Solved

MS-CHAPv2 Success packet is badly formed.

Posted on 2012-04-02
10
819 Views
Last Modified: 2012-06-27
Hello, we have a 3300v+ Router
Hardware Version : 1.0
Firmware Version : 2.6.3 (EN)
Build Date&Time : 2010-08-17 14:31:01

When PPTP authenticates via local accounts on the router things work fine with Windows, Mac and Linux.

However when we introduce a Windows 2008R2 using NPS as a Radius server; the windows clients connect just fine but the MAC and Linux clients get the following error:

pppd[3625]: MS-CHAPv2 Success packet is badly formed.

Any ideas?

And please no "Get a Cisco" - we are a Cisco shop and would gladly get rid of this junk. Some things are just out of your control.

++the log++
pppd[3625]: Using interface ppp0
NetworkManager[423]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
NetworkManager[423]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
pppd[3625]: Connect: ppp0 <--> /dev/pts/0
pptp[3628]: nm-pptp-service-3322 log[main:pptp.c:314]: The synchronous pptp option is NOT activated
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 138).
pppd[3625]: MS-CHAPv2 Success packet is badly formed.
pppd[3625]: CHAP authentication failed
NetworkManager[423]: <warn> VPN plugin failed: 1
pppd[3625]: Connection terminated.
avahi-daemon[418]: Withdrawing workstation service for ppp0.
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:204]: short read (-1): Input/output error
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log
pptp[3635]: nm-pptp-service-3322 log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
NetworkManager[423]: <warn> VPN plugin failed: 1
pptp[3635]: nm-pptp-service-3322 log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
NetworkManager[423]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
pppd[3625]: Exit.
NetworkManager[423]: <info> VPN plugin state changed: 6
NetworkManager[423]: <info> VPN plugin state change reason: 0
NetworkManager[423]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
0
Comment
Question by:CETECH_FBRUMM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 37810254
Do you have any idea which plugin NetworkManager is complaining about? Although it may not be relevant.
I would tcpdump -i ppp0 (or whatever interface pptp uses) with a Windows client (to see what it should look like) and then a Linux / MAC client.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37821800
Hi Duncan_roe, thanks for your post.

I'm not sure how to determine what the networkmanager is complaining about - outside that it appears to be having trouble with an excess 'success packet' sent from either the MS NPS Radius Server, or by the Router, or by maybe the compilation of the networkmanager code in Mac/Linux. Would it be possible that we need a updated networkmanager? if so, how do we go about that?

I think you are advising we produce a windows log for comparison - we will try this and get back. If you have any other thoughts, that would be appreciated.
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 37822952
Yes and no - a tcpdump of the session will show you far more than the log above - for Linux or Windows clients. You can make tcpdump produce dump files and post them as file attachments if you like.
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:CETECH_FBRUMM
ID: 37839292
Duncan, we posted a bunch of logs but dont see them here.. do you see them?
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 37840228
No I don't see them either. Possibly EE didn't like the file names. You could try adding .append.txt to them - I do that to get email attachments through filters. Or just try again :-/
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846928
posted again on friday.. testing
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846934
Hmm, trying a 3rd time...

attached are the captures and wireshark - didnt help us much but maybe it will make sense to you.
Router-logs
0
 
LVL 34

Accepted Solution

by:
Duncan Roe earned 500 total points
ID: 37847522
Got the 4 files. And have looked at them in some detail. Then I carefully re-read your original question.
In your original Q, you posted a syslog file (i.e. /var/log/something). This is a very useful file, and I would like to see it for both Windows and Linux. But first, please insert this line in /etc/ppp/options
debug

Open in new window

Also make sure that debug messages are logged (check /etc/syslog.conf). Post syslogs for Windows and Linux.
Depending on what these show, I may or may not be able to help further. I haven't run pptp for a while, keep on meaning to set it up at home to rdesktop into work but am held up because my box at work doesn't accept rdesktop requests, not even from neighbouring systems.
MS-CHAPv2 Success packet is badly formed.
is the problem we need to fix. We need to get as much info as we can into the syslog, possibly including tcpdump output eventually.
By the way, please can you familiarise yourself with tcpdump. I find its output much easier to read than wireshark.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37862743
Duncan,
we have received notfication from Draytek UK (no US support - go figure) that the router may just not support PPTP via Radius for Mac and Linux clients. Not firm one way or the other.

My next thought was to use L2TP for Mac/Linux and PPTP for Windows - however the Router does support L2TP encryption of any kind.

We are able to do these things with Cisco products and have gone back to the customer to replace the gear.

Marking this as solved - gear to be replaced.

Thanks for your time,
Fred
0
 

Author Closing Comment

by:CETECH_FBRUMM
ID: 37862759
Problem solved via new hardware. <br /><br />Althought we never actually solved this problem - Duncan was very helpful and responsive. <br /><br />Thanks Duncan!
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question