CHAP authentication problem with Linux client to Win 2K VPN server

[James Kimble]

I'm trying to set up a VPN from my RH 8.0 machine to a Windows 2K system
at my work. The Windows 2K side is working with other Windows machines.

I downloaded pptp and pptpconfig and installed them with no problems.
I enter the pertinent information into pptpconfig using the MPPE encryption
option.but when I try to connect I get the following:


Sep 13 19:57:53 ezekiel pppd[13795]: pppd 2.4.2b3 started by jkimble, uid 0
Sep 13 19:57:53 ezekiel pppd[13795]: using channel 32
Sep 13 19:57:53 ezekiel pppd[13795]: Using interface ppp0
Sep 13 19:57:53 ezekiel pppd[13795]: Connect: ppp0 <--> /dev/pts/10
Sep 13 19:57:53 ezekiel pptp[13796]: anon log[main:pptp.c:219]: The synchronous
pptp option is NOT activated
Sep 13 19:57:53 ezekiel pptp[13799]: anon log[pptp_dispatch_ctrl_packet:pptp_ctr
l.c:630]: Client connection established.
Sep 13 19:57:54 ezekiel pppd[13795]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <ma
gic 0xa7c92e95> <pcomp> <accomp>]
Sep 13 19:57:54 ezekiel pptp[13799]: anon log[pptp_dispatch_ctrl_packet:pptp_ctr
l.c:759]: Outgoing call established (call ID 0, peer's call ID 33767).
Sep 13 19:57:54 ezekiel pptp[13796]: anon log[decaps_hdlc:pptp_gre.c:217]: PPP m
ode seems to be Asynchronous.
Sep 13 19:57:54 ezekiel pppd[13795]: rcvd [LCP ConfReq id=0x0 <auth chap MS-v2>
<magic 0x391169d6> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local
:5d.02.75.8c.54.8f.49.78.80.ec.54.82.e4.5d.72.3c.0 0.00.00.00]> < 17 04 00 36>]
Sep 13 19:57:54 ezekiel pppd[13795]: sent [LCP ConfRej id=0x0 <callback CBCP> <m
rru 1614> < 17 04 00 36>]
Sep 13 19:57:54 ezekiel pppd[13795]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <ma
gic 0xa7c92e95> <pcomp> <accomp>]
Sep 13 19:57:54 ezekiel pppd[13795]: rcvd [LCP ConfReq id=0x1 <auth chap MS-v2>
<magic 0x391169d6> <pcomp> <accomp> <endpoint [local:5d.02.75.8c.54.8f.49.78.80.
ec.54.82.e4.5d.72.3c.00.00.00.00]>]
Sep 13 19:57:54 ezekiel pppd[13795]: sent [LCP ConfAck id=0x1 <auth chap MS-v2>
<magic 0x391169d6> <pcomp> <accomp> <endpoint [local:5d.02.75.8c.54.8f.49.78.80.
ec.54.82.e4.5d.72.3c.00.00.00.00]>]
Sep 13 19:57:54 ezekiel pppd[13795]: rcvd [CHAP Challenge id=0x0 <3239a323ac8c43
f378d1e4b6543b1566>, name = "ISAA200L"]
Sep 13 19:57:54 ezekiel pppd[13795]: sent [CHAP Response id=0x0 <9f463e2b28c94d6
73f04c69b5714d8d20000000000000000f383e7a9e2e80fc20 23230c9503dd5394fe462c5d12956b
700>, name = "WCHSYS1\\jkimble"]
Sep 13 19:58:03 ezekiel last message repeated 3 times
Sep 13 19:58:03 ezekiel pppd[13795]: rcvd [CHAP Failure id=0x0 "E=649 R=0 "]
Sep 13 19:58:03 ezekiel pppd[13795]: Remote message: Unknown authentication fail
ure: E=649 R=0
Sep 13 19:58:03 ezekiel pppd[13795]: CHAP authentication failed
Sep 13 19:58:03 ezekiel pppd[13795]: sent [LCP TermReq id=0x2 "Failed to authent
icate ourselves to peer"]
Sep 13 19:58:03 ezekiel pppd[13795]: rcvd [LCP TermReq id=0x3 "9\021i\3777777772
6\000<\37777777715t\000\000\002\37777777611"]
Sep 13 19:58:03 ezekiel pppd[13795]: sent [LCP TermAck id=0x3]
Sep 13 19:58:03 ezekiel pppd[13795]: rcvd [LCP TermAck id=0x2 "Failed to authent
icate ourselves to peer"]
Sep 13 19:58:03 ezekiel pppd[13795]: Connection terminated.
Sep 13 19:58:03 ezekiel pppd[13795]: Waiting for 1 child processes...
Sep 13 19:58:03 ezekiel pppd[13795]: script pptp 65.41.59.224 --nolaunchpppd,
pid 13796

The problem appears to be a CHAP authentication error. Everything I've read
says this is always a passwork, domain, username problem, or four slashes
in the domain username combiniation <domain>\\\\<username> rather then two.

These things are not the problem here. Can anyone make any other suggestions??

One thing I don't understand is how the MS machine can authenticate by
machine name when I'm not giving my machine name. Does it default to the
hostname of my home machine and is that why I'm not getting past CHAP? If
that's the case how do I make it see a different machine name?

If the machine name is not necassary for VPN what else could be going on?

Any help would be greatly appreciated.

James Kimble

[Bill Unruh]

[email]jkimble@one.net[/email] (James Kimble) writes:

]I'm trying to set up a VPN from my RH 8.0 machine to a Windows 2K system
]at my work. The Windows 2K side is working with other Windows machines.

]I downloaded pptp and pptpconfig and installed them with no problems.
]I enter the pertinent information into pptpconfig using the MPPE encryption
]option.but when I try to connect I get the following:


]Sep 13 19:57:54 ezekiel pppd[13795]: rcvd [CHAP Challenge id=0x0 <3239a323ac8c43
]f378d1e4b6543b1566>, name = "ISAA200L"]

This is the name of the remote machine which you may need to use in
looking up the username/password.

]Sep 13 19:57:54 ezekiel pppd[13795]: sent [CHAP Response id=0x0 <9f463e2b28c94d6
]73f04c69b5714d8d20000000000000000f383e7a9e2e80fc20 23230c9503dd5394fe462c5d12956b
]700>, name = "WCHSYS1\\jkimble"]

And why are you sure that your username on the remote system is
WCHSYS1\\jkimble?


.....
]The problem appears to be a CHAP authentication error. Everything I've read
]says this is always a passwork, domain, username problem, or four slashes
]in the domain username combiniation <domain>\\\\<username> rather then two.

]These things are not the problem here. Can anyone make any other suggestions??

Sorry, how do you know that "these things are not the problem here"?



]One thing I don't understand is how the MS machine can authenticate by
]machine name when I'm not giving my machine name. Does it default to the
]hostname of my home machine and is that why I'm not getting past CHAP? If
]that's the case how do I make it see a different machine name?

What do you mean?


]If the machine name is not necassary for VPN what else could be going on?