Ubuntu 16.04: не Может estabilish соединение VPN к VPN Stonesoft
Я использую Ubuntu 16.04.3 LTS, 64-разрядный, я пробую к estabilish соединение VPN к VPN Stonesoft Насколько я знаю, что stonesoft означает L2TP VPN, Так как Ubuntu не кажется больше поддержки L2TP, я следовал за этим инструкции для создания VPN: Xerus - пропускающий плагин L2TP для Администратора сети?
Печально я все еще не могу estabilish соединение. Они дали мне только
- IP-адрес
- Имя пользователя
- Пароль
В системном журнале я вижу следующее:
Nov 12 09:58:42 immediata NetworkManager[996]: <info> [1510477122.7520] audit: op="connection-activate" uuid="a944d391-ad32-4386-abed-902943385e1f" name="AreaVastaVpn" pid=2853 uid=1000 result="success"
Nov 12 09:58:42 immediata NetworkManager[996]: <info> [1510477122.8019] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Started the VPN service, PID 4275
Nov 12 09:58:42 immediata NetworkManager[996]: <info> [1510477122.8207] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Saw the service appear; activating connection
Nov 12 09:58:43 immediata gnome-session[2594]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Nov 12 09:59:16 immediata NetworkManager[996]: <info> [1510477156.8682] keyfile: update /etc/NetworkManager/system-connections/AreaVastaVpn (a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn")
Nov 12 09:59:16 immediata NetworkManager[996]: <info> [1510477156.8735] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: (ConnectInteractive) reply received
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <info> ipsec enable flag: yes
Nov 12 09:59:16 immediata NetworkManager[996]: ** Message: Check port 1701
Nov 12 09:59:16 immediata NetworkManager[996]: ** Message: Can't bind to port 1701
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <warn> L2TP port 1701 is busy, using ephemeral.
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <info> starting ipsec
Nov 12 09:59:16 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 12 09:59:16 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 12 09:59:16 immediata ipsec[4316]: Stopping strongSwan IPsec failed: starter is not running
Nov 12 09:59:19 immediata NetworkManager[996]: Starting strongSwan 5.3.5 IPsec [starter]...
Nov 12 09:59:19 immediata NetworkManager[996]: Loading config setup
Nov 12 09:59:19 immediata NetworkManager[996]: Loading conn 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:19 immediata NetworkManager[996]: found netkey IPsec stack
Nov 12 09:59:19 immediata charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-98-generic, x86_64)
Nov 12 09:59:19 immediata kernel: [ 543.237222] audit: type=1400 audit(1510477159.053:41): apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/usr/local/lib/libxml2.so.2.9.1" pid=4345 comm="charon" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 12 09:59:19 immediata charon: 00[CFG] disabling load-tester plugin, not configured
Nov 12 09:59:19 immediata charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
Nov 12 09:59:19 immediata charon: 00[CFG] dnscert plugin is disabled
Nov 12 09:59:19 immediata charon: 00[CFG] ipseckey plugin is disabled
Nov 12 09:59:19 immediata charon: 00[CFG] attr-sql plugin: database URI not set
Nov 12 09:59:19 immediata charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG] loaded IKE secret for %any
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG] loaded IKE secret for XX.XXX.XX.XX
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG] loaded IKE secret for %any
Nov 12 09:59:19 immediata charon: 00[CFG] sql plugin: database URI not set
Nov 12 09:59:19 immediata charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Nov 12 09:59:19 immediata charon: 00[CFG] eap-simaka-sql database URI missing
Nov 12 09:59:19 immediata charon: 00[CFG] loaded 0 RADIUS server configurations
Nov 12 09:59:19 immediata charon: 00[CFG] no threshold configured for systime-fix, disabled
Nov 12 09:59:19 immediata charon: 00[CFG] coupling file path unspecified
Nov 12 09:59:19 immediata charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity
Nov 12 09:59:19 immediata charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 12 09:59:19 immediata charon: 00[JOB] spawning 16 worker threads
Nov 12 09:59:19 immediata charon: 07[CFG] received stroke: add connection 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:19 immediata charon: 07[CFG] added configuration 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:20 immediata charon: 06[CFG] rereading secrets
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG] loaded IKE secret for %any
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG] loaded IKE secret for XX.XXX.XX.XX
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG] loaded IKE secret for %any
Nov 12 09:59:20 immediata NetworkManager[996]: nm-l2tp[4275] <info> Spawned ipsec up script with PID 4370.
Nov 12 09:59:20 immediata charon: 10[CFG] received stroke: initiate 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:20 immediata charon: 11[IKE] initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 12 09:59:20 immediata charon: 11[ENC] generating ID_PROT request 0 [ SA V V V V ]
Nov 12 09:59:20 immediata charon: 11[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 12 09:59:20 immediata charon: 12[NET] received packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (102 bytes)
Nov 12 09:59:20 immediata charon: 12[ENC] parsed INFORMATIONAL_V1 request 1567910028 [ N(NO_PROP) ]
Nov 12 09:59:20 immediata charon: 12[IKE] received NO_PROPOSAL_CHOSEN error notify
Nov 12 09:59:20 immediata NetworkManager[996]: initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 12 09:59:20 immediata NetworkManager[996]: generating ID_PROT request 0 [ SA V V V V ]
Nov 12 09:59:20 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 12 09:59:20 immediata NetworkManager[996]: received packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (102 bytes)
Nov 12 09:59:20 immediata NetworkManager[996]: parsed INFORMATIONAL_V1 request 1567910028 [ N(NO_PROP) ]
Nov 12 09:59:20 immediata NetworkManager[996]: received NO_PROPOSAL_CHOSEN error notify
Nov 12 09:59:20 immediata NetworkManager[996]: establishing connection 'a944d391-ad32-4386-abed-902943385e1f' failed
Nov 12 09:59:20 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 12 09:59:20 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 12 09:59:20 immediata NetworkManager[996]: nm-l2tp[4275] <warn> Could not establish IPsec tunnel.
Nov 12 09:59:20 immediata NetworkManager[996]: (nm-l2tp-service:4275): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Nov 12 09:59:20 immediata NetworkManager[996]: <info> [1510477160.4101] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN service disappeared
Nov 12 09:59:20 immediata NetworkManager[996]: <warn> [1510477160.4110] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
Кто-либо может дать мне подсказку относительно того, как я могу решить проблему? спасибо Angelo
ОБНОВЛЕНИЕ
Извините я просто видел в журнале, я отправил ошибку, связанную с портом 1701. Я забыл отключать xl2tpd сервис. Я сделал это, и я все еще не могу соединиться
Это - моя новая трассировка системного журнала
Nov 13 09:35:35 immediata NetworkManager[996]: <info> [1510562135.1201] audit: op="connection-activate" uuid="a944d391-ad32-4386-abed-902943385e1f" name="AreaVastaVpn" pid=2853 uid=1000 result="success"
Nov 13 09:35:35 immediata NetworkManager[996]: <info> [1510562135.1264] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Started the VPN service, PID 8554
Nov 13 09:35:35 immediata NetworkManager[996]: <info> [1510562135.1374] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Saw the service appear; activating connection
Nov 13 09:35:35 immediata gnome-session[2594]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Nov 13 09:35:44 immediata NetworkManager[996]: <info> [1510562144.2090] keyfile: update /etc/NetworkManager/system-connections/AreaVastaVpn (a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn")
Nov 13 09:35:44 immediata NetworkManager[996]: <info> [1510562144.2150] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: (ConnectInteractive) reply received
Nov 13 09:35:44 immediata NetworkManager[996]: nm-l2tp[8554] <info> ipsec enable flag: yes
Nov 13 09:35:44 immediata NetworkManager[996]: ** Message: Check port 1701
Nov 13 09:35:44 immediata NetworkManager[996]: nm-l2tp[8554] <info> starting ipsec
Nov 13 09:35:44 immediata NetworkManager[996]: Stopping strongSwan IPsec failed: starter is not running
Nov 13 09:35:46 immediata NetworkManager[996]: Starting strongSwan 5.3.5 IPsec [starter]...
Nov 13 09:35:46 immediata NetworkManager[996]: Loading config setup
Nov 13 09:35:46 immediata NetworkManager[996]: Loading conn 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:46 immediata NetworkManager[996]: found netkey IPsec stack
Nov 13 09:35:46 immediata charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-98-generic, x86_64)
Nov 13 09:35:46 immediata kernel: [ 2727.978478] audit: type=1400 audit(1510562146.258:46): apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/usr/local/lib/libxml2.so.2.9.1" pid=8601 comm="charon" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 13 09:35:46 immediata charon: 00[CFG] disabling load-tester plugin, not configured
Nov 13 09:35:46 immediata charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
Nov 13 09:35:46 immediata charon: 00[CFG] dnscert plugin is disabled
Nov 13 09:35:46 immediata charon: 00[CFG] ipseckey plugin is disabled
Nov 13 09:35:46 immediata charon: 00[CFG] attr-sql plugin: database URI not set
Nov 13 09:35:46 immediata charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG] loaded IKE secret for %any
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG] loaded IKE secret for XX.XXX.XX.XX
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG] loaded IKE secret for %any
Nov 13 09:35:46 immediata charon: 00[CFG] sql plugin: database URI not set
Nov 13 09:35:46 immediata charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Nov 13 09:35:46 immediata charon: 00[CFG] eap-simaka-sql database URI missing
Nov 13 09:35:46 immediata charon: 00[CFG] loaded 0 RADIUS server configurations
Nov 13 09:35:46 immediata charon: 00[CFG] no threshold configured for systime-fix, disabled
Nov 13 09:35:46 immediata charon: 00[CFG] coupling file path unspecified
Nov 13 09:35:46 immediata charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity
Nov 13 09:35:46 immediata charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 13 09:35:46 immediata charon: 00[JOB] spawning 16 worker threads
Nov 13 09:35:46 immediata charon: 09[CFG] received stroke: add connection 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:46 immediata charon: 09[CFG] added configuration 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:47 immediata charon: 05[CFG] rereading secrets
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG] loaded IKE secret for %any
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG] loaded IKE secret for XX.XXX.XX.XX
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG] loaded IKE secret for %any
Nov 13 09:35:47 immediata NetworkManager[996]: nm-l2tp[8554] <info> Spawned ipsec up script with PID 8627.
Nov 13 09:35:47 immediata charon: 13[CFG] received stroke: initiate 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:47 immediata charon: 03[IKE] initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 13 09:35:47 immediata charon: 03[ENC] generating ID_PROT request 0 [ SA V V V V ]
Nov 13 09:35:47 immediata charon: 03[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:51 immediata charon: 04[IKE] sending retransmit 1 of request message ID 0, seq 1
Nov 13 09:35:51 immediata charon: 04[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <warn> Timeout trying to establish IPsec connection
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <info> Terminating ipsec script with PID 8627.
Nov 13 09:35:57 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 13 09:35:57 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 13 09:35:57 immediata charon: 00[IKE] destroying IKE_SA in state CONNECTING without notification
Nov 13 09:35:57 immediata NetworkManager[996]: initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 13 09:35:57 immediata NetworkManager[996]: generating ID_PROT request 0 [ SA V V V V ]
Nov 13 09:35:57 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: sending retransmit 1 of request message ID 0, seq 1
Nov 13 09:35:57 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: destroying IKE_SA in state CONNECTING without notification
Nov 13 09:35:57 immediata NetworkManager[996]: establishing connection 'a944d391-ad32-4386-abed-902943385e1f' failed
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <warn> Could not establish IPsec tunnel.
Nov 13 09:35:57 immediata NetworkManager[996]: (nm-l2tp-service:8554): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Nov 13 09:35:57 immediata NetworkManager[996]: <info> [1510562157.3575] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN service disappeared
Nov 13 09:35:57 immediata NetworkManager[996]: <warn> [1510562157.3587] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
Nov 13 09:36:06 immediata wpa_supplicant[1346]: wlan0: Failed to initiate sched scan
Кто-либо может дать мне подсказку?
Спасибо
Angelo
ОБНОВИТЕ 2 РЕЗУЛЬТАТА иконоскопа-scan.sh
Я выполняю иконоскоп-scan.sh
Результат команды sudo ./ike-scan.sh XX.XXX.XX.XX | grep SA
сканирование иконоскопа grep sa
Результат команды sudo ./ike-scan.sh XX.XXX.XX.XX
1
задан Angelo Immediata
15 November 2017 в 15:34
поделиться
2 ответа
Вы могли бы хотеть удалить следующие временные файлы, которые не стали удаленными по некоторым причинам:
sudo rm -f /etc/ipsec.d/nm-l2tp-ipsec-*.secrets
Как упомянуто на следующей странице:
Можно сделать следующее для установки network-manager-l2tp:
sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
sudo apt-get update
sudo apt-get install network-manager-l2tp network-manager-l2tp-gnome
'Не может связать с портом 1701' xl2tpd, предупреждение не является ошибкой, но это может быть проблема для некоторого брандмауэра и/или Серверов VPN, когда эфемерный порт используется, больше деталей здесь:
Но я думаю 'полученная ошибка NO_PROPOSAL_CHOSEN', Вы имеете, то, потому что сервер VPN только предлагает старые поврежденные алгоритмы шифрования, см.:
Это предоставляет подробную информацию о том, как запросить сервер VPN для алгоритмов, это поддерживает и обеспечивает пример для общего поврежденного обходного решения алгоритма. Но рекомендуемая фиксация должна реконфигурировать сервер VPN для использования более сильных алгоритмов.
Если Вы все еще имеете проблемы и предполагаете использование вышеупомянутого репозитория PPA Вы могли попытаться заменить strongswan libreswan путем издания:
sudo apt install libreswan
но обязательно удалите любые алгоритмы фазы 1/поэтапно осуществляло 2, которые Вы, возможно, ввели в Окно параметров IPsec как версия libreswan в том, что репозиторий PPA не отбросил общие поврежденные алгоритмы от своего пакета предложений по умолчанию.
Мог бы также хотеть перезапустить NetworkManager, чтобы гарантировать, что изменение libreswan было взято NetworkManager-l2tp:
sudo systemctl restart NetworkManager.service
0
ответ дан Douglas Kosovic
8 December 2019 в 03:24
поделиться
Вы упомянули, что Ubuntu больше, кажется, не поддерживает L2TP. Ubuntu 17.10 (и позже) идет с network-manager-l2tp пакетом по умолчанию в стандартном репозитории.
Как упомянуто на следующей странице PPA:
Если Вы хотели бы эти бэкпортированные пакеты, добавленные к официальному репозиторию бэкпортов Ubuntu 16.10 или 17.04, войдите в следующую страницу и нажмите на ссылку "Does this bug affect you?" для голосования, чтобы иметь их, добавил:
https://bugs.launchpad.net/xenial-backports / + ошибка/1697934
К сожалению, только 6 пользователей Ubuntu голосовали, чтобы бэкпортировать пакет официально к Ubuntu 16.04, поэтому кажется маловероятным произойти.
0
ответ дан Douglas Kosovic
8 December 2019 в 03:24
поделиться