Translate

Saturday 14 December 2013

how to configure pptp and freeradius




pptp authentication using freeradius you can following tutorials.

For freeradius setup : http://safesrv.net/install-and-setup-freeradius-on-centos-5/
For pptpd setup      : http://safesrv.net/setup-pptp-and-freeradius-on-centos-5/

After radius server installation test radius server locally and remote server. If response is positive then you are done with radius server. Else add nas table to radius server if is it is already not included or not already configured.

Try not to jump on another server deployment util you are not completely deployed previous one.

If you are unable to communicate between user , VPN server and freeRADIUS server then check IPTABLES and port forwarding. And also check that in VPN server configuration ,  radius server ip is defined.
Also confirm that in freeRADIUS configuaration ,   VPN server ip is listed in clients.
After successfull setup of these two servers following are possible issues you may face.

Possible issue :
Issue 1 : Carefully read tutorial and do configuration of right files. Because some directories contains file names with little difference for example options.pptpd and options-pptpd.

Issue 2 : User requires some authentications like pap , chap , mschap etc. User sends authentication requests to VPN server and VPN sever forward this request to freeRADIUS server to authenticate user.

Authentication will only be successfull if user's required authentications matches with /etc/ppp/pptpd-options configuration. In /etc/ppp/options-pptpd  authentications are written like this require-pap refuse-pap etc.

Still having problem please read this freeradius official tutorial http://wiki.freeradius.org/guide/PopTop-HOWTO   .






Posted by at No comments:
Labels: , ,

pptp Unknown attribute 47. Modem hang up



You are setting up PPTP Using freeRADIUS server.
freeRADIUS server is ready to process requests. And PPTP is accepting connections.
Windows clients are working fine and browsing successfully.
Ubuntu PPTP clients connect to server but in less than 10 sec they disconnect.
Server logs:
Server log is showing modem hangup.
Unknown attribute 47.
Unknown attribute 48.
Solution:
This is client side error. The server is working fine. There is no need to check server.
This is maximum transmission unit error on client side. (MTU , the size of largest protocol data unit)
To solve this issue only change MTU of interface through which you are connected to internet.
Enter following command in terminal.
sudo ifconfig eth0 mtu 1400
Change eth0 to interface from which you are connected to internet. MTU value of 1400 at client side. PPTP is connected and not disconneting any more. No modem hang up error on client side.
Posted by at No comments:
Labels: , ,

openVPN Bad LZO decompression header byte

Scenario:
You have successfully deployed freeRADIUS and openVPN.
OpenVPN client successfully connects to openVPN server
Windows openVPN client can seccessfully connect to the server and can brwose sites successfully.

Issue:
But ubuntu clients can not browse sites successfully.
And also disconnects in less than 30 seconds.

Logs:
Used logs are
/var/log/messages
/etc/openvpn/1194.logs

/var/log/openvpn.log shows the basic issue.
*Bad LZO decompression header byte: 69*

Solution:
Before connecting openVPN client correct the openVPN configuration.
Check (Tick) lozo compression in advanced settings of vpnClient configuration in Ubuntu client.


Posted by at No comments:
Labels: , , ,

Client can browse site successfully but IP of client not changing. L2TP


You have successfully deployed freeRADIUS and L2TP.
Windows L2TP client successfully connects to L2TP server

Issue:
Client can browse site successfully but IP of client not changing.

Solution
In /etc/racoon/psk.txt
There is given ( * ) which mentioned for Iphone or android clients. Give both l2tp server ip and * with secret key also.

Now connect to server. It should work now. :)



Posted by at No comments:
Labels: , ,

w3af : ImportError: cannot import name process_pdf




w3af Installing w3af.
- after cloaning w3af from git clone https://github.com/andresriancho/w3af.git running ./w3af shows install missing packages of OS and python.
- w3af generate script of missing requirements in /tmp/ directory.
- Missing packages installed by running script.
- some packages are not installed.
- pysvn and scapy installed manually by pip install http://link-to-package
Prolem:
after running ./w3af_console it shows pdf_process error at last.
ImportError: cannot import name process_pdf
Traceback (most recent call last):
File "./w3af_console", line 25, in <module>
from core.ui.console.console_ui import ConsoleUI
File "/home/w3af/core/ui/console/console_ui.py", line 42, in <module>
from core.controllers.w3afCore import w3afCore
File "/home/w3af/core/controllers/w3afCore.py", line 36, in <module>
from core.controllers.core_helpers.strategy import w3af_core_strategy
File "/home/w3af/core/controllers/core_helpers/strategy.py", line 30, in <module>
from core.data.url.extended_urllib import MAX_ERROR_COUNT
File "/home/w3af/core/data/url/extended_urllib.py", line 45, in <module>
from core.data.parsers.HTTPRequestParser import HTTPRequestParser
File "/home/w3af/core/data/parsers/HTTPRequestParser.py", line 26, in <module>
from core.data.request.factory import create_fuzzable_request_from_parts
File "/home/w3af/core/data/request/factory.py", line 29, in <module>
import core.data.parsers.parser_cache as parser_cache
File "/home/w3af/core/data/parsers/parser_cache.py", line 26, in <module>
import core.data.parsers.document_parser as DocumentParser
File "/home/w3af/core/data/parsers/document_parser.py", line 25, in <module>
from core.data.parsers.pdf import PDFParser, pdf_to_text
File "/home/w3af/core/data/parsers/pdf.py", line 26, in <module>
from pdfminer.pdfinterp import PDFResourceManager, PDFPageInterpreter, process_pdf
ImportError: cannot import name process_pdf

 Solution:
It is only due to this missing package phply

Posted by at No comments:
Labels: , ,

w3af plugins.grep.clamav: "No module named six"."

If you are getting this error on running ./w3af_console

Error while reading plugin options: "There was an error while importing plugins.grep.clamav: "No module named six"."

then
Solution :

apt-get install python-six :)
Posted by at No comments:
Labels: , ,

w3af not sending email , not even saving any configurations.


If w3af not saving any configurations then there is issue which can be resolved by recloaning w3af. And following instructions on console. Console might say to install phply. A command to install will also be there.

If w3af not sending email then make sure following.

Make sure mailutils and sendmail is installed.
Use sender domain.
Sender domain other than gmail. For example abc@yahoo.com.
Still not receiving email in gmail. Gmail might have black listed your ip. Change sender and receiver emails of yahoo domain.
Still having trouble.
Checking of logs is necessary.
/var/log/syslog
/var/log/mail.log
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)