Trouble with PAP_auth

Questions related to general functionality
Post Reply
jarinas
Posts: 2
Joined: 28 Feb 2017, 12:14

Trouble with PAP_auth

Post by jarinas »

Hi, i've a trouble with my PAP_auth and i don't see how can i solve it.

So, my situation, i use accel-ppp in a docker container, the container can communicate with the outside, the negotiation begin but fail.
debug.log:

Code: Select all

[2017-02-28 12:20:02]:  info: ppp0: connect: ppp0 <--> pppoe(MacAddress)
[2017-02-28 12:20:02]: debug: ppp0: lcp_layer_init
[2017-02-28 12:20:02]: debug: ppp0: auth_layer_init
[2017-02-28 12:20:02]: debug: ppp0: ccp_layer_init
[2017-02-28 12:20:02]: debug: ppp0: ipcp_layer_init
[2017-02-28 12:20:02]: debug: ppp0: ipv6cp_layer_init
[2017-02-28 12:20:02]: debug: ppp0: ppp established
[2017-02-28 12:20:02]: debug: ppp0: lcp_layer_start
[2017-02-28 12:20:02]:  info: ppp0: send [LCP ConfReq id=1 <auth PAP> <mru 1400> <magic 2157f6bc>]
[2017-02-28 12:20:03]:  info: ppp0: recv [LCP ConfReq id=48 <mru 1492> <magic d99f7c70>]
[2017-02-28 12:20:03]:  info: ppp0: send [LCP ConfAck id=48 ]
[2017-02-28 12:20:05]: debug: ppp0: fsm timeout
[2017-02-28 12:20:05]:  info: ppp0: send [LCP ConfReq id=1 <auth PAP> <mru 1400> <magic 2157f6bc>]
[2017-02-28 12:20:06]:  info: ppp0: recv [LCP ConfAck id=1 <auth PAP> <mru 1400> <magic 2157f6bc>]
[2017-02-28 12:20:06]: debug: ppp0: lcp_layer_started
[2017-02-28 12:20:06]: debug: ppp0: auth_layer_start
[2017-02-28 12:20:06]: debug: ppp0: recv [LCP EchoReq id=0 <magic d99f7c70>]
[2017-02-28 12:20:06]: debug: ppp0: send [LCP EchoRep id=0 <magic 2157f6bc>]
[2017-02-28 12:20:06]:  info: ppp0: recv [PAP AuthReq id=23]
[2017-02-28 12:20:06]:  warn: ppp0: pap: user not found
[2017-02-28 12:20:06]:  info: ppp0: send [PAP AuthNak id=23 "Authentication failed"]
[2017-02-28 12:20:06]:  info: ppp0: client: authentication failed
[2017-02-28 12:20:06]: debug: ppp0: ppp_terminate
[2017-02-28 12:20:06]: debug: ppp0: lcp_layer_finish
[2017-02-28 12:20:06]:  info: ppp0: send [LCP TermReq id=3]
[2017-02-28 12:20:06]: debug: ppp0: auth_layer_finish
[2017-02-28 12:20:06]: debug: ppp0: auth_layer_finished
[2017-02-28 12:20:06]:  info: ppp0: recv [LCP TermReq id=49]
[2017-02-28 12:20:06]:  info: ppp0: send [LCP TermAck id=73]
[2017-02-28 12:20:06]:  info: ppp0: recv [LCP TermAck id=3]
[2017-02-28 12:20:06]: debug: ppp0: lcp_layer_finished
[2017-02-28 12:20:06]: debug: ppp0: lcp_layer_free
[2017-02-28 12:20:06]: debug: ppp0: auth_layer_free
[2017-02-28 12:20:06]: debug: ppp0: ccp_layer_free
[2017-02-28 12:20:06]: debug: ppp0: ipcp_layer_free
[2017-02-28 12:20:06]: debug: ppp0: ipv6cp_layer_free
[2017-02-28 12:20:06]: debug: ppp0: ppp destablished
[2017-02-28 12:20:06]: debug: ppp0: pppoe: ppp finished
auth-fail.log:

Code: Select all

[2017-02-28 12:35:01]:  info: ppp0: connect: ppp0 <--> pppoe(MacAddress)
[2017-02-28 12:35:01]: debug: ppp0: lcp_layer_init
[2017-02-28 12:35:01]: debug: ppp0: auth_layer_init
[2017-02-28 12:35:01]: debug: ppp0: ccp_layer_init
[2017-02-28 12:35:01]: debug: ppp0: ipcp_layer_init
[2017-02-28 12:35:01]: debug: ppp0: ipv6cp_layer_init
[2017-02-28 12:35:01]: debug: ppp0: ppp established
[2017-02-28 12:35:01]: debug: ppp0: lcp_layer_start
[2017-02-28 12:35:01]:  info: ppp0: send [LCP ConfReq id=1 <auth PAP> <mru 1400> <magic 631b64d4>]
[2017-02-28 12:35:01]:  info: ppp0: recv [LCP ConfReq id=7e <mru 1492> <magic d271c9bc>]
[2017-02-28 12:35:01]:  info: ppp0: send [LCP ConfAck id=7e ]
[2017-02-28 12:35:04]: debug: ppp0: fsm timeout
[2017-02-28 12:35:04]:  info: ppp0: send [LCP ConfReq id=1 <auth PAP> <mru 1400> <magic 631b64d4>]
[2017-02-28 12:35:04]:  info: ppp0: recv [LCP ConfAck id=1 <auth PAP> <mru 1400> <magic 631b64d4>]
[2017-02-28 12:35:04]: debug: ppp0: lcp_layer_started
[2017-02-28 12:35:04]: debug: ppp0: auth_layer_start
[2017-02-28 12:35:04]: debug: ppp0: recv [LCP EchoReq id=0 <magic d271c9bc>]
[2017-02-28 12:35:04]: debug: ppp0: send [LCP EchoRep id=0 <magic 631b64d4>]
[2017-02-28 12:35:04]:  info: ppp0: recv [PAP AuthReq id=3e]
[2017-02-28 12:35:04]:  warn: ppp0: pap: user not found
[2017-02-28 12:35:04]:  info: ppp0: send [PAP AuthNak id=3e "Authentication failed"]
[2017-02-28 12:35:04]:  info: ppp0: client: authentication failed
[2017-02-28 12:35:04]: debug: ppp0: ppp_terminate
[2017-02-28 12:35:04]: debug: ppp0: lcp_layer_finish
[2017-02-28 12:35:04]:  info: ppp0: send [LCP TermReq id=3]
[2017-02-28 12:35:04]: debug: ppp0: auth_layer_finish
[2017-02-28 12:35:04]: debug: ppp0: auth_layer_finished
[2017-02-28 12:35:04]:  info: ppp0: recv [LCP TermReq id=7f]
[2017-02-28 12:35:04]:  info: ppp0: send [LCP TermAck id=127]
[2017-02-28 12:35:04]:  info: ppp0: recv [LCP TermAck id=3]
[2017-02-28 12:35:04]: debug: ppp0: lcp_layer_finished
[2017-02-28 12:35:04]: debug: ppp0: lcp_layer_free
[2017-02-28 12:35:04]: debug: ppp0: auth_layer_free
[2017-02-28 12:35:04]: debug: ppp0: ccp_layer_free
[2017-02-28 12:35:04]: debug: ppp0: ipcp_layer_free
[2017-02-28 12:35:04]: debug: ppp0: ipv6cp_layer_free
[2017-02-28 12:35:04]: debug: ppp0: ppp destablished
[2017-02-28 12:35:04]: debug: ppp0: pppoe: ppp finished

So i've check the trame with wireshark and the client seems to use the right username/password

Here, my config, maybe something wrong, just start with accel-PPP:

Code: Select all

[modules]
#path=/usr/local/lib/accel-ppp
log_file
#log_syslog
#log_tcp
#log_pgsql

#pptp
#l2tp
pppoe

#auth_mschap_v2
#auth_mschap_v1
#auth_chap_md5
auth_pap

#radius
ippool
#sigchld
#pppd_compat

#shaper
#shaper_tbf (obsolete)
#chap-secrets
#net-snmp
#logwtmp
#connlimit

#ipv6_nd
#ipv6_dhcp
#ipv6pool

[core]
log-error=/var/log/accel-ppp/core.log
thread-count=1

[ppp]
verbose=1
min-mtu=1280
mtu=1400
mru=1400
#ccp=0
#sid-case=upper
#check-ip=0
#single-session=replace
#mppe=require
ipv4=require
ipv6=deny
ipv6-intf-id=0:0:0:1
ipv6-peer-intf-id=0:0:0:2
ipv6-accept-peer-intf-id=1
lcp-echo-interval=20
lcp-echo-failure=3
lcp-echo-timeout=120
#unit-cache=1000

[auth]
#any-login=1
#noauth=1

[pptp]
#echo-interval=30
#mppe=allow
#ip-pool=pool1
#verbose=1

[pppoe]
interface=eth1
#interface=eth1,padi-limit=1000
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
#padi-limit=0
#mppe=allow
#ip-pool=test
verbose=1

[l2tp]
#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary
#hello-interval=60
#timeout=60
#rtimeout=5
#retransmit=5
#host-name=accel-ppp
#dir300_quirk=0
#secret=
#mppe=allow
#ip-pool=pool3
verbose=1

[dns]
#dns1=172.16.0.1
#dns2=172.16.1.1

[wins]
#wins1=172.16.0.1
#wins2=172.16.1.1

[radius]
#dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ppp
#nas-ip-address=127.0.0.1
#gw-ip-address=192.168.100.1
#auth-server=127.0.0.1:1812,testing123 (obsolete)
#acct-server=127.0.0.1:1813,testing123 (obsolete)
#server=127.0.0.1,testing123 (obsolete)
#server=127.0.0.1,testing123,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0
#dae-server=127.0.0.1:3799,testing123
#verbose=1
#timeout=3
#max-try=3
#acct-timeout=120
#acct-delay-time=0

[client-ip-range]
#10.0.0.0/8
disable

[ip-pool]
verbose=1
10.67.15.2-255
gw-ip-address=10.67.15.1
#vendor=Cisco
#attr=Cisco-AVPair
#attr=Framed-Pool
#192.168.0.2-255
#192.168.1.1-255,pool1
#192.168.2.1-255,pool2
#192.168.3.1-255,pool3
#192.168.4.0/24
persist=/var/log/accel-ppp/perst.log

[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
log-debug=/var/log/accel-ppp/debug.log
#syslog=accel-pppd,daemon
#log-tcp=127.0.0.1:3000
#copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=5 #error,warning and minimal information (1 error ==> 5 all messages)

[log-pgsql]
#conninfo=user=log
#log-table=log

[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#ip-change=/etc/ppp/ip-change
#radattr-prefix=/var/run/radattr
#verbose=1

[chap-secrets]
#gw-ip-address=192.168.100.1
#chap-secrets=/etc/ppp/chap-secrets
#encrypted=0
#username-hash=md5

[shaper]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
#quantum=1500
#cburst=1534
#ifb=ifb0
#up-limiter=police
#down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#verbose=1

#tbf is obsolete, use shaper module
#[tbf]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50

[cli]
telnet=127.0.0.1:2000
#tcp=127.0.0.1:2001
#password=123

[snmp]
#master=0
#agent-name=accel-ppp

[connlimit]
#limit=10/min
#burst=3
#timeout=60

[ipv6-pool]
#fc00:0:1::/48,64
#delegate=fc00:1::/36,48

[ipv6-dns]
#fc00:1::1
#fc00:1::2
#fc00:1::3
#dnssl=suffix1.local.net
#dnssl=suffix2.local.net.

[ipv6-dhcp]
#verbose=1
#pref-lifetime=604800
#valid-lifetime=2592000
#route-via-gw=1

And parameter my pap-secrets in /etc/ppp/pap like this
username * password *

I have 751 permissions on this file.

thanks for your time and your advices!
And sorry for bad english ^^'
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Trouble with PAP_auth

Post by Dmitry »

hi,
uncomment chap-secrets in modules and put your auth data into /etc/ppp/chap-secrets
jarinas
Posts: 2
Joined: 28 Feb 2017, 12:14

Re: Trouble with PAP_auth

Post by jarinas »

Thank you very much! that's work!
Post Reply