LINUX PPP/NT Configuration

4 PPP-Link with MS-CHAP

The first step to a PPP-link with callback is to implement a 'normal' PPP-link with MS-Chap.

4.1 'pppd'-Dialscript

The 'pppd'-dialscript, which is commented in this paragraph, is an example dial script.

#!/bin/bash
# Let us call the Windows NT 4.0 Server
/usr/sbin/pppd /dev/modem 38400 file "/etc/ppp/options.nt"

File: dial_winnt

Parameter explanation file dial_winnt :

/dev/modem	: the device where your modem is connected to
38400	: the port speed
file "/etc/ppp/options.nt"	: the file with the other options see 4.2

4.2 Configuration File /etc/ppp/options.nt

In this file you find the other options for the pppd-deamon.

connect '/usr/sbin/chat -v -f /etc/ppp/win_nt.chat'
crtscts
bsdcomp 15
lock
debug
192.168.0.3:0.0.0.0
name "domain\\my_login"
remotename "inbelnt"
-detach
receive-all

File: /etc/ppp/options.nt Parameter explanation file /etc/ppp/options.nt :

connect '....'	: The modem connection is made with the program 'chat'. The for chat needed information is stored in the file win_nt.chat (That is what -f means). The file win_nt.chat is explained below. The parameter -v means that all log messages are stored via syslogd in /var/log/messages.
crtscts	: Use hardware flow control
bsdcomp 15	: Use bsd-style compression
lock	: Lock the modem
debug	: Activates the debug mode. All messages are stored in /var/log/messages
192.168.0.3:0.0.0.0	: Definition of the remote and local ip addresses from <local_ip_addr>:<remote_ip_addr>
name "domain\\my_login"	: Your NT user name. This has to be the same as in chap secrets. The safest way is to use domain\\user form.
remotename "inbelnt"	: The name of your NT server. PPPD uses this for the chap secrets file.
-detach	: Detach from the controlling terminal. PPPD will fork to become a background process.
receive-all	: This is for buggy OS's, like MS that handle the asyncmap not very well

Parameter explanation file /etc/ppp/win_nt.chat :

TIMEOUT 60 : Disconnect after 60 seconds if there is no response
ABORT BUSY : Abort if the modem is busy
ABORT "NO DIALTONE" : Abort if you have no dial tone
ABORT ERROR : Abort when the modem reports error
ABORT "NO CARRIER" : Abort if there is no carrier
"" +++ATZ : Initialize the modem
OK ATE1Q0&C1&S0DT555222 : Dial 555222
CONNECT "" : Wait for the modem reports a connect

File: win_nt.chat

4.3 Configuration File /etc/ppp/chap-secrets

The PPPD-daemon will use the chap secrets file to authenticate you to the NT-Server. It should be like this one :

# Secrets for authentication using CHAP
# client server secret IP addresses
domain\\my_login inbelnt my_passw
inbelnt domain\\my_login my_passw

File: /etc/ppp/chap-secrets

Don't use trailing blanks in this file ! The best way to divide the parameters is the use 'TAB'.

The client ( 'my_login') parameter is the same as your NT login name. The server ('inbel') parameter is free of choice. It is only used internally in the Linux PPPD-daemon. The NT server doesn't use this parameter in his authentication process.

4.4 Protocol PPP/MS-CHAP-LINK

Now it is time to try the connecting. Because in all options file the debug parameter is set the log messages appear in /var/log/messages. How to change to syslog.conf file for this is described in the Appendix. Start the script dial_winnt in a window. If you want to follow online the log messages type 'tail -f /var/log/messages' in another window.

Your log should be like this one :

Jan 26 15:50:25 dijklinux pppd[487]: pppd 2.3.5 started by root, uid 0
Jan 26 15:50:27 dijklinux chat[488]: timeout set to 60 seconds
Jan 26 15:50:27 dijklinux chat[488]: abort on (BUSY)
Jan 26 15:50:27 dijklinux chat[488]: abort on (NO DIALTONE)
Jan 26 15:50:27 dijklinux chat[488]: abort on (ERROR)
Jan 26 15:50:27 dijklinux chat[488]: abort on (NO CARRIER)
Jan 26 15:50:27 dijklinux chat[488]: send (+++ATZ^M)
Jan 26 15:50:27 dijklinux chat[488]: expect (OK)
Jan 26 15:50:28 dijklinux chat[488]: +++ATZ^M^M
Jan 26 15:50:28 dijklinux chat[488]: OK
Jan 26 15:50:28 dijklinux chat[488]: -- got it
Jan 26 15:50:28 dijklinux chat[488]: send (ATE1Q0&C1&S0DT555222^M)
Jan 26 15:50:28 dijklinux chat[488]: expect (CONNECT)
Jan 26 15:50:28 dijklinux chat[488]: ^M
Jan 26 15:50:48 dijklinux chat[488]: ATE1Q0&C1&S0DT555222^M^M
Jan 26 15:50:48 dijklinux chat[488]: CONNECT
Jan 26 15:50:48 dijklinux chat[488]: -- got it
Jan 26 15:50:48 dijklinux chat[488]: send (^M)
Jan 26 15:50:48 dijklinux pppd[487]: Serial connection established.
Jan 26 15:50:49 dijklinux kernel: PPP: version 2.2.0 (dynamic channel allocation)
Jan 26 15:50:49 dijklinux kernel: PPP Dynamic channel allocation code copyright 1995 Caldera, Inc.
Jan 26 15:50:49 dijklinux kernel: PPP line discipline registered.
Jan 26 15:50:49 dijklinux kernel: registered device ppp0
Jan 26 15:50:49 dijklinux pppd[487]: Using interface ppp0
Jan 26 15:50:49 dijklinux pppd[487]: Connect: ppp0 <--> /dev/modem
Jan 26 15:50:49 dijklinux pppd[487]: sent [LCP ConfReq id=0x1 <magic 0xf64ec667> <pcomp> <accomp>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [LCP ConfReq id=0x0 <asyncmap 0x0> <auth chap 80> <magic 0x2d9a> <pcomp> <accomp>]
Jan 26 15:50:50 dijklinux pppd[487]: sent [LCP ConfAck id=0x0 <asyncmap 0x0> <auth chap 80> <magic 0x2d9a> <pcomp> <accomp>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [LCP ConfAck id=0x1 <magic 0xf64ec667> <pcomp> <accomp>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [CHAP Challenge id=0x6 <1287ba1a2a0db761>, name = ""]
Jan 26 15:50:50 dijklinux pppd[487]: sent [CHAP Response id=0x6 <000000000000000000000000000000000000000000000000cd01dbc384fc5f3bd6f747bb642a1addfaefac7f654f48ab01>, name = "my_login"]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [CHAP Success id=0x6 ""]
Jan 26 15:50:50 dijklinux pppd[487]: sent [IPCP ConfReq id=0x1 <addr 192.168.0.3> <compress VJ 0f 01>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [CCP ConfReq id=0x1 < 12 06 00 00 00 01>]
Jan 26 15:50:50 dijklinux pppd[487]: sent [CCP ConfReq id=0x1]
Jan 26 15:50:50 dijklinux pppd[487]: sent [CCP ConfRej id=0x1 < 12 06 00 00 00 01>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.0.1>]
Jan 26 15:50:50 dijklinux pppd[487]: sent [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.0.1>]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [IPXCP ConfReq id=0x3 <network 4b484d98> <node 000000000001>]
Jan 26 15:50:50 dijklinux pppd[487]: Unsupported protocol (0x802b) received ; This is IPX
Jan 26 15:50:50 dijklinux pppd[487]: sent [LCP ProtRej id=0x2 80 2b 01 03 00 12 01 06 4b 48 4d 98 02 08 00 00 00 00 00 01]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [IPCP ConfAck id=0x1 <addr 192.168.0.3> <compress VJ 0f 01>]
Jan 26 15:50:50 dijklinux pppd[487]: local IP address 192.168.0.3
Jan 26 15:50:50 dijklinux pppd[487]: remote IP address 192.168.0.1
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [CCP ConfAck id=0x1]
Jan 26 15:50:50 dijklinux pppd[487]: rcvd [CCP TermReq id=0x4 00 00 02 dc]
Jan 26 15:50:50 dijklinux pppd[487]: sent [CCP TermAck id=0x4]
Jan 26 15:50:53 dijklinux pppd[487]: sent [CCP ConfReq id=0x1]
Jan 26 15:50:53 dijklinux pppd[487]: rcvd [CCP TermAck id=0x1]
Jan 26 15:50:53 dijklinux pppd[487]: sent [CCP TermReq id=0x2"No compression negotiated"]
Jan 26 15:50:54 dijklinux pppd[487]: rcvd [CCP TermAck id=0x2]

Part of /var/log/messages

MODIFIED LINUX PPP/NT HOWTO V2.1