Microsoft KB Archive/150581

= PPP Connection Fails Between Windows NT RAS Server & UNIX Client =

Article ID: 150581

Article Last Modified on 2/21/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows NT Workstation 3.51
 * Microsoft Windows NT Workstation 4.0 Developer Edition
 * Microsoft Windows NT Server 3.51
 * Microsoft Windows NT Server 4.0 Standard Edition

-



This article was previously published under Q150581



The PPP connection between a UNIX PPP client and the Windows NT PPP Server fails.



CAUSE
A possible cause is an inadequate value for MaxReject.

If the PPP client and the PPP server try to negotiate different link attributes, several Configuration Negative Acknowledgments (CNAKs) might be sent before they are able to decide which attributes to use. By default, Windows NT terminates the negotiation after five unsuccessful attempts.



RESOLUTION
If you are experiencing issues with a PPP negotiation, try to increase MaxReject, or even better, configure the PPP client to negotiate to the same attributes that Windows NT RAS Server tries to negotiate to.



MORE INFORMATION
NOTE: MaxReject must be configured on both client and server.

Below is a description of RAS PPP Subkey Entries in the registry.

WARNING: Using Registry Editor incorrectly can cause serious, system-wide issues that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any issues resulting from the use of Registry Editor can be solved. Use this tool at your own risk.

RAS PPP Subkey Entries
Registry path:

  HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet \Services \Rasman \PPP

ForceEncryptedPassword REG_DWORD Range:                 Boolean Default:               1 (enabled)

This is a server-side parameter only. It is used to force the use of the Challenge-Handshake Authentication Protocol while authenticating clients. This means that the cleartest password may not get sent on the wire during authentication.

MaxConfigure           REG_DWORD Range:                 Number Default:               10

Indicates the number of Configure-Request packets sent without receiving a valid Configure-Ack, Configure-Nak, or Configure-Reject, before assuming that the peer is unable to respond.

MaxFailure             REG_DWORD Range:                 Number Default:               10

Indicates the number of Configure-Nak packets sent without sending a  Configure-Ack, before assuming that the configuration is not converging.

MaxReject              REG_DWORD Range:                 Number Default:               5

Indicates the number of Config-Rejects sent before assuming that the PPP negotiation may not converge.

MaxTerminate           REG_DWORD Range:                 Number Default:               2

Indicates the number of Terminate-Request packets sent without receiving a Terminate-Ack, before assuming that the peer is unable to respond.

PPP Link Attributes the Windows NT Server Tries to Negotiate To
MRU           Maximum Receive Unit = 1500 ASYNC-MAP     Async control character map = 0x00000000 AUTH          Authentication = CHAP-Challenge Handshake Authentication Protocol MAGIC         Do Magic number negotiation PROT.COMP     Do Protocol Compression ADR/CF.COMP   Do Address-Control Field Compression

If possible, try to configure the PPP client to use the same settings as the Windows NT RAS server default settings.

Sample Configuration File "ppphosts" from a SCO UNIX System
In the example below, the UNIX system's values for dialing in to the Windows NT RAS server has been modified to be as close as possible to what the Windows NT RAS server may try to negotiate to. This is to minimize the number of "Configuration Negative Acknowledgment" packages.

#
 * 1)      @(#)ppphosts  4.2.1.3 Lachman System V STREAMS TCP  source
 * 2)      SCCS IDENTIFICATION
 * 3)  System V STREAMS TCP - Release 5.0
 * 4)  One tab between fields only
 * 5) Entries have this format:
 * 6) Name tty System [Timer options] [Link options] [IP options] [Other]
 * 7) Those fields in brackets ([]) are optional
 * 8) Entries may continue onto multiple lines by giving a '\' as the
 * 9) last character of a line.
 * 10) Name      destination host or ppp login name (starting with *)
 * 11) tty       tty name for direct connection
 * 12) Timer options:
 * 13)  "idle=idle_time"  idle_time is the inactivity timeout
 * 14)          in minutes (default = forever)
 * 15)  "tmout=timeout"   timeout per PPP protocol request (default = 3 seconds)
 * 16)  "conf=num"    Set the maximum number of times of configure retry
 * 17)          (default = 10)
 * 18)  "term=num"    Set the maximum number of times of termination retry
 * 19)          (default = 2)
 * 20)  "nak=num"     Set the maximum number of times of configure-nak
 * 21)          retry (default = 10)
 * 22) Link options:
 * 23)  "mru=num".        Set the maximum receive unit (default = 296)
 * 24)  "accm=num(hex)"   Set the asyc control character map
 * 25)          (default = 0x00000000)
 * 26)  "pap"         Do password authentication
 * 27)          (default: no password authentication)
 * 28)  "nomgc"       disable magic number negotiation
 * 29)          (default: enable magic number negotiation)
 * 30)  "protcomp"    Do protocol field compression
 * 31)          (default: no protocol field compression)
 * 32)  "accomp"      Do addrerss-control field compression
 * 33)          (default: no addrerss-control field compression)
 * 34) IP options
 * 35)  "ipaddr"      Do IP address negotiation
 * 36)          (default: no IP address negotion)
 * 37)  "rfc1172addr"     Using RFC1172 IP addresses negotiation
 * 38)          (default: RFC1332 IP address negotiation)
 * 39)  "VJ"              Do  VJ Compressed TCP/IP
 * 40)          (default: no VJ compressed TCP/IP)
 * 41) Other
 * 42)  "paptmout=tmout"  PPP waits for the peer to password authenticate
 * 43)          itself for tmout minutes
 * 44)          (default = 1)
 * 45)  "rtscts"   set the line to use hardware(RTS/CTS) flow control
 * 46)          (default: no flow control)
 * 47) Examples:
 * 48) 1. For outbound PPP connection,
 * 49) ice_sl tty00 ice idle=5 tmout=3 conf=10 term=2 nak=10 mru=296
 * 50) accm=ffffffff\
 * 51)  pap nomgc protcomp accomp ipaddr  rfc1172addr VJ old
 * 52) 2. For inbound PPP connection,
 * 1)  "rtscts"   set the line to use hardware(RTS/CTS) flow control
 * 2)          (default: no flow control)
 * 3) Examples:
 * 4) 1. For outbound PPP connection,
 * 5) ice_sl tty00 ice idle=5 tmout=3 conf=10 term=2 nak=10 mru=296
 * 6) accm=ffffffff\
 * 7)  pap nomgc protcomp accomp ipaddr  rfc1172addr VJ old
 * 8) 2. For inbound PPP connection,
 * 1) 2. For inbound PPP connection,
 * 1) 2. For inbound PPP connection,

192.100.1.1 - englab007 pap mru=1500 accm=0x00000000 protcomp accomp\ idle=5 tmout=5 conf=5 term=7 nak=10 rtscts

Additional query words: prodnt RAS PPP

Keywords: kb3rdparty kbenv kbnetwork KB150581

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.