[MASOCH-L] Forçar autenticação PAP
Bruno Cabral
bruno at openline.com.br
Mon Jan 30 15:28:48 -03 2012
Entao parece que o outro lado nao aceita PAP por padrao. Ja questionou o suporte deles? O que responderam?
!3runo Cabrsl
--
Cursos e Consultoria BGP/OSPF
> Date: Mon, 30 Jan 2012 13:24:11 -0200
> From: hamilton at theforce.com.br
> To: masoch-l at eng.registro.br
> Subject: Re: [MASOCH-L] Forçar autenticação PAP
>
> Sim senhor, inclusive tive que modificar o /etc/ppp/pap-secrets, porém
> quando utilizo o +pap o provedor recusa "peer refused to authenticate:
> terminating link":
>
>
> Jan 1 01:21:41 g100 pppd[3716]: Connect: ppp0 <--> /dev/ttyUSB0
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfReq id=0x1 <asyncmap 0x0>
> <auth pap> <magic 0x2a15fe3c> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x20 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfNak id=0x20 <auth eap>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfRej id=0x1 <auth pap>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfReq id=0x2 <asyncmap 0x0>
> <magic 0x2a15fe3c> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x21 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfNak id=0x21 <auth eap>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0>
> <magic 0x2a15fe3c> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x22 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfNak id=0x22 <auth eap>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x23 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfNak id=0x23 <auth eap>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x24 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfNak id=0x24 <auth eap>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x25 <asyncmap 0x0>
> <auth chap MD5> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfRej id=0x25 <auth chap MD5>]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP ConfReq id=0x26 <asyncmap 0x0>
> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP ConfAck id=0x26 <asyncmap 0x0>
> <magic 0x9ec980f1> <pcomp> <accomp>]
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP EchoReq id=0x0 magic=0x2a15fe3c]
> Jan 1 01:21:42 g100 pppd[3716]: peer refused to authenticate: terminating
> link
> Jan 1 01:21:42 g100 pppd[3716]: sent [LCP TermReq id=0x3 "peer refused to
> authenticate"]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP DiscReq id=0x27 magic=0x9ec980f1]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP EchoRep id=0x0 magic=0x9ec980f1
> 2a 15 fe 3c]
> Jan 1 01:21:42 g100 pppd[3716]: rcvd [LCP TermAck id=0x3]
>
>
> Então o lógico e natural seria assumir que a autenticação não é PAP, porém
> outro modem conecta sem problemas:
>
>
> Connect: ppp0 <--> /dev/ttyUSB3
> sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xa053d16f> <pcomp> <accomp>]
> rcvd [LCP ConfReq id=0x0 <asyncmap 0x0> <auth chap MD5> <magic 0xf12a90>
> <pcomp> <accomp>]
> sent [LCP ConfNak id=0x0 <auth chap MS-v2>]
> rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xa053d16f> <pcomp> <accomp>]
> rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth pap> <magic 0xf12a90> <pcomp>
> <accomp>]
> sent [LCP ConfAck id=0x1 <asyncmap 0x0> <auth pap> <magic 0xf12a90> <pcomp>
> <accomp>]
> sent [LCP EchoReq id=0x0 magic=0xa053d16f]
> sent [PAP AuthReq id=0x1 user="secret" password=<hidden>]
> rcvd [LCP DiscReq id=0x2 magic=0xf12a90]
> rcvd [LCP EchoRep id=0x0 magic=0xf12a90 a0 53 d1 6f]
> rcvd [PAP AuthAck id=0x1 ""]
> PAP authentication succeeded
> sent [IPCP ConfReq id=0x1 <addr 0.0.0.0>]
> rcvd [IPCP ConfNak id=0x1 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfNak id=0x2 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x3 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfNak id=0x3 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x4 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfNak id=0x4 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x5 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfNak id=0x5 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x6 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfNak id=0x6 <ms-dns1 10.11.12.13> <ms-dns2 10.11.12.14>
> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x7 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14> <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> rcvd [IPCP ConfReq id=0x0]
> sent [IPCP ConfNak id=0x0 <addr 0.0.0.0>]
> rcvd [IPCP ConfRej id=0x7 <ms-wins 10.11.12.13> <ms-wins 10.11.12.14>]
> sent [IPCP ConfReq id=0x8 <addr 0.0.0.0> <ms-dns1 10.11.12.13> <ms-dns2
> 10.11.12.14>]
> rcvd [IPCP ConfReq id=0x1]
> sent [IPCP ConfAck id=0x1]
> rcvd [IPCP ConfNak id=0x8 <addr 10.48.5.40> <ms-dns1 10.61.255.62> <ms-dns2
> 200.153.0.68>]
> sent [IPCP ConfReq id=0x9 <addr 10.48.5.40> <ms-dns1 10.61.255.62> <ms-dns2
> 200.153.0.68>]
> rcvd [IPCP ConfAck id=0x9 <addr 10.48.5.40> <ms-dns1 10.61.255.62> <ms-dns2
> 200.153.0.68>]
> Could not determine remote IP address: defaulting to 10.64.64.64
> local IP address 10.48.5.40
> remote IP address 10.64.64.64
> primary DNS address 10.61.255.62
> secondary DNS address 200.153.0.68
>
>
> Infelizmente ainda não consegui um contato direto com a operadora.
>
> Muito obrigado pela ajuda Bruno, se houver outra dica ficarei extramemente
> agradecido.
>
> Obrigado.
>
> Hamilton Vera
>
> Em 30 de janeiro de 2012 13:01, Bruno Cabral <bruno at openline.com.br>escreveu:
>
> >
> > Tentou "+pap" ou "pap" no options.pppd ?
> > !3runo Cabral--Cursos e Consultoria BGP/OSPF
> >
> > > Estou utilizando o modem Huawei EM 770W para utilizar os serviços de
> > "VPN"
> > > da vivo "zapvpn.vivo.com.br" . Pelo que percebi esse serviço utiliza a
> > > autenticação PAP.
> > >
> > > Infelizmente o modem EM 770W por algum motivo desconhecido só tenta
> > > negociar MS-CHAP. Já tentei várias opções no PPPD do linux para forçar
> > > negociação PAP:
> > (...)> -chap
> > > refuse-chap
> > > refuse-mschap
> > > refuse-mschap-v2
> >
> > __
> > masoch-l list
> > https://eng.registro.br/mailman/listinfo/masoch-l
> >
>
>
>
> --
> http://hvera.wordpress.com
> __
> masoch-l list
> https://eng.registro.br/mailman/listinfo/masoch-l
More information about the masoch-l
mailing list