а словари от микрософта добавили?
Думаю, что да.
в /etc/radiusclient/dictionary добавил строку
INCLUDE /etc/radiusclient/dictionary.microsoft
# Limit session traffic
ATTRIBUTE Session-Octets-Limit 227 integer
# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out)
ATTRIBUTE Octets-Direction 228 integer
# Connection Speed Limit
ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer
ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer
ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer
ATTRIBUTE Acct-Interim-Interval 85 integer
в /etc/radiusclient/ скопировал dictionary.microsoft
Если это действие означает подключение ms словарей то да.
Лог Freeradius -X
/etc/radiusclient# freeradius -X
FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Dec 9 2010 at 17:54:26
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/modules/
including configuration file /etc/freeradius/modules/wimax
including configuration file /etc/freeradius/modules/always
including configuration file /etc/freeradius/modules/chap
including configuration file /etc/freeradius/modules/cui
including configuration file /etc/freeradius/modules/policy
including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login
including configuration file /etc/freeradius/modules/sradutmp
including configuration file /etc/freeradius/modules/realm
including configuration file /etc/freeradius/modules/attr_filter
including configuration file /etc/freeradius/modules/attr_rewrite
including configuration file /etc/freeradius/modules/ntlm_auth
including configuration file /etc/freeradius/modules/files
including configuration file /etc/freeradius/modules/ldap
including configuration file /etc/freeradius/modules/pap
including configuration file /etc/freeradius/modules/expr
including configuration file /etc/freeradius/modules/counter
including configuration file /etc/freeradius/modules/ippool
including configuration file /etc/freeradius/modules/detail
including configuration file /etc/freeradius/modules/mschap
including configuration file /etc/freeradius/modules/detail.log
including configuration file /etc/freeradius/modules/etc_group
including configuration file /etc/freeradius/modules/smbpasswd
including configuration file /etc/freeradius/modules/dynamic_clients
including configuration file /etc/freeradius/modules/preprocess
including configuration file /etc/freeradius/modules/mac2vlan
including configuration file /etc/freeradius/modules/logintime
including configuration file /etc/freeradius/modules/mac2ip
including configuration file /etc/freeradius/modules/perl
including configuration file /etc/freeradius/modules/echo
including configuration file /etc/freeradius/modules/detail.example.com
including configuration file /etc/freeradius/modules/opendirectory
including configuration file /etc/freeradius/modules/unix
including configuration file /etc/freeradius/modules/passwd
including configuration file /etc/freeradius/modules/linelog
including configuration file /etc/freeradius/modules/sql_log
including configuration file /etc/freeradius/modules/inner-eap
including configuration file /etc/freeradius/modules/smsotp
including configuration file /etc/freeradius/modules/pam
including configuration file /etc/freeradius/modules/acct_unique
including configuration file /etc/freeradius/modules/exec
including configuration file /etc/freeradius/modules/digest
including configuration file /etc/freeradius/modules/krb5
including configuration file /etc/freeradius/modules/radutmp
including configuration file /etc/freeradius/modules/expiration
including configuration file /etc/freeradius/modules/otp
including configuration file /etc/freeradius/modules/checkval
including configuration file /etc/freeradius/eap.conf
including configuration file /etc/freeradius/policy.conf
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
including configuration file /etc/freeradius/sites-enabled/default
main {
user = "freerad"
group = "freerad"
allow_core_dumps = no
}
including dictionary file /etc/freeradius/dictionary
main {
prefix = "/usr"
localstatedir = "/var"
logdir = "/var/log/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/freeradius/freeradius.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 3
proxy_requests = yes
log {
stripped_names = no
auth = yes
auth_badpass = yes
auth_goodpass = yes
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Loading Clients ####
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "qw130795"
shortname = "inet483"
nastype = "other"
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating module "exec" from file /etc/freeradius/modules/exec
exec {
wait = yes
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating module "expr" from file /etc/freeradius/modules/expr
Module: Linked to module rlm_expiration
Module: Instantiating module "expiration" from file /etc/freeradius/modules/expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /etc/freeradius/modules/chap
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /etc/freeradius/modules/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
}
Module: Linked to module rlm_unix
Module: Instantiating module "unix" from file /etc/freeradius/modules/unix
unix {
radwtmp = "/var/log/freeradius/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
CA_path = "/etc/freeradius/certs"
pem_file_type = yes
private_key_file = "/etc/freeradius/certs/server.key"
certificate_file = "/etc/freeradius/certs/server.pem"
CA_file = "/etc/freeradius/certs/ca.pem"
private_key_password = "whatever"
dh_file = "/etc/freeradius/certs/dh"
random_file = "/dev/urandom"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/etc/freeradius/certs/bootstrap"
cache {
enable = no
lifetime = 24
max_entries = 255
}
verify {
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = no
use_tunneled_reply = no
proxy_tunneled_request_as_eap = yes
virtual_server = "inner-tunnel"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /etc/freeradius/modules/files
files {
usersfile = "/etc/freeradius/users"
acctusersfile = "/etc/freeradius/acct_users"
preproxy_usersfile = "/etc/freeradius/preproxy_users"
compat = "no"
}
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
radutmp {
filename = "/var/log/freeradius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter
attr_filter attr_filter.access_reject {
attrsfile = "/etc/freeradius/attrs.access_reject"
key = "%{User-Name}"
}
} # modules
} # server
server { # from file /etc/freeradius/radiusd.conf
modules {
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
preprocess {
huntgroups = "/etc/freeradius/huntgroups"
hints = "/etc/freeradius/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Instantiating module "abills_preauth" from file /etc/freeradius/radiusd.conf
exec abills_preauth {
wait = yes
program = "/usr/abills/libexec/rauth.pl pre_auth"
input_pairs = "request"
output_pairs = "config"
shell_escape = yes
}
Module: Instantiating module "abills_auth" from file /etc/freeradius/radiusd.conf
exec abills_auth {
wait = yes
program = "/usr/abills/libexec/rauth.pl"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Checking preacct {...} for more modules to load
Module: Instantiating module "abills_acc" from file /etc/freeradius/radiusd.conf
exec abills_acc {
wait = yes
program = "/usr/abills/libexec/racct.pl"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module "abills_postauth" from file /etc/freeradius/radiusd.conf
exec abills_postauth {
wait = yes
program = "/usr/abills/libexec/rauth.pl post_auth"
input_pairs = "request"
output_pairs = "config"
shell_escape = yes
}
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 18120
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 40436, id=226, length=148
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "user02"
MS-CHAP-Challenge = 0xd3f6c30739b197effc9c7d86fa8ed5c8
MS-CHAP2-Response = 0xc00013b96506af44a96c9434121c806a94290000000000000000c98ba2a602cbc979006d8b8603b5d747ce572d7771339a02
Calling-Station-Id = "192.168.1.23"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: User-Password == "123456+"
Exec-Program-Wait: value-pairs: User-Password == "123456+"
Exec-Program: returned: 0
++[abills_preauth] returns ok
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
Exec-Program output: Acct-Interim-Interval = 60, Session-Timeout = 390096, PPPD-Upstream-Speed-Limit = 800, Octets-Direction = 0, Framed-IP-Address = 192.168.160.3, Session-Octets-Limit = 2146435072, Framed-IP-Netmask = 255.255.255.255, PPPD-Downstream-Speed-Limit = 200,
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 60, Session-Timeout = 390096, PPPD-Upstream-Speed-Limit = 800, Octets-Direction = 0, Framed-IP-Address = 192.168.160.3, Session-Octets-Limit = 2146435072, Framed-IP-Netmask = 255.255.255.255, PPPD-Downstream-Speed-Limit = 200,
Exec-Program: returned: 0
++[abills_auth] returns ok
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
Login OK: [user02/<via Auth-Type = Accept>] (from client inet483 port 0 cli 192.168.1.23)
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[files] returns noop
Sending Access-Accept of id 226 to 127.0.0.1 port 40436
Acct-Interim-Interval = 60
Session-Timeout = 390096
PPPD-Upstream-Speed-Limit = 800
Octets-Direction = Route-IP-No
Framed-IP-Address = 192.168.160.3
Session-Octets-Limit = 2146435072
Framed-IP-Netmask = 255.255.255.255
PPPD-Downstream-Speed-Limit = 200
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 226 with timestamp +3
Ready to process requests.
вот лог pptpd взятый из /var/log/Syslog
Oct 27 13:07:10 inet483 pptpd[5253]: MGR: Launching /usr/sbin/pptpctrl to handle client
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: local address = 192.168.160.1
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: remote address = 192.168.160.2
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: pppd options file = /etc/ppp/pptpd-options
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Client 192.168.1.23 control connection started
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 1)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Made a START CTRL CONN RPLY packet
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: I wrote 156 bytes to the client.
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Sent packet to client
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 7)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Made a OUT CALL RPLY packet
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Starting call (launching pppd, opening GRE)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: pty_fd = 6
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: tty_fd = 8
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: I wrote 32 bytes to the client.
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Sent packet to client
Oct 27 13:07:10 inet483 pptpd[5254]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Oct 27 13:07:10 inet483 pptpd[5254]: CTRL (PPPD Launcher): local address = 192.168.160.1
Oct 27 13:07:10 inet483 pptpd[5254]: CTRL (PPPD Launcher): remote address = 192.168.160.2
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 15)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Oct 27 13:07:10 inet483 pppd[5254]: Plugin radius.so loaded.
Oct 27 13:07:10 inet483 pppd[5254]: RADIUS plugin initialized.
Oct 27 13:07:10 inet483 pppd[5254]: Plugin radattr.so loaded.
Oct 27 13:07:10 inet483 pppd[5254]: RADATTR plugin initialized.
Oct 27 13:07:10 inet483 pppd[5254]: pppd 2.4.5 started by root, uid 0
Oct 27 13:07:10 inet483 pppd[5254]: using channel 33
Oct 27 13:07:10 inet483 pppd[5254]: Using interface ppp0
Oct 27 13:07:10 inet483 pppd[5254]: Connect: ppp0 <--> /dev/pts/6
Oct 27 13:07:10 inet483 pppd[5254]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xae69344f>]
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: Bad checksum from pppd.
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #0
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #1
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x228d0e19> <pcomp> <accomp> <callback CBCP>]
Oct 27 13:07:10 inet483 pppd[5254]: sent [LCP ConfRej id=0x0 <pcomp> <accomp> <callback CBCP>]
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xae69344f>]
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #2
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x228d0e19>]
Oct 27 13:07:10 inet483 pppd[5254]: sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x228d0e19>]
Oct 27 13:07:10 inet483 pppd[5254]: sent [LCP EchoReq id=0x0 magic=0xae69344f]
Oct 27 13:07:10 inet483 pppd[5254]: sent [CHAP Challenge id=0xcb <2cfd706a378eff0bf5b3d5c30fc81a42>, name = "pptpd"]
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 15)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #3
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #4
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #5
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #6
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP Ident id=0x2 magic=0x228d0e19 "MSRASV5.20"]
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP Ident id=0x3 magic=0x228d0e19 "MSRAS-1-INET426"]
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [LCP EchoRep id=0x0 magic=0x228d0e19]
Oct 27 13:07:10 inet483 pppd[5254]: rcvd [CHAP Response id=0xcb <520bcaa33f8118f8b1a62061cb20607c00000000000000003f2f4a9b79b20a4870108fc8840e25b6468da24f25b1203700>, name = "user02"]
Oct 27 13:07:10 inet483 pppd[5254]: RADATTR plugin wrote 8 line(s) to file /var/run/radattr.ppp0.
Oct 27 13:07:10 inet483 pppd[5254]:
Oct 27 13:07:10 inet483 pppd[5254]: Peer user02 failed CHAP authentication
Oct 27 13:07:10 inet483 pppd[5254]: sent [CHAP Failure id=0xcb ""]
Oct 27 13:07:10 inet483 pppd[5254]: sent [LCP TermReq id=0x2 "Authentication failed"]
Oct 27 13:07:10 inet483 pptpd[5253]: GRE: accepting packet #7
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 15)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received PPTP Control Message (type: 12)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Made a CALL DISCONNECT RPLY packet
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Received CALL CLR request (closing call)
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Reaping child PPP[5254]
Oct 27 13:07:10 inet483 pppd[5254]: Hangup (SIGHUP)
Oct 27 13:07:10 inet483 pppd[5254]: Modem hangup
Oct 27 13:07:10 inet483 pppd[5254]: Connection terminated.
Oct 27 13:07:10 inet483 pppd[5254]: RADATTR plugin removed file /var/run/radattr.ppp0.
Oct 27 13:07:10 inet483 pppd[5254]: Exit.
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Client 192.168.1.23 control connection finished
Oct 27 13:07:10 inet483 pptpd[5253]: CTRL: Exiting now
Oct 27 13:07:10 inet483 pptpd[27217]: MGR: Reaped child 5253
Во вложенном файле содержится скрин окна настроек vpn соединения Windows.
Если установить галочки MSChap, то соединение устанавливается, все ок.
Но необходимо настроить MSChap-v2, изменяю настройки в впн соединении, согласно приложенному скрину, появляется 691 ошибка соединения в Windows.
На вский случай покажу ppptpd.conf
ppp /usr/sbin/pppd
option /etc/ppp/pptpd-options
connections 90
# На время тестирования раскомметировать
debug
localip 192.168.160.1
remoteip 192.168.160.2-254
и /etc/ppp/pptpd-options
name pptpd
require-mschap
require-mschap-v2
ms-dns 192.168.160.1
ms-dns 192.168.1.24
nodefaultroute
debug
lock
nodeflate
nobsdcomp
nopcomp
noaccomp
asyncmap 0
lcp-echo-failure 30
lcp-echo-interval 5
ipcp-accept-local
ipcp-accept-remote
plugin radius.so
plugin radattr.so
Где я ошибся?