Задача такая... Создавать доступ в и-нет по учёткам из AD. Конечно можно дублировать учётки на Фре, но а если их несколько тысяч и их нужно иногда включать и выключать. В общем нужно создавать учётки и работать с ними только в одном месне АД!
Вот конфиги:
mpd.conf
########################################################
default:
load pptp0
load pptp1
load pptp2
pptp0:
new -i ng0 pptp000 pptp000
load pptp_standard
pptp1:
new -i ng1 pptp001 pptp001
load pptp_standard
pptp2:
new -i ng2 pptp002 pptp002
load pptp_standard
pptp_standard:
set ipcp ranges 192.168.0.0/254 192.168.0.164/16
set pptp self 192.168.0.160
set pptp enable incoming
set pptp disable originate
set iface disable on-demand
set iface enable proxy-arp
set iface idle 2400
set iface enable tcpmssfix
# set iface mtu 1300
set bundle disable multilink
set link yes acfcomp protocomp
set iface up-script /root/drs/utils/upiface.sh
set iface down-script /root/drs/utils/downiface.sh
set link no pap chap
set link enable chap
set link yes chap-md5
set link no chap-msv1
set link no chap-msv2
# set link mtu 1460
set link mtu 1360
set link mru 1360
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp dns 212.122.1.2
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
# RADIUS
set radius retries 3
set radius timeout 10
set radius server 192.168.0.4 secret 1812 1813
set radius acct-update 60
set radius me X.X.X.X
set ipcp enable radius-ip
# enable RADIUS, and fallback to mpd.secret, if RADIUS auth failed
set bundle enable radius-acct
set bundle enable radius-auth
set radius update-limit-in 100000
set radius update-limit-out 100000
# set bundle enable radius-fallback
# use idle-timeout and mtu from the RADIUS server
# set iface enable radius-idle radius-mtu
# let the RADIUS server assign MPPE-types and MPPE-policies
# set ccp enable radius
########################################################
mpd.links
########################################################
pptp000:
set link type pptp
pptp001:
set link type pptp
pptp002:
set link type pptp
########################################################
Вот кусок лога...
########################################################
Now 2 14:13:16 host mpd: [pptp0] LCP: LayerDown
Now 2 14:13:16 host mpd: [pptp0] device: DOWN event in state DOWN
Now 2 14:13:16 host mpd: [pptp0] device is now in stste DOWN
Now 2 14:13:16 host mpd: [pptp0] killconnection with 192.168.0.44:1599
Now 2 14:13:16 host mpd: [pptp0] link: DOWN event
Now 2 14:13:16 host mpd: [pptp0] LCP: Down event
Now 2 14:13:16 host mpd: [pptp0] LCP: LayerFinish
Now 2 14:13:16 host mpd: [pptp0] LCP: state change Closing --> Initial
Now 2 14:13:16 host mpd: [pptp0] LCP: phase shift TERMINATE --> DEAD
Now 2 14:13:16 host mpd: [pptp0] link: DOWN event
Now 2 14:13:16 host mpd: [pptp0] LCP: Down event
Now 2 14:13:16 host mpd: [pptp0] device: CLOSE event in state DOWN
Now 2 14:13:16 host mpd: [pptp0] device is now in stste DOWN
########################################################
А вот
http://personal.primorye.ru/lsv/img/vpn_error.gif
ошибка
А что нужно писать тут?
set radius me X.X.X.X
Вариант для распечатки
Samba, вопросы интеграции Unix и Windows (Public)
(ok) on 08-Мрт-06, 16:33 
