Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

MS-CHAPv2 Success packet is badly formed.

Posted on 2012-04-02
10
Medium Priority
?
828 Views
Last Modified: 2012-06-27
Hello, we have a 3300v+ Router
Hardware Version : 1.0
Firmware Version : 2.6.3 (EN)
Build Date&Time : 2010-08-17 14:31:01

When PPTP authenticates via local accounts on the router things work fine with Windows, Mac and Linux.

However when we introduce a Windows 2008R2 using NPS as a Radius server; the windows clients connect just fine but the MAC and Linux clients get the following error:

pppd[3625]: MS-CHAPv2 Success packet is badly formed.

Any ideas?

And please no "Get a Cisco" - we are a Cisco shop and would gladly get rid of this junk. Some things are just out of your control.

++the log++
pppd[3625]: Using interface ppp0
NetworkManager[423]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
NetworkManager[423]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
pppd[3625]: Connect: ppp0 <--> /dev/pts/0
pptp[3628]: nm-pptp-service-3322 log[main:pptp.c:314]: The synchronous pptp option is NOT activated
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 138).
pppd[3625]: MS-CHAPv2 Success packet is badly formed.
pppd[3625]: CHAP authentication failed
NetworkManager[423]: <warn> VPN plugin failed: 1
pppd[3625]: Connection terminated.
avahi-daemon[418]: Withdrawing workstation service for ppp0.
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:204]: short read (-1): Input/output error
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log
pptp[3635]: nm-pptp-service-3322 log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
NetworkManager[423]: <warn> VPN plugin failed: 1
pptp[3635]: nm-pptp-service-3322 log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
NetworkManager[423]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
pppd[3625]: Exit.
NetworkManager[423]: <info> VPN plugin state changed: 6
NetworkManager[423]: <info> VPN plugin state change reason: 0
NetworkManager[423]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
0
Comment
Question by:CETECH_FBRUMM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37810254
Do you have any idea which plugin NetworkManager is complaining about? Although it may not be relevant.
I would tcpdump -i ppp0 (or whatever interface pptp uses) with a Windows client (to see what it should look like) and then a Linux / MAC client.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37821800
Hi Duncan_roe, thanks for your post.

I'm not sure how to determine what the networkmanager is complaining about - outside that it appears to be having trouble with an excess 'success packet' sent from either the MS NPS Radius Server, or by the Router, or by maybe the compilation of the networkmanager code in Mac/Linux. Would it be possible that we need a updated networkmanager? if so, how do we go about that?

I think you are advising we produce a windows log for comparison - we will try this and get back. If you have any other thoughts, that would be appreciated.
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37822952
Yes and no - a tcpdump of the session will show you far more than the log above - for Linux or Windows clients. You can make tcpdump produce dump files and post them as file attachments if you like.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:CETECH_FBRUMM
ID: 37839292
Duncan, we posted a bunch of logs but dont see them here.. do you see them?
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37840228
No I don't see them either. Possibly EE didn't like the file names. You could try adding .append.txt to them - I do that to get email attachments through filters. Or just try again :-/
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846928
posted again on friday.. testing
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846934
Hmm, trying a 3rd time...

attached are the captures and wireshark - didnt help us much but maybe it will make sense to you.
Router-logs
0
 
LVL 35

Accepted Solution

by:
Duncan Roe earned 2000 total points
ID: 37847522
Got the 4 files. And have looked at them in some detail. Then I carefully re-read your original question.
In your original Q, you posted a syslog file (i.e. /var/log/something). This is a very useful file, and I would like to see it for both Windows and Linux. But first, please insert this line in /etc/ppp/options
debug

Open in new window

Also make sure that debug messages are logged (check /etc/syslog.conf). Post syslogs for Windows and Linux.
Depending on what these show, I may or may not be able to help further. I haven't run pptp for a while, keep on meaning to set it up at home to rdesktop into work but am held up because my box at work doesn't accept rdesktop requests, not even from neighbouring systems.
MS-CHAPv2 Success packet is badly formed.
is the problem we need to fix. We need to get as much info as we can into the syslog, possibly including tcpdump output eventually.
By the way, please can you familiarise yourself with tcpdump. I find its output much easier to read than wireshark.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37862743
Duncan,
we have received notfication from Draytek UK (no US support - go figure) that the router may just not support PPTP via Radius for Mac and Linux clients. Not firm one way or the other.

My next thought was to use L2TP for Mac/Linux and PPTP for Windows - however the Router does support L2TP encryption of any kind.

We are able to do these things with Cisco products and have gone back to the customer to replace the gear.

Marking this as solved - gear to be replaced.

Thanks for your time,
Fred
0
 

Author Closing Comment

by:CETECH_FBRUMM
ID: 37862759
Problem solved via new hardware. <br /><br />Althought we never actually solved this problem - Duncan was very helpful and responsive. <br /><br />Thanks Duncan!
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
An article on effective troubleshooting
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question