[c-nsp] pptp connection to 2600 with Windows VPN failing.

Wed Dec 12 17:55:45 EST 2012

BTW, yes, I am aware that I left the passwords for ftp etc in the config. 
They've already been changed.

----- Original Message ----- 
From: "Joseph Mays" <mays at win.net>
To: <cisco-nsp at puck.nether.net>
Sent: Wednesday, December 12, 2012 5:12 PM
Subject: [c-nsp] pptp connection to 2600 with Windows VPN failing.

> Trying to make a vpdn setup work from a windows vpn client to a cisco 
> 2600. I had this working for a while, but then after one minor config 
> change by someone else it stopped working. That change shouldn't have 
> broken anything, but I backed it out nonetheless and the connection is 
> still not working again.
>
> I think it's breaking during the LCP negotiation, before authentication 
> even occurs. Here's what I get from PPP debugging. Notice that it never 
> gets to the authentication phase. I will attach relevant portions of the 
> config afterwards.
>
> genisis#show debug
> PPP:
>  PPP detailed event debugging is on
>  PPP authentication debugging is on
>  PPP protocol errors debugging is on
>  PPP protocol negotiation debugging is on
>
>
>
> genisis#
> genisis#term mon
> genisis#
> *Mar  1 02:26:32.559: Se0/0 PPP: Outbound cdp packet dropped, CDPCP state 
> is Listen
> *Mar  1 02:26:39.415:  EVT: Dynamic Bind 0 0x82C3989C
> *Mar  1 02:26:39.415: ppp13 EVT: Cstate 4 0x00000000
> *Mar  1 02:26:39.415: ppp13 PPP: Using vpn set call direction
> *Mar  1 02:26:39.415: ppp13 PPP: Treating connection as a callin
> *Mar  1 02:26:39.415: ppp13 PPP: Phase is ESTABLISHING, Passive Open
> *Mar  1 02:26:39.415: ppp13 LCP: State is Listen
> *Mar  1 02:26:39.439: ppp13 EVT: Packet 0 0x8332C29C
> *Mar  1 02:26:39.439: ppp13 LCP: I CONFREQ [Listen] id 0 len 21
> *Mar  1 02:26:39.439: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:39.439: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:39.439: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:39.439: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:39.439: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:39.439: ppp13 PPP: Authorization required
> *Mar  1 02:26:39.439: ppp13 LCP: O CONFREQ [Listen] id 1 len 15
> *Mar  1 02:26:39.443: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:39.443: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:39.443: ppp13 LCP: O CONFREJ [Listen] id 0 len 7
> *Mar  1 02:26:39.443: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:41.431: ppp13 EVT: Packet 0 0x830D1F30
> *Mar  1 02:26:41.431: ppp13 LCP: I CONFREQ [REQsent] id 1 len 21
> *Mar  1 02:26:41.431: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:41.431: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:41.431: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:41.431: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:41.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:41.431: ppp13 LCP: O CONFREJ [REQsent] id 1 len 7
> *Mar  1 02:26:41.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:41.451: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:41.451: ppp13 LCP: O CONFREQ [REQsent] id 2 len 15
> *Mar  1 02:26:41.451: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:41.451: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:43.467: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:43.467: ppp13 LCP: O CONFREQ [REQsent] id 3 len 15
> *Mar  1 02:26:43.467: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:43.467: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:44.431: ppp13 EVT: Packet 0 0x830D2E1C
> *Mar  1 02:26:44.435: ppp13 LCP: I CONFREQ [REQsent] id 2 len 21
> *Mar  1 02:26:44.435: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:44.435: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:44.435: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:44.435: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:44.435: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:44.435: ppp13 LCP: O CONFREJ [REQsent] id 2 len 7
> *Mar  1 02:26:44.435: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:45.483: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:45.483: ppp13 LCP: O CONFREQ [REQsent] id 4 len 15
> *Mar  1 02:26:45.483: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:45.483: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:47.499: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:47.499: ppp13 LCP: O CONFREQ [REQsent] id 5 len 15
> *Mar  1 02:26:47.499: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:47.499: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:48.427: ppp13 EVT: Packet 0 0x830D3118
> *Mar  1 02:26:48.431: ppp13 LCP: I CONFREQ [REQsent] id 3 len 21
> *Mar  1 02:26:48.431: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:48.431: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:48.431: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:48.431: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:48.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:48.431: ppp13 LCP: O CONFREJ [REQsent] id 3 len 7
> *Mar  1 02:26:48.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:49.515: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:49.515: ppp13 LCP: O CONFREQ [REQsent] id 6 len 15
> *Mar  1 02:26:49.515: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:49.515: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:51.531: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:51.531: ppp13 LCP: O CONFREQ [REQsent] id 7 len 15
> *Mar  1 02:26:51.531: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:51.531: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:52.431: ppp13 EVT: Packet 0 0x830CFB60
> *Mar  1 02:26:52.431: ppp13 LCP: I CONFREQ [REQsent] id 4 len 21
> *Mar  1 02:26:52.431: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:52.431: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:52.435: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:52.435: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:52.435: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:52.435: ppp13 LCP: O CONFREJ [REQsent] id 4 len 7
> *Mar  1 02:26:52.435: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:53.547: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:53.547: ppp13 LCP: O CONFREQ [REQsent] id 8 len 15
> *Mar  1 02:26:53.547: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:53.547: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:55.563: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:55.563: ppp13 LCP: O CONFREQ [REQsent] id 9 len 15
> *Mar  1 02:26:55.563: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:55.563: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:56.431: ppp13 EVT: Packet 0 0x830D0D48
> *Mar  1 02:26:56.431: ppp13 LCP: I CONFREQ [REQsent] id 5 len 21
> *Mar  1 02:26:56.431: ppp13 LCP:    MRU 1400 (0x01040578)
> *Mar  1 02:26:56.431: ppp13 LCP:    MagicNumber 0x4FC8505D 
> (0x05064FC8505D)
> *Mar  1 02:26:56.431: ppp13 LCP:    PFC (0x0702)
> *Mar  1 02:26:56.431: ppp13 LCP:    ACFC (0x0802)
> *Mar  1 02:26:56.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:56.431: ppp13 LCP: O CONFREJ [REQsent] id 5 len 7
> *Mar  1 02:26:56.431: ppp13 LCP:    Callback 6  (0x0D0306)
> *Mar  1 02:26:57.579: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:57.579: ppp13 LCP: O CONFREQ [REQsent] id 10 len 15
> *Mar  1 02:26:57.579: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
> *Mar  1 02:26:57.579: ppp13 LCP:    MagicNumber 0x0F0968D2 
> (0x05060F0968D2)
> *Mar  1 02:26:59.595: ppp13 LCP: TIMEout: State REQsent
> *Mar  1 02:26:59.595: ppp13 LCP: O TERMREQ [REQsent] id 10 len 4
> *Mar  1 02:26:59.595: ppp13 PPP: Phase is TERMINATING
> *Mar  1 02:26:59.595: ppp13 LCP: State is Listen
> *Mar  1 02:26:59.595: ppp13 EVT: Hard Disc 0 0x00000000
> *Mar  1 02:26:59.595: ppp13 PPP: Sending Acct Event[Down] id[11]
> *Mar  1 02:26:59.595: ppp13 LCP: State is Closed
> *Mar  1 02:26:59.595: ppp13 PPP: Phase is DOWN
> *Mar  1 02:26:59.599: ppp13 EVT: Free PPP 0 0x00000000
>
>
> ==========
>
> genisis#show run
> Building configuration...
>
> Current configuration : 2791 bytes
> !
> version 12.3
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname genisis
> !
> boot-start-marker
> boot-end-marker
> !
> logging buffered 4096 informational
> enable secret 5 xxxxxxxxxxxxxxxxxxxxxx.
> enable password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxx
> !
> username johndoe password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
> username angela password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> username admin privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxx
> no network-clock-participate slot 1
> no network-clock-participate wic 0
> aaa new-model
> !
> !
> aaa authentication ppp default local
> aaa authorization network default if-authenticated
> aaa session-id common
> ip subnet-zero
> no ip cef
> !
> !
> ip ftp username launchpad
> ip ftp password 7 045907071C3543480F
> no ip domain lookup
> no ip dhcp conflict logging
> ip dhcp excluded-address 10.10.2.150 10.10.2.255
> ip dhcp excluded-address 10.10.2.0 10.10.2.50
> !
> ip dhcp pool genesis-pc-dhcp-pool
>   network 10.10.2.0 255.255.255.0
>   dns-server 216.24.27.3
>   default-router 10.10.2.1
> !
> no ip bootp server
> ip audit po max-events 100
> vpdn enable
> !
> vpdn-group 1
> ! Default PPTP VPDN group
> accept-dialin
>  protocol pptp
>  virtual-template 1
> local name gen-vpn
> !
> no ftp-server write-enable
> !
> !
> !
> voice call carrier capacity active
> !
> voice class codec 1
> codec preference 1 g711ulaw
> codec preference 2 g729r8
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> class-map match-all dscp-ef
>  match ip dscp ef
> !
> !
> policy-map queue-on-dscp
> description Prioritizes voice traffic first, signalling next.
>  class dscp-ef
>   priority percent 75
>  class class-default
>   fair-queue
>   random-detect dscp-based
> !
> !
> !
> !
> !
> !
> interface FastEthernet0/0
> ip address 24.235.18.81 255.255.255.240 secondary
> ip address 10.10.2.1 255.255.255.0 secondary
> ip address 24.235.1.17 255.255.255.248
> no ip redirects
> ip nat inside
> service-policy output queue-on-dscp
> logging event subif-link-status
> duplex auto
> speed auto
> !
> interface Serial0/0
> description T1 to WinNET (UNE-DS1-003-004, HCFD.687777..NB)
> ip address 24.235.2.42 255.255.255.252
> no ip redirects
> ip nat outside
> service-policy output queue-on-dscp
> encapsulation ppp
> logging event subif-link-status
> auto qos voip trust
> service-module t1 timeslots 1-24
> !
> interface Virtual-Template1
> ip unnumbered FastEthernet0/0
> ip mroute-cache
> peer default ip address pool VPN-IN
> ppp encrypt mppe 40 required
> ppp authentication ms-chap
> !
> ip local pool VPN-IN 10.10.2.160 10.10.2.164
> ip nat inside source list 50 interface Serial0/0 overload
> no ip http server
> no ip http secure-server
> ip classless
> ip route 0.0.0.0 0.0.0.0 Serial0/0
> !
> !
> access-list 50 permit 10.10.2.0 0.0.0.255
> !
> rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for 
> Voice Drops" owner AutoQo
> !
> !
> !
> !
> !
> !
> !
> line con 0
> line aux 0
> line vty 0 4
> password 7 1415425B18072B2634
> !
> !
> end
>
> genisis#
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/ 