PPP Connection Fails Between Windows NT RAS Server & UNIX Client

• Microsoft Windows NT Workstation versions 3.51, 4.0
• Microsoft Windows NT Server versions 3.51, 4.0
• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server

CAUSE

A possible cause is an inadequate value for MaxReject.

If the PPP client and the PPP server try to negotiate different link attributes, several Configuration Negative Acknowledgments (CNAKs) might be sent before they are able to decide which attributes to use. By default, Windows NT terminates the negotiation after five unsuccessful attempts.

RESOLUTION

If you are experiencing problems with a PPP negotiation, try to increase MaxReject, or even better, configure the PPP client to negotiate to the same attributes that Windows NT RAS Server tries to negotiate to.

MORE INFORMATION

NOTE: MaxReject must be configured on both client and server.

Below is a description of RAS PPP Subkey Entries in the registry.

WARNING: Using Registry Editor incorrectly can cause serious, system-wide problems that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any problems resulting from the use of Registry Editor can be solved. Use this tool at your own risk.

RAS PPP Subkey Entries

   HKEY_LOCAL_MACHINE\SYSTEM
      \CurrentControlSet
         \Services
            \Rasman
               \PPP

ForceEncryptedPassword  REG_DWORD
Range:                  Boolean
Default:                1 (enabled)

   This is a server-side parameter only. It is used to force the use of the
   Crypto-Handshake Authentication Protocol while authenticating clients.
   This means that the cleartest password will not get sent on the wire
   during authentication.

MaxConfigure            REG_DWORD
Range:                  Number
Default:                10

   Indicates the number of Configure-Request packets sent without
   receiving a valid Configure-Ack, Configure-Nak, or Configure-Reject,
   before assuming that the peer is unable to respond.


MaxFailure              REG_DWORD
Range:                  Number
Default:                10

   Indicates the number of Configure-Nak packets sent without sending a
   Configure-Ack, before assuming that the configuration is not converging.

MaxReject               REG_DWORD
Range:                  Number
Default:                5

   Indicates the number of Config-Rejects sent before assuming that the PPP
   negotiation will not converge.

MaxTerminate            REG_DWORD
Range:                  Number
Default:                2

   Indicates the number of Terminate-Request packets sent without receiving
   a Terminate-Ack, before assuming that the peer is unable to respond.
 

PPP Link Attributes the Windows NT Server Tries to Negotiate To

MRU            Maximum Receive Unit = 1500
ASYNC-MAP      Async control character map = 0x00000000
AUTH           Authentication = CHAP-Challenge Handshake Authentication
               Protocol
MAGIC          Do Magic number negotiation
PROT.COMP      Do Protocol Compression
ADR/CF.COMP    Do Address-Control Field Compression 

Sample Configuration File "ppphosts" from a SCO UNIX System

#
#      @(#)ppphosts  4.2.1.3 Lachman System V STREAMS TCP  source
#      SCCS IDENTIFICATION
#  System V STREAMS TCP - Release 5.0
#
#  One tab between fields only
#
# Entries have this format:
# Name tty System [Timer options] [Link options] [IP options] [Other]
# Those fields in brackets ([]) are optional
#
# Entries may continue onto multiple lines by giving a '\' as the
# last character of a line.
#
# Name      destination host or ppp login name (starting with *)
# tty       tty name for direct connection
#
# Timer options:
#  "idle=idle_time"  idle_time is the inactivity timeout
#          in minutes (default = forever)
#  "tmout=timeout"   timeout per PPP protocol request (default = 3 seconds)
#  "conf=num"    Set the maximum number of times of configure retry
#          (default = 10)
#  "term=num"    Set the maximum number of times of termination retry
#          (default = 2)
#  "nak=num"     Set the maximum number of times of configure-nak
#          retry (default = 10)
#
# Link options:
#  "mru=num".        Set the maximum receive unit (default = 296)
#  "accm=num(hex)"   Set the asyc control character map
#          (default = 0x00000000)
#  "pap"         Do password authentication
#          (default: no password authentication)
#  "nomgc"       disable magic number negotiation
#          (default: enable magic number negotiation)
#  "protcomp"    Do protocol field compression
#          (default: no protocol field compression)
#  "accomp"      Do addrerss-control field compression
#          (default: no addrerss-control field compression)
#
# IP options
#  "ipaddr"      Do IP address negotiation
#          (default: no IP address negotion)
#  "rfc1172addr"     Using RFC1172 IP addresses negotiation
#          (default: RFC1332 IP address negotiation)
#  "VJ"              Do  VJ Compressed TCP/IP
#          (default: no VJ compressed TCP/IP)
#
# Other
#  "paptmout=tmout"  PPP waits for the peer to password authenticate
#          itself for tmout minutes
#          (default = 1)
#  "rtscts"   set the line to use hardware(RTS/CTS) flow control
#          (default: no flow control)
#
# Examples:
# 1. For outbound PPP connection,
# ice_sl tty00 ice idle=5 tmout=3 conf=10 term=2 nak=10 mru=296
# accm=ffffffff\ 
#  pap nomgc protcomp accomp ipaddr  rfc1172addr VJ old
#
# 2. For inbound PPP connection,
##################################################################

192.100.1.1 - englab007 pap mru=1500 accm=0x00000000 protcomp accomp\ 
              idle=5 tmout=5 conf=5 term=7 nak=10 rtscts 

Additional query words: prodnt RAS PPP

Keywords : kb3rdparty kbenv kbnetwork ntras NTInterop NTSrvWkst
Version : WINDOWS:2000; winnt:3.51,4.0
Platform : WINDOWS winnt
Issue type :