LINUX.ORG.RU
решено ФорумAdmin

FreeBSD vpn client проблема

 , ,


0

1

Не удается подключить freebsd 10 впн клиент к freebsd впн серверу (у провайдера) Вот ppp.conf :

zurbagan:
 set device "!/usr/local/sbin/pptp ip-vpn-servera --nolaunchpppd"
 accept mschapv2
 disable pred1 deflate mppe
 set dial
 set login
 set timeout 0
 enable lqr
 disable ipv6cp
 set authname <login>
 set authkey *****
 
Вот что в логах
   Apr 25 09:52:22 kisumdu ppp[1543]: Phase: Using interface: tun0
    Apr 25 09:52:22 kisumdu ppp[1543]: Phase: deflink: Created in closed state
    Apr 25 09:52:22 kisumdu ppp[1543]: Warning: Add! route failed: ff02::: errno: Value too large to be stored in data type
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: ident user-ppp VERSION
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: set device /dev/cuau1
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: set speed 115200
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5            "" AT OK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: set timeout 180
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: default: enable dns
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set device !/usr/local/sbin/pptp 10.100.2.1 --nolaunchpppd
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: accept mschapv2
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: disable pred1 deflate mppe
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set dial
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set login
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set timeout 0
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: enable lqr
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: disable ipv6cp
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set authname kolvakh1
    Apr 25 09:52:22 kisumdu ppp[1543]: tun0: Command: zurbagan: set authkey ********
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: PPP Started (ddial mode).
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: bundle: Establish
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: closed -> opening
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: Connected!
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: opening -> dial
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: dial -> carrier
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: carrier -> login
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: Phase: deflink: login -> lcp
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: LCP: FSM: Using "deflink" as a transport
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: LCP: deflink: State change Initial --> Closed
    Apr 25 09:52:22 kisumdu ppp[1544]: tun0: LCP: deflink: State change Closed --> Stopped
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP: deflink: LayerStart
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0xe06d443d
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:23 kisumdu ppp[1544]: tun0: LCP: deflink: State change Stopped --> Req-Sent
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0xe06d443d
    Apr 25 09:52:26 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0xe06d443d
    Apr 25 09:52:29 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0xe06d443d
    Apr 25 09:52:32 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0xe06d443d
    Apr 25 09:52:35 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: LCP: deflink: LayerFinish
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: LCP: deflink: State change Req-Sent --> Stopped
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: LCP: deflink: State change Stopped --> Closed
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: LCP: deflink: State change Closed --> Initial
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: Disconnected!
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: lcp -> logout
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: logout -> hangup
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: Disconnected!
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: Connect time: 16 secs: 38 octets in, 320 octets out
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: 2 packets in, 5 packets out
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase:  total 22 bytes/sec, peak 33 bytes/sec on Fri Apr 25 09:52:24 2014
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: HUPing 1546
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: hangup -> opening
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Phase: deflink: Enter pause (3) for redialing.
    Apr 25 09:52:38 kisumdu ppp[1544]: tun0: Chat: deflink: Reconnect try 1 of 0
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Chat: deflink: Redial timer expired.
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Phase: deflink: Connected!
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Phase: deflink: opening -> dial
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Phase: deflink: dial -> carrier
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Phase: deflink: carrier -> login
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: Phase: deflink: login -> lcp
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: LCP: FSM: Using "deflink" as a transport
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: LCP: deflink: State change Initial --> Closed
    Apr 25 09:52:41 kisumdu ppp[1544]: tun0: LCP: deflink: State change Closed --> Stopped
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP: deflink: LayerStart
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0x6cc61c8a
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:42 kisumdu ppp[1544]: tun0: LCP: deflink: State change Stopped --> Req-Sent
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0x6cc61c8a
    Apr 25 09:52:46 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0x6cc61c8a
    Apr 25 09:52:49 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0x6cc61c8a
    Apr 25 09:52:52 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP: deflink: SendConfigReq(1) state = Req-Sent
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  ACFCOMP[2]
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  PROTOCOMP[2]
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  ACCMAP[6] 0x00000000
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  MRU[4] 1500
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  MAGICNUM[6] 0x6cc61c8a
    Apr 25 09:52:55 kisumdu ppp[1544]: tun0: LCP:  QUALPROTO[8] proto c025, interval 30000ms
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: LCP: deflink: LayerFinish
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: LCP: deflink: State change Req-Sent --> Stopped
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: LCP: deflink: State change Stopped --> Closed
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: LCP: deflink: State change Closed --> Initial
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: Phase: deflink: Disconnected!
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: Phase: deflink: lcp -> logout
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: Phase: deflink: logout -> hangup
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: Phase: deflink: Disconnected!
    Apr 25 09:52:58 kisumdu ppp[1544]: tun0: Phase: deflink: Connect time: 17 secs: 38 octets in, 325 octets out
Интерфейс:
re1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 5a:43:d0:bf:81:ea
        inet 10.100.108.83 netmask 0xffff0000 broadcast 10.100.255.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

tun0: flags=8010<POINTOPOINT,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

понимаю что что-то лишнее/чего-то не хватает в ppp.conf, а понять чего именно не могу. Вот конфиг из рабочей linux машины, которая подключается отлично:

pty "pptp 10.100.2.1 --nolaunchpppd"
name логин
remotename PPTP
require-mschap-v2
defaultroute
file /etc/ppp/options.pptp
И options.pptp
# Lock the port
lock

# Authentication
# We don't need the tunnel server to authenticate itself
noauth

# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap

# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate

# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use.  Note that MPPE
# requires the use of MSCHAP-V2 during authentication)

# http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# {{{
# Require MPPE 128-bit encryption
#require-mppe-128
# }}}

# http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
#mppe required,stateless
# }}}
lcp-echo-interval 60
#20
lcp-echo-failure 5
#3
persist



Последнее исправление: baltazor (всего исправлений: 2)

Не знаю я ваш mpd5, но обычно когда pppd отправляет запросы, а в ответ ничего не получает, нужно начинать с проверки, что GRE-пакеты не закрыты в firewall'e.

mky ★★★★★
()
Ответ на: комментарий от mky

Пообовал и через mpd5, по всем инструкциям в сети, все что нужно это вписать в соответствующую секцию конфига логин и пароль, сделать ее активной, ну и добавил еще пару строк для mschapv2 и т.п., так вообще не звонило, это хоть пытается, поэтому решил остановиться на ppp+pptp и его до ума довести уже...

baltazor
() автор топика
Ответ на: комментарий от baltazor

При нормальном согласовании связи в логах должно поочерёдно быть ″state = Req-sent″ и ″state = Ack-sent″. У вас до этого не доходит, поэтому настройки протокола в ppp пока не так важны, нужно определить, почему ppp вобще не «разговаривает» с ppp провайдера.

Если с firewall'ом всё в порядке и вы уверены, что и tcp порт 1723 и gre протокол проходят, то смотрите дампером пакетов, как идёт обмен трафиком с pptp-севером провайдера. Сначала должно установиться tcp соединение, потом в обе стороны ходить gre-пакеты.

mky ★★★★★
()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.