RE: (PM) Odd PPP negotiation behaviour

James Courtier-Dutton (dutton@livingston-ent.co.uk)
Sat, 17 Apr 1999 10:33:42 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: MegaZone: "(PM) set assigned command on PM3 (fwd)"
Previous message: Thomas C Kinnen: "Re: (PM) radius source"

Hello Chris
I think your Gandalf is a bit brain dead here.
It keeps sending LCP requests with the wrong ID.
It looks to me that the Gandalf is resending LCP requests because it does
not hear the replies in time. If it does this, it should use the same ID as
the previous one. It should only change the ID if it receives a reply to the
request. This is what causes the PM3 to see one of the LCP requests as ">
**** S45: LCP Re-opening"
Once it finally does get LCP open and the Gandalf sends a PAP request, it
replies with a PAP Ack. The problem lies in the CHAP challenge the Gandalf
sends the PM3. You need to stop the CHAP challenge. I think the Gandalf is
trying 2 way Auth
You should upgrade the Gandalf to one which follows the RFC PPP spec
correctly.
Cheers
James

> -----Original Message-----
> From: owner-portmaster-users@livingston.com
> [mailto:owner-portmaster-users@livingston.com]On Behalf Of Chris Trown
> Sent: Saturday, April 17, 1999 01:54
> To: portmaster-users@livingston.com
> Subject: (PM) Odd PPP negotiation behavior
>
>
>
>
>
> I'm trying to get a PM3(2T, PRI, 3.8.2) to happily coexist
> with a Gandalf
> 5232. Naturally, with this combination, it's not working.
>
> While processing the PPP debug output through DRING, I
> noticed something
> odd. At least to me. First, here's the output of the Gandalf
> connecting to
> the PM3:
>
>
>
> Dring: Decoder Ring for Livingston Product PPP traces
> -----------------------------------------------------
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 33 bytes containing:
> 01 30 00 25 01 04 05 F4 03 04 C0 23 05 06 48 5D BD 8B 07
> 02 0B 04 12 01 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
>
> Packet Info: Code: 01, ID: 30, 37 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Numbered-Mode [0x0B], length: (4 bytes), [0x1201]
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Sending LCP_CONFIGURE_REQUEST to port S45 of 29 bytes containing:
> 01 03 00 1D 05 06 A3 A7 AF 67 03 04 C0 23 11 04 06 1C 12
> 02 13 09 03 80 24 76 50 25 7D
> Packet Info: Code: 01, ID: 03, 29 bytes.
> Magic-Number [0x05], length: (6 bytes), [0xA3A7AF67]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Multilink-MRRU [0x11], length: (4 bytes), [0x061C]
> Max-Receive-Reconstructed-Unit (MRRU): 1564 bytes.
> Multilink-Short-Sequence-Number-Header [0x12], length: (2 bytes)
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x0380247650257D]
> Class [0x03]: IEEE 802.1 MAC Address 80 24 76 50 25 7D
>
> Sending LCP_CONFIGURE_REJECT to port S45 of 8 bytes containing:
> 04 30 00 08 0B 04 12 01
> Packet Info: Code: 04, ID: 30, 8 bytes.
> Numbered-Mode [0x0B], length: (4 bytes), [0x1201]
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 33 bytes containing:
> 01 31 00 25 01 04 05 F4 03 04 C0 23 05 06 48 5D BD 8B 07
> 02 0B 04 12 01 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
>
> Packet Info: Code: 01, ID: 31, 37 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Numbered-Mode [0x0B], length: (4 bytes), [0x1201]
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Sending LCP_CONFIGURE_REJECT to port S45 of 8 bytes containing:
> 04 31 00 08 0B 04 12 01
> Packet Info: Code: 04, ID: 31, 8 bytes.
> Numbered-Mode [0x0B], length: (4 bytes), [0x1201]
>
> Received LCP_CONFIGURE_REJECT on port S45 of 2 bytes containing:
> 04 03 00 06 12 02
> Packet Info: Code: 04, ID: 03, 6 bytes.
> Multilink-Short-Sequence-Number-Header [0x12], length: (2 bytes)
>
> Sending LCP_CONFIGURE_REQUEST to port S45 of 27 bytes containing:
> 01 04 00 1B 05 06 A3 A7 AF 67 03 04 C0 23 11 04 06 1C 13
> 09 03 80 24 76 50 25 7D
> Packet Info: Code: 01, ID: 04, 27 bytes.
> Magic-Number [0x05], length: (6 bytes), [0xA3A7AF67]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Multilink-MRRU [0x11], length: (4 bytes), [0x061C]
> Max-Receive-Reconstructed-Unit (MRRU): 1564 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x0380247650257D]
> Class [0x03]: IEEE 802.1 MAC Address 80 24 76 50 25 7D
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 29 bytes containing:
> 01 32 00 21 01 04 05 F4 03 04 C0 23 05 06 48 5D BD 8B 07
> 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 01, ID: 32, 33 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Sending LCP_CONFIGURE_NAK to port S45 of 9 bytes containing:
> 03 32 00 09 03 05 C2 23 05
> Packet Info: Code: 03, ID: 32, 9 bytes.
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 29 bytes containing:
> 01 33 00 21 01 04 05 F4 03 04 C0 23 05 06 48 5D BD 8B 07
> 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 01, ID: 33, 33 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Sending LCP_CONFIGURE_NAK to port S45 of 9 bytes containing:
> 03 33 00 09 03 05 C2 23 05
> Packet Info: Code: 03, ID: 33, 9 bytes.
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
>
> Received LCP_CONFIGURE_ACK on port S45 of 23 bytes containing:
> 02 04 00 1B 05 06 A3 A7 AF 67 03 04 C0 23 11 04 06 1C 13
> 09 03 80 24 76 50 25 7D
> Packet Info: Code: 02, ID: 04, 27 bytes.
> Magic-Number [0x05], length: (6 bytes), [0xA3A7AF67]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Multilink-MRRU [0x11], length: (4 bytes), [0x061C]
> Max-Receive-Reconstructed-Unit (MRRU): 1564 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x0380247650257D]
> Class [0x03]: IEEE 802.1 MAC Address 80 24 76 50 25 7D
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 30 bytes containing:
> 01 34 00 22 01 04 05 F4 03 05 C2 23 05 05 06 48 5D BD 8B
> 07 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 01, ID: 34, 34 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Sending LCP_CONFIGURE_ACK to port S45 of 34 bytes containing:
> 02 34 00 22 01 04 05 F4 03 05 C2 23 05 05 06 48 5D BD 8B
> 07 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 02, ID: 34, 34 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
> **** S45: LCP Open
>
> Received LCP_CONFIGURE_REQUEST on port S45 of 30 bytes containing:
> 01 35 00 22 01 04 05 F4 03 05 C2 23 05 05 06 48 5D BD 8B
> 07 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 01, ID: 35, 34 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
> **** S45: LCP Re-opening
>
> Sending LCP_CONFIGURE_REQUEST to port S45 of 27 bytes containing:
> 01 05 00 1B 05 06 A3 A7 AF 67 03 04 C0 23 11 04 06 1C 13
> 09 03 80 24 76 50 25 7D
> Packet Info: Code: 01, ID: 05, 27 bytes.
> Magic-Number [0x05], length: (6 bytes), [0xA3A7AF67]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Multilink-MRRU [0x11], length: (4 bytes), [0x061C]
> Max-Receive-Reconstructed-Unit (MRRU): 1564 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x0380247650257D]
> Class [0x03]: IEEE 802.1 MAC Address 80 24 76 50 25 7D
>
> Sending LCP_CONFIGURE_ACK to port S45 of 34 bytes containing:
> 02 35 00 22 01 04 05 F4 03 05 C2 23 05 05 06 48 5D BD 8B
> 07 02 11 04 05 F4 13 09 03 00 00 F3 20 A1 AD
> Packet Info: Code: 02, ID: 35, 34 bytes.
> Maximum-Receive-Unit [0x01], length: (4 bytes) 1524 bytes [0x05F4]
> Authentication-Protocol [0x03], length: (5 bytes),
> Challenge Handshake Authentication Protocol [0xC22305]
> Magic-Number [0x05], length: (6 bytes), [0x485DBD8B]
> Protocol-Field-Compression [0x07], length: (2 bytes)
> Multilink-MRRU [0x11], length: (4 bytes), [0x05F4]
> Max-Receive-Reconstructed-Unit (MRRU): 1524 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x030000F320A1AD]
> Class [0x03]: IEEE 802.1 MAC Address 00 00 F3 20 A1 AD
>
> Received LCP_CONFIGURE_ACK on port S45 of 23 bytes containing:
> 02 05 00 1B 05 06 A3 A7 AF 67 03 04 C0 23 11 04 06 1C 13
> 09 03 80 24 76 50 25 7D
> Packet Info: Code: 02, ID: 05, 27 bytes.
> Magic-Number [0x05], length: (6 bytes), [0xA3A7AF67]
> Authentication-Protocol [0x03], length: (4 bytes), Password
> Authentication Protocol [0xC023]
> Multilink-MRRU [0x11], length: (4 bytes), [0x061C]
> Max-Receive-Reconstructed-Unit (MRRU): 1564 bytes.
> Multilink-Endpoint-Discriminator [0x13], length: (9 bytes),
> [0x0380247650257D]
> Class [0x03]: IEEE 802.1 MAC Address 80 24 76 50 25 7D
> **** S45: LCP Open
>
> Received PAP_AUTH_REQ on port S45 of 24 bytes containing:
> 01 01 00 18 0B 63 74 72 6F 77 6E 2D 69 73 64 6E 07 68 6A
> 78 66 67 6E 6A
> Packet Info: Code: 01, ID: 01, 24 bytes.
> Login ID: ctrown-isdn (11 bytes), [0x6374726F776E2D6973646E]
> Password: XX (Y bytes), [0xZZZZZZZZZZ]
>
> Received CHAP_CONF_CHALLENGE on port S45 of 20 bytes containing:
> 01 02 00 14 04 C3 62 FD 09 63 74 72 6F 77 6E 2D 69 73 64
> 6E
> Packet Info: Code: 01, ID: 02, 20 bytes.
> ValSize[0x04]: (4 bytes), Value: [0xC362FD09]
> Name: ctrown-isdn [0x6374726F776E2D6973646E]
>
> S45: Couldn't find CHAP user ctrown-i
>
> Sending PAP_AUTH_ACK to port S45 of 20 bytes containing:
> 02 01 00 14 0F 4C 6F 67 69 6E 20 53 75 63 63 65 65 64 65
> 64
> Packet Info: Code: 02, ID: 01, 20 bytes.
> Message: Login Succeeded (15 bytes),
> [0x4C6F67696E20537563636565646564]
>
> Sending IPCP_CONFIGURE_REQUEST to port S45 of 16 bytes containing:
> 01 01 00 10 02 06 00 2D 0F 00 03 06 84 F1 3C F2
> Packet Info: Code: 01, ID: 01, 16 bytes.
> IP-Compression-Protocol [0x02], length: (6 bytes), Van
> Jacobson Compressed TCP/IP [0x002D0F00]
> IP-Address [0x03], length: (6 bytes), [132.241.60.242]
>
>
>
> Sending IPCP_CONFIGURE_REQUEST to port S45 of 16 bytes containing:
> 01 02 00 10 02 06 00 2D 0F 00 03 06 84 F1 3C F2
> Packet Info: Code: 01, ID: 02, 16 bytes.
> IP-Compression-Protocol [0x02], length: (6 bytes), Van
> Jacobson Compressed TCP/IP [0x002D0F00]
> IP-Address [0x03], length: (6 bytes), [132.241.60.242]
>
>
>
> Sending IPCP_CONFIGURE_REQUEST to port S45 of 16 bytes containing:
> 01 03 00 10 02 06 00 2D 0F 00 03 06 84 F1 3C F2
> Packet Info: Code: 01, ID: 03, 16 bytes.
> IP-Compression-Protocol [0x02], length: (6 bytes), Van
> Jacobson Compressed TCP/IP [0x002D0F00]
> IP-Address [0x03], length: (6 bytes), [132.241.60.242]
>
>
>
> Received LCP_TERMINATE_REQUEST on port S45 of 0 bytes containing:
> 05 36 00 04
> Packet Info: Code: 05, ID: 36, 4 bytes.
>
> Sending LCP_TERMINATE_ACK to port S45 of 4 bytes containing:
> 06 06 00 04
> Packet Info: Code: 06, ID: 06, 4 bytes.
>
>
> Look at the LCP_CONFIGURE_REQUEST with ID 32. The Gandalf is clearly
> asking for PAP authentication. Next, the PM3 sends a
> LCP_CONFIGURE_NAK to
> using CHAP. Huh? Where did that come from? Is that right?
>
> The poor Gandalf wants to do PAP, but not CHAP. It looks
> like the PM3 is
> insisting, and the Gandalf eventually caves in and tries CHAP.
> It fails. As a
> side question, somewhat related, why did CHAP auth fail? I have
> a couple of
> other ISDN boxes that use CHAP successfully, via Radius.
>
> Is this a bug, or am I missing something?
>
> Chris...
>
> --
> What's the point?
>
> An NT server can be run by an idiot, and usually is.
> PGP fingerprint: 063FCE320681C336 78C164FC9B2F91EA
> -
> To unsubscribe, email 'majordomo@livingston.com' with
> 'unsubscribe portmaster-users' in the body of the message.
> Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>
>

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: MegaZone: "(PM) set assigned command on PM3 (fwd)"
Previous message: Thomas C Kinnen: "Re: (PM) radius source"