Íàñòðîéêà PPTP VPN (accel-pppd) íà ðîóòåðå Asus

Quote:

---

Originally Posted by theMIROn

òðåòèé ðàç ÷èòàåì, è îòâå÷àåì ïîñëå ïðîâåðêè.

---

Ïîðÿäîê ïåðå÷èñëåíèÿ ìîäóëåé â êîíôèãå íå ïîìîãàåò.

Code:

---

[modules]
path=/opt/lib/accel-ppp
log_syslog
l2tp
auth_mschap_v2
auth_mschap_v1
auth_chap_md5
auth_pap
sigchld
pppd_compat
chap-secrets

---

Quote:

---

Originally Posted by agros

çàðàáîòàëî, ïðèìåðíî â 2-2.5 ðàçà áûñòðåå ÷åì poptop.

---

Óðà! À ìîæíî ñäåëàòü äëÿ ëàìåðîâ èíñòðóêöèþ (êàê âû äåëàëè äëÿ poptop)? Please Please Please!

Quote:

---

Originally Posted by evgeny73

Óðà! À ìîæíî ñäåëàòü äëÿ ëàìåðîâ èíñòðóêöèþ (êàê âû äåëàëè äëÿ poptop)? Please Please Please!

---

ÿ ñäåëàë ïî àíàëîãèè ñ poptop, è èñïîëüçîâàë åãî ñêðèïòû, â àâòîçàïóñêå âíåñ ñîîòâ. ìîäèôèêàöèè:

Code:

---

cat /opt/etc/init.d/S21accel-pppd

---

Code:

---

#!/bin/sh
#
# Start the Accel-pppd (PPTP server) daemon
#

start() {
    echo -n "Starting accel-pppd server: "
    if [ -n "`pidof accel-pppd`" ]; then
      echo "Already running"
      return
    fi
    /opt/sbin/accel-pppd -d -c /opt/etc/accel-ppp.conf -p /opt/var/run/accel-pppd.pid
    echo "Done!"
    return
}
stop() {
    echo -n "Shutting down accel-pppd server: "
    /bin/kill `cat /opt/var/run/accel-pppd.pid` 2>/dev/null
    sleep 1
    if [ -n "`pidof accel-pppd`" ]; then
      echo "Failed to stop accel-pppd"
    fi
    echo "Done!"
    return
}
restart() {
    stop
    start
}

case "$1" in
    start)
          start
          ;;
    stop)
          stop
          ;;
    restart|reload)
          restart
          ;;
    condrestart)
          [ -r /opt/var/run/accel-pppd.pid ] && restart
          ;;
    *)
          echo "Usage: $0 {start|stop|restart|condrestart}"
          exit 1
esac
exit $?

---

êîíôèã accel-pppd ïðèìåðíî òàê:

Code:

---

egrep -vi '^#|^$' /opt/etc/accel-ppp.conf

---

Code:

---

[modules]
log_syslog
pptp
auth_mschap_v2
ippool
sigchld
pppd_compat
chap-secrets
[core]
thread-count=4
[ppp]
verbose=1
min-mtu=1280
mtu=1400
mru=1400
mppe=require
ipv4=require
ipv6=deny
lcp-echo-interval=20
lcp-echo-timeout=120
[auth]
[pptp]
echo-interval=30
verbose=1
[dns]
[client-ip-range]
0.0.0.0/0
[ip-pool]
gw-ip-address=IP ñåðâåðà îòäàâàåìûé êëèåíòó
attr=Framed-Pool
192.168.x.y-y+z
[log]
syslog=accel-pppd,daemon
copy=1
level=3
[pppd-compat]
ip-up=/opt/etc/ppp/ip-up
ip-down=/opt/etc/ppp/ip-down
verbose=1
[chap-secrets]
gw-ip-address=IP ñåðâåðà îòäàâàåìûé êëèåíòó
chap-secrets=/opt/etc/ppp/chap-secrets

---

â /tmp/local/sbin/post-mount äîáàâèë:

Code:

---

insmod pppox
insmod pptp

---

íå çàáóäüòå ñîçäàòü ñîîòâåòñòâóþùèé /opt/etc/ppp/chap-secrets
íó è

Code:

---

chmod ga-r /opt/etc/ppp/chap-secrets

---

âðîäå âñå, õîòÿ êîå-÷òî, íàâåðíîå ìîæíî âûêèíóòü èëè äîáàâèòü, íî ó ìåíÿ ðàáîòàåò áåç íàðåêàíèé, ðàçâå ÷òî, ïðè ïåðåïðîøèâêå, ïðè ïîäêëþ÷åíèè ÷åðåç accel-pppd, ïðîøèâêà íå çàâåðøàåòñÿ, ïðè ýòîì, ïîõîæå ñðàáàòûâàåò pre-shutdown, ÷åðåç poptop òàêîãî çàìå÷åíî íå áûëî.

P. S.

ïðîâåðüòå íàëè÷èå è èñïîëíÿåìîñòü

Code:

---

cat /opt/etc/ppp/ip-up

---

Code:

---

#!/bin/sh
iptables -I INPUT -i $1 -s $5 -j ACCEPT
iptables -I FORWARD -i $1 -s $5 -j ACCEPT

---

è

Code:

---

cat /opt/etc/ppp/ip-down

---

Code:

---

#!/bin/sh
iptables -D INPUT -i $1 -s $5 -j ACCEPT
iptables -D FORWARD -i $1 -s $5 -j ACCEPT

---

Code:

---

cat /tmp/local/sbin/post-firewall

---

Code:

---

#!/bin/sh
iptables -I INPUT -p 47 -j ACCEPT
iptables -I INPUT -p tcp --dport 1723 -j ACCEPT

---

íåìíîãî íå ïîíÿòíî

Code:

---

gw-ip-address=IP ñåðâåðà îòäàâàåìûé êëèåíòó

---

÷òî ñþäà âïèñûâàòü åñëè IP äèíàìè÷åñêèé, íî ðàáîòàåò íà ðîóòåðå ñåðâèñ dyndns?
è ãäå õðàíÿòñÿ ëîãèí è ïàðîëè äëÿ ïîäêëþ÷åíèÿ?
ñêîëüêî êëèåíòîâ ìîæåò áûòü ïîäêëþ÷åíî îäíîâðåìåííî?

Quote:

---

Originally Posted by Pulse

íåìíîãî íå ïîíÿòíî

Code:

---

gw-ip-address=IP ñåðâåðà îòäàâàåìûé êëèåíòó

---

÷òî ñþäà âïèñûâàòü åñëè IP äèíàìè÷åñêèé, íî ðàáîòàåò íà ðîóòåðå ñåðâèñ dyndns?
è ãäå õðàíÿòñÿ ëîãèí è ïàðîëè äëÿ ïîäêëþ÷åíèÿ?
ñêîëüêî êëèåíòîâ ìîæåò áûòü ïîäêëþ÷åíî îäíîâðåìåííî?

---

1.äà íåò, òàì àäðåñ êîíöà òîííåëÿ pptp. (192.168.x.*)
2. chap-secrets
3. ñòîëüêî, ñêîëüêî â àäðåñ-ïóëå èï àäðåñîâ äàäèòå. ò.å z, â ôîðìóëå.

Quote:

---

Originally Posted by agros

ÿ ñäåëàë ïî àíàëîãèè ñ poptop, è èñïîëüçîâàë åãî ñêðèïòû, â àâòîçàïóñêå âíåñ ñîîòâ. ìîäèôèêàöèè:

---

Ñïàñèáî îãðîìíîå! Â öåëîì âñå ïîíÿòíî, îñòàëîñü òîëüêî ïîíÿòü êàê óñòàíîâèòü accel-pppd è âëåçåòëè îí â 8mb ôëåøà ÷òî íà wnr3500l.
Poptop âåäü â ñâîå âðåìÿ óðåçàëè, ÷òî íà dir-320 âñòàë, ìîæíî è òóò âûëîæèòü ïîäîáíûé àðõèâ ÷òîáû ðàñïàêîâàòü è ïîëüçîâàòñÿ?

Äåëàë íà äíÿõ çíàêîìîìó ... ìîæåò êîìó-íèòü ïðèãîäèòñÿ.
Çàäà÷à áûëà òàêàÿ:
Ñåòü îôèñà (192.168.18.0) ïîäêëþ÷åíà ê èíåòó ÷åðåç 500gP v.1 (192.168.18.100) (áåç VPN/PPoE, àäðåñ "áåëûé"), â ñåòè åñòü ñåðâåð 1Ñ (192.168.18.200) (òåðìèíàëüíûé ðåæèì). Íàäî îáåñïå÷èòü ïîäêëþ÷åíèå ê íåìó èçâíå äâóõ áóõîâ è àäìèíà ïî VPN. Æåëàòåëüíî êàê ìîæíî áîëåå áåçîïàñíî äëÿ ñåòè.

Ðåøåíèå:
Ñòàâèì accel-pppd

Code:

---

opkg install accel-pppd
ln -s /opt/lib/accel-ppp/libsigchld.so /opt/lib/libsigchld.so

---

áåç ñèìâîëüíîé ññûëêè íå ðàáîòàåò ïðè ëþáîé ïîñëåäîâàòåëüíîñòè ìîäóëåé sigchild, pppd_compat â êîíôèãå.
Òàê êàê áûëî æåëàíèå ðàçãðàíè÷èòü äîñòóï äëÿ àäìèíà è áóõîâ (àäìèíó âñå, áóõàì êàïåëüêó), òî àäðåñà áóäåì âûäàâàòü íå äèíàìè÷åñêè, à â çàâèñèìîñòè îò ëîãèíà.

Íàñòðàèâàåì accel-pppd:

Code:

---

$ cat /opt/etc/accel-ppp.conf
[modules]
log_syslog
pptp
auth_mschap_v2
sigchld
pppd_compat
chap-secrets

[core]
log-error=/opt/var/log/accel-ppp/core.log
thread-count=4

[ppp]
verbose=1
min-mtu=1280
mtu=1400
mru=1400
mppe=require
ipv4=require
ipv6=deny
lcp-echo-interval=20
lcp-echo-timeout=120

[pptp]
echo-interval=30
verbose=1

[client-ip-range]
0.0.0.0/0

[log]
syslog=accel-pppd,daemon
copy=1
level=3

[pppd-compat]
ip-up=/opt/etc/ppp/ip-up
ip-down=/opt/etc/ppp/ip-down
verbose=1

[chap-secrets]
gw-ip-address=192.168.18.100
chap-secrets=/opt/etc/ppp/chap-secrets

---

Ñîçäàåì ëîãèíû:

Code:

---

$ cat /opt/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client        server          secret          IP addresses
admin          *              54321          192.168.18.10
buh1            *              12345          192.168.18.11
buh2            *              09876          192.168.18.12

---

Ñîçäàåì ñêðèïòû:

Code:

---

$ cat /opt/etc/ppp/ip-up
#!/bin/sh

if [ $5 == "192.168.18.10" ]; then
    iptables -I INPUT -i $1 -s $5 -j ACCEPT
    iptables -I FORWARD -i $1 -s $5 -j ACCEPT
else
    iptables -I FORWARD -i $1 -s $5 -d 192.168.18.200 -p tcp -m tcp --dport 3389 -j ACCEPT
fi

$ cat /opt/etc/ppp/ip-down
#!/bin/sh

if [ $5 == "192.168.18.10" ]; then
    iptables -D INPUT -i $1 -s $5 -j ACCEPT
    iptables -D FORWARD -i $1 -s $5 -j ACCEPT
else
    iptables -D FORWARD -i $1 -s $5 -d 192.168.18.200 -p tcp -m tcp --dport 3389 -j ACCEPT
fi

---

Ýòè ñêðèïòû äîáàâëÿþò/óäàëÿþò ïðàâèëà iptables, â çàâèñèìîñòè îò òîãî ïîä êàêèì ëîãèíîì ïîäêëþ÷èëñÿ (êàêîé àäðåñ ïîëó÷èë). Åñëè çàøåë "Àäìèí" èìååò ïðàâî íà âñþ ñåòêó è ðîóòåð èçíóòðè, à åñëè "Áóõè" òî òîëüêî òåðìèíàëîì â ñåðâàê çàéòè (ìàëî ëè ÷òî ó íèõ òàì íà ìàøèíàõ "çëîâðåäíîãî" ñèäèò ;) ). Áåçîïàñíîñòü ñàìîãî òåðìèíàëüíîãî ñåðâåðà âûõîäèò çà ðàìêè äàííîãî ôîðóìà, äàì ëèøü îäèí ñîâåò â "Ïðîôèëü -> Ñðåäà" ó áóõîâ ïðîïèñàòü çàïóñê 1Ñ.
Íó è ðàçðåøàåì äîñòóï ê íàøåìó ñåðâåðó èçâíå

Code:

---

$ cat /usr/local/sbin/post-firewall
#!/bin/sh
iptables -I INPUT -p 47 -j ACCEPT
iptables -I INPUT -p tcp --dport 1723 -j ACCEPT

---

Íó è íàïîñëåäîê ÷òî-áû ó êëèåíòîâ íå ïðîïàë èíåò ïîñëå ïîäíÿòèÿ VPN ñåññèè â íàñòðîéêàõ ñîåäèíåíèÿ (äëÿ âèíäû) óáðàòü ãàëêó "Ñåòü -> Ïðîòîêîë TCP/IP -> Ñâîéñòâà -> Äîïîëíèòåëüíî -> Èñïîëüçîâàòü îñíîâíîé øëþç â óäàëåííîé ñåòè".
Íó îáùèé ñìûñë ïîíÿòåí, à äàëüøå ïîäñòðàèâàéòå ïîä ñâîè íóæäû ... Óäà÷è!

Quote:

---

Originally Posted by tempik

Code:

---

ln -s /opt/lib/accel-ppp/libsigchld.so /opt/lib/libsigchld.so

---

áåç ñèìâîëüíîé ññûëêè íå ðàáîòàåò ïðè ëþáîé ïîñëåäîâàòåëüíîñòè ìîäóëåé sigchild, pppd_compat â êîíôèãå.

---

ïîïðàâëåíî â 1.7.2-3. îáíîâëÿåìñÿ.

Ïåðåñîáåðèòå ñ ïîääåðæêîé shaper, íå õâàòàåò ýòîãî ôóíêöèîíàëà.

Ó êîãî-íèáóäü çàðàáîòàëè íåñêîëüêî ïóëîâ è ÷òîáû êëèåíòû ïîëó÷àëè òå IP, êîòîðûå óêàçàíû â chap-secrets ôàéëå?

1) Ó ìåíÿ âñå êëèåíòû ïîëó÷àþò ïîñëåäîâàòåëüíî ñâîáîäíûå IP-àäðåñà.

2) Ïðè÷åì åñëè îòêëþ÷èòü êëèåíòà ïðèíóäèòåëüíî, IP-îñòàåòñÿ ïî-ïðåæíåìó çàíÿò íà äîâîëüíî-ïðîäîëæèòåëüíîå âðåìÿ (èíà÷å ãîâîðÿ, åñëè âû âûäåëèëè ïóë â 4 àäðåñà, òî åñëè 4 ðàçà ðåêîííåêòíóòü - ïîñëå ýòîãî ïåðåñòàåò ñîåäèíÿòüñÿ).

EDIT: ïðîáëåìà ñ IP-àäðåñàìè êëèåíòîâ (1) ðåøèëàñü êîììåíòèðîâàíèåì ippool è äèàïàçîíîâ, âûäåëÿåìûõ äëÿ ïóëîâ..

EDIT2: ïðîáëåìà (2) äî ñèõ ïîð àêòóàëüíà.

EDIT2: áûëî áû íåïëîõî âíåñòè ñòàðòîâûé ñêðèïò â ïàêåò òàêæå..

Code:

---

#!/bin/sh
#
# Start the Accel-pppd (PPTP server) daemon
#

start() {
    echo -n "Starting accel-pppd server: "
    if [ -n "`pidof accel-pppd`" ]; then
      echo "Already running"
      return
    fi
    /opt/sbin/accel-pppd -d -c /opt/etc/accel-ppp.conf -p /opt/var/run/accel-pppd.pid
    echo "Done!"
    return
}
stop() {
    echo -n "Shutting down accel-pppd server: "
    /bin/kill `cat /opt/var/run/accel-pppd.pid` 2>/dev/null
    sleep 1
    if [ -n "`pidof accel-pppd`" ]; then
      echo "Failed to stop accel-pppd"
    fi
    echo "Done!"
    return
}
restart() {
    stop
    start
}

case "$1" in
    start)
          start
          ;;
    stop)
          stop
          ;;
    restart|reload)
          restart
          ;;
    condrestart)
          [ -r /opt/var/run/accel-pppd.pid ] && restart
          ;;
    *)
          echo "Usage: $0 {start|stop|restart|condrestart}"
          exit 1
esac
exit $?

---

Quote:

---

Originally Posted by staticroute

2) Ïðè÷åì åñëè îòêëþ÷èòü êëèåíòà ïðèíóäèòåëüíî, IP-îñòàåòñÿ ïî-ïðåæíåìó çàíÿò íà äîâîëüíî-ïðîäîëæèòåëüíîå âðåìÿ (èíà÷å ãîâîðÿ, åñëè âû âûäåëèëè ïóë â 4 àäðåñà, òî åñëè 4 ðàçà ðåêîííåêòíóòü - ïîñëå ýòîãî ïåðåñòàåò ñîåäèíÿòüñÿ).

---

÷òî â ëîãàõ? ïðèíóäèòåëüíî - ýòî êàê? êàêîé òèï ïîäêëþ÷åíèÿ?

Quote:

---

Originally Posted by staticroute

EDIT2: áûëî áû íåïëîõî âíåñòè ñòàðòîâûé ñêðèïò â ïàêåò òàêæå..

---

ìíå ìîé S60accel-pppd áîëüøå íðàâèòñÿ

Code:

---

#!/bin/sh

ENABLED=yes
PROCS=accel-pppd
ARGS="-c /opt/etc/accel-ppp.conf"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

. /opt/etc/init.d/rc.func

---

Quote:

---

Originally Posted by theMIROn

÷òî â ëîãàõ? ïðèíóäèòåëüíî - ýòî êàê? êàêîé òèï ïîäêëþ÷åíèÿ?

---

Òèï ïîäêëþ÷åíèÿ PPTP c MPPE128.

 ëîãàõ òàêîå:

Code:

---

Nov 10 00:59:14 accel-pppd: ppp1:: connect: ppp1 <--> pptp(x.x.x.x)
Nov 10 00:59:14 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 519b500d> <mru 1400>]
Nov 10 00:59:14 accel-pppd: ppp1:: recv [LCP ConfReq id=2 <magic 1fc15408>]
Nov 10 00:59:14 accel-pppd: ppp1:: send [LCP ConfAck id=2 ]
Nov 10 00:59:14 accel-pppd: ppp1:: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <magic 519b500d> <mru 1400>]
Nov 10 00:59:14 accel-pppd: ppp1:: send [MSCHAP-v2 Challenge id=1 <d854347a2b8663470ea22adb24957df>]
Nov 10 00:59:14 accel-pppd: ppp1:: recv [MSCHAP-v2 Response id=1 <94a9d2c7bca1aeb798f55c409a5f1b98>, <e718da1dcfa672d71c7ebb2c0c1e284e28553122ef2986d>, F=0, name="login1"]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [MSCHAP-v2 Success id=1 "S=9D03E408839993A89F17CDEE2716775F32F31518 M=Authentication succeeded"]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [IPCP ConfReq id=1 <addr 192.168.52.1>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: login1: authentication succeeded
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [CCP ConfReq id=1 <mppe +H -M +S -L -D +C>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [CCP ConfReq id=1 <mppe +H -M +S -L -D -C>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [CCP ConfNak id=1 <mppe +H -M +S -L -D -C>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [IPCP ConfReq id=1 <addr 0.0.0.0>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [IPCP ConfNak id=1 <addr 192.168.51.3>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [IPCP ConfAck id=1 <addr 192.168.52.1>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [CCP ConfAck id=1 <mppe +H -M +S -L -D -C>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [CCP ConfReq id=2 <mppe +H -M +S -L -D -C> (mppe enabled)]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [CCP ConfAck id=2]
Nov 10 00:59:14 accel-pppd: ppp1:login1: recv [IPCP ConfReq id=2 <addr 192.168.51.3>]
Nov 10 00:59:14 accel-pppd: ppp1:login1: send [IPCP ConfAck id=2]
Nov 10 00:59:14 accel-pppd: ppp1:login1: pppd_compat: ip-up started (pid 4578)
Nov 10 00:59:14 accel-pppd: ppp1:login1: pppd_compat: ip-up finished (0)
Nov 10 00:59:50 accel-pppd: ppp1:login1: recv [PPTP Call-Clear-Request <Call-ID ae75>]
Nov 10 00:59:50 accel-pppd: ppp1:login1: pppd_compat: ip-down started (pid 4584)
Nov 10 00:59:50 accel-pppd: ppp1:login1: pppd_compat: ip-down finished (0)
Nov 10 00:59:50 accel-pppd: ppp1:: send [PPTP Call-Disconnect-Notify <Call-ID 75ae> <Result 4> <Error 0> <Cause 0>]
Nov 10 00:59:50 accel-pppd: ppp1:: pptp: disconnect by peer
Nov 10 00:59:50 accel-pppd: ppp1:: disconnected
Nov 10 00:59:52 accel-pppd: pptp: new connection from x.x.x.x
Nov 10 00:59:52 accel-pppd: :: recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 3> <Bearer 3> <Max-Chan 65535>]
Nov 10 00:59:52 accel-pppd: :: send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
Nov 10 00:59:53 accel-pppd: :: recv [PPTP Outgoing-Call-Request <Call-ID d98b> <Call-Serial 0> <Min-BPS 2400> <Max-BPS 1000000000> <Bearer 3> <Framing 3> <Window-Size 50> <Delay 0>]
Nov 10 00:59:53 accel-pppd: :: send [PPTP Outgoing-Call-Reply <Call-ID 24b> <Peer-Call-ID d98b> <Result 1> <Error 0> <Cause 0> <Speed 1000000000> <Window-Size 50> <Delay 0> <Channel 0>]
Nov 10 00:59:53 accel-pppd: ppp1:: connect: ppp1 <--> pptp(x.x.x.x)
Nov 10 00:59:53 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 00:59:56 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 00:59:56 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic 18983e0f>]
Nov 10 00:59:56 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
Nov 10 00:59:59 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 00:59:59 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic 18983e0f>]
Nov 10 00:59:59 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
Nov 10 01:00:02 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 01:00:02 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic 18983e0f>]
Nov 10 01:00:02 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
Nov 10 01:00:23 accel-pppd: ppp1:: send [PPTP Call-Disconnect-Notify <Call-ID 8bd9> <Result 3> <Error 0> <Cause 0>]
Nov 10 01:00:23 accel-pppd: ppp1:: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
Nov 10 01:00:23 accel-pppd: ppp1:: pptp: disconnect by peer
Nov 10 01:00:23 accel-pppd: ppp1:: disconnected

---

È òàê ïîñòîÿííî ïîñëå ðåêîííåêòîâ, ïîêà íå ñìåíèøü IP â /opt/etc/ppp/chap-secrets íà äðóãîé.

Íà êëèåíòå:

Code:

---

Nov 10 00:00:54 pptp[1204]: Connect: ppp0 <--> pptp (x.x.x.x)
Nov 10 00:01:24 pptp[1204]: LCP: timeout sending Config-Requests
Nov 10 00:01:24 pptp[1204]: Connection terminated.
Nov 10 00:01:24 pptp[1204]: Modem hangup

---

õîòÿ âîò ñåé÷àñ ñ 5-îãî ðàçà ïîäñîåäèíèëñÿ, íî âîîáùå ïîìîéìó ñðàçó äîëæåí, íå? íà ïîïòîïå òàêîãî ãëþêà ÿ íå íàáëþäàë.

êëèåíò ïðèáèâàëñÿ ÷åðåç killall pppd íà ñòîðîíå êëèåíòà (òàì òîæå ðîóòåð).


È íå ðàáîòàåò, åñëè óêàçàòü â /opt/etc/ppp/chap-secrets ïîäñåòü âìåñòî ôèêñèðîâàííîãî IP-àäðåñà, íàïðèìåð 192.168.51.0/24.
 ëîãàõ (íà ñåðâåðå):

Code:

---

Nov 10 01:09:26 accel-pppd: ppp1:: connect: ppp1 <--> pptp(x.x.x.x)
Nov 10 01:09:26 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 4b588f54> <mru 1400>]
Nov 10 01:09:26 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic b45c1cc0>]
Nov 10 01:09:26 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
Nov 10 01:09:26 accel-pppd: ppp1:: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <magic 4b588f54> <mru 1400>]
Nov 10 01:09:26 accel-pppd: ppp1:: send [MSCHAP-v2 Challenge id=1 <2390ecec27573e125fc5839317c72e4b>]
Nov 10 01:09:26 accel-pppd: ppp1:: recv [MSCHAP-v2 Response id=1 <d5b7ad74555f269619a94e5a817c235>, <f1c7aa60d2b2c18c45c023d8d664d920304ad53ccc2e986f>, F=0, name="login1"]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [MSCHAP-v2 Success id=1 "S=D764A21DD3B24D991AA4F9822774FE883359A98A M=Authentication succeeded"]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [IPCP ConfReq id=1 <addr 192.168.52.1>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: login1: authentication succeeded
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [CCP ConfReq id=1 <mppe +H -M +S -L -D +C>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [CCP ConfReq id=1 <mppe +H -M +S -L -D -C>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [CCP ConfNak id=1 <mppe +H -M +S -L -D -C>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [IPCP ConfReq id=1 <addr 0.0.0.0>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [IPCP ConfNak id=1 <addr 255.255.255.255>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [IPCP ConfAck id=1 <addr 192.168.52.1>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [CCP ConfAck id=1 <mppe +H -M +S -L -D -C>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [CCP ConfReq id=2 <mppe +H -M +S -L -D -C> (mppe enabled)]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [CCP ConfAck id=2]
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [IPCP ConfReq id=2 <addr 255.255.255.255>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [IPCP ConfAck id=2]
Nov 10 01:09:26 accel-pppd: ppp1:login1: ppp: failed to set peer IPv4 address: Invalid argument
Nov 10 01:09:26 accel-pppd: ppp1:login1: pppd_compat: ip-up started (pid 4619)
Nov 10 01:09:26 accel-pppd: ppp1:login1: pppd_compat: ip-up finished (0)
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [IPCP TermReq id=3]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [IPCP TermReq id=3]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [IPCP TermAck id=3]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [LCP TermReq id=3]
Nov 10 01:09:26 accel-pppd: ppp1:login1: IPCP: discarding packet
Nov 10 01:09:26 accel-pppd: ppp1:login1: recv [LCP TermAck id=3]
Nov 10 01:09:26 accel-pppd: ppp1:login1: pppd_compat: ip-down started (pid 4620)
Nov 10 01:09:26 accel-pppd: ppp1:login1: pppd_compat: ip-down finished (0)
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [PPTP Call-Disconnect-Notify <Call-ID 52c9> <Result 3> <Error 0> <Cause 0>]
Nov 10 01:09:26 accel-pppd: ppp1:login1: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
Nov 10 01:09:26 accel-pppd: ppp1:: pptp: disconnect by peer
Nov 10 01:09:26 accel-pppd: ppp1:: disconnected

---

Quote:

---

ìíå ìîé S60accel-pppd áîëüøå íðàâèòñÿ

Code:

---

#!/bin/sh

ENABLED=yes
PROCS=accel-pppd
ARGS="-c /opt/etc/accel-pppd.conf"
PREARGS=""
DESC=$PROCS
PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

. /opt/etc/init.d/rc.func

---

---

íå áóäó ñïîðèòü, ïóñòü áóäåò òàêîé âàðèàíò

ó ìåíÿ îí íå çàðàáîòàë:

Code:

---

# accel-pppd -c /opt/etc/accel-ppp.conf
modprobe: chdir(/opt/lib/modules): No such file or directory
#sh S60accel-pppd start
Starting accel-pppd...
            failed.

---

â îáùåì-òî âñå ðàáîòàåò, íî îøèáêó ýòó ïèøåò, òàê êàê ïûòàåòñÿ ïîäãðóçèòü ìîäóëü äëÿ pptp, òîãäà êîãäà îí âêîìïèëåí óæå â ÿäðî ïðè ýòîì âûäàâàÿ îøèáêó. ñîîòâåòñòâåííî init script íå îòðàáàòûâàåò âåðíî.

âñå ýòî ïðîèñõîäèò èç-çà level=5 ÿ òàê ïîíèìàþ..

EDIT:
÷òîáû ïîáîðîòü âîðíèíã ýòîò ïðèäåòñÿ ñîçäàòü /opt/lib/modules/2.6.22.19/modules.dep

EDIT2:
â îáùåì îøèáêà áûëà íàéäåíà, èñïîëüçîâàëñÿ /opt/etc/accel-pppd.conf âìåñòî äåôîëòíîãî (ïîñòàâëÿåìîãî ñ ïàêåòîì) /opt/etc/accel-ppp.conf

åùå íåïëîõî áûëî áû äîáàâèòü "-d" îïöèþ, ÷òîáû îí äåìîíîì ñòàðòîâàë..

Ñåãîäíÿ âåñü âå÷åð ïûòàëñÿ íàñòðîèòü ðîóòåð äëÿ union online, âñå âðåìÿ âûäàâàëî îøèáêó...

MS-CHAP Authorization failed ^AE=691 R=1 M=Authorization failed.

Ïàðîëü ïðàâèëüíûé, íà êîìïå âñå ðàáîòàåò, ìàê àäðåñ ñ êîìïà ïðîïèñûâàëè â ðîóòåð... ðåçóëüòàòà òàêîéæå ((

Íà êîìïüþòåðå íàñòðàèâàåòñÿ ïî ýòîé êàðòèíêå

Attachment 9329

Ìîæåò íóæíû êàêèå òî äîïîëíèòåëüíûå îïöèè â ïîëå Additional pppd options?

Ïðîøèâêà RT-N-1.9.2.7-rtn-r4667.

Ìîæåò äðóãóþ âåðñèþ ïðîøèâêó ïîïðîáîâàòü?

Quote:

---

Originally Posted by staticroute

 ëîãàõ òàêîå:

---

Code:

---

Nov 10 00:59:14 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 519b500d> <mru 1400>]
Nov 10 00:59:14 accel-pppd: ppp1:: recv [LCP ConfReq id=2 <magic 1fc15408>]
Nov 10 00:59:14 accel-pppd: ppp1:: send [LCP ConfAck id=2 ]
Nov 10 00:59:14 accel-pppd: ppp1:: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <magic 519b500d> <mru 1400>]

---

äðóã äðóãà óñëûøàëè, äîãîâîðèëèñü

Code:

---

Nov 10 00:59:56 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 00:59:56 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic 18983e0f>]
Nov 10 00:59:56 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
... 3 ñåêóíä îæèäàíèÿ ...
Nov 10 00:59:59 accel-pppd: ppp1:: send [LCP ConfReq id=1 <auth MSCHAP-v2> <magic 257130a3> <mru 1400>]
Nov 10 00:59:59 accel-pppd: ppp1:: recv [LCP ConfReq id=1 <magic 18983e0f>]
Nov 10 00:59:59 accel-pppd: ppp1:: send [LCP ConfAck id=1 ]
...

---

êëèåíò èëè íå ïîëó÷àåò confreq, èëè ïî êàêèì-òî ïðè÷èíàì íå îòâå÷àåò íà íåãî confack, êàê âûøå.

Quote:

---

Originally Posted by staticroute

È òàê ïîñòîÿííî ïîñëå ðåêîííåêòîâ, ïîêà íå ñìåíèøü IP â /opt/etc/ppp/chap-secrets íà äðóãîé.

---

äàæå åñëè ïåðåçàïóñòèòü êëèåíòà? êñòàòè, ÷òî çà êëèåíò? ìîäåëè, âåðñèè, etc.

Quote:

---

Originally Posted by staticroute

È íå ðàáîòàåò, åñëè óêàçàòü â /opt/etc/ppp/chap-secrets ïîäñåòü âìåñòî ôèêñèðîâàííîãî IP-àäðåñà, íàïðèìåð 192.168.51.0/24.

---

è íå äîëæíî.
èñïîëüçóåòñÿ ñëåäóþùèé àäðåñ èç ippool, èëè èç chap-secrets, èëè radius.

Quote:

---

Originally Posted by staticroute

íå áóäó ñïîðèòü, ïóñòü áóäåò òàêîé âàðèàíò
åùå íåïëîõî áûëî áû äîáàâèòü "-d" îïöèþ, ÷òîáû îí äåìîíîì ñòàðòîâàë..

---

òåïåðü ïàêåò íàçûâàåòñÿ accel-ppp, ñêðèïò âêëþ÷åí â ñîñòàâ, çàîäíî äîáàâèë ïîääåðæêó wins (nbns).
íóæíî ðó÷íîå îáíîâëåíèå, êîíôèã îñòàíåòñÿ íà ìåñòå.

Code:

---

opkg update
opkg remove accel-pppd
opkg install accel-ppp

---

Quote:

---

Originally Posted by theMIROn

êëèåíò èëè íå ïîëó÷àåò confreq, èëè ïî êàêèì-òî ïðè÷èíàì íå îòâå÷àåò íà íåãî confack, êàê âûøå.
äàæå åñëè ïåðåçàïóñòèòü êëèåíòà? êñòàòè, ÷òî çà êëèåíò? ìîäåëè, âåðñèè, etc.

---

r3497 äâà ðîóòåðà ASUS RT-N16, ñêîðåå âñåãî áàã â êëèåíòå, òàê êàê ðåáóò ðîóòåðà íå ïîìîãàåò èëè ðåñòàðò accel-pppd, âñå ðàâíî ñîåäèíÿåò òîëüêî ñ 3åãî èëè 4îãî ðàçà.

òî, ÷òî ýòî êëèåíò 100%, òàê êàê ñ âèíäû âñå êîííåêòèòñÿ, äèñêîííåêòèòñÿ êàê íàäî.

àïðãåéäèòü íå õî÷åòñÿ ïðîøèâêó - ïîòîìó êàê òàì ãëþêè ñ dnsmasq è ïðî÷èì â íîâûõ ðåâèçèÿõ - óæå áîÿçíî ñòàâèòü.

Quote:

---

è íå äîëæíî.
èñïîëüçóåòñÿ ñëåäóþùèé àäðåñ èç ippool, èëè èç chap-secrets, èëè radius.

---

ippool ó ìåíÿ âîîáùå íå çàðàáîòàë êàê íàäî â êîìáèíàöèè ñ chap-secrets. (ò.å. ÷òîáû èç íóæíûõ ïóëîâ âûäàâàëèñü èïû íóæíûì êëèåíòàì).

ippool òóïî âûäàåò ñëåäóþùèé ñâîáîäíûé IP-àäðåñ.

radius íå íàñòðàèâàë

Quote:

---

òåïåðü ïàêåò íàçûâàåòñÿ accel-ppp, ñêðèïò âêëþ÷åí â ñîñòàâ, çàîäíî äîáàâèë ïîääåðæêó wins (nbns).
íóæíî ðó÷íîå îáíîâëåíèå, êîíôèã îñòàíåòñÿ íà ìåñòå.

---

Ñïàñèáî, à ÷òî íàñ÷åò shaper-a ? Áûëî áû íåïëîõî åãî âêëþ÷èòü òîæå, à òî tc ëåíèâî êîâûðÿòü..

Êñòàòè åùå ïîïóòíûé âîïðîñ ó êîãî ïîëó÷àëîñü çàñòàâèòü samba'û ñèíêàòü ÷åðåç PPTP/OpenVPN òóííåëü ñïèñêè õîñòîâ ñ ïîìîùüþ WINS? Ãîâîðÿò ýòà ïîääåðæêà åñòü òîëüêî â âåðñèè 4. (÷òîáû èç îáåèõ ñåòåé áûëè âèäíû êîìïüþòåðû çà ðîóòåðàìè â ñåòåâîì îêðóæåíèè).

Ìåæäó ðîóòåðàìè ïî÷åìó-òî íè â êàêóþ íå ðàáîòàåò. Äåëàë ñ ñåðâàêîì è ïèõàë çà ñåðâàê åùå ñàìáó - âñå âèäåëîñü è îáå ñåòè âèäåëè êîìïüþòåðû äðóã äðóãà.

Ïî IP åñòåñòâåííî âñå ïèíãóåòñÿ è çàõîäèò äðóã íà äðóæêó.

 êîíôèãå âòîðîé ñàìáû ÿ óêàçûâàë:

Code:

---

; wins support = yes
  wins server = 192.168.1.1
  wins proxy = yes

---

Íî ÷òî-òî îíî íèôèãà íå ïðîêñèðóåò êàê íàäî, åñòåñòâåííî allowed è ïðî÷åå âñå ïîäñåòè äîáàâëåíû.

Quote:

---

Originally Posted by staticroute

r3497 äâà ðîóòåðà ASUS RT-N16
àïðãåéäèòü íå õî÷åòñÿ ïðîøèâêó - ïîòîìó êàê òàì ãëþêè ñ dnsmasq è ïðî÷èì â íîâûõ ðåâèçèÿõ - óæå áîÿçíî ñòàâèòü.

---

ëîæü. íåò íèêàêèõ ãëþêîâ íà N16 ñ dnsmasq, êàê ìèíèìóì íà r4691.

Quote:

---

Originally Posted by staticroute

ippool ó ìåíÿ âîîáùå íå çàðàáîòàë êàê íàäî â êîìáèíàöèè ñ chap-secrets. (ò.å. ÷òîáû èç íóæíûõ ïóëîâ âûäàâàëèñü èïû íóæíûì êëèåíòàì).
ippool òóïî âûäàåò ñëåäóþùèé ñâîáîäíûé IP-àäðåñ.

---

õî÷åòñÿ ñòðàííîãî? âñå òàê è çàäóìàíî, ÷èòàé ìàí.
ïóëû ïîääåðæèâàþòñÿ per proto è ñ ðàäèóñîì.

Quote:

---

Originally Posted by staticroute

Ñïàñèáî, à ÷òî íàñ÷åò shaper-a ? Áûëî áû íåïëîõî åãî âêëþ÷èòü òîæå, à òî tc ëåíèâî êîâûðÿòü..

---

íà 2.6.22 - íè÷åãî.

Quote:

---

Originally Posted by staticroute

 êîíôèãå âòîðîé ñàìáû ÿ óêàçûâàë:

---

ïðîáëåìû â íàñòðîéêå è îïÿòü ñ ÷òåíèåì ìàíîâ.
äëÿ âñòðîåííîé ñàìáû:

Code:

---

[global]
        wins support = yes
        local master = yes
        domain master = yes
        preferred master = yes

---