LINUX.ORG.RU
ФорумAdmin

pptp via wireguard

 , ,


0

1

Коллеги всем привет, нужна помощь, пытаюсь подключиться к pptp серверу внутри wireguard тоннеля. Схема такая: wg serv 192.168.10.254 wg client1(pptp client) 192.168.10.2 wg client2(pptp server) 192.168.10.1 всё пингуется, порты открыты внутри wg сети, при попытке инициировать pptp подключения с wg cl1 до wg cl2 192.168.10.2 -> 192.168.10.1 пакеты ходят, в логах pptp сервера:

Dec 12 09:36:40 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:40 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:40 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:43 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:45 192.168.1.2 pptp,ppp,debug <36>: LCP timer
Dec 12 09:36:45 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfReq id=0x6
Dec 12 09:36:45 192.168.1.2 pptp,ppp,debug,packet    <mru 1450>
Dec 12 09:36:45 192.168.1.2 pptp,ppp,debug,packet    <magic 0x3e9759c7>
Dec 12 09:36:45 192.168.1.2 pptp,ppp,debug,packet    <auth  mschap2>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:46 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:49 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug <36>: LCP timer
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfReq id=0x7
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <mru 1450>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <magic 0x3e9759c7>
Dec 12 09:36:52 192.168.1.2 pptp,ppp,debug,packet    <auth  mschap2>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:55 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet  <36>: rcvd LCP ConfReq id=0x1
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <magic 0xe2382b3b>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet  <36>: sent LCP ConfRej id=0x1
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <asyncmap 0x0>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <pcomp>
Dec 12 09:36:58 192.168.1.2 pptp,ppp,debug,packet    <accomp>
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: LCP lowerdown
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: CCP close
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: BCP close
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: IPCP close
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: IPV6CP close
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: MPLSCP close
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: LCP lowerdown
Dec 12 09:37:01 192.168.1.2 pptp,ppp,debug <36>: LCP down event in starting state

Кто - нибудь если сталкивался, подскажите как это можно решить?



Последнее исправление: funyfizik (всего исправлений: 2)

со стороны клиента логи:

Dec 12 09:36:30 thinpad NetworkManager[857]: <info>  [1670826990.2892] vpn[0x55d03b7d01b0,aba10cde-68a1-40a5-8a10-c3bfe57acae0,"hap_ac2-wg"]: starting pptp
Dec 12 09:36:30 thinpad pppd[2683]: Plugin /usr/lib/pppd/2.4.9/nm-pptp-pppd-plugin.so loaded.
Dec 12 09:36:30 thinpad NetworkManager[2683]: Plugin /usr/lib/pppd/2.4.9/nm-pptp-pppd-plugin.so loaded.
Dec 12 09:36:30 thinpad pptp[2688]: nm-pptp-service-2674 log[main:pptp.c:353]: The synchronous pptp option is NOT activated
Dec 12 09:36:30 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 1 'Start-Control-Connection-Request'
Dec 12 09:36:30 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_disp:pptp_ctrl.c:781]: Received Start Control Connection Reply
Dec 12 09:36:30 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_disp:pptp_ctrl.c:815]: Client connection established.
Dec 12 09:36:31 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 7 'Outgoing-Call-Request'
Dec 12 09:36:31 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_disp:pptp_ctrl.c:900]: Received Outgoing Call Reply.
Dec 12 09:36:31 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_disp:pptp_ctrl.c:938]: Outgoing call established (call ID 53759, peer's call ID 36).
Dec 12 09:37:01 thinpad pptp[2688]: nm-pptp-service-2674 warn[decaps_hdlc:pptp_gre.c:226]: short read (-1): Input/output error
Dec 12 09:37:01 thinpad NetworkManager[2683]: Child process /sbin/pptp 192.168.10.1 --nolaunchpppd --loglevel 0 --logstring nm-pptp-service-2674 (pid 2686) terminated with signal 15
Dec 12 09:37:01 thinpad pppd[2683]: Child process /sbin/pptp 192.168.10.1 --nolaunchpppd --loglevel 0 --logstring nm-pptp-service-2674 (pid 2686) terminated with signal 15
Dec 12 09:37:01 thinpad pptp[2688]: nm-pptp-service-2674 warn[decaps_hdlc:pptp_gre.c:238]: pppd may have shutdown, see pppd log
Dec 12 09:37:01 thinpad pptp[2699]: nm-pptp-service-2674 log[callmgr_main:pptp_callmgr.c:245]: Closing connection (unhandled)
Dec 12 09:37:01 thinpad pptp[2699]: nm-pptp-service-2674 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 12 'Call-Clear-Request'
Dec 12 09:37:01 thinpad pptp[2699]: nm-pptp-service-2674 log[call_callback:pptp_callmgr.c:84]: Closing connection (call state)
funyfizik
() автор топика
Ответ на: комментарий от funyfizik

проблема решена, забыл на клиенте про conntrack:

iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

добавление правила решило проблему

funyfizik
() автор топика
Последнее исправление: funyfizik (всего исправлений: 1)
Admin