How to set up a Dial-In PPP Server

Posted on 2000-02-21
Last Modified: 2013-12-16
I  have Slackware 7 and Zoltrix modem installed.
I'm trying to set up a Dial-In PPP Server starting
 mgetty.  Everytime a client tries to connect to the
PPP server,  I'm getting the following errors in
mgetty log file:

02/20 21:53:52 ##### data dev=ttyS1, pid=139, caller=none, conn='38400/31200 LAP-M', name='', cmd='/usr/sbin/pppd', user='/AutoPPP/'
 02/20 21:53:53 yS1  TIOCMBIS failed: Input/output error
 02/20 21:53:53 yS1  cannot turn off soft carrier:
 Input/output error
 02/20 21:53:53 yS1  tcgetattr failed: Input/output error
 02/20 21:53:53 yS1  cannot get TIO: Input/output error
 02/20 21:53:53 yS1  mg_init_device failed, trying again
 02/20 21:55:24 ##### failed dev=ttyS1, pid=211, got signal 15, exiting

 Here's my login.config

 /AutoPPP/ - a_ppp   /usr/sbin/pppd auth modem refuse-chap require-pap

 Does anyone have the same problems to setup
 a Dial-In PPP Server?

Question by:cpak
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 3
  • +1

Expert Comment

ID: 2543758
Sounds like you may be using software flow control on the client. Use hardware flow control.

Expert Comment

ID: 2552303
Do you have AT&C1&D2 in you init string for modem

Expert Comment

ID: 2569379

As the estimable Clifford Kite says, "
tcgetattr has always meant that there is another process besides pppd that is contending for the modem IRQ.  Some examples are (1) an ethernet card that used the same IRQ as the modem, (2) a misconfigured ppp script that launched pppd twice, and (3) a mingetty that somehow had been configured for call-in.  "

This means, assuming this modem works for dialout (use minicom and call a BBS or an ISP or something) - if not, check /proc/ioports and /proc/interrupts, make sure you have no irq or port conflicts: then check /etc/inittab to make sure you are not running two gettys
on the same serial port; make sure pppd is not already running on that serial port.  Look at the contents of /var/lock/LCK...ttySx where x is 0 or 1 or whatever the number of the com port you are using for dialin (remember Unix calls com1 ttyS0, etc).  The contents of the LCK.. file shows you the Process ID (PID) of whoever has locked the com port.  then do "ps auxw" and look in the first column for that process ID, and see who's got it, and KILL that process (man kill for details).
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Expert Comment

ID: 2574988
cpak: I've just gotten the same log message as this. It happened when the user was disconnected and the pppd on the server side was still trying to communicate. Take a look at the tail of /var/log/messages. For me there's a CHAP authentication failed for user ... right before this log message. If that's the case for you then there's a problem with your pap or chap-secrets file settings(on the server or the client or both)

Expert Comment

ID: 2574993
oops my fault, sounds like you're using pap. Check your /etc/ppp/pap-secrets file on the server side, make sure it's correct. Then make sure that your linux clients have a "noauth" in their /etc/ppp/options file, otherwise they're asking the server to authenticate itself, which by default it shouldn't but can be set up to do so.

Author Comment

ID: 2576810
tibori:  Actually I setup the client on Window 98 and
PPP dial-up server on linux.  Should the client run on
linux?  I believe the client can run on any platform.
In your previous comments, what are the good examples
of /etc/ppp/pap-secrets and /etc/ppp/options?



Expert Comment

ID: 2577039
The clients can be Windows or Linux, but their setup is a bit different. For Windows machines, you need to set a line like this in pap-secrets(on the server)

login-name server-machine-name password

This is the login name and password that you're using on the Windows client, and the same as you've defined the user and password on the server.

For a Linux client, the client itself sends the machine name and the secret(password) specified in pap-secrets(on the client) so on the server's pap-secrets you need to put in

client-machine-name server-machine-name secret

The secret in this case does not have to be the same as the user's login name, although to avoid confusion that's what I made mine to be.

Now for a linux client to be able to connect you also have to modify pap-secrets on the client side to tell it how to authenticate itself to the server. For that you can just put in

client-machine-name server-machine-name secret

The secrets on the client and the server of course have to match. Also on a Linux client you want to put "noauth" in /etc/ppp/options otherwise you'll have to add an extra line to both client and server's pap-secrets to allow the server to authenticate itself to the client(which is not really necessary, but to be absolutely safe, it's a good idea)
If you want to set that up just have a pair of lines on both the client and the server, one as mentioned above and the second line with the client and server machine names reversed, then you can change the noauth to auth on the client side.
I hope that all made sense, let me know if it didn't. Also take a look at the tail end of your /var/log/messages file on both server and client to know what's going on..why the conecction wasn't successful. If you're having problems let me know what those have in them.

Expert Comment

ID: 2577042
there needs to be a white space between the three fields for the pap-secrets file.

Expert Comment

ID: 2577600
I really don't think this is an authentication problem.  You are not getting a ppp connection at all.  You have (1) a bad serial cable, if your modem is external (2) a misconfigured modem (3) a misconfigured mgetty.   In /etc/inittab, next to the S1 entry, you should NOT have an -r option on mgetty.  You might want to add an initialization string here, such as AT&C1&D2 to make sure the carrier detect signals are correct.  add the following:
/sbin/mgetty -m '"" AT&C1&D2 OK' -x9
to the command line, or change the /etc/mgetty/mgetty.config
and add a

port ttyS1
  init-chat "" AT&C1&D2 OK

to it.

Have you used this port for anything yet - can you dial OUT using this port, say to a BBS, successfully? can you dial IN using minicom and get a login?  Are you sure you don't have something besides mgetty also watching this port - say, a mingetty - look in /etc/inittab and make sure there is only ONE Line that starts with S1 and that that line calls mgetty.  Check the contents of the LCK... files in /var/lock/ and check the PIDs you see.  Check the contents of /proc/interrupts and make sure that
interrupt 3 says 'serial' next to it.  

If this still doesn't work post the contents of your /var/log/messages file also, and the contents of /etc/inittab.  

Author Comment

ID: 2578877
The remote client on Windows98 tried to
dial-in to my PPP server on linux twice.
I believe that PPP-connection's OK, but
the remote connection's terminated as
soon as it connected to the server.
Here's the /var/log/message file:

Mar  2 22:34:04 sushi kernel: PPP line discipline registered.
Mar  2 22:34:04 sushi kernel: PPP BSD Compression module registered
                                         Mar  2 22:34:04 sushi kernel:   kernel build: 2.2.13 #22 Wed Oct 20 17:32:52 CDT
Mar  2 22:34:04 sushi kernel:   options:  [pci] [cardbus]
Mar  2 22:34:04 sushi kernel: Intel PCIC probe: not found.
Mar  2 22:34:04 sushi kernel: Databook TCIC-2 PCMCIA probe: not found.
Mar  2 22:34:04 sushi kernel: ds: no socket drivers loaded!
Mar  2 22:34:09 sushi sendmail[115]: starting daemon (8.9.3): SMTP+queueing@00:1
Mar  2 22:34:10 sushi kernel: iBCS: socksys registered on character major 30
Mar  2 22:40:29 sushi kernel: registered device ppp0
Mar  2 22:40:30 sushi pppd[219]: pppd 2.3.10 started by LOGIN, uid 0
Mar  2 22:40:30 sushi pppd[219]: Using interface ppp0
Mar  2 22:40:30 sushi pppd[219]: Connect: ppp0 <--> /dev/ttyS1
Mar  2 22:40:36 sushi pppd[219]: Connection terminated.
Mar  2 22:40:36 sushi pppd[219]: Exit.
Mar  2 22:41:19 sushi pppd[236]: pppd 2.3.10 started by LOGIN, uid 0
Mar  2 22:41:19 sushi pppd[236]: Using interface ppp0
Mar  2 22:41:19 sushi pppd[236]: Connect: ppp0 <--> /dev/ttyS1
Mar  2 22:41:26 sushi pppd[236]: Connection terminated.
Mar  2 22:41:26 sushi pppd[236]: Exit.

Here's my /etc/ppp/pap-secrets:

# PAP authentication file: /etc/ppp/pap-secrets
# This file should have a permission of
# 600.
# ~# chmod 600 /etc/ppp/pap-secrets
# Username      Server      Password
# IP addresses
# Dial-in clients
cpak    myhostname   mypassword

In my /etc/inittab, there's only one S1
entry for that device.  
Here's the /etc/inittab:

# inittab       This file describes how the INIT process should set up
#               the system in a certain run-level.
# Version:      @(#)inittab             2.04    17/05/93        MvS
#                                       2.10    02/10/95        PV
#                                       3.00    02/06/1999      PV
# Author:       Miquel van Smoorenburg, <>
# Modified by:  Patrick J. Volkerding, <>

# These are the default runlevels in Slackware:
#   0 = halt
#   1 = single user mode
#   2 = unused (but configured the same as runlevel 3)
#   3 = multiuser mode (default Slackware runlevel)
#   4 = X11 with KDM/GDM/XDM (session managers)
#   5 = unused (but configured the same as runlevel 3)
#   6 = reboot

# Default runlevel. (Do not set to 0 or 6)

# System initialization (runs when system boots).

# Script to run when going single user (runlevel 1).

# Script to run when going multi user.

# What to do at the "Three Finger Salute".
ca::ctrlaltdel:/sbin/shutdown -t5 -rf now

# Runlevel 0 halts the system.

# Runlevel 6 reboots the system.

# What to do when power fails (shutdown to single user).
pf::powerfail:/sbin/shutdown -f +5 "THE POWER IS FAILING"

# If power is back before shutdown, cancel the running shutdown.
pg:0123456:powerokwait:/sbin/shutdown -c "THE POWER IS BACK"

# If power comes back in single user mode, return to multi user mode.
ps:S:powerokwait:/sbin/init 3

# The getties in multi user mode on consoles an serial lines.
# NOTE NOTE NOTE adjust this to your getty or you will not be
#                able to login !!
# Note: for 'agetty' you use linespeed, line.
# mgetty -------------
s1:45:respawn:/usr/local/sbin/mgetty -m '"" AT&C1&D2 OK' -D -x9 /dev/ttyS1

Is there any reason the client's
terminated immediately?



Author Comment

ID: 2579021
Here's my /etc/ppp/options:

# General configuration options for PPPD:
# Uncomment the line below for more verbose error reporting:
# If you have a default route already, pppd may require the other side
# to authenticate itself, which most ISPs will not do.  To work around this,
# uncomment the line below.  Note that this may have negative side effects
# on system security if you allow PPP dialins.  See the docs in /usr/doc/ppp*
# for more information.
asyncmap 0
name "cpak"

To make one more time, the remote
client tried to login using
corrent username and


Expert Comment

ID: 2580313
by specifing "name" in /etc/ppp/options, you're setting or changing the name of the host. If the /etc/ppp/pap-secrets file you posted is the server one, you need to change it around to be
remote-client's-loginname cpak remote-client's password.

Expert Comment

ID: 2580437
I think tibori is onto it.  Your earlier log messages indicated communication failure.  But this log shows pppd starting.  Try removing the
name "cpak"
lines, perhaps adding
kdebug 1
to the pppd options file, and retrying.

You don't need passive if mgetty is starting pppd, and passive will allow multiple copies of pppd to start, causing you more lock and contention problems on your port.

Author Comment

ID: 2580475
Thank  you so much for all of the comments.
So, what's the bottom line here?
Do I need to remove the lines "name cpak" or
to replace the line  into "cpak   password" in
/etc/ppp/options ?


Expert Comment

ID: 2580500
if you remove "name cpak" pppd will report the actual name of your server, so then that's what you'd have to put into pap secrets:

clients-name actual-server-name clients-password

If you leave it there then you can put what I specified above. Either way should work.

Accepted Solution

tibori earned 100 total points
ID: 2588454
cpak: Any progress?

Just to clarify:

Specifing the "name" option on the server changes the actual name of the server to the name specified by "name"
So if the server's actual name is "" but you want it to appear as "" to users dialing from ppp, then specify this option. It doesn't matter either way...except that in the pap-secrets file, you need to specify the server name as it appears to the PPP users. So if you used the name cpak(NO QUOTES!!)
in /etc/ppp/options then your /etc/ppp/pap-secrets on the server would need to look like:

clientname cpak password (optional ip)

if you didn't use the name option then your pap-secrets would look like:

clientname actualservername password (optional ip)

The optional IP is used for if you want to specify what IP address the client should and should not be allowed to connect with.

Speaking of the client's IP's, with the settings you've specified, you NEED to give the client an IP address(so do not choose dynamically assigned IP). That's because you've specified "noipdefault" and you've also not given any directive for the server to assign an IP address to the connecting client. If however you want to do this, then take out "noipdefault" and add x.x.x.x:y.y.y.y where the x's will be the clients local address and the y's will be the clients remote address. This is still static, but youre controlling your client's ip's so not just anybody could connect and of course you can access the client from the server this way. This of course you'd specify in /etc/options, or if you plan to have multiple users then you could put it in each users home directory in a file called .ppprc .

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unix process listing into CSV format 3 83
Centos 7 DNS server not replying to clients 3 88
Linux kernel panic ext3-fs error 14 67
linux convert text file to PDF 7 66
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question