Spremenjen Linux PPP/NT HOWTO: LINUX PPP odjemalec preko mschap na WINDOWS NT/2000 serverju Siegfried Schoen v?.?, 15. september 2001 _________________________________________________________________ Ta spis opisuje, kako vspostavi¹ PPP povezavo med LINUX klientom in Windows NT/2000 servejem z uporabo MS-CHAP protkola s callbackom. Ta spist temelji na PPP/NT HOWTO avtorja Siegfried Schoena. Preveden je v sloven¹èino in prirejen za zgoraj opisani naslov. Vse avtorske pravice tega spisa obdr¾i avtor. Dovoljenje je odobreno za distribuiranje spisa z elektronskim pomenom in na CDju oskrbljenim v celoti v originalnem formatu. Dovoljenje je pravtako odobreno tudi za kopiranje tega dokumenta za lastno uporabo. _________________________________________________________________ Kazalo 1. Predstavitev * 1.1 Sporoèila, Bug Reporti, itd. * 1.2 Kratka predstavitev PPP-ja in RAS-a * 1.3 Linki na podobne informacije 2. Generalno in Patchanje PPPD * 2.1 Generalno * 2.2 Kaj potrebuje¹ ? * 2.3 Patcanje PPPDja za MS-CHAP * 2.4 Patchanje PPPDja za callback 3. Konfiguracije * 3.1 Sistemska konfiguracija * 3.2 Delovna konfiguracija 4. PPP link z MSCHAP * 4.1 pppd-Dialscript * 4.2 Datoteka /etc/ppp/options * 4.3 Datoteka /etc/ppp/chap-secrets * 4.4 Protokol PPP/MSCHAP link 5. PPP-Link z MS-CHAP Callbackom * 5.1 'PPPD' Dialscript * 5.2 Konfiguracija datoteke /etc/ppp/options.callback * 5.3 Datoteka /etc/resolv.conf * 5.4 Protokol PPP/MSCHAP Link z 'User Defined Callback' funkcijo * 5.5 Protokol PPP/MSCHAP Link z 'Admin Defined Callback' funkcijo 6. Dodatek * 6.1 Kako spremeniti syslog.conf datoteko za pppd razhro¹èevanje * 6.2 Literatura * 6.3 Naèrti 7. FAQ _________________________________________________________________ 1. Predstavitev 1.1 Sporoèila, Bug Reporti, itd. Poglej v changelog za zadnje spremembe. 1.2 Kratka predstavitev PPP-ja in RAS-a PPP ('Point to Point Protocol') je protokol, ki omogoèi IP-linke (Internet Protocol) med dvema raèunalnikoma in modemom. Linux ima ta protokol ¾e v kernelu (èe si ga prevedel v kernel). Za ppp-link je potrebno zagnati daemon, ki se imenuje pppd. S PPP-jem lahko naredi¹ link med dvema gostiteljema, katera razumeta ta protokol. Link med Linux (gostiteljem), ki se obna¹a kod odjemalec in Windows NT/2000 serverjem, ki se obna¹a kot server, se imenuje (Microsoftov izraz) 'Remote Access Service' (RAS) link. 1.3 Linki na podobne informacije * Zelo lep èlanek o enakem problemu. Napisal ga je Pascal Paneels na http://www.linuxsupportline.com/~pep/. * Web stran o IPXu èez PPP na http://www.tartu.customs.ee/linux/index.shtml. 2. Generalno in Patchanje PPPD 2.1 Generalno Za RAS link na Windows NT serverju potrebuje¹ : * Uporabni¹ko ime ozr. login za RAS * Windows NT server z aktivnim RAS-om : Windows NT server uporablja kar nekaj naèinov dokazovanja pristnosti (Only text, MS-CHAP, MD-CHAP, SPAP, PAP), z naslednjimi protokoli : + PAP ('Password Authentication Protocol') in + MS-CHAP, CHAP modifikacija od Microsofta ('Challenge Handshake Authentication Protocol'). * 'Callback posebnost' + Windows NT/2000 Server uporablja "Microsoft Call Back Configuration Protocol' (CBCP) za callback.. + Callback ima dve varijanti: + "User Defined" Callback: uporabnik napi¹e na katero ¹tevilko naj ga server poklièe nazaj. + "Admin-Defined" Callback: NT-administrator doloèi, na katero ¹tevilko naj server poklièe uporabnika Ta dokument opisuje, kako skonfigurira¹ PPP-link z uporabo MS-CHAP-a. Èe uporabi¹ drug protokol, lahko odgovor za to poi¹èe¹ v originalnem PPP/NT Howto (èe sploh ¹e obstaja) ali v PPP Howto. PAP, CHAP in "Clear Text" autorizacije, so izpopolnjene brez modifikacije Microsofta. Za veè informacij o NT/2000 serverju, kontaktiraj tvojega NT/2000 administratorja. 2.2 Kaj potrebuje¹ ? Za delujoè pppd daemon z MS-CHAP in callbackom mora¹ popatchat pppd-daemon (èe ¹e ni seveda). Torej rabi¹ izvorno kodo PPPja. To si lahko snames iz http://cpqlin.van-dijk.net/PPP-NT-HOWTO/download/ppp-2.3.11.tar.gz. Zato ker MS-CHAP uporablja DES enkripcijo rabi¹ ¹e DES knji¾nico. Èe ima¹ name¹èene glibc2 knji¾nice z "libcrypt" (to je naprimer RedHat 5.2 ali novej¹a verzija), ima¹ ¾e to knji¾nico, in je ni potrebno ponovno in¹talirat. Èe te knji¾nice nima¹, jo najde¹ na: * ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-4.01.tar.gz * http://cpqlin.van-dijk.net/PPP-NT-HOWTO/download/libdes-4.04b-1.sr c.rpm * http://cpqlin.van-dijk.net/PPP-NT-HOWTO/download/libdes-4.04b-1.i3 86.rpm Èe ne mara¹ patchanja "na roke" si lahko tukaj sname¹ tar.gz in RPM pakete (brez DES knji¾nice). Vsekakor pa imajo vse novej¹e verzije Linuxa to vse ¾e vkljuèeno v PPP ozr. distribucijo, tako da nam nebo treba patchati prav niè. 2.3 Patcanje PPPDja za MS-CHAP Po in¹talaciji izvorne kode PPPja poi¹èi datoteko README.mschap80 v direktoriju izvorne kode. Ta datoteka opisuje, kaok prevede¹ MS-CHAP v ppp(d). V ppp-2.3 (7,11) je bil ta patch ¾e vkljuèen. Predno prevede¹ PPP si nujno prej in¹taliraj DES knji¾nico!! Ne prevedi ¹e PPPdja, èaka te ¹e malo prevajanja... 2.4 Patchanje PPPDja za callback V korenskem direktoriju ppp-sourca je ¹e en dokument, ki opisuje patch, README.cbcp. Preberi si ga in nato in¹taliraj patch. 3. Konfiguracije 3.1 Sistemska konfiguracija Celoten dokument v nadaljevanju temelji na naslednjo konfiguracijo: Konfiguracija Linux raèunalnika: * Suse 7.2, kernel 2.2.4 * Loadable module support * Modem na cua0 ozr. COM 1, UART16550A (zunanji) * Hitrost modema 14400 bps * Sistemsko ime Linuxa: zeky2 * Popatchan PPP-daemon verzija 2.4.0 * Lokalna IP adresa (Linuxa): 127.0.0.1 * remote IP adresa (Windows NT) 10.1.1.34 * Linux telefonska ¹tevilka 555111 * DNS-Domainname avtotehna * DNS-Nameserver adresa 10.1.1.1 Konfiguracija na NT RAS Serverju * Windows 2000 server * Windows 2000 Backup Domain Controller v 'normalni' Server v domeni * System ime Windows 2000 srv-at * Windows 2000 domensko ime avtotehna * Windows 2000 uporabni¹ko ime zeky * Windows 2000 geslo moje_geslo * Windows 2000 telefonska ¹tevilka 555222 3.2 Delovna konfiguracija Popatchan pppd uspe¹no deluje z naslednjimi konfiguracijami: * Kernel 2.0.36, pppd 2.3.5, Windows NT 4.0 server, Service Pack 3 * Kernel 2.0.36, pppd 2.3.7, Windows NT 4.0 server, Service Pack 4 * Kernel 2.0.36, pppd 2.3.7, Windows NT 4.0 server, Service Pack 5 * Kernel 2.2.14, pppd 2.3.11, Windows NT 4.0 server, Service Pack 6a * Kernel 2.2.4, pppd 2.4.0, Windows 2000 server, Service Pack 2 4. PPP link z MSCHAP 4.1 pppd-Dialscript 4.2 Datoteka /etc/ppp/options 4.3 Datoteka /etc/ppp/chap-secrets 4.4 Protokol PPP/MSCHAP link 5. PPP-Link z MS-CHAP Callbackom 5.1 'PPPD' Dialscript 'pppd'-dialscript, ki je komentiran tule, je primer skripte za klicanje. #!/bin/bash # Poklièimo Windows 2000 Server /usr/sbin/pppd /dev/modem 38400 file "/etc/ppp/options.nt" callback 555111 # Poèakaj na callback od Windows 2000 serverja /usr/sbin/pppd /dev/modem 38400 file "/etc/ppp/options-callback.nt" Datoteka: dial_winnt 5.2 Konfiguracija datoteke /etc/ppp/options.callback Ker so parametri kot /dev/modem, 38400 in datoteèni parametri vpisani v poglavju 4, bo datoteka /etc/ppp/options.callback opisana. Samo novi parametri bodo opisani v detajle. connect '/usr/sbin/chat -v -f /etc/ppp/nt-callback.chat' crtscts bsdcomp 15 lock debug lcp-echo-interval 20 lcp-echo-failure 2 0.0.0.0:0.0.0.0 name "avtotehna\\zeky" remotename "inbelnt" -detach receive-all datoteka: /etc/ppp/options.callback Razlaga parametrov v datoteki /etc/ppp/options.callback: connect '....' Povezava z modemom se ustvari s programom 'chat'. Informacije za 'chat' program so shranjene v datoteki "nt_callback.chat" (To je kar "-f" pomeni). Datoteka "win_nt.chat" je razlo¾ena poleg. Parameter -v pomeni da vse loge shranjuje preko syslogd v datoteko /var/log/messages. crtscts Uporabi hardware korekcijo bsdcomp 15 : Uporabi bsd-style kompresijo lock : Prepreèi da bi modem uporabljal ¹e kak¹en drug program debug : Aktiviraj debug naèin. Vsa sporoèila se shranjujejo v /var/log/messages lcp-echo-interval 20 : poglej 'man pppd' lcp-echo-failure 2 : poglej 'man pppd' 0.0.0.0:0.0.0.0 Definicije oddaljene in lokalnega ip naslova <local_ip_addr>:<remote_ip_addr> name "avtotehna\\zeky" : Tvoje NT/2000 uporabni¹ko ime, mora biti enako kot v "chap secrets". Najbolj¹a pot je da uporabi¹ "domena\\uporabnik" formo. remotename "srv-at" : Ime NT/2000 serverja. PPPD ga uporablja za chap secrets datoteko. -detach : Izloèitev iz kontrolnega terminala. PPPD bo poslal proces v ozadju. receive-all : To je za "¾u¾kaste" OS-je, kot so M$, ki "asyncmap" ne obvladajo najbolje. Razlaga parametrov v datoteki /etc/ppp/win_nt.chat: TIMEOUT 120 : Prekini povezavo po 60 sekund, èe ni odziva ABORT "NO CARRIER" : Opusti, èe modem javi "no carrier" ABORT "BUSY" : Opusti, èe modem javi zasedeno linijo ABORT "NO DIALTONE" : Opusti, èe ni zvoka centrale ABORT "ERROR" : Opusti, ko modem javi napako "" +++ATZ : Inicijalizacija modema OK ATE1Q0&C1&S0 Inicijalizacija modema RING ATA Poèakaj na klic CONNECT "" Poèakaj dokler modem ne sporoèi povezave 5.3 Datoteka /etc/resolv.conf domain avtotehna nameserver 10.1.1.1 Èe tega ni vpisano v to datoteko dobimo error z opisom: "No route to host". 5.4 Protokol PPP/MSCHAP Link z 'User Defined Callback' funkcijo Tvoj log bi moral izgledati nekako takole: Aug 24 19:51:16 zeky2 pppd[206]: pppd 2.4.0 started by root, uid 0 Aug 24 19:51:16 zeky2 pppd[206]: Perms of /dev/modem are ok, no 'mesgn' neccesa ry. Aug 24 19:51:17 zeky2 chat[208]: timeout set to 60 seconds Aug 24 19:51:17 zeky2 chat[208]: abort on (BUSY) Aug 24 19:51:17 zeky2 chat[208]: abort on (NO DIALTONE) Aug 24 19:51:17 zeky2 chat[208]: abort on (ERROR) Aug 24 19:51:17 zeky2 chat[208]: send (+++ATX3^M) Aug 24 19:51:17 zeky2 chat[208]: expect (OK) Aug 24 19:51:17 zeky2 chat[208]: +++ATX3^M^M Aug 24 19:51:17 zeky2 chat[208]: OK Aug 24 19:51:17 zeky2 chat[208]: -- got it Aug 24 19:51:17 zeky2 chat[208]: send (ATDT555222^M) Aug 24 19:51:18 zeky2 chat[208]: expect (CONNECT) Aug 24 19:51:18 zeky2 chat[208]: ^M Aug 24 19:51:41 zeky2 chat[208]: ATDT555222^M^M Aug 24 19:51:41 zeky2 chat[208]: CONNECT Aug 24 19:51:41 zeky2 chat[208]: -- got it Aug 24 19:51:41 zeky2 chat[208]: send (^M) Aug 24 19:51:41 zeky2 pppd[206]: Serial connection established. Aug 24 19:51:41 zeky2 pppd[206]: using channel 1 Aug 24 19:51:41 zeky2 pppd[206]: Using interface ppp0 Aug 24 19:51:41 zeky2 pppd[206]: Connect: ppp0 <--> /dev/modem Aug 24 19:51:42 zeky2 pppd[206]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <magic 0x35fbfe6> <pcomp> <accomp>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfReq id=0x0 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <mrru 1614> <endpoin t[local:3e.3f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]> <17 04 00 d0>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP ConfRej id=0x0 <mrru 1614>< 17 04 00 d0>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfAck id=0x1 <asyncmap0x0> <magic 0x35fbfe6> <pcomp> <accomp>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfReq id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <endpoint[local:3e.3 f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP ConfAck id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <endpoint[local:3e.3 f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP EchoReq id=0x0magic=0x35fbfe6] Aug 24 19:51:43 zeky2 pppd[206]: cbcp_lowerup Aug 24 19:51:43 zeky2 pppd[206]: want: 12 Aug 24 19:51:43 zeky2 pppd[206]: phone no: 05072399 Aug 24 19:51:44 zeky2 pppd[206]: rcvd [CHAP Challenge id=0x0<fe1cd4d739c4369e7a 8dc27783e03c71>, name = "SRV-AT"] Aug 24 19:51:44 zeky2 pppd[206]: sent [CHAP Response id=0x0<e13187c756b3695f0bf 81759c480c9ba00000000000000002f2cffea4e6f9ad8a59add96057f8d15890d7d72a9ba3c5200 >, name = "avtotehna\\zeky"] Aug 24 19:51:44 zeky2 pppd[206]: rcvd [LCP EchoRep id=0x0magic=0x6fe718e0] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CHAP Success id=0x0"S=C1C8363139441604DE F8165034EDE105CA171705"] Aug 24 19:51:46 zeky2 pppd[206]: Remote message:S=C1C8363139441604DEF8165034EDE 105CA171705 Aug 24 19:51:46 zeky2 pppd[206]: cbcp_open Aug 24 19:51:46 zeky2 pppd[206]: cbcp_req CONF_USER Aug 24 19:51:46 zeky2 pppd[206]: sent [CBCP Request id=0x1 <UserDefined delay = 5 number = 555111>] 30 35 30 37 32 33 39 Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CBCP Request id=0x1 <AdminDefined delay = 0>] Aug 24 19:51:46 zeky2 pppd[206]: length: 3 Aug 24 19:51:46 zeky2 pppd[206]: Callback: user admin defined Aug 24 19:51:46 zeky2 pppd[206]: cbcp_resp cb_type=8 Aug 24 19:51:46 zeky2 pppd[206]: cbcp_resp CONF_ADMIN Aug 24 19:51:46 zeky2 pppd[206]: sent [CBCP Response id=0x1 <AdminDefined delay = 5>] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CBCP Ack id=0x1 < AdminDefineddelay = 5> ] Aug 24 19:51:46 zeky2 pppd[206]: cbcp_lowerdown Aug 24 19:51:46 zeky2 pppd[206]: sent [LCP TermReq id=0x2 "Call meback, please" ] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [LCP TermAck id=0x2 "Call meback, please" ] Aug 24 19:51:46 zeky2 pppd[206]: Connection terminated. Aug 24 19:51:46 zeky2 pppd[206]: Couldn't release PPP unit:Inappropriate ioctl for device Aug 24 19:51:47 zeky2 pppd[206]: Exit. Aug 24 19:51:47 zeky2 pppd[335]: pppd 2.4.0 started by root, uid 0 Aug 24 19:51:47 zeky2 pppd[335]: Perms of /dev/modem are ok, no 'mesgn' neccesa ry. Aug 24 19:51:48 zeky2 chat[336]: timeout set to 120 seconds Aug 24 19:51:48 zeky2 chat[336]: abort on (BUSY) Aug 24 19:51:48 zeky2 chat[336]: send (+++ATZ^M) Aug 24 19:51:49 zeky2 chat[336]: expect (RING) Aug 24 19:51:49 zeky2 chat[336]: ^M Aug 24 19:51:49 zeky2 chat[336]: NO CARRIER^M Aug 24 19:51:59 zeky2 chat[336]: ^M Aug 24 19:51:59 zeky2 chat[336]: RING Aug 24 19:51:59 zeky2 chat[336]: -- got it Aug 24 19:51:59 zeky2 chat[336]: send (ATA^M) Aug 24 19:51:59 zeky2 chat[336]: expect (CONNECT) Aug 24 19:51:59 zeky2 chat[336]: ^M Aug 24 19:52:14 zeky2 chat[336]: ATA^M^M Aug 24 19:52:14 zeky2 chat[336]: CONNECT Aug 24 19:52:14 zeky2 chat[336]: -- got it Aug 24 19:52:14 zeky2 chat[336]: send (^M) Aug 24 19:52:14 zeky2 pppd[335]: Serial connection established. Aug 24 19:52:14 zeky2 pppd[335]: using channel 2 Aug 24 19:52:14 zeky2 pppd[335]: Using interface ppp0 Aug 24 19:52:14 zeky2 pppd[335]: Connect: ppp0 <--> /dev/modem Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <magic 0x37aca770> <pcomp> <accomp>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfReq id=0x0 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <mrru 1614><endpoint[local:3e.3f.3a .47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]> <17 04 00 d1>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfRej id=0x0 <mrru 1614>< 17 04 00 d1>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfAck id=0x1 <asyncmap0x0> <magic 0x37aca770> <pcomp> <accomp>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfReq id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <endpoint[local:3e.3f.3a.47.a1.75.4 d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfAck id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <endpoint[local:3e.3f.3a.47.a1.75.4 d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP EchoReq id=0x0magic=0x37aca770] Aug 24 19:52:14 zeky2 pppd[335]: cbcp_lowerup Aug 24 19:52:14 zeky2 pppd[335]: want: 2 Aug 24 19:52:14 zeky2 pppd[335]: rcvd [CHAP Challenge id=0x0<394a1f5a99e21fb634 a906f6e4d25607>, name = "SRV-AT"] Aug 24 19:52:14 zeky2 pppd[335]: sent [CHAP Response id=0x0<32f97cf80c4e18c7ecc 26c9c0ac555fa00000000000000007da2d64b33e183d7f39d3a509b46215fc22474147616fcf200 >, name = "avtotehna\\zeky"] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP EchoRep id=0x0magic=0x78275538] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CHAP Success id=0x0"S=3D222E5BCF9E7F24BA F7BF4238E337DF54B4F64B"] Aug 24 19:52:15 zeky2 pppd[335]: Remote message:S=3D222E5BCF9E7F24BAF7BF4238E33 7DF54B4F64B Aug 24 19:52:15 zeky2 pppd[335]: sent [IPCP ConfReq id=0x1 <addr0.0.0.0> <compr ess VJ 0f 01>] Aug 24 19:52:15 zeky2 kernel: PPP BSD Compression module registered Aug 24 19:52:15 zeky2 kernel: PPP Deflate Compression module registered Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfReq id=0x1 <deflate 15><deflate( old#) 15> <bsd v1 15>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfReq id=0x3 <mppe 0 0 01>] Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfRej id=0x3 <mppe 0 0 00>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [IPCP ConfReq id=0x4 <compressVJ 0f 01> < addr 10.1.1.34>] Aug 24 19:52:15 zeky2 pppd[335]: sent [IPCP ConfAck id=0x4 <compressVJ 0f 01> < addr 10.1.1.34>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfRej id=0x1 <deflate 15><deflate( old#) 15> <bsd v1 15>] Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfReq id=0x2] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfAck id=0x2] Aug 24 19:52:17 zeky2 pppd[335]: rcvd [CCP ConfReq id=0x5 <mppe 0 0 01>] Aug 24 19:52:17 zeky2 pppd[335]: sent [CCP ConfRej id=0x5 <mppe 0 0 00>] Aug 24 19:52:18 zeky2 pppd[335]: sent [IPCP ConfReq id=0x1 <addr0.0.0.0> <compr ess VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: rcvd [IPCP ConfNak id=0x1 <addr10.1.1.35>] Aug 24 19:52:18 zeky2 pppd[335]: sent [IPCP ConfReq id=0x2 <addr10.1.1.35> <com press VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: rcvd [IPCP ConfAck id=0x2 <addr10.1.1.35> <com press VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: local IP address 10.1.1.35 Aug 24 19:52:18 zeky2 pppd[335]: remote IP address 10.1.1.34 Aug 24 19:52:18 zeky2 pppd[335]: Script /etc/ppp/ip-up started (pid366) Del datoteke /var/log/messages 5.5 Protokol PPP/MSCHAP Link z 'Admin Defined Callback' funkcijo Tvoj log mora izgledati nekako takole : Aug 24 19:51:16 zeky2 pppd[206]: pppd 2.4.0 started by root, uid 0 Aug 24 19:51:16 zeky2 pppd[206]: Perms of /dev/modem are ok, no 'mesgn' neccesa ry. Aug 24 19:51:17 zeky2 chat[208]: timeout set to 60 seconds Aug 24 19:51:17 zeky2 chat[208]: abort on (BUSY) Aug 24 19:51:17 zeky2 chat[208]: abort on (NO DIALTONE) Aug 24 19:51:17 zeky2 chat[208]: abort on (ERROR) Aug 24 19:51:17 zeky2 chat[208]: send (+++ATX3^M) Aug 24 19:51:17 zeky2 chat[208]: expect (OK) Aug 24 19:51:17 zeky2 chat[208]: +++ATX3^M^M Aug 24 19:51:17 zeky2 chat[208]: OK Aug 24 19:51:17 zeky2 chat[208]: -- got it Aug 24 19:51:17 zeky2 chat[208]: send (ATDT555222^M) Aug 24 19:51:18 zeky2 chat[208]: expect (CONNECT) Aug 24 19:51:18 zeky2 chat[208]: ^M Aug 24 19:51:41 zeky2 chat[208]: ATDT555222^M^M Aug 24 19:51:41 zeky2 chat[208]: CONNECT Aug 24 19:51:41 zeky2 chat[208]: -- got it Aug 24 19:51:41 zeky2 chat[208]: send (^M) Aug 24 19:51:41 zeky2 pppd[206]: Serial connection established. Aug 24 19:51:41 zeky2 pppd[206]: using channel 1 Aug 24 19:51:41 zeky2 pppd[206]: Using interface ppp0 Aug 24 19:51:41 zeky2 pppd[206]: Connect: ppp0 <--> /dev/modem Aug 24 19:51:42 zeky2 pppd[206]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <magic 0x35fbfe6> <pcomp> <accomp>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfReq id=0x0 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <mrru 1614> <endpoin t[local:3e.3f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]> <17 04 00 d0>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP ConfRej id=0x0 <mrru 1614>< 17 04 00 d0>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfAck id=0x1 <asyncmap0x0> <magic 0x35fbfe6> <pcomp> <accomp>] Aug 24 19:51:43 zeky2 pppd[206]: rcvd [LCP ConfReq id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <endpoint[local:3e.3 f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP ConfAck id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x6fe718e0> <pcomp> <accomp> <callbackCBCP> <endpoint[local:3e.3 f.3a.47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:51:43 zeky2 pppd[206]: sent [LCP EchoReq id=0x0magic=0x35fbfe6] Aug 24 19:51:43 zeky2 pppd[206]: cbcp_lowerup Aug 24 19:51:43 zeky2 pppd[206]: want: 12 Aug 24 19:51:43 zeky2 pppd[206]: phone no: 05072399 Aug 24 19:51:44 zeky2 pppd[206]: rcvd [CHAP Challenge id=0x0<fe1cd4d739c4369e7a 8dc27783e03c71>, name = "SRV-AT"] Aug 24 19:51:44 zeky2 pppd[206]: sent [CHAP Response id=0x0<e13187c756b3695f0bf 81759c480c9ba00000000000000002f2cffea4e6f9ad8a59add96057f8d15890d7d72a9ba3c5200 >, name = "avtotehna\\zeky"] Aug 24 19:51:44 zeky2 pppd[206]: rcvd [LCP EchoRep id=0x0magic=0x6fe718e0] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CHAP Success id=0x0"S=C1C8363139441604DE F8165034EDE105CA171705"] Aug 24 19:51:46 zeky2 pppd[206]: Remote message:S=C1C8363139441604DEF8165034EDE 105CA171705 Aug 24 19:51:46 zeky2 pppd[206]: cbcp_open Aug 24 19:51:46 zeky2 pppd[206]: cbcp_req CONF_USER Aug 24 19:51:46 zeky2 pppd[206]: sent [CBCP Request id=0x1 <UserDefined delay = 5 number = 0507239>] 30 35 30 37 32 33 39 Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CBCP Request id=0x1 <AdminDefined delay = 0>] Aug 24 19:51:46 zeky2 pppd[206]: length: 3 Aug 24 19:51:46 zeky2 pppd[206]: Callback: user admin defined Aug 24 19:51:46 zeky2 pppd[206]: cbcp_resp cb_type=8 Aug 24 19:51:46 zeky2 pppd[206]: cbcp_resp CONF_ADMIN Aug 24 19:51:46 zeky2 pppd[206]: sent [CBCP Response id=0x1 <AdminDefined delay = 5>] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [CBCP Ack id=0x1 < AdminDefineddelay = 5> ] Aug 24 19:51:46 zeky2 pppd[206]: cbcp_lowerdown Aug 24 19:51:46 zeky2 pppd[206]: sent [LCP TermReq id=0x2 "Call meback, please" ] Aug 24 19:51:46 zeky2 pppd[206]: rcvd [LCP TermAck id=0x2 "Call meback, please" ] Aug 24 19:51:46 zeky2 pppd[206]: Connection terminated. Aug 24 19:51:46 zeky2 pppd[206]: Couldn't release PPP unit:Inappropriate ioctl for device Aug 24 19:51:47 zeky2 pppd[206]: Exit. Aug 24 19:51:47 zeky2 pppd[335]: pppd 2.4.0 started by root, uid 0 Aug 24 19:51:47 zeky2 pppd[335]: Perms of /dev/modem are ok, no 'mesgn' neccesa ry. Aug 24 19:51:48 zeky2 chat[336]: timeout set to 120 seconds Aug 24 19:51:48 zeky2 chat[336]: abort on (BUSY) Aug 24 19:51:48 zeky2 chat[336]: send (+++ATZ^M) Aug 24 19:51:49 zeky2 chat[336]: expect (RING) Aug 24 19:51:49 zeky2 chat[336]: ^M Aug 24 19:51:49 zeky2 chat[336]: NO CARRIER^M Aug 24 19:51:59 zeky2 chat[336]: ^M Aug 24 19:51:59 zeky2 chat[336]: RING Aug 24 19:51:59 zeky2 chat[336]: -- got it Aug 24 19:51:59 zeky2 chat[336]: send (ATA^M) Aug 24 19:51:59 zeky2 chat[336]: expect (CONNECT) Aug 24 19:51:59 zeky2 chat[336]: ^M Aug 24 19:52:14 zeky2 chat[336]: ATA^M^M Aug 24 19:52:14 zeky2 chat[336]: CONNECT Aug 24 19:52:14 zeky2 chat[336]: -- got it Aug 24 19:52:14 zeky2 chat[336]: send (^M) Aug 24 19:52:14 zeky2 pppd[335]: Serial connection established. Aug 24 19:52:14 zeky2 pppd[335]: using channel 2 Aug 24 19:52:14 zeky2 pppd[335]: Using interface ppp0 Aug 24 19:52:14 zeky2 pppd[335]: Connect: ppp0 <--> /dev/modem Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfReq id=0x1 <asyncmap0x0> <magic 0x37aca770> <pcomp> <accomp>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfReq id=0x0 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <mrru 1614><endpoint[local:3e.3f.3a .47.a1.75.4d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]> <17 04 00 d1>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfRej id=0x0 <mrru 1614>< 17 04 00 d1>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfAck id=0x1 <asyncmap0x0> <magic 0x37aca770> <pcomp> <accomp>] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP ConfReq id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <endpoint[local:3e.3f.3a.47.a1.75.4 d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP ConfAck id=0x1 <asyncmap0x0> <auth c hap 81> <magic 0x78275538> <pcomp> <accomp> <endpoint[local:3e.3f.3a.47.a1.75.4 d.ba.8b.70.e0.7b.c0.20.dc.44.00.00.00.00]>] Aug 24 19:52:14 zeky2 pppd[335]: sent [LCP EchoReq id=0x0magic=0x37aca770] Aug 24 19:52:14 zeky2 pppd[335]: cbcp_lowerup Aug 24 19:52:14 zeky2 pppd[335]: want: 2 Aug 24 19:52:14 zeky2 pppd[335]: rcvd [CHAP Challenge id=0x0<394a1f5a99e21fb634 a906f6e4d25607>, name = "SRV-AT"] Aug 24 19:52:14 zeky2 pppd[335]: sent [CHAP Response id=0x0<32f97cf80c4e18c7ecc 26c9c0ac555fa00000000000000007da2d64b33e183d7f39d3a509b46215fc22474147616fcf200 >, name = "avtotehna\\zeky"] Aug 24 19:52:14 zeky2 pppd[335]: rcvd [LCP EchoRep id=0x0magic=0x78275538] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CHAP Success id=0x0"S=3D222E5BCF9E7F24BA F7BF4238E337DF54B4F64B"] Aug 24 19:52:15 zeky2 pppd[335]: Remote message:S=3D222E5BCF9E7F24BAF7BF4238E33 7DF54B4F64B Aug 24 19:52:15 zeky2 pppd[335]: sent [IPCP ConfReq id=0x1 <addr0.0.0.0> <compr ess VJ 0f 01>] Aug 24 19:52:15 zeky2 kernel: PPP BSD Compression module registered Aug 24 19:52:15 zeky2 kernel: PPP Deflate Compression module registered Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfReq id=0x1 <deflate 15><deflate( old#) 15> <bsd v1 15>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfReq id=0x3 <mppe 0 0 01>] Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfRej id=0x3 <mppe 0 0 00>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [IPCP ConfReq id=0x4 <compressVJ 0f 01> < addr 10.1.1.34>] Aug 24 19:52:15 zeky2 pppd[335]: sent [IPCP ConfAck id=0x4 <compressVJ 0f 01> < addr 10.1.1.34>] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfRej id=0x1 <deflate 15><deflate( old#) 15> <bsd v1 15>] Aug 24 19:52:15 zeky2 pppd[335]: sent [CCP ConfReq id=0x2] Aug 24 19:52:15 zeky2 pppd[335]: rcvd [CCP ConfAck id=0x2] Aug 24 19:52:17 zeky2 pppd[335]: rcvd [CCP ConfReq id=0x5 <mppe 0 0 01>] Aug 24 19:52:17 zeky2 pppd[335]: sent [CCP ConfRej id=0x5 <mppe 0 0 00>] Aug 24 19:52:18 zeky2 pppd[335]: sent [IPCP ConfReq id=0x1 <addr0.0.0.0> <compr ess VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: rcvd [IPCP ConfNak id=0x1 <addr10.1.1.35>] Aug 24 19:52:18 zeky2 pppd[335]: sent [IPCP ConfReq id=0x2 <addr10.1.1.35> <com press VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: rcvd [IPCP ConfAck id=0x2 <addr10.1.1.35> <com press VJ 0f 01>] Aug 24 19:52:18 zeky2 pppd[335]: local IP address 10.1.1.35 Aug 24 19:52:18 zeky2 pppd[335]: remote IP address 10.1.1.34 Aug 24 19:52:18 zeky2 pppd[335]: Script /etc/ppp/ip-up started (pid366) Del datoteke /var/log/messages 6. Dodatek 6.1 Kako spremeniti syslog.conf datoteko za pppd razhro¹èevanje Za logiranje v datoteko /var/log/messages mora¹ nastavit naslednje stvari: * Dodaj 'debug' parameter v pppd options datoteko * Dodaj to vrstico v /etc/syslog.conf deamon.* /var/log/messages Restartaj syslogd z kill -SIGHUP 'pid syslogd'. 6.2 Literatura 1. Bodo Bauer; Magic Connection; Mit dem Point to Point Protocol ins Internet; iX 1/96, S.154 2. S. Hetze u. a.; LinuX Anwenderhandbuch und Leitfaden fuer die Systemverwaltung, 5. erweiterte und aktualisierte Auflage, S. 329 LunetIX Softfair ISBN 3-929764-04-0 3. Olaf Kirch; Linux Wegweiser fuer Netzwerker; 1996, deutsche Ausgabe; O'Reilly ISBN 3-930673-18-5 4. Terry Dawson; Linux NET-2 HOWTO; 16 January 1996; http://www.suse.de/doku/howto/NET-2-HOWTO.html 5. Robert Hart; Linux PPP HOWTO; 25 August 1996. http://www.suse.de/doku/howto/PPP-HOWTO.html 6. Siegfried Schoen Linux/PPP HOWTO; http://www.suse.de/doku/ppp_nt/PPP-NT-HOWTO.html 6.3 Naèrti Konfiguracija in testiranje za ipppd (ISDN stil ppp) 7. FAQ Ali mi lahko pomaga¹ z analiziranjem mojih log datotek? Probal ti bom pomagati, ampak nisem strokovnjak na tem podroèju. Ali mi lahko pove¹ katera je moja NT domena? Na ¾alost ne. To mora¹ vpra¹at svojega sistemskega administratorja. NT Server, ki ga klièem ni v NT domeni. Kaj zdaj? Za NT domeno uporabi ime raèunalnika serverja. Ali pa ne uporabi 'domain\\user' sintakse ampak uporabi 'user' sintakso. To lahko naredi¹ zato, ker tvoj server tudi naredi overovljenje. Zato lahko v NT domeni uporabis 'user' sintakso èe klièe¹ v PDC ali BDC. PPP sem prevedel kot modul in sedaj dobivam sporoèila v obliki errorja "can't locate module ppp-compress-24" Dodati mora¹ naslednje vrstice v datoteko /etc/conf.modules ali pa /etc/modules.conf: alias ppp-compress-21 bsd_comp alias ppp-compress-24 ppp_deflate alias ppp-compress-26 ppp_deflate Siguren sem, da je moje geslo pravilno, ampak vedno dobim "CHAP failure E=691 R=1". Èe je tvoje geslo dalj¹e od 14 znakov, ga presekaj na 14 znakov najveè. NTji imajo limito gesla pri 14 znakih. An¾e Vidmar, zeky@avtotehna.si