Solved

MS-CHAPv2 Success packet is badly formed.

Posted on 2012-04-02
10
822 Views
Last Modified: 2012-06-27
Hello, we have a 3300v+ Router
Hardware Version : 1.0
Firmware Version : 2.6.3 (EN)
Build Date&Time : 2010-08-17 14:31:01

When PPTP authenticates via local accounts on the router things work fine with Windows, Mac and Linux.

However when we introduce a Windows 2008R2 using NPS as a Radius server; the windows clients connect just fine but the MAC and Linux clients get the following error:

pppd[3625]: MS-CHAPv2 Success packet is badly formed.

Any ideas?

And please no "Get a Cisco" - we are a Cisco shop and would gladly get rid of this junk. Some things are just out of your control.

++the log++
pppd[3625]: Using interface ppp0
NetworkManager[423]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
NetworkManager[423]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
pppd[3625]: Connect: ppp0 <--> /dev/pts/0
pptp[3628]: nm-pptp-service-3322 log[main:pptp.c:314]: The synchronous pptp option is NOT activated
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
pptp[3635]: nm-pptp-service-3322 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 138).
pppd[3625]: MS-CHAPv2 Success packet is badly formed.
pppd[3625]: CHAP authentication failed
NetworkManager[423]: <warn> VPN plugin failed: 1
pppd[3625]: Connection terminated.
avahi-daemon[418]: Withdrawing workstation service for ppp0.
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:204]: short read (-1): Input/output error
pptp[3628]: nm-pptp-service-3322 warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log
pptp[3635]: nm-pptp-service-3322 log[callmgr_main:pptp_callmgr.c:234]: Closing connection (unhandled)
pptp[3635]: nm-pptp-service-3322 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 12 'Call-Clear-Request'
NetworkManager[423]: <warn> VPN plugin failed: 1
pptp[3635]: nm-pptp-service-3322 log[call_callback:pptp_callmgr.c:79]: Closing connection (call state)
NetworkManager[423]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
pppd[3625]: Exit.
NetworkManager[423]: <info> VPN plugin state changed: 6
NetworkManager[423]: <info> VPN plugin state change reason: 0
NetworkManager[423]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
0
Comment
Question by:CETECH_FBRUMM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37810254
Do you have any idea which plugin NetworkManager is complaining about? Although it may not be relevant.
I would tcpdump -i ppp0 (or whatever interface pptp uses) with a Windows client (to see what it should look like) and then a Linux / MAC client.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37821800
Hi Duncan_roe, thanks for your post.

I'm not sure how to determine what the networkmanager is complaining about - outside that it appears to be having trouble with an excess 'success packet' sent from either the MS NPS Radius Server, or by the Router, or by maybe the compilation of the networkmanager code in Mac/Linux. Would it be possible that we need a updated networkmanager? if so, how do we go about that?

I think you are advising we produce a windows log for comparison - we will try this and get back. If you have any other thoughts, that would be appreciated.
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37822952
Yes and no - a tcpdump of the session will show you far more than the log above - for Linux or Windows clients. You can make tcpdump produce dump files and post them as file attachments if you like.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:CETECH_FBRUMM
ID: 37839292
Duncan, we posted a bunch of logs but dont see them here.. do you see them?
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 37840228
No I don't see them either. Possibly EE didn't like the file names. You could try adding .append.txt to them - I do that to get email attachments through filters. Or just try again :-/
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846928
posted again on friday.. testing
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37846934
Hmm, trying a 3rd time...

attached are the captures and wireshark - didnt help us much but maybe it will make sense to you.
Router-logs
0
 
LVL 35

Accepted Solution

by:
Duncan Roe earned 500 total points
ID: 37847522
Got the 4 files. And have looked at them in some detail. Then I carefully re-read your original question.
In your original Q, you posted a syslog file (i.e. /var/log/something). This is a very useful file, and I would like to see it for both Windows and Linux. But first, please insert this line in /etc/ppp/options
debug

Open in new window

Also make sure that debug messages are logged (check /etc/syslog.conf). Post syslogs for Windows and Linux.
Depending on what these show, I may or may not be able to help further. I haven't run pptp for a while, keep on meaning to set it up at home to rdesktop into work but am held up because my box at work doesn't accept rdesktop requests, not even from neighbouring systems.
MS-CHAPv2 Success packet is badly formed.
is the problem we need to fix. We need to get as much info as we can into the syslog, possibly including tcpdump output eventually.
By the way, please can you familiarise yourself with tcpdump. I find its output much easier to read than wireshark.
0
 

Author Comment

by:CETECH_FBRUMM
ID: 37862743
Duncan,
we have received notfication from Draytek UK (no US support - go figure) that the router may just not support PPTP via Radius for Mac and Linux clients. Not firm one way or the other.

My next thought was to use L2TP for Mac/Linux and PPTP for Windows - however the Router does support L2TP encryption of any kind.

We are able to do these things with Cisco products and have gone back to the customer to replace the gear.

Marking this as solved - gear to be replaced.

Thanks for your time,
Fred
0
 

Author Closing Comment

by:CETECH_FBRUMM
ID: 37862759
Problem solved via new hardware. <br /><br />Althought we never actually solved this problem - Duncan was very helpful and responsive. <br /><br />Thanks Duncan!
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question