PPTP and THE bug
The project: setup opens/wan as a standard enterprise class vpn client.
The timeframe... as soon as possible (like everyone is asking)
The result timeframe: to do the work, 3 hours, to find out the solution to THE bug that we had, 73h.
The solution was found by Andrew Dixon (thanks if you look one day at this post!) SELINUX
I just disabled it, rebooted the system and look, depressed at my timesheet.
Like Wikipedia said on SELinux, http://en.wikipedia.org/wiki/SELinux
A further criticism is that processes can, for example, fail to start with no feedback given that it is SELinux causing the failure, resulting in significant time wasted in ascertaining the cause of the problem.
If you want a great HOWTO on PPTP, check this one by Wing S Kwok.
-f.
--- Follow up, the day after.
Ok, now that I have found the solution, I will just list all the request that I made to Google, and that Google did not find any results.
ntlm_auth Permission denied, Exec-Program: FAILED Permission denied, /usr/bin/ntlm_auth: Permission denied, rc_check_reply: received invalid reply digest from RADIUS server, chap response 0xda, chap failure 691 access denied, pptp mschapv2 problem, winbind ads mschapv2, Poptop MSCHAP2 ADS Howto, winbind ms-chapv2, mschap mschapv2 pptp, chap work mschapv2 does not work, chap work mschapsv2 does not work, nsswitch/winbindd_dual.c:child_read_request, chap failure access denied, E=691 r=1 v=0, Failure id=0xb3 E=691, CHAP Failure id=0xb3 E=691 R=1 V=0 M=Access denied, ppp authenticate samba, ntlm_auth-helper, ppp ntlm_auth-helper, failed CHAP authentication, LCP terminated by peer, ntlm_auth ppp ms-chap-v2
And those keywords were search while trying to configure opens/wan and to make it work with winbind, before switching to PPTP. I think it for the same reason, but I did not had the time (and did not want) to try it.
openswan always rekeying, Informational Exchange is for an unknown (expired?) SA , ipsec_setup: KLIPS ipsec0, openswan NETKEY, l2tp xp rekeying, Stops after "ISAKMP SA established"