# mpd5 - can't find the error



## joseche (May 16, 2012)

I can't find the problem in my config file, I am trying to connect to a VPN server, here is my file:


```
startup:
        set user admin admin admin
        set console self 127.0.0.1 5005
        set console open
        set web self 0.0.0.0 5006
        set web open

default:
        load pptp_client

pptp_client:
        create bundle static B1
        set bundle enable crypt-reqd
        set bundle enable compression
        set ccp yes mppc
        set ccp enable pred1
        set ccp enable mppc
        set mppc accept compress
        set mppc yes e40 e56
        set mppc yes e128 stateless
        set iface route 10.0.0.0/8
        set ipcp ranges 0.0.0.0/0 0.0.0.0/0
        set ipcp yes vjcomp
        set iface enable nat tcpmssfix
        set nat enable same-ports unreg-only
        set nat disable incoming
        create link static L1 pptp
        set link action bundle B1
        set link enable pap
        set link accept pap
        set link max-redial 0
        set link mtu 1460
        set link mru 1460
        set link keep-alive 20 75
        set link yes pap
        set link no ACFCOMP protocomp
        set pptp peer x.x.x.x
        set pptp disable windowing
        set auth authname "_______"
        set auth password "_______"
```

And here is what happens in the log:



```
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
[L1] PPTP call successful
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1460
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Request #1 (Req-Sent)
[L1]   AUTHPROTO PAP
[L1]   MAGICNUM 24995ad6
[L1] LCP: SendConfigAck #1
[L1]   AUTHPROTO PAP
[L1]   MAGICNUM 24995ad6
[L1] LCP: state change Req-Sent --> Ack-Sent
[L1] LCP: rec'd Configure Nak #1 (Ack-Sent)
[L1]   MRU 1500
[L1]   AUTHPROTO CHAP MD5
[L1] LCP: SendConfigReq #2
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Nak #2 (Ack-Sent)
[L1]   AUTHPROTO CHAP MD5
[L1] LCP: SendConfigReq #3
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Nak #3 (Ack-Sent)
[L1]   AUTHPROTO CHAP MD5
[L1] LCP: SendConfigReq #4
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Nak #4 (Ack-Sent)
[L1]   AUTHPROTO CHAP MD5
[L1] LCP: SendConfigReq #5
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Nak #5 (Ack-Sent)
[L1]   AUTHPROTO CHAP MD5
[L1] LCP: SendConfigReq #6
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Reject #6 (Ack-Sent)
[L1]   AUTHPROTO PAP
[L1] LCP: SendConfigReq #7
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Reject #7 (Ack-Sent)
[L1]   AUTHPROTO PAP
[L1] LCP: SendConfigReq #8
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Reject #8 (Ack-Sent)
[L1]   AUTHPROTO PAP
[L1] LCP: SendConfigReq #9
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Reject #9 (Ack-Sent)
[L1]   AUTHPROTO PAP
[L1] LCP: SendConfigReq #10
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM c976ef4c
[L1]   AUTHPROTO PAP
[L1] LCP: rec'd Configure Reject #10 (Ack-Sent)
[L1]   AUTHPROTO PAP
[L1] LCP: not converging
[L1] LCP: parameter negotiation failed
[L1] LCP: state change Ack-Sent --> Stopped
[L1] LCP: LayerFinish
[L1] PPTP call terminated
[L1] Link: DOWN event
[L1] LCP: Down event
[L1] LCP: state change Stopped --> Starting
[L1] LCP: LayerStart
[L1] Link: reconnection attempt 1 in 4 seconds
```


----------



## ecazamir (May 19, 2012)

The server is refusing PAP authentication, count how many times does this message appear:

```
[L1] LCP: rec'd Configure Reject #9 (Ack-Sent)
[L1]   AUTHPROTO PAP
```
You may need this:

```
set link enable chap
```
You can find here and here how to configure authentication.


----------



## joseche (May 20, 2012)

I tried that, enabling CHAP but this is what happens:


```
CONSOLE: listening on 127.0.0.1 5005
web: listening on 0.0.0.0 5006
[B1] Bundle: Interface ng0 created
[L1] [L1] Link: OPEN event
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
[L1] PPTP call successful
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1460
[L1]   MAGICNUM 41f42983
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: rec'd Configure Request #1 (Req-Sent)
[L1]   AUTHPROTO PAP
[L1]   MAGICNUM 3743d3e4
[L1] LCP: SendConfigNak #1
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: rec'd Configure Nak #1 (Req-Sent)
[L1]   MRU 1500
[L1] LCP: SendConfigReq #2
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 41f42983
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: rec'd Configure Request #2 (Req-Sent)
[L1]   AUTHPROTO CHAP MSOFTv2
[L1]   MAGICNUM 3743d3e4
[L1] LCP: SendConfigAck #2
[L1]   AUTHPROTO CHAP MSOFTv2
[L1]   MAGICNUM 3743d3e4
[L1] LCP: state change Req-Sent --> Ack-Sent
[L1] LCP: rec'd Configure Ack #2 (Ack-Sent)
[L1]   ACCMAP 0x000a0000
[L1]   MRU 1500
[L1]   MAGICNUM 41f42983
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: state change Ack-Sent --> Opened
[L1] LCP: auth: peer wants CHAP, I want CHAP
[L1] CHAP: sending CHALLENGE #1 len: 33
[L1] LCP: LayerUp
[L1] CHAP: rec'd CHALLENGE #1 len: 34
[L1]   Name: "<a name I don't recognize, lets call it A>"
[L1] CHAP: Using authname "<my username>"
[L1] CHAP: sending RESPONSE #1 len: 66
[L1] CHAP: rec'd RESPONSE #1 len: 67
[L1]   Name: "<name A I don't recognize>"
[L1] AUTH: Trying INTERNAL
[L1] AUTH: User "<name A I don't recognize>" not found in secret file
[L1] AUTH: INTERNAL returned: failed
[L1] AUTH: ran out of backends
[L1] CHAP: Auth return status: failed
[L1] CHAP: Reply message: E=691 R=0 M=Login incorrect
[L1] CHAP: sending FAILURE #1 len: 31
[L1] LCP: authorization failed
[L1] LCP: parameter negotiation failed
[L1] LCP: state change Opened --> Stopping
[L1] LCP: SendTerminateReq #3
[L1] LCP: LayerDown
[L1] rec'd proto CHAP during terminate phase
[L1] LCP: rec'd Terminate Ack #3 (Stopping)
[L1] LCP: state change Stopping --> Stopped
[L1] LCP: LayerFinish
[L1] PPTP call terminated
[L1] Link: DOWN event
[L1] LCP: Down event
[L1] LCP: state change Stopped --> Starting
[L1] LCP: LayerStart
[L1] Link: reconnection attempt 1 in 3 seconds
```

What is that name I can't recognize and why should I have a password associated with it?

Thanks


----------



## ecazamir (May 21, 2012)

The first part of the log is showing that the remote server does not like MSCHAPv2, then is trying to authenticate to yours. MPD looks for a user/password combination in mpd.secret, the internal authentication mechanism is enabled by default. 

Do you have access to the settings / logs of the remote server? Is a windows client operating fine as a PPTP VPN client?


----------

