gpt4 book ai didi

centos - 无法使用 nm-l2tp-service 连接到 VPN

转载 作者:行者123 更新时间:2023-12-04 19:30:35 30 4
gpt4 key购买 nike

我使用 Centos 7机器并想连接到 l2tp VPN使用 nm-l2tp-service :

服务输出:

[gefalko@localhost ~]$ sudo /usr/libexec/nm-l2tp-service --debug
nm-l2tp[20335] nm-l2tp-service (version 1.2.10-1.el7) starting...
nm-l2tp[20335] uses default --bus-name "org.freedesktop.NetworkManager.l2tp"
nm-l2tp[20335] ipsec enable flag: yes
** Message: Check port 1701
connection
id : "L2TP IPSec (PSK) - otravo" (s)
uuid : "49a95a8c-275b-464b-8f62-a7639b48e966" (s)
interface-name : NULL (sd)
type : "vpn" (s)
permissions : ["user:gefalko:"] (s)
autoconnect : FALSE (s)
autoconnect-priority : 0 (sd)
autoconnect-retries : -1 (sd)
timestamp : 0 (sd)
read-only : FALSE (sd)
zone : NULL (sd)
master : NULL (sd)
slave-type : NULL (sd)
autoconnect-slaves : ((NMSettingConnectionAutoconnectSlaves) NM_SETTING_CONNECTION_AUTOCONNECT_SLAVES_DEFAULT) (sd)
secondaries : NULL (sd)
gateway-ping-timeout : 0 (sd)
metered : ((NMMetered) NM_METERED_UNKNOWN) (sd)
lldp : -1 (sd)
stable-id : NULL (sd)
auth-retries : -1 (sd)

ipv6
method : "auto" (s)
dns : [] (s)
dns-search : [] (s)
dns-options : NULL (sd)
dns-priority : 0 (sd)
addresses : ((GPtrArray*) 0x1e8f780) (s)
gateway : NULL (sd)
routes : ((GPtrArray*) 0x1e8f6e0) (s)
route-metric : -1 (sd)
route-table : 0 (sd)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-hostname : NULL (sd)
dhcp-send-hostname : TRUE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
dad-timeout : -1 (sd)
dhcp-timeout : 0 (sd)
ip6-privacy : ((NMSettingIP6ConfigPrivacy) NM_SETTING_IP6_CONFIG_PRIVACY_UNKNOWN) (sd)
addr-gen-mode : 1 (sd)
token : NULL (sd)

proxy
method : 0 (sd)
browser-only : FALSE (sd)
pac-url : NULL (sd)
pac-script : NULL (sd)

vpn
service-type : "org.freedesktop.NetworkManager.l2tp" (s)
user-name : "gefalko" (s)
persistent : FALSE (sd)
data : ((GHashTable*) 0x1e764c0) (s)
secrets : ((GHashTable*) 0x1e76400) (s)
timeout : 0 (sd)

ipv4
method : "auto" (s)
dns : [] (s)
dns-search : [] (s)
dns-options : NULL (sd)
dns-priority : 0 (sd)
addresses : ((GPtrArray*) 0x1e8f560) (s)
gateway : NULL (sd)
routes : ((GPtrArray*) 0x1e8f600) (s)
route-metric : -1 (sd)
route-table : 0 (sd)
ignore-auto-routes : FALSE (sd)
ignore-auto-dns : FALSE (sd)
dhcp-hostname : NULL (sd)
dhcp-send-hostname : TRUE (sd)
never-default : FALSE (sd)
may-fail : TRUE (sd)
dad-timeout : -1 (sd)
dhcp-timeout : 0 (sd)
dhcp-client-id : NULL (sd)
dhcp-fqdn : NULL (sd)

nm-l2tp[20335] starting ipsec
Redirecting to: systemctl stop ipsec.service
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
warning: could not open include filename: '/etc/ipsec.d/.conf'
Redirecting to: systemctl start ipsec.service
002 listening for IKE messages
002 adding interface virbr0/virbr0 192.168.122.1:500
002 adding interface virbr0/virbr0 192.168.122.1:4500
002 adding interface wlp2s0/wlp2s0 192.168.1.176:500
002 adding interface wlp2s0/wlp2s0 192.168.1.176:4500
002 adding interface lo/lo 127.0.0.1:500
002 adding interface lo/lo 127.0.0.1:4500
002 adding interface lo/lo ::1:500
002 loading secrets from "/etc/ipsec.secrets"
002 loading secrets from "/etc/ipsec.d/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.secrets"
opening file: /var/run/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.conf
debugging mode enabled
end of file /var/run/nm-l2tp-ipsec-49a95a8c-275b-464b-8f62-a7639b48e966.conf
Loading conn 49a95a8c-275b-464b-8f62-a7639b48e966
starter: left is KH_DEFAULTROUTE
loading named conns: 49a95a8c-275b-464b-8f62-a7639b48e966
seeking_src = 1, seeking_gateway = 1, has_peer = 1
seeking_src = 0, seeking_gateway = 1, has_dst = 1
dst via 192.168.1.254 dev wlp2s0 src table 254
set nexthop: 192.168.1.254
dst 192.168.1.0 via dev wlp2s0 src 192.168.1.176 table 254
dst 192.168.122.0 via dev virbr0 src 192.168.122.1 table 254
dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
dst 192.168.1.0 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.1.176 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.1.255 via dev wlp2s0 src 192.168.1.176 table 255 (ignored)
dst 192.168.122.0 via dev virbr0 src 192.168.122.1 table 255 (ignored)
dst 192.168.122.1 via dev virbr0 src 192.168.122.1 table 255 (ignored)
dst 192.168.122.255 via dev virbr0 src 192.168.122.1 table 255 (ignored)

seeking_src = 1, seeking_gateway = 0, has_peer = 1
seeking_src = 1, seeking_gateway = 0, has_dst = 1
dst 192.168.1.254 via dev wlp2s0 src 192.168.1.176 table 254
set addr: 192.168.1.176

seeking_src = 0, seeking_gateway = 0, has_peer = 1
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" labeled_ipsec=0
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgdns=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgdomains=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" modecfgbanner=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark-in=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" mark-out=(null)
conn: "49a95a8c-275b-464b-8f62-a7639b48e966" vti_iface=(null)
002 added connection description "49a95a8c-275b-464b-8f62-a7639b48e966"
nm-l2tp[20335] Spawned ipsec auto --up script with PID 21334.
002 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: initiating Main Mode
104 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: initiate
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 0.5 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 1 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 2 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 4 seconds for response
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 8 seconds for response
nm-l2tp[20335] Timeout trying to establish IPsec connection
nm-l2tp[20335] Terminating ipsec script with PID 21334.
nm-l2tp[20335] Could not establish IPsec tunnel.

(nm-l2tp-service:20335): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
010 "49a95a8c-275b-464b-8f62-a7639b48e966" #1: STATE_MAIN_I1: retransmission; will wait 16 seconds for response

最佳答案

我相信您需要将 IPsec 阶段 1 和 2 算法设置为与 VPN 服务器使用的相同,或者重新配置 VPN 服务器以提供更强的建议。

关于centos - 无法使用 nm-l2tp-service 连接到 VPN,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50820131/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com