MPPE required but not available
I'm trying to get VPN working through a FreeBSD NAT gateway. I've forwarded the ports that are listed in the Leopard Server documentation as well as one other one someone else mentioned:
# VPN
redirect_port udp 10.0.1.17:170 170
redirect_port udp 10.0.1.17:500 500
redirect_port udp 10.0.1.17:1701 1701
redirect_port tcp 10.0.1.17:1723 1723
redirect_port udp 10.0.1.17:4500 4500
When I setup an L2TP over IPsec VPN connection from home, it connects but then fails. The server logs show:
*MPPE required by not available*
Has anyone seen this?
The full logs are as follows:
2008-02-05 18:54:40 PST Incoming call... Address given to client = 10.0.1.241
Tue Feb 5 18:54:40 2008 : Directory Services Authentication plugin initialized
Tue Feb 5 18:54:40 2008 : Directory Services Authorization plugin initialized
Tue Feb 5 18:54:40 2008 : L2TP incoming call in progress from 'xxx.xxx.xxx.xxx'...
Tue Feb 5 18:54:40 2008 : L2TP received SCCRQ
Tue Feb 5 18:54:40 2008 : L2TP sent SCCRP
Tue Feb 5 18:54:40 2008 : L2TP received SCCCN
Tue Feb 5 18:54:40 2008 : L2TP received ICRQ
Tue Feb 5 18:54:40 2008 : L2TP sent ICRP
Tue Feb 5 18:54:40 2008 : L2TP received ICCN
Tue Feb 5 18:54:40 2008 : L2TP connection established.
Tue Feb 5 18:54:40 2008 : using link 0
Tue Feb 5 18:54:40 2008 : Using interface ppp0
Tue Feb 5 18:54:40 2008 : Connect: ppp0 <--> socket[34:18]
Tue Feb 5 18:54:40 2008 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xc7140cf4> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x9178c2c0> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : lcp_reqci: returning CONFACK.
Tue Feb 5 18:54:40 2008 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x9178c2c0> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xc7140cf4> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : sent [LCP EchoReq id=0x0 magic=0xc7140cf4]
Tue Feb 5 18:54:40 2008 : sent [CHAP Challenge id=0x2c <eff32f5e4a2e7568fd6bf6e8554f0e98>, name = "ambrosia.xxxxxxx.com"]
Tue Feb 5 18:54:40 2008 : rcvd [LCP EchoReq id=0x0 magic=0x9178c2c0]
Tue Feb 5 18:54:40 2008 : sent [LCP EchoRep id=0x0 magic=0xc7140cf4]
Tue Feb 5 18:54:40 2008 : rcvd [LCP EchoRep id=0x0 magic=0x9178c2c0]
Tue Feb 5 18:54:40 2008 : rcvd [CHAP Response id=0x2c <537edd13c383e0138f6a42eba424261b0000000000000000aa78ba8820128550fdfc21aa8b6eb4 995c32f8e77bf0debb00>, name = "patrick"]
Tue Feb 5 18:54:41 2008 : sent [CHAP Success id=0x2c "S=9C7DED03592A3FFA3B7FE5ECECF03C8E6C3CC76A M=Access granted"]
Tue Feb 5 18:54:41 2008 : CHAP peer authentication succeeded for patrick
Tue Feb 5 18:54:41 2008 : DSAccessControl plugin: User 'patrick' authorized for access
Tue Feb 5 18:54:41 2008 : sent [IPCP ConfReq id=0x1 <addr 10.0.1.17>]
Tue Feb 5 18:54:41 2008 : sent [ACSCP] 01 01 00 04
Tue Feb 5 18:54:41 2008 : rcvd [LCP TermReq id=0x2 "MPPE required but not available"]
Tue Feb 5 18:54:41 2008 : LCP terminated by peer (MPPE required but not available)
Tue Feb 5 18:54:41 2008 : sent [LCP TermAck id=0x2]
Tue Feb 5 18:54:41 2008 : L2TP received CDN
Tue Feb 5 18:54:41 2008 : Connection terminated.
Tue Feb 5 18:54:41 2008 : Connect time 0.1 minutes.
Tue Feb 5 18:54:41 2008 : Sent 0 bytes, received 0 bytes.
Tue Feb 5 18:54:41 2008 : L2TP disconnecting...
Tue Feb 5 18:54:41 2008 : L2TP sent CDN
Tue Feb 5 18:54:41 2008 : L2TP sent StopCCN
Tue Feb 5 18:54:41 2008 : L2TP disconnected
2008-02-05 18:54:41 PST --> Client with address = 10.0.1.241 has hungup
# VPN
redirect_port udp 10.0.1.17:170 170
redirect_port udp 10.0.1.17:500 500
redirect_port udp 10.0.1.17:1701 1701
redirect_port tcp 10.0.1.17:1723 1723
redirect_port udp 10.0.1.17:4500 4500
When I setup an L2TP over IPsec VPN connection from home, it connects but then fails. The server logs show:
*MPPE required by not available*
Has anyone seen this?
The full logs are as follows:
2008-02-05 18:54:40 PST Incoming call... Address given to client = 10.0.1.241
Tue Feb 5 18:54:40 2008 : Directory Services Authentication plugin initialized
Tue Feb 5 18:54:40 2008 : Directory Services Authorization plugin initialized
Tue Feb 5 18:54:40 2008 : L2TP incoming call in progress from 'xxx.xxx.xxx.xxx'...
Tue Feb 5 18:54:40 2008 : L2TP received SCCRQ
Tue Feb 5 18:54:40 2008 : L2TP sent SCCRP
Tue Feb 5 18:54:40 2008 : L2TP received SCCCN
Tue Feb 5 18:54:40 2008 : L2TP received ICRQ
Tue Feb 5 18:54:40 2008 : L2TP sent ICRP
Tue Feb 5 18:54:40 2008 : L2TP received ICCN
Tue Feb 5 18:54:40 2008 : L2TP connection established.
Tue Feb 5 18:54:40 2008 : using link 0
Tue Feb 5 18:54:40 2008 : Using interface ppp0
Tue Feb 5 18:54:40 2008 : Connect: ppp0 <--> socket[34:18]
Tue Feb 5 18:54:40 2008 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xc7140cf4> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x9178c2c0> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : lcp_reqci: returning CONFACK.
Tue Feb 5 18:54:40 2008 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x9178c2c0> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xc7140cf4> <pcomp> <accomp>]
Tue Feb 5 18:54:40 2008 : sent [LCP EchoReq id=0x0 magic=0xc7140cf4]
Tue Feb 5 18:54:40 2008 : sent [CHAP Challenge id=0x2c <eff32f5e4a2e7568fd6bf6e8554f0e98>, name = "ambrosia.xxxxxxx.com"]
Tue Feb 5 18:54:40 2008 : rcvd [LCP EchoReq id=0x0 magic=0x9178c2c0]
Tue Feb 5 18:54:40 2008 : sent [LCP EchoRep id=0x0 magic=0xc7140cf4]
Tue Feb 5 18:54:40 2008 : rcvd [LCP EchoRep id=0x0 magic=0x9178c2c0]
Tue Feb 5 18:54:40 2008 : rcvd [CHAP Response id=0x2c <537edd13c383e0138f6a42eba424261b0000000000000000aa78ba8820128550fdfc21aa8b6eb4 995c32f8e77bf0debb00>, name = "patrick"]
Tue Feb 5 18:54:41 2008 : sent [CHAP Success id=0x2c "S=9C7DED03592A3FFA3B7FE5ECECF03C8E6C3CC76A M=Access granted"]
Tue Feb 5 18:54:41 2008 : CHAP peer authentication succeeded for patrick
Tue Feb 5 18:54:41 2008 : DSAccessControl plugin: User 'patrick' authorized for access
Tue Feb 5 18:54:41 2008 : sent [IPCP ConfReq id=0x1 <addr 10.0.1.17>]
Tue Feb 5 18:54:41 2008 : sent [ACSCP] 01 01 00 04
Tue Feb 5 18:54:41 2008 : rcvd [LCP TermReq id=0x2 "MPPE required but not available"]
Tue Feb 5 18:54:41 2008 : LCP terminated by peer (MPPE required but not available)
Tue Feb 5 18:54:41 2008 : sent [LCP TermAck id=0x2]
Tue Feb 5 18:54:41 2008 : L2TP received CDN
Tue Feb 5 18:54:41 2008 : Connection terminated.
Tue Feb 5 18:54:41 2008 : Connect time 0.1 minutes.
Tue Feb 5 18:54:41 2008 : Sent 0 bytes, received 0 bytes.
Tue Feb 5 18:54:41 2008 : L2TP disconnecting...
Tue Feb 5 18:54:41 2008 : L2TP sent CDN
Tue Feb 5 18:54:41 2008 : L2TP sent StopCCN
Tue Feb 5 18:54:41 2008 : L2TP disconnected
2008-02-05 18:54:41 PST --> Client with address = 10.0.1.241 has hungup
MacBook 2.0GHz Core Duo, iMac 20" Core Duo, Mac OS X (10.5.1)
