comp.security.firewalls archive
Watchguard X500 PPtP
Date: Fri Jul 29 2005 - 03:26:33 CEST
I have a Watchguard X500 I am working on. I am trying to use the MS
VPN client to connect to a pptp vpn hosted on the firebox x500.
Testing from my home computer to my first client it works fine. Trying
to connect to the 2nd fails out. Here is the log from the first
client.
07/28/05 20:18 tunneld[141]: connected to 68.60.xx.yyy:1767
07/28/05 20:18 tunneld[141]: 156 bytes received from socket 10
07/28/05 20:18 tunneld[141]: recv start-control-connection-request
from 68.60.90.211
07/28/05 20:18 tunneld[141]: sent start-control-connection-reply
07/28/05 20:18 tunneld[141]: 168 bytes received from socket 10
07/28/05 20:18 tunneld[141]: recv outgoing-call-request from
68.60.xx.yyy
07/28/05 20:18 tunneld[141]: gre rule added for 68.60.xx.yyy
07/28/05 20:18 tunneld[141]: spawned PPTPD with process id #31459
07/28/05 20:18 tunneld[141]: sent outgoing-call-reply
07/28/05 20:18 tunneld[31459]: starting PPTPD server
07/28/05 20:18 tunneld[31459]: pptpd
07/28/05 20:18 tunneld[31459]: silent
07/28/05 20:18 tunneld[31459]: 192.168.0.181:192.168.0.211
07/28/05 20:18 tunneld[31459]: -vj
07/28/05 20:18 tunneld[31459]: remotename
07/28/05 20:18 tunneld[31459]: 68.60.xx.yyy
07/28/05 20:18 tunneld[31459]: gre
07/28/05 20:18 tunneld[31459]: 0:1767
07/28/05 20:18 tunneld[31459]: channel
07/28/05 20:18 tunneld[31459]: 0
07/28/05 20:18 tunneld[31459]: +chap
07/28/05 20:18 tunneld[31459]: dns-addr
07/28/05 20:18 tunneld[31459]: 206.141.192.60
07/28/05 20:18 tunneld[31459]: dns-addr
07/28/05 20:18 tunneld[31459]: 206.141.193.55
07/28/05 20:18 tunneld[31459]: nbns-addr
07/28/05 20:18 tunneld[31459]: 192.168.0.1
07/28/05 20:18 tunneld[31459]: debug
07/28/05 20:18 tunneld[31459]: required_group
07/28/05 20:18 tunneld[31459]: pptp_users
07/28/05 20:18 tunneld[31459]: ccp-max-reset
07/28/05 20:18 tunneld[31459]: 257
07/28/05 20:18 tunneld[31459]: mppecomp
07/28/05 20:18 tunneld[31459]: drop
07/28/05 20:18 tunneld[31459]: nocomp
07/28/05 20:18 tunneld[31459]: stateless
07/28/05 20:18 tunneld[31459]: proxyarp
07/28/05 20:18 tunneld[31459]: setpptpmtu
07/28/05 20:18 tunneld[31459]: 1436
07/28/05 20:18 pptpd[31459]: Watchguard pptpd 2.2.0 started
07/28/05 20:18 pptpd[31459]: Using interface pptp0
07/28/05 20:18 kernel: pptp0: daemon attached.
07/28/05 20:18 pptpd[31459]: getting restart socket: pptp.31459
07/28/05 20:18 pptpd[31459]: Connect: pptp0 [0] <--> 68.60.xx.yyy
07/28/05 20:18 kernel: GRE: out of order: as:0 seq:0 from:0xd35a3c44
07/28/05 20:18 tunneld[141]: 24 bytes received from socket 10
07/28/05 20:18 tunneld[141]: recv set-link-info from 68.60.xx.yyy
07/28/05 20:18 tunneld[141]: sent set-link-info
07/28/05 20:18 pptpd[31459]: rcvd [LCP ConfReq id=0x1 <mru 1400>
<magic 0x12ab5d2e> <pcomp> <accomp> <magic 0xd030600, time 0x0>]
07/28/05 20:18 pptpd[31459]: sent [LCP ConfReq id=0x1 <mru 338> <auth
chap 81> <magic 0xb5d34225> <pcomp> <accomp>]
07/28/05 20:18 pptpd[31459]: sent [LCP ConfRej id=0x1 <magic
0xd030652, time 0x305c223>]
07/28/05 20:18 pptpd[31459]: rcvd [LCP ConfAck id=0x1 <mru 338> <auth
chap 81> <magic 0xb5d34225> <pcomp> <accomp>]
07/28/05 20:18 pptpd[31459]: rcvd [LCP ConfReq id=0x2 <mru 1400>
<magic 0x12ab5d2e> <pcomp> <accomp>]
07/28/05 20:18 pptpd[31459]: sent [LCP ConfAck id=0x2 <mru 1400>
<magic 0x12ab5d2e> <pcomp> <accomp>]
07/28/05 20:18 pptpd[31459]: sent [CHAP Challenge id=0x1
<23b966e9a1eea81cf149065f1f28a7a4>, name = "watchguard"]
07/28/05 20:18 pptpd[31459]: sent [CHAP Challenge id=0x1
<23b966e9a1eea81cf149065f1f28a7a4>, name = "watchguard"]
07/28/05 20:18 tunneld[141]: 24 bytes received from socket 10
07/28/05 20:18 tunneld[141]: recv set-link-info from 68.60.90.211
07/28/05 20:18 tunneld[141]: sent set-link-info
07/28/05 20:18 pptpd[31459]: rcvd [LCP code=0xc id=0x3 12 ab 5d 2e 4d
53 52 41 53 56 35 2e 31 30]
07/28/05 20:18 pptpd[31459]: sent [LCP CodeRej id=0x2 0c 03 00 12 12
ab 5d 2e 4d 53 52 41 53 56 35 2e 31 30]
07/28/05 20:18 pptpd[31459]: rcvd [LCP code=0xc id=0x4 12 ab 5d 2e 4d
53 52 41 53 2d 30 2d 43 4f 4d 50 41 51]
07/28/05 20:18 pptpd[31459]: sent [LCP CodeRej id=0x3 0c 04 00 16 12
ab 5d 2e 4d 53 52 41 53 2d 30 2d 43 4f 4d 50 41 51]
07/28/05 20:18 pptpd[31459]: rcvd [CHAP Response id=0x1, LAN =
<7526075017e07cdbe292c3df9806acf50000000000000000>, NT =
<bd53be37c1131c3f5221fec01e945b2b5844706b5627171d>, NT flag = 0, name =
"adminis
07/28/05 20:18 pptpd[31459]: dump_chap_state part1: unit:0
clientstate:1 serverstate:3 challenge:23b966e9a1eea81cf149065f1f28a7a4
chal_len:16 chal_id:1 chal_type:129
07/28/05 20:18 pptpd[31459]: dump_chap_state part2: id:1
chal_name:watchguard chal_interval:0 timeouttime:3 max_transmits:10
chal_transmits:1 resp_transmits:0
07/28/05 20:18 pptpd[31459]: dump_chap_state part3: response:
resp_length:0 resp_id:0 resp_type:0 success_resp:(null)
resp_name:(null) failure_id:0 retries:2
07/28/05 20:18 pptpd[31459]: password_hash from config (16 bytes):
0x3603269d4a16370777d6ee8962c48d9a
07/28/05 20:18 pptpd[31459]: nt_response from client (24 bytes):
0xbd53be37c1131c3f5221fec01e945b2b5844706b5627171d
07/28/05 20:18 pptpd[31459]: peer_challenge from client (16 bytes):
0x7526075017e07cdbe292c3df9806acf5
07/28/05 20:18 pptpd[31459]: auth_challenge original challenge (16
bytes): 0x23b966e9a1eea81cf149065f1f28a7a4
07/28/05 20:18 pptpd[31459]: user_name connecting user (256 bytes):
0x61646d696e6973747261746f7200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
07/28/05 20:18 pptpd[31459]: challenge for mschap: (8 bytes):
0xc90c769ed901a345
07/28/05 20:18 pptpd[31459]: response (calculated): (24 bytes):
0xbd53be37c1131c3f5221fec01e945b2b5844706b5627171d
07/28/05 20:18 pptpd[31459]: Add Host 7 192.168.0.211 "pptp_users"
"administrator" succeeded
07/28/05 20:18 pptpd[31459]: User "administrator" at 192.168.0.211
logged in
07/28/05 20:18 pptpd[31459]: auth_response (20 bytes):
0x0f1bbeac8096841358da7a57c64c4e1bfd4fabc2
07/28/05 20:18 pptpd[31459]: dump_chap_state part1: unit:0
clientstate:1 serverstate:3 challenge:23b966e9a1eea81cf149065f1f28a7a4
chal_len:16 chal_id:1 chal_type:129
07/28/05 20:18 pptpd[31459]: dump_chap_state part2: id:1
chal_name:watchguard chal_interval:0 timeouttime:3 max_transmits:10
chal_transmits:1 resp_transmits:0
07/28/05 20:18 pptpd[31459]: dump_chap_state part3: response:
resp_length:0 resp_id:0 resp_type:0
success_resp:S=0F1BBEAC8096841358DA7A57C64C4E1BFD4FABC2
resp_name:(null) failure_id:0 retries:2
07/28/05 20:18 pptpd[31459]: sent [CHAP Success id=0x1
"S=0F1BBEAC8096841358DA7A57C64C4E1BFD4FABC2"]
07/28/05 20:18 pptpd[31459]: sent [IPCP ConfReq id=0x1 <addr
192.168.0.181>]
07/28/05 20:18 pptpd[31459]: rcvd [CCP ConfReq id=0x5 < mppe_128
mppe_40 mppc (0x10000e1)>]
07/28/05 20:18 pptpd[31459]: sent [CCP ConfReq id=0x1 < mppe_40
(0x1000020)>]
07/28/05 20:18 pptpd[31459]: sent [CCP ConfNak id=0x5 < mppe_40
(0x1000020)>]
07/28/05 20:18 pptpd[31459]: rcvd [IPCP ConfReq id=0x6 <addr 0.0.0.0>
<dns-1 0.0.0.0> <nbns-1 0.0.0.0> <dns-2 0.0.0.0> <nbns-2 0.0.0.0>]
07/28/05 20:18 pptpd[31459]: sent [IPCP ConfRej id=0x6 <nbns-2
0.0.0.0>]
07/28/05 20:18 pptpd[31459]: rcvd [IPCP ConfAck id=0x1 <addr
192.168.0.181>]
07/28/05 20:18 pptpd[31459]: rcvd [CCP ConfAck id=0x1 < mppe_40
(0x1000020)>]
07/28/05 20:18 pptpd[31459]: rcvd [CCP ConfReq id=0x7 < mppe_40
(0x1000020)>]
07/28/05 20:18 pptpd[31459]: sent [CCP ConfAck id=0x7 < mppe_40
(0x1000020)>]
07/28/05 20:18 pptpd[31459]: Compression enabled
07/28/05 20:18 pptpd[31459]: Using PPTP encryption RC4 40-bit.
07/28/05 20:18 pptpd[31459]: Not using any PPTP software compression.
07/28/05 20:18 pptpd[31459]: Using stateless mode.
07/28/05 20:18 pptpd[31459]: Allowing unsafe packet transfer mode for
lossy links.
07/28/05 20:18 pptpd[31459]: rcvd [IPCP ConfReq id=0x8 <addr 0.0.0.0>
<dns-1 0.0.0.0> <nbns-1 0.0.0.0> <dns-2 0.0.0.0>]
07/28/05 20:18 pptpd[31459]: sent [IPCP ConfNak id=0x8 <addr
192.168.0.211> <dns-1 206.141.192.60> <nbns-1 192.168.0.1> <dns-2
206.141.193.55>]
07/28/05 20:18 pptpd[31459]: rcvd [IPCP ConfReq id=0x9 <addr
192.168.0.211> <dns-1 206.141.192.60> <nbns-1 192.168.0.1> <dns-2
206.141.193.55>]
07/28/05 20:18 pptpd[31459]: sent [IPCP ConfAck id=0x9 <addr
192.168.0.211> <dns-1 206.141.192.60> <nbns-1 192.168.0.1> <dns-2
206.141.193.55>]
07/28/05 20:18 pptpd[31459]: local IP address 192.168.0.181
07/28/05 20:18 pptpd[31459]: remote IP address 192.168.0.211
07/28/05 20:18 pptpd[31459]: found interface eth1 for proxy arp
Now here is the log for the Firebox X500 That I cannot connect to. As
far as I can tell all the settings are the same. Of course I did not
set up the working one so i cant be 100% sure.
07/27/05 20:27 tunneld[145]: connected to 69.39.xx.yyy:1877
07/27/05 20:27 tunneld[145]: 156 bytes received from socket 10
07/27/05 20:27 tunneld[145]: recv start-control-connection-request
from 69.39.94.150
07/27/05 20:27 tunneld[145]: sent start-control-connection-reply
07/27/05 20:27 tunneld[145]: 168 bytes received from socket 10
07/27/05 20:27 tunneld[145]: recv outgoing-call-request from
69.39.xx.yyy
07/27/05 20:27 tunneld[145]: gre rule added for 69.39.xx.yyy
07/27/05 20:27 tunneld[145]: spawned PPTPD with process id #492
07/27/05 20:27 tunneld[145]: sent outgoing-call-reply
07/27/05 20:27 tunneld[492]: starting PPTPD server
07/27/05 20:27 tunneld[492]: pptpd
07/27/05 20:27 tunneld[492]: silent
07/27/05 20:27 tunneld[492]: 172.16.32.1:172.16.32.30
07/27/05 20:27 tunneld[492]: -vj
07/27/05 20:27 tunneld[492]: remotename
07/27/05 20:27 tunneld[492]: 69.39.94.150
07/27/05 20:27 tunneld[492]: gre
07/27/05 20:27 tunneld[492]: 0:1877
07/27/05 20:27 tunneld[492]: channel
07/27/05 20:27 tunneld[492]: 0
07/27/05 20:27 tunneld[492]: +chap
07/27/05 20:27 tunneld[492]: dns-addr
07/27/05 20:27 tunneld[492]: 4.2.2.2
07/27/05 20:27 tunneld[492]: dns-addr
07/27/05 20:27 tunneld[492]: 206.141.251.2
07/27/05 20:27 tunneld[492]: nbns-addr
07/27/05 20:27 tunneld[492]: 172.16.32.5
07/27/05 20:27 tunneld[492]: debug
07/27/05 20:27 tunneld[492]: required_group
07/27/05 20:27 tunneld[492]: pptp_users
07/27/05 20:27 tunneld[492]: ccp-max-reset
07/27/05 20:27 tunneld[492]: 257
07/27/05 20:27 tunneld[492]: mppecomp
07/27/05 20:27 tunneld[492]: drop
07/27/05 20:27 tunneld[492]: nocomp
07/27/05 20:27 tunneld[492]: stateless
07/27/05 20:27 tunneld[492]: proxyarp
07/27/05 20:27 tunneld[492]: setpptpmtu
07/27/05 20:27 tunneld[492]: 1436
07/27/05 20:27 tunneld[145]: rcvd SIGCHLD--ignoring
07/27/05 20:27 tunneld[145]: child pid 492 died
07/27/05 20:27 tunneld[145]: child pid 492 died without us killing it
07/27/05 20:27 tunneld[145]: killing tunnel from 69.39.94.150
07/27/05 20:27 tunneld[145]: killing child pid 492
07/27/05 20:27 tunneld[145]: setting channel 172.16.32.1:172.16.32.30
to be re-used.
What is wrong w/ the second firebox, and any suggestions on how to fix
it?
TIA
Received on Thu Sep 29 19:59:47 2005