO CHAP MSOFTv2
[L2] LCP: state change Req-Sent --> Ack-Rcvd
[L2] LCP: rec'd Configure Request #1 (Ack-Rcvd)
MRU 1400
AUTHPROTO EAP
MAGICNUM 4c2d604c
PROTOCOMP
ACFCOMP
ENDPOINTDISC [LOCAL] 87 43 cd 99 dc 3b 45 b5 81 a6 e2 fd 38 bb 42 72 00 00 0
[L2] LCP: SendConfigAck #1
MRU 1400
AUTHPROTO EAP
MAGICNUM 4c2d604c
PROTOCOMP
ACFCOMP
ENDPOINTDISC [LOCAL] 87 43 cd 99 dc 3b 45 b5 81 a6 e2 fd 38 bb 42 72 00 00 0
[L2] LCP: state change Ack-Rcvd --> Opened
[L2] LCP: auth: peer wants EAP, I want CHAP
[L2] CHAP: sending CHALLENGE len:31
[L2] LCP: LayerUp
[L2] EAP: rec'd REQUEST Type Identity #134 len:1
[L2] EAP: sending RESPONSE Type Identity len:14
[L2] LCP: rec'd Terminate Request #3 (Opened)
[L2] LCP: state change Opened --> Stopping
[L2] AUTH: Cleanup
[L2] LCP: SendTerminateAck #2
[L2] LCP: LayerDown
[L2] LCP: rec'd Terminate Request #4 (Stopping)
[L2] LCP: SendTerminateAck #3
[L2] LCP: state change Stopping --> Stopped
[L2] LCP: LayerFinish
q
[L2] CONSOLE: root: q
Console closed.
caught fatal signal term
[B2] IFACE: Close event
[B2] IPCP: Close event
[B2] CCP: Close event
[B2] Bundle shutdown
process 78962 terminated
[root@freebsd ~]#
из под винды на работу конектюсь наура.
чтобы присвоить нужное имя интерфейсу используется команда new -i ng2 pptp pptp(vpn vpn) но в моём случае всегда выпадает ошибка
Код: Выделить всё
почему?mpd.conf:138: Unknown command: 'new'. Try "help".
4)
vpn к серверу провайдера (ng1) - замучал, в итоге поднялся, но через 30сек - 1мин падает, и пока он поднят, через него неходят пакеты...
спасибо.
