аналогично, пытался сделать такое же решение, т.к. необходимо для решения ряда задач, всё настроил, на стадии подключения у виндового клиента висит табличка что проверятеся логин и пароль (т.е. с удалённой машиной он соединился)
делает 10 попыток и отваливается, если смотреть в это время на сетевые интерфейсы, то новых не создаётся, куда копать не знаю(, может подскажете
логи mpd.conf (одного подключения)
May 26 22:19:50 router mpd: [L-1] Accepting PPTP connection
May 26 22:19:50 router mpd: [L-1] Link: OPEN event
May 26 22:19:50 router mpd: [L-1] LCP: Open event
May 26 22:19:50 router mpd: [L-1] LCP: state change Initial --> Starting
May 26 22:19:50 router mpd: [L-1] LCP: LayerStart
May 26 22:19:50 router mpd: [L-1] PPTP: attaching to peer's outgoing call
May 26 22:19:50 router mpd: [L-1] Link: UP event
May 26 22:19:50 router mpd: [L-1] LCP: Up event
May 26 22:19:50 router mpd: [L-1] LCP: state change Starting --> Req-Sent
May 26 22:19:50 router mpd: [L-1] LCP: SendConfigReq #1
May 26 22:19:50 router mpd: [L-1] ACFCOMP
May 26 22:19:50 router mpd: [L-1] PROTOCOMP
May 26 22:19:50 router mpd: [L-1] MRU 1500
May 26 22:19:50 router mpd: [L-1] MAGICNUM d9243896
May 26 22:19:50 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:19:50 router mpd: [L-1] MP MRRU 2048
May 26 22:19:50 router mpd: [L-1] MP SHORTSEQ
May 26 22:19:50 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:19:52 router mpd: [L-1] LCP: SendConfigReq #2
May 26 22:19:52 router mpd: [L-1] ACFCOMP
May 26 22:19:52 router mpd: [L-1] PROTOCOMP
May 26 22:19:52 router mpd: [L-1] MRU 1500
May 26 22:19:52 router mpd: [L-1] MAGICNUM d9243896
May 26 22:19:52 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:19:52 router mpd: [L-1] MP MRRU 2048
May 26 22:19:52 router mpd: [L-1] MP SHORTSEQ
May 26 22:19:52 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:19:54 router mpd: [L-1] LCP: SendConfigReq #3
May 26 22:19:54 router mpd: [L-1] ACFCOMP
May 26 22:19:54 router mpd: [L-1] PROTOCOMP
May 26 22:19:54 router mpd: [L-1] MRU 1500
May 26 22:19:54 router mpd: [L-1] MAGICNUM d9243896
May 26 22:19:54 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:19:54 router mpd: [L-1] MP MRRU 2048
May 26 22:19:54 router mpd: [L-1] MP SHORTSEQ
May 26 22:19:54 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:19:56 router mpd: [L-1] LCP: SendConfigReq #4
May 26 22:19:56 router mpd: [L-1] ACFCOMP
May 26 22:19:56 router mpd: [L-1] PROTOCOMP
May 26 22:19:56 router mpd: [L-1] MRU 1500
May 26 22:19:56 router mpd: [L-1] MAGICNUM d9243896
May 26 22:19:56 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:19:56 router mpd: [L-1] MP MRRU 2048
May 26 22:19:56 router mpd: [L-1] MP SHORTSEQ
May 26 22:19:56 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:19:58 router mpd: [L-1] LCP: SendConfigReq #5
May 26 22:19:58 router mpd: [L-1] ACFCOMP
May 26 22:19:58 router mpd: [L-1] PROTOCOMP
May 26 22:19:58 router mpd: [L-1] MRU 1500
May 26 22:19:58 router mpd: [L-1] MAGICNUM d9243896
May 26 22:19:58 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:19:58 router mpd: [L-1] MP MRRU 2048
May 26 22:19:58 router mpd: [L-1] MP SHORTSEQ
May 26 22:19:58 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:00 router mpd: [L-1] LCP: SendConfigReq #6
May 26 22:20:00 router mpd: [L-1] ACFCOMP
May 26 22:20:00 router mpd: [L-1] PROTOCOMP
May 26 22:20:00 router mpd: [L-1] MRU 1500
May 26 22:20:00 router mpd: [L-1] MAGICNUM d9243896
May 26 22:20:00 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:20:00 router mpd: [L-1] MP MRRU 2048
May 26 22:20:00 router mpd: [L-1] MP SHORTSEQ
May 26 22:20:00 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:02 router mpd: [L-1] LCP: SendConfigReq #7
May 26 22:20:02 router mpd: [L-1] ACFCOMP
May 26 22:20:02 router mpd: [L-1] PROTOCOMP
May 26 22:20:02 router mpd: [L-1] MRU 1500
May 26 22:20:02 router mpd: [L-1] MAGICNUM d9243896
May 26 22:20:02 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:20:02 router mpd: [L-1] MP MRRU 2048
May 26 22:20:02 router mpd: [L-1] MP SHORTSEQ
May 26 22:20:02 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:04 router mpd: [L-1] LCP: SendConfigReq #8
May 26 22:20:04 router mpd: [L-1] ACFCOMP
May 26 22:20:04 router mpd: [L-1] PROTOCOMP
May 26 22:20:04 router mpd: [L-1] MRU 1500
May 26 22:20:04 router mpd: [L-1] MAGICNUM d9243896
May 26 22:20:04 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:20:04 router mpd: [L-1] MP MRRU 2048
May 26 22:20:04 router mpd: [L-1] MP SHORTSEQ
May 26 22:20:04 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:06 router mpd: [L-1] LCP: SendConfigReq #9
May 26 22:20:06 router mpd: [L-1] ACFCOMP
May 26 22:20:06 router mpd: [L-1] PROTOCOMP
May 26 22:20:06 router mpd: [L-1] MRU 1500
May 26 22:20:06 router mpd: [L-1] MAGICNUM d9243896
May 26 22:20:06 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:20:06 router mpd: [L-1] MP MRRU 2048
May 26 22:20:06 router mpd: [L-1] MP SHORTSEQ
May 26 22:20:06 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:08 router mpd: [L-1] LCP: SendConfigReq #10
May 26 22:20:08 router mpd: [L-1] ACFCOMP
May 26 22:20:08 router mpd: [L-1] PROTOCOMP
May 26 22:20:08 router mpd: [L-1] MRU 1500
May 26 22:20:08 router mpd: [L-1] MAGICNUM d9243896
May 26 22:20:08 router mpd: [L-1] AUTHPROTO CHAP MSOFTv2
May 26 22:20:08 router mpd: [L-1] MP MRRU 2048
May 26 22:20:08 router mpd: [L-1] MP SHORTSEQ
May 26 22:20:08 router mpd: [L-1] ENDPOINTDISC [802.1] 00 13 d4 5b 1c 4c
May 26 22:20:10 router mpd: [L-1] LCP: parameter negotiation failed
May 26 22:20:10 router mpd: [L-1] LCP: state change Req-Sent --> Stopped
May 26 22:20:10 router mpd: [L-1] LCP: LayerFinish
May 26 22:20:10 router mpd: [L-1] PPTP call terminated
May 26 22:20:10 router mpd: [L-1] Link: DOWN event
May 26 22:20:10 router mpd: [L-1] LCP: Close event
May 26 22:20:10 router mpd: [L-1] LCP: state change Stopped --> Closed
May 26 22:20:10 router mpd: [L-1] LCP: Down event
May 26 22:20:10 router mpd: [L-1] LCP: state change Closed --> Initial
May 26 22:20:10 router mpd: [L-1] Link: SHUTDOWN event
May 26 22:20:10 router mpd: [L-1] Link: Shutdown
конфиг mpd.conf
default:
load pptp_server
pptp_server:
# Определяем диапазон выдаваемых IP удалённым клиентам
set ippool add poolsat 172.10.20.20 172.10.20.25
create bundle template B
set iface enable proxy-arp
set iface idle 0
set iface enable tcpmssfix
set ipcp yes vjcomp
# IP адрес сервера,
set ipcp ranges 172.10.20.1/32 ippool poolsat
# свой ДНС сервер,
set ipcp dns 172.10.20.1
# Enable Microsoft Point-to-Point encryption (MPPE)
set bundle enable compression
set ccp yes mppc
set mppc yes compress e40 e56 e128 stateless
create link template L pptp
set link enable multilink
set link yes acfcomp protocomp
set link action bundle B
set link no pap chap
set link enable chap
set link enable chap-msv1
set link enable chap-msv2
set link mtu 1460
set link keep-alive 10 75
# Configure PPTP and open link
# Тут указываем IP ИНЕТ
#set pptp self 2.4.1.0
set link enable incoming
в rc.firewall добавлены следующие строчки:
${f} add 10 allow tcp from any to me 1723
${f} add 11 allow gre from any to any
конфиг pf.conf
set limit states 128000
set optimization aggressive
nat pass on fxp0 from 172.10.20.0/22 to any -> fxp0
rdr on fxp0 proto tcp from any to any port 1723 -> 172.10.20.1 port 1723
rdr on fxp0 proto gre from any to any -> 172.10.20.1
общие пояснения, система: freebsd 8.0, mpd версии 5.5
ядро было собрано со следующими опциями:
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_FORWARD
options DUMMYNET
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
options ALTQ_NOPCC
options ALTQ_DEBUG
device pf
device pflog
device pfsync
вроде всё описал что нужно для анализа)
