LINUX.ORG.RU
ФорумAdmin

debian 9 ошибка создания l2tp соединения

 ,


0

2

Последний Debian 9.6 stable. Добавил поддержку l2tp по этой инструкции: http://blog.z-proj.com/enabling-l2tp-over-ipsec-on-ubuntu-16-04/ Так как Debian, а не Ubuntu, то собирал из исходников, network-manage-l2tp откатил до 1.2.8 Release (иначе libnma нужен 1,8). vpn connection failed because vpn service failed to start.

sudo tail -f /var/log/syslog

NetworkManager[611]: <info> [1544167752.3844] audit: op=«connection-activate» uuid=«b9....f29» name=«VPN connection 1» pid=2085 uid=1000 result=«success»
NetworkManager[611]: <info> [1544167752.3892] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: Started the VPN service, PID 3119
NetworkManager[611]: <info> [1544167752.3992] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: Saw the service appear; activating connection
NetworkManager[611]: <info> [1544167752.4743] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: VPN connection: (ConnectInteractive) reply received
nm-l2tp-service[3119]: Check port 1701
NetworkManager[611]: Stopping strongSwan IPsec failed: starter is not running
NetworkManager[611]: Starting strongSwan 5.5.1 IPsec [starter]...
NetworkManager[611]: Loading config setup
NetworkManager[611]: Loading conn 'b9....f29'
NetworkManager[611]: found netkey IPsec stack
charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.5.1, Linux 4.9.0-8-amd64, x86_64)
charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
charon: 00[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-b9....f29.secrets'
charon: 00[CFG] loaded IKE secret for %any
charon: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown
charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
charon: 00[JOB] spawning 16 worker threads
charon: 03[CFG] received stroke: add connection 'b9....f29'
charon: 03[CFG] added configuration 'b9....f29'
charon: 07[CFG] rereading secrets
charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'
charon: 07[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-b9....f29.secrets'
charon: 07[CFG] loaded IKE secret for %any
charon: 09[CFG] received stroke: initiate 'b9....f29'
charon: 11[IKE] initiating Main Mode IKE_SA b9....f29[1] to 7x.x.x.15
charon: 11[ENC] generating ID_PROT request 0 [ SA V V V V V ]
charon: 11[NET] sending packet: from 192.168.0.127[500] to 7x.x.x.15[500] (240 bytes)
charon: 12[NET] received packet: from 7x.x.x.15[500] to 192.168.0.127[500] (102 bytes)
charon: 12[ENC] parsed INFORMATIONAL_V1 request 2793142369 [ N(NO_PROP) ]
NetworkManager[611]: initiating Main Mode IKE_SA b9....f29[1] to 7x.x.x.15
NetworkManager[611]: generating ID_PROT request 0 [ SA V V V V V ]
NetworkManager[611]: sending packet: from 192.168.0.127[500] to 7x.x.x.15[500] (240 bytes)

v NetworkManager[611]: received packet: from 7x.x.x.15[500] to 192.168.0.127[500] (102 bytes)

NetworkManager[611]: parsed INFORMATIONAL_V1 request 2793142369 [ N(NO_PROP) ]
NetworkManager[611]: received NO_PROPOSAL_CHOSEN error notify
NetworkManager[611]: establishing connection 'b9....f29' failed
charon: 12[IKE] received NO_PROPOSAL_CHOSEN error notify
NetworkManager[611]: Stopping strongSwan IPsec...
charon: 00[DMN] signal of type SIGINT received. Shutting down
nm-l2tp-service[3119]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
NetworkManager[611]: <info> [1544167755.9011] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: VPN plugin: state changed: stopped (6)
NetworkManager[611]: <info> [1544167755.9025] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: VPN plugin: state change reason: unknown (0)
NetworkManager[611]: <info> [1544167755.9038] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: VPN service disappeared
NetworkManager[611]: <warn> [1544167755.9048] vpn-connection[0x55a04ed32820,b9....f29,«VPN connection 1»,0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'