If you’ve been following along at home, you’ll know I’ve been knee deep in source code the last few days. Well, I have a solution. Follow below for the gory details.
After failing to get pptpd to work properly due to nt passwords and MPPE encryption keys, I gave up. But, I thought…. maybe I can get IPSec/L2TP working instead. As it turns out…. I can!
I setup openswan, and verified my Windows client could connect. Success. Added in xl2tpd, which passes off control to pppd. pppd worked from flat files, so I moved onto Radius. Radius failed, due to no way of verifying the MS-CHAP password. I disabled MS-CHAP and forced the client and server to use PAP, which is OK since we are already link layer secure at this point via IPSec anyway. Suddenly, it worked!
Tested it out, and man… it is way faster than pptpd ever was. So, happy so far with it.
Anyway…
leave a reply