pachalia Posted September 3, 2017 Share Posted September 3, 2017 У меня не получается настроить L2TP/IPSec соединение. Вот журнал: Скрытый текст Sep 03 10:33:35ndm Network::Interface::Base: "L2TP0": interface is up. Sep 03 10:33:35ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:35ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:35ndm IpSec::Manager: "L2TP0": IP secure connection and keys was deleted. Sep 03 10:33:35ndm Network::Interface::PppTunnel: "L2TP0": remote endpoint is resolved to "91.105.238.11". Sep 03 10:33:35ndm Network::Interface::PppTunnel: "L2TP0": local endpoint is resolved to "10.2.48.1" (via "GigabitEthernet1"). Sep 03 10:33:35ndm Network::Interface::PppTunnel: "L2TP0": added host route to 91.105.238.11 via 10.2.48.254 (GigabitEthernet1). Sep 03 10:33:35ndm Network::Interface::Base: "L2TP0": static MTU reset to default. Sep 03 10:33:35ndm Network::Interface::Base: "L2TP0": network MTU is 1400. Sep 03 10:33:35ndm Network::Interface::L2tp: "L2TP0": updating IP secure configuration. Sep 03 10:33:35ndm IpSec::Manager: "L2TP0": IP secure connection was added. Sep 03 10:33:37ndm IpSec::Manager: create IPsec reconfiguration transaction... Sep 03 10:33:37ndm IpSec::Manager: add config for crypto map "L2TP0". Sep 03 10:33:37ndm IpSec::Manager: IPsec reconfiguration transaction was created. Sep 03 10:33:37ndm IpSec::Configurator: start applying IPsec configuration. Sep 03 10:33:37ndm IpSec::Configurator: IPsec configuration applying is done. Sep 03 10:33:37ndm IpSec::Configurator: start reloading IKE keys task. Sep 03 10:33:37ndm Network::Interface::L2tp: "L2TP0": IPsec layer is down, shutdown L2TP layer. Sep 03 10:33:37ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:37ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:37ndm Network::Interface::PppTunnel: "L2TP0": remote endpoint is resolved to "91.105.238.11". Sep 03 10:33:37ndm Network::Interface::PppTunnel: "L2TP0": local endpoint is resolved to "10.2.48.1" (via "GigabitEthernet1"). Sep 03 10:33:37ndm Network::Interface::PppTunnel: "L2TP0": added host route to 91.105.238.11 via 10.2.48.254 (GigabitEthernet1). Sep 03 10:33:37ndm Network::Interface::Base: "L2TP0": static MTU reset to default. Sep 03 10:33:37ndm Network::Interface::Base: "L2TP0": network MTU is 1400. Sep 03 10:33:37ndm Network::Interface::L2tp: "L2TP0": updating IP secure configuration. Sep 03 10:33:37ndm IpSec::Manager: "L2TP0": IP secure connection and keys was deleted. Sep 03 10:33:37ndm IpSec::Manager: "L2TP0": IP secure connection was added. Sep 03 10:33:37ipsec 15[CFG] rereading secrets Sep 03 10:33:37ipsec 15[CFG] loading secrets Sep 03 10:33:37ipsec 15[CFG] loaded IKE secret for cmap:L2TP0 Sep 03 10:33:37ipsec 15[CFG] rereading ca certificates from '/tmp/ipsec/ipsec.d/cacerts' Sep 03 10:33:37ipsec 15[CFG] rereading aa certificates from '/tmp/ipsec/ipsec.d/aacerts' Sep 03 10:33:37ipsec 15[CFG] rereading ocsp signer certificates from '/tmp/ipsec/ipsec.d/ocspcerts' Sep 03 10:33:37ipsec 15[CFG] rereading attribute certificates from '/tmp/ipsec/ipsec.d/acerts' Sep 03 10:33:37ipsec 15[CFG] rereading crls from '/tmp/ipsec/ipsec.d/crls' Sep 03 10:33:37ndm IpSec::Configurator: reloading IKE keys task done. Sep 03 10:33:37ndm IpSec::Configurator: start reloading IPsec config task. Sep 03 10:33:37ipsec 04[CFG] received stroke: delete connection 'L2TP0' Sep 03 10:33:37ipsec 04[CFG] deleted connection 'L2TP0' Sep 03 10:33:37ipsec 00[DMN] signal of type SIGHUP received. Reloading configuration Sep 03 10:33:37ipsec 07[CFG] received stroke: add connection 'L2TP0' Sep 03 10:33:37ipsec 00[CFG] loaded 0 entries for attr plugin configuration Sep 03 10:33:37ipsec 07[CFG] added configuration 'L2TP0' Sep 03 10:33:38ndm IpSec::IpSecNetfilter: start reloading netfilter configuration... Sep 03 10:33:38ndm IpSec::IpSecNetfilter: netfilter configuration reloading is done. Sep 03 10:33:38ndm IpSec::Configurator: reloading IPsec config task done. Sep 03 10:33:39ndm IpSec::Configurator: crypto map "L2TP0" shutdown started. Sep 03 10:33:39ipsec 09[CFG] received stroke: unroute 'L2TP0' Sep 03 10:33:39ndm IpSec::Manager: create IPsec reconfiguration transaction... Sep 03 10:33:39ipsec 04[CFG] received stroke: terminate 'L2TP0{*}' Sep 03 10:33:39ipsec 12[IKE] closing CHILD_SA L2TP0{2} with SPIs ce1cb0f7_i (228 bytes) cddbf682_o (642 bytes) and TS 10.2.48.1/32[udp] === 91.105.238.11/32[udp/l2tp] Sep 03 10:33:39ipsec 08[CFG] received stroke: terminate 'L2TP0[*]' Sep 03 10:33:39ndm IpSec::Configurator: crypto map "L2TP0" shutdown complete. Sep 03 10:33:39ndm IpSec::Configurator: crypto map "L2TP0" active IKE SA: 0, active CHILD SA: 0. Sep 03 10:33:39ndm IpSec::Manager: add config for crypto map "L2TP0". Sep 03 10:33:39ndm kernel: EIP93: release SPI ce1cb0f7 Sep 03 10:33:39ndm kernel: EIP93: release SPI cddbf682 Sep 03 10:33:39ipsec 12[IKE] sending DELETE for ESP CHILD_SA with SPI ce1cb0f7 Sep 03 10:33:39ipsec 11[IKE] deleting IKE_SA L2TP0[2] between 10.2.48.1[10.2.48.1]...91.105.238.11[91.105.238.11] Sep 03 10:33:39ipsec 11[IKE] sending DELETE for IKE_SA L2TP0[2] Sep 03 10:33:39ndm IpSec::Manager: IPsec reconfiguration transaction was created. Sep 03 10:33:39ndm IpSec::Configurator: crypto map "L2TP0" active IKE SA: 0, active CHILD SA: 0. Sep 03 10:33:39ndm IpSec::Configurator: start applying IPsec configuration. Sep 03 10:33:39ndm IpSec::Configurator: IPsec configuration applying is done. Sep 03 10:33:39ndm IpSec::Configurator: start reloading IKE keys task. Sep 03 10:33:40ipsec 05[CFG] rereading secrets Sep 03 10:33:40ipsec 05[CFG] loading secrets Sep 03 10:33:40ipsec 05[CFG] loaded IKE secret for cmap:L2TP0 Sep 03 10:33:40ipsec 05[CFG] rereading ca certificates from '/tmp/ipsec/ipsec.d/cacerts' Sep 03 10:33:40ipsec 05[CFG] rereading aa certificates from '/tmp/ipsec/ipsec.d/aacerts' Sep 03 10:33:40ipsec 05[CFG] rereading ocsp signer certificates from '/tmp/ipsec/ipsec.d/ocspcerts' Sep 03 10:33:40ipsec 05[CFG] rereading attribute certificates from '/tmp/ipsec/ipsec.d/acerts' Sep 03 10:33:40ipsec 05[CFG] rereading crls from '/tmp/ipsec/ipsec.d/crls' Sep 03 10:33:40ndm IpSec::Configurator: reloading IKE keys task done. Sep 03 10:33:40ndm IpSec::Configurator: start reloading IPsec config task. Sep 03 10:33:40ipsec 13[CFG] received stroke: delete connection 'L2TP0' Sep 03 10:33:40ipsec 13[CFG] deleted connection 'L2TP0' Sep 03 10:33:40ipsec 00[DMN] signal of type SIGHUP received. Reloading configuration Sep 03 10:33:40ipsec 00[CFG] loaded 0 entries for attr plugin configuration Sep 03 10:33:40ipsec 09[CFG] received stroke: add connection 'L2TP0' Sep 03 10:33:40ipsec 09[CFG] added configuration 'L2TP0' Sep 03 10:33:40ndm IpSec::IpSecNetfilter: start reloading netfilter configuration... Sep 03 10:33:40ndm IpSec::IpSecNetfilter: netfilter configuration reloading is done. Sep 03 10:33:40ndm IpSec::Configurator: reloading IPsec config task done. Sep 03 10:33:40ndm Network::Interface::Supplicant: "L2TP0": authnentication is unchanged. Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": description saved. Sep 03 10:33:40ndm Network::Interface::Ppp: "L2TP0": peer set. Sep 03 10:33:40ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": remote endpoint is resolved to "91.105.238.11". Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": local endpoint is resolved to "10.2.48.1" (via "GigabitEthernet1"). Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": added host route to 91.105.238.11 via 10.2.48.254 (GigabitEthernet1). Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": static MTU reset to default. Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": network MTU is 1400. Sep 03 10:33:40ndm Network::Interface::L2tp: "L2TP0": updating IP secure configuration. Sep 03 10:33:40ndm IpSec::Manager: "L2TP0": IP secure connection and keys was deleted. Sep 03 10:33:40ndm IpSec::Manager: "L2TP0": IP secure connection was added. Sep 03 10:33:40ndm Network::Interface::Supplicant: "L2TP0": identity is unchanged. Sep 03 10:33:40ndm Network::Interface::Supplicant: "L2TP0": password is unchanged. Sep 03 10:33:40ndm Network::Interface::IP: "L2TP0": IP address cleared. Sep 03 10:33:40ndm Network::Interface::Ppp: "L2TP0": remote address erased. Sep 03 10:33:40ndm Network::Interface::IP: "L2TP0": global priority enabled. Sep 03 10:33:40ndm Network::Interface::IP: "L2TP0": TCP-MSS adjustment enabled. Sep 03 10:33:40ndm Network::Interface::Ppp: "L2TP0": disabled connection. Sep 03 10:33:40ndm Network::Interface::Secure: "L2TP0": preshared key was set. Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": remote endpoint is resolved to "91.105.238.11". Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": local endpoint is resolved to "10.2.48.1" (via "GigabitEthernet1"). Sep 03 10:33:40ndm Network::Interface::PppTunnel: "L2TP0": added host route to 91.105.238.11 via 10.2.48.254 (GigabitEthernet1). Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": static MTU reset to default. Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": network MTU is 1400. Sep 03 10:33:40ndm Network::Interface::L2tp: "L2TP0": updating IP secure configuration. Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": interface is up. Sep 03 10:33:40ndm Network::Interface::Base: "L2TP0": schedule cleared. Sep 03 10:33:40ndm IpSec::Manager: "L2TP0": IP secure connection and keys was deleted. Sep 03 10:33:40ndm IpSec::Manager: "L2TP0": IP secure connection was added. Sep 03 10:33:40ndm Dns::InterfaceSpecific: static name server list cleared on L2TP0. Sep 03 10:33:40ndm Dns::Manager: name server 8.8.8.8 is disregarded while Yandex.DNS is active. Sep 03 10:33:40ndm Dns::Manager: name server 8.8.8.8, domain (default) deleted. Sep 03 10:33:40ndm Dns::InterfaceSpecific: name server 8.8.8.8 added, domain (default), interface L2TP0. Sep 03 10:33:41ndm Core::ConfigurationSaver: saving configuration... Sep 03 10:33:41ndm IpSec::Configurator: crypto map "L2TP0" shutdown started. Sep 03 10:33:42ipsec 15[CFG] received stroke: unroute 'L2TP0' Sep 03 10:33:42ipsec 06[CFG] received stroke: terminate 'L2TP0{*}' Sep 03 10:33:42ipsec 06[CFG] no CHILD_SA named 'L2TP0' found Sep 03 10:33:42ipsec 07[CFG] received stroke: terminate 'L2TP0[*]' Sep 03 10:33:42ipsec 07[CFG] no IKE_SA named 'L2TP0' found Sep 03 10:33:42ndm IpSec::Configurator: crypto map "L2TP0" shutdown complete. Sep 03 10:33:42ndm IpSec::Manager: create IPsec reconfiguration transaction... Sep 03 10:33:42ndm IpSec::Manager: add config for crypto map "L2TP0". Sep 03 10:33:42ndm IpSec::Manager: IPsec reconfiguration transaction was created. Sep 03 10:33:43ndm IpSec::Configurator: start applying IPsec configuration. Sep 03 10:33:43ndm IpSec::Configurator: IPsec configuration applying is done. Sep 03 10:33:43ndm IpSec::Configurator: start reloading IKE keys task. Sep 03 10:33:43ipsec 11[CFG] rereading secrets Sep 03 10:33:43ipsec 11[CFG] loading secrets Sep 03 10:33:43ipsec 11[CFG] loaded IKE secret for cmap:L2TP0 Sep 03 10:33:43ipsec 11[CFG] rereading ca certificates from '/tmp/ipsec/ipsec.d/cacerts' Sep 03 10:33:43ipsec 11[CFG] rereading aa certificates from '/tmp/ipsec/ipsec.d/aacerts' Sep 03 10:33:43ipsec 11[CFG] rereading ocsp signer certificates from '/tmp/ipsec/ipsec.d/ocspcerts' Sep 03 10:33:43ndm IpSec::Configurator: reloading IKE keys task done. Sep 03 10:33:43ipsec 11[CFG] rereading attribute certificates from '/tmp/ipsec/ipsec.d/acerts' Sep 03 10:33:43ipsec 11[CFG] rereading crls from '/tmp/ipsec/ipsec.d/crls' Sep 03 10:33:43ndm IpSec::Configurator: start reloading IPsec config task. Sep 03 10:33:43ipsec 05[CFG] received stroke: delete connection 'L2TP0' Sep 03 10:33:43ipsec 05[CFG] deleted connection 'L2TP0' Sep 03 10:33:43ipsec 00[DMN] signal of type SIGHUP received. Reloading configuration Sep 03 10:33:43ipsec 15[CFG] received stroke: add connection 'L2TP0' Sep 03 10:33:43ipsec 00[CFG] loaded 0 entries for attr plugin configuration Sep 03 10:33:43ipsec 15[CFG] added configuration 'L2TP0' Sep 03 10:33:43ndm IpSec::IpSecNetfilter: start reloading netfilter configuration... Sep 03 10:33:43ndm IpSec::IpSecNetfilter: netfilter configuration reloading is done. Sep 03 10:33:43ndm IpSec::Configurator: reloading IPsec config task done. Sep 03 10:33:44ndm Core::ConfigurationSaver: configuration saved. Sep 03 10:33:45ndm IpSec::Configurator: crypto map "L2TP0" shutdown started. Sep 03 10:33:45ipsec 12[CFG] received stroke: unroute 'L2TP0' Sep 03 10:33:45ipsec 11[CFG] received stroke: terminate 'L2TP0{*}' Sep 03 10:33:45ipsec 11[CFG] no CHILD_SA named 'L2TP0' found Sep 03 10:33:45ipsec 13[CFG] received stroke: terminate 'L2TP0[*]' Sep 03 10:33:45ipsec 13[CFG] no IKE_SA named 'L2TP0' found Sep 03 10:33:45ndm IpSec::Configurator: crypto map "L2TP0" shutdown complete. Sep 03 10:33:46ipsec 09[CFG] received stroke: initiate 'L2TP0' Sep 03 10:33:46ipsec 06[IKE] sending DPD vendor ID Sep 03 10:33:46ipsec 06[IKE] sending FRAGMENTATION vendor ID Sep 03 10:33:46ipsec 06[IKE] sending NAT-T (RFC 3947) vendor ID Sep 03 10:33:46ipsec 06[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID Sep 03 10:33:46ipsec 06[IKE] initiating Main Mode IKE_SA L2TP0[3] to 91.105.238.11 Sep 03 10:33:46ndm IpSec::Configurator: crypto map "L2TP0" initialized. Sep 03 10:33:46ipsec 07[IKE] received XAuth vendor ID Sep 03 10:33:46ipsec 07[IKE] received DPD vendor ID Sep 03 10:33:46ipsec 07[IKE] received FRAGMENTATION vendor ID Sep 03 10:33:46ipsec 07[IKE] received NAT-T (RFC 3947) vendor ID Sep 03 10:33:46ipsec 07[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024/# Sep 03 10:33:46ipsec 07[CFG] configured proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536/#, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024/#, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536/#, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024/#, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536/#, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024/# Sep 03 10:33:46ipsec 07[CFG] selected proposal: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024/# Sep 03 10:33:46ipsec 08[IKE] found linked key for crypto map 'L2TP0' Sep 03 10:33:46ipsec 08[IKE] local host is behind NAT, sending keep alives Sep 03 10:33:46ipsec 10[IKE] IKE_SA L2TP0[3] established between 10.2.48.1[10.2.48.1]...91.105.238.11[91.105.238.11] Sep 03 10:33:46ipsec 10[IKE] scheduling reauthentication in 28778s Sep 03 10:33:46ipsec 10[IKE] maximum IKE_SA lifetime 28798s Sep 03 10:33:46ndm IpSec::Configurator: crypto map "L2TP0" active IKE SA: 1, active CHILD SA: 0. Sep 03 10:33:46ipsec 11[CFG] received proposals: ESP:AES_CBC=128/HMAC_SHA1_96/#/#/NO_EXT_SEQ Sep 03 10:33:46ipsec 11[CFG] configured proposals: ESP:AES_CBC=128/HMAC_SHA1_96/#/#/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA1_96/#/#/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/#/#/NO_EXT_SEQ Sep 03 10:33:46ipsec 11[CFG] selected proposal: ESP:AES_CBC=128/HMAC_SHA1_96/#/#/NO_EXT_SEQ Sep 03 10:33:46ipsec 11[IKE] received 21474836000 lifebytes, configured 21474836480 Sep 03 10:33:46ipsec 11[IKE] CHILD_SA L2TP0{3} established with SPIs cd852ac9_i c7a83a1d_o and TS 10.2.48.1/32[udp] === 91.105.238.11/32[udp/l2tp] Sep 03 10:33:46ndm IpSec::Configurator: crypto map "L2TP0" is up. Sep 03 10:33:46ndm IpSec::Configurator: crypto map "L2TP0" active IKE SA: 1, active CHILD SA: 1. Sep 03 10:33:46ndm Network::Interface::L2tp: "L2TP0": IPsec layer is up, do start L2TP layer. Sep 03 10:33:46ndm Network::Interface::Ppp: "L2TP0": enabled connection via any interface. Sep 03 10:33:46ndm IpSec::IpSecNetfilter: start reloading netfilter configuration... Sep 03 10:33:46ndm IpSec::IpSecNetfilter: netfilter configuration reloading is done. Sep 03 10:33:48l2tp[23179] Plugin pppol2tp.so loaded. Sep 03 10:33:49l2tp[23179] pppd 2.4.4-4 started by root, uid 0 Sep 03 10:33:49ndm Network::Interface::PppTunnel: "L2TP0": added host route to 91.105.238.11 via 10.2.48.254 (GigabitEthernet1). Sep 03 10:33:49pppd_L2TP0 l2tp_control v2.02 Sep 03 10:33:49pppd_L2TP0 remote host: 91.105.238.11 Sep 03 10:33:49pppd_L2TP0 local bind: 10.2.48.1 Sep 03 10:33:49ndm kernel: EIP93: build outbound ESP connection, (SPI=c7a83a1d) Sep 03 10:33:49ndm kernel: EIP93: build inbound ESP connection, (SPI=cd852ac9) Sep 03 10:33:53pppd_L2TP0 no ack, skip zlb on scccn Sep 03 10:33:53pppd_L2TP0 no ack, skip zlb on iccn Sep 03 10:33:54ndm kernel: Fast VPN ctrl: setup for src 91.105.238.11 Sep 03 10:33:54pppd_L2TP0 using channel 37 Sep 03 10:33:54pppd_L2TP0 Using interface ppp0 Sep 03 10:33:54pppd_L2TP0 Connect: ppp0 <--> l2tp[0] Sep 03 10:34:24pppd_L2TP0 LCP: timeout sending Config-Requests Sep 03 10:34:24pppd_L2TP0 Connection terminated. Sep 03 10:34:34pppd_L2TP0 Modem hangup Sep 03 10:34:34pppd_L2TP0 Exit. Sep 03 10:34:34ndm kernel: Fast VPN ctrl: release for src 91.105.238.11 Sep 03 10:34:34ndm Service: "L2TP0": unexpectedly stopped. Что не так? Этот VPN с сайта hidemy.name. Я ввёл все параметры которые были указанны на сайте. В результате подключится не может. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.