Accel-ppp does not work with all ADSL routes types

PPPoE related questions
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Our Accel-ppp LNS does not establish PPPoE connection with all ADSL routers types, for example:
DLink DSL-2740u
Netis DL4323, firmware version RTK v2.1.1

it return ProtoRej after auth_chap_md5 attempt.
We test all supported authentication protocols and got same result.

Attached two log files
Linksys working well
Netis does not work.

Thank you.
Attachments
accel-ppp.log.zip
(3.32 KiB) Downloaded 154 times
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: Accel-ppp does not work with all ADSL routes types

Post by dimka88 »

Hello @haniaro, did you have auth_chap_md5 in [modules] section?
Maybe these routers want other types like MS-Chap V1 or V2
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Hello @dimka88,
Yes, I have auth_chap_md5 in [modules]
I did the test with all auth modules in [modules] section at same time, and each one alone, same result.
These types of routers connect to Cisco LNS normally.
I attached accel-ppp config file.

Thank you.
Attachments
accel-ppp.noip.zip
(863 Bytes) Downloaded 150 times
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Hello @dimka88
We noticed in tcpdump file that for working routers (eg: Linksys) there is PPP-CHAP challenge sent from Accel-PPP LNS to LAC and LAC response PPP-CHAP response,
But when try to connect from not working routers (eg: Netis), tcpdump showed only LAC response PPP-CHAP, not PPP-CHAP challenge

Dumps are attached.
Thank you.
Attachments
dump from LNS.zip
(10.94 KiB) Downloaded 157 times
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: Accel-ppp does not work with all ADSL routes types

Post by dimka88 »

Hello @haniaro,
Do you have a chance to change auth on your Netis device to pap or chap_md5.
Maybe Cisco LAC doing something with authtypes?
Note: add to [modules] section the following params

Code: Select all

[modules]
auth_mschap_v2
auth_mschap_v1
auth_chap_md5
auth_pap
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Do you have a chance to change auth on your Netis device to pap or chap_md5.
Yes, I test with PAP and chap and auto: same result
Maybe Cisco LAC doing something with authtypes?
Netis working well with other LNS vendors, like Mikrotik, opensource L2TPNS
Note: add to [modules] section the following params
Same result.

tcpdump shows missing chap challenge sent from LNS to LAC/Router, even though there is chap response from LAC/Router to LNS.
also it shows missing configuration request from LAC/Router to LNS, normally LNS send configuration request (A) then LAC/Router send configuration request to LNS (B), then LNS ACK B, then LAC/Router ACK A, in case of Netis only A exist.

Thank you.
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Hello,
Debugging the code show us that the ProtoRej happened at this function "ppp_chan_read"
Can you tell me what may cause the reject at this point?

Also we found at Juniper site article about magic number it seems that describe our case of missing configuration request from LAC/Router to LNS:
https://www.juniper.net/documentation/e ... l#id-75225
Can check this please.

Thank you.
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Hello,
One more question please:
Is there an option to disable magic number check in L2TP connection establishment?
Thank you.
dimka88
Posts: 866
Joined: 13 Oct 2014, 05:51
Contact:

Re: Accel-ppp does not work with all ADSL routes types

Post by dimka88 »

Hello, did you try to find information at https://accel-ppp.readthedocs.io/en/lat ... /l2tp.html
haniaro
Posts: 23
Joined: 29 Dec 2019, 14:18

Re: Accel-ppp does not work with all ADSL routes types

Post by haniaro »

Hello,
I did not found anything related to magic number in documentation.
I tested another LNS software has the option of enabling and disabling magic number check, when the check is enabled the connection failed as Accel-PPP case, when check disabled the connection succeed.
So the problem became clear, I need to disable magic number check.
Is there an option for that?
Or you can help me to find where the check is done in source code, so I can modify it.
Thank you.
Post Reply