Page 1 of 2

Accel-ppp does not work with all ADSL routes types

Posted: 14 Nov 2020, 11:10
by haniaro
Our Accel-ppp LNS does not establish PPPoE connection with all ADSL routers types, for example:
DLink DSL-2740u
Netis DL4323, firmware version RTK v2.1.1

it return ProtoRej after auth_chap_md5 attempt.
We test all supported authentication protocols and got same result.

Attached two log files
Linksys working well
Netis does not work.

Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 15 Nov 2020, 17:29
by dimka88
Hello @haniaro, did you have auth_chap_md5 in [modules] section?
Maybe these routers want other types like MS-Chap V1 or V2

Re: Accel-ppp does not work with all ADSL routes types

Posted: 18 Nov 2020, 06:29
by haniaro
Hello @dimka88,
Yes, I have auth_chap_md5 in [modules]
I did the test with all auth modules in [modules] section at same time, and each one alone, same result.
These types of routers connect to Cisco LNS normally.
I attached accel-ppp config file.

Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 21 Nov 2020, 11:44
by haniaro
Hello @dimka88
We noticed in tcpdump file that for working routers (eg: Linksys) there is PPP-CHAP challenge sent from Accel-PPP LNS to LAC and LAC response PPP-CHAP response,
But when try to connect from not working routers (eg: Netis), tcpdump showed only LAC response PPP-CHAP, not PPP-CHAP challenge

Dumps are attached.
Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 22 Nov 2020, 10:18
by dimka88
Hello @haniaro,
Do you have a chance to change auth on your Netis device to pap or chap_md5.
Maybe Cisco LAC doing something with authtypes?
Note: add to [modules] section the following params

Code: Select all

[modules]
auth_mschap_v2
auth_mschap_v1
auth_chap_md5
auth_pap

Re: Accel-ppp does not work with all ADSL routes types

Posted: 26 Nov 2020, 07:08
by haniaro
Do you have a chance to change auth on your Netis device to pap or chap_md5.
Yes, I test with PAP and chap and auto: same result
Maybe Cisco LAC doing something with authtypes?
Netis working well with other LNS vendors, like Mikrotik, opensource L2TPNS
Note: add to [modules] section the following params
Same result.

tcpdump shows missing chap challenge sent from LNS to LAC/Router, even though there is chap response from LAC/Router to LNS.
also it shows missing configuration request from LAC/Router to LNS, normally LNS send configuration request (A) then LAC/Router send configuration request to LNS (B), then LNS ACK B, then LAC/Router ACK A, in case of Netis only A exist.

Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 06 Dec 2020, 12:28
by haniaro
Hello,
Debugging the code show us that the ProtoRej happened at this function "ppp_chan_read"
Can you tell me what may cause the reject at this point?

Also we found at Juniper site article about magic number it seems that describe our case of missing configuration request from LAC/Router to LNS:
https://www.juniper.net/documentation/e ... l#id-75225
Can check this please.

Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 09 Jan 2021, 06:38
by haniaro
Hello,
One more question please:
Is there an option to disable magic number check in L2TP connection establishment?
Thank you.

Re: Accel-ppp does not work with all ADSL routes types

Posted: 10 Jan 2021, 07:28
by dimka88
Hello, did you try to find information at https://accel-ppp.readthedocs.io/en/lat ... /l2tp.html

Re: Accel-ppp does not work with all ADSL routes types

Posted: 09 Feb 2021, 08:09
by haniaro
Hello,
I did not found anything related to magic number in documentation.
I tested another LNS software has the option of enabling and disabling magic number check, when the check is enabled the connection failed as Accel-PPP case, when check disabled the connection succeed.
So the problem became clear, I need to disable magic number check.
Is there an option for that?
Or you can help me to find where the check is done in source code, so I can modify it.
Thank you.