SSTP Authentication only works sometimes with sstpc

stroebs · Wed Oct 10, 2018 11:42 pm

Hey forumites, hoping I can get some assistance on this issue here. Might be a bug in ROS.

Currently having a SSTP issue with MikroTik (v6.43.2: CCR1009-8G-1S-1S+) whereby authentication to ppp only works some of the time. If I retry a few times after waiting a bit, it connects successfully.

MikroTik config:

Code: Select all


/ppp secret

add local-address=192.168.201.99 name=ddremote password=supersecure remote-address=192.168.201.100

/interface sstp-server server

set certificate=<redacted> enabled=yes

MacOS CLI:

Code: Select all

sudo /usr/local/sbin/sstpc --log-level 5 --log-stderr --cert-warn --user "ddremote" --password "supersecure" 192.168.2.253 require-mschap noauth noccp noaccomp noipdefault nomagic novj user "ddremote" password "supersecure"

Worth noting that my sstpc works perfectly (every time) with a Windows-controlled DC and different connection variables.

MikroTik log:

Code: Select all

22:33:08 sstp,ppp,debug : LCP lowerup 

22:33:08 sstp,ppp,debug : LCP open 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfReq id=0x1 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet    <auth  mschap2> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfReq id=0x1 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet    <auth  mschap2> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfRej id=0x1 

22:33:08 sstp,ppp,debug,packet    <auth  mschap2> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfRej id=0x1 

22:33:08 sstp,ppp,debug,packet    <auth  mschap2> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfReq id=0x2 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet    <auth pap> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfReq id=0x2 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet    <auth pap> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfRej id=0x2 

22:33:08 sstp,ppp,debug,packet    <auth pap> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfRej id=0x2 

22:33:08 sstp,ppp,debug,packet    <auth pap> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfReq id=0x3 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfReq id=0x3 

22:33:08 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfNak id=0x3 

22:33:08 sstp,ppp,debug,packet    <magic 0x1fed7cc6> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfReq id=0x1 

22:33:08 sstp,ppp,debug,packet    <asyncmap 0x0> 

22:33:08 sstp,ppp,debug,packet    <pcomp> 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfRej id=0x1 

22:33:08 sstp,ppp,debug,packet    <asyncmap 0x0> 

22:33:08 sstp,ppp,debug,packet    <pcomp> 

22:33:08 sstp,ppp,debug,packet  : rcvd LCP ConfReq id=0x2 

22:33:08 sstp,ppp,debug,packet  : sent LCP ConfAck id=0x2 

22:33:09 sstp,ppp,debug : LCP timer 

22:33:09 sstp,ppp,debug,packet  : sent LCP ConfReq id=0x4 

22:33:09 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:09 sstp,ppp,debug,packet  : rcvd LCP ConfRej id=0x4 

22:33:09 sstp,ppp,debug,packet    <magic 0x398c4ed2> 

22:33:09 sstp,ppp,debug,packet  : sent LCP ConfReq id=0x5 

22:33:09 sstp,ppp,debug,packet  : rcvd LCP ConfAck id=0x5 

22:33:09 sstp,ppp,debug : LCP opened 

22:33:09 sstp,ppp,debug : LCP close 

22:33:09 sstp,ppp,debug : LCP closed 

22:33:09 sstp,ppp,debug,packet  : sent LCP TermReq id=0x6 

22:33:09 sstp,ppp,debug,packet     peer refused to authenticate 

22:33:09 sstp,ppp,debug : PPP received non-LCP packet (0x8021) when LCP not open 

22:33:09 sstp,ppp,debug : PPP received non-LCP packet (0x8235) when LCP not open 

22:33:09 sstp,ppp,debug,packet  : rcvd LCP TermAck id=0x6 

22:33:09 sstp,ppp,debug : LCP lowerdown 

22:33:09 sstp,ppp,debug : CCP close 

22:33:09 sstp,ppp,debug : BCP close 

22:33:09 sstp,ppp,debug : IPCP close 

22:33:09 sstp,ppp,debug : IPV6CP close 

22:33:09 sstp,ppp,debug : MPLSCP close 

22:33:09 sstp,ppp,debug : LCP lowerdown 

22:33:09 sstp,ppp,debug : LCP down event in initial state

MacOS log:

Code: Select all

Oct 10 22:33:09 sstpc[27420]: Resolved 192.168.2.253 to 192.168.2.253

Oct 10 22:33:09 sstpc[27420]: Connected to 192.168.2.253

Oct 10 22:33:10 sstpc[27420]: The certificate did not match the host: 192.168.2.253

Oct 10 22:33:10 sstpc[27420]: Server certificated failed verification, ignoring

Oct 10 22:33:10 sstpc[27420]: Sending Connect-Request Message

Oct 10 22:33:10 sstpc[27420]: SEND SSTP CRTL PKT(14)

Oct 10 22:33:10 sstpc[27420]:   TYPE(1): CONNECT REQUEST, ATTR(1):

Oct 10 22:33:10 sstpc[27420]:     ENCAP PROTO(1): 6

Oct 10 22:33:10 sstpc[27420]: RECV SSTP CRTL PKT(48)

Oct 10 22:33:10 sstpc[27420]:   TYPE(2): CONNECT ACK, ATTR(1):

Oct 10 22:33:10 sstpc[27420]:     CRYPTO BIND REQ(4): 40

Oct 10 22:33:10 sstpc[27420]: Started PPP Link Negotiation

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(23)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREQ AUTH: CHAP MAGIC: 0xD24E8C39

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(23)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREQ AUTH: CHAP MAGIC: 0xD24E8C39

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(17)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREJ AUTH: CHAP

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(17)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREJ AUTH: CHAP

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(22)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFREQ MAGIC: 0xD24E8C39 AUTH: PAP

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(22)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFREQ MAGIC: 0xD24E8C39 AUTH: PAP

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(16)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFREJ AUTH: PAP

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(16)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFREJ AUTH: PAP

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(18)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 3  CONFREQ MAGIC: 0xD24E8C39

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(18)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 3  CONFREQ MAGIC: 0xD24E8C39

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(18)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 3  CONFNAK MAGIC: 0xC67CED1F

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(20)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREQ ASYNCMAP: 00 00 00 00

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(20)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 1  CONFREJ ASYNCMAP: 00 00 00 00

Oct 10 22:33:10 sstpc[27420]: SEND SSTP DATA PKT(12)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFREQ

Oct 10 22:33:10 sstpc[27420]: RECV SSTP DATA PKT(12)

Oct 10 22:33:10 sstpc[27420]:   PPP LCP ID: 2  CONFACK

Oct 10 22:33:11 sstpc[27420]: RECV SSTP DATA PKT(18)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 4  CONFREQ MAGIC: 0xD24E8C39

Oct 10 22:33:11 sstpc[27420]: SEND SSTP DATA PKT(18)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 4  CONFREJ MAGIC: 0xD24E8C39

Oct 10 22:33:11 sstpc[27420]: RECV SSTP DATA PKT(12)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 5  CONFREQ

Oct 10 22:33:11 sstpc[27420]: SEND SSTP DATA PKT(12)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 5  CONFACK

Oct 10 22:33:11 sstpc[27420]: SEND SSTP DATA PKT(18)

Oct 10 22:33:11 sstpc[27420]:   PPP IPCP ID: 1  CONFREQ ADDR: 0.0.0.0

Oct 10 22:33:11 sstpc[27420]: SEND SSTP DATA PKT(24)

Oct 10 22:33:11 sstpc[27420]:   PPP ACSP ID: 1

Oct 10 22:33:11 sstpc[27420]: RECV SSTP DATA PKT(40)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 6  TERMREQ

Oct 10 22:33:11 sstpc[27420]: SEND SSTP DATA PKT(12)

Oct 10 22:33:11 sstpc[27420]:   PPP LCP ID: 6  TERMACK

Oct 10 22:33:11 sstpc[27420]: Unrecoverable SSL error

Oct 10 22:33:11 sstpc[27420]: Connection was aborted, Reason was not known

**Error: Connection was aborted, Reason was not known, (-1)

SSTP Authentication only works sometimes with sstpc

SSTP Authentication only works sometimes with sstpc

Who is online