V1talya Опубликовано 14 августа, 2010 (изменено) · Жалоба Не соединяется циска по л2тп с линукс сервером. ( Винда с линксом по л2тп соединяется (при выкл ipsec в винде) ) Что делать ? Linux: --- syslog Aug 14 01:07:41 gw-01 xl2tpd[2435]: handle_avps: no handler for atribute 5 (Tie Breaker). Aug 14 01:07:41 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 56. Aug 14 01:07:41 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 57. Aug 14 01:07:41 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 110. Aug 14 01:07:41 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 111. Aug 14 01:07:43 gw-01 xl2tpd[2435]: handle_avps: no handler for atribute 5 (Tie Breaker). Aug 14 01:07:43 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 56. Aug 14 01:07:43 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 57. Aug 14 01:07:43 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 110. Aug 14 01:07:43 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 111. Aug 14 01:07:43 gw-01 xl2tpd[2435]: control_finish: Peer requested tunnel 57158 twice, ignoring second one. Aug 14 01:07:44 gw-01 xl2tpd[2435]: handle_avps: no handler for atribute 5 (Tie Breaker). Aug 14 01:07:44 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 56. Aug 14 01:07:44 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 57. Aug 14 01:07:44 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 110. Aug 14 01:07:44 gw-01 xl2tpd[2435]: handle_avps: dont know how to handle atribute 111. Aug 14 01:07:44 gw-01 xl2tpd[2435]: control_finish: Peer requested tunnel 57158 twice, ignoring second one. Aug 14 01:07:48 gw-01 xl2tpd[2435]: Maximum retries exceeded for tunnel 20914. Closing. Aug 14 01:07:48 gw-01 xl2tpd[2435]: Connection 57158 closed to 10.222.31.3, port 1701 (Timeout) Aug 14 01:07:48 gw-01 xl2tpd[2435]: check_control: Received out of order control packet on tunnel -1 (got 1, expected 0) Aug 14 01:07:48 gw-01 xl2tpd[2435]: handle_packet: bad control packet! Aug 14 01:07:53 gw-01 xl2tpd[2435]: Unable to deliver closing message for tunnel 20914. Destroying anyway. --- xl2tpd.conf [global] ; Global parameters: port = 1701 ; * Bind to port 1701 auth file = /etc/xl2tpd/l2tp-secrets ; * Where our challenge secrets are access control = no ; * Refuse connections without IP match rand source = dev ; Source for entropy for random [lns default] ; Our fallthrough LNS definition exclusive = no ; * Only permit one tunnel per host ip range = 10.255.253.200-10.255.253.250 ; * Allocate from this IP range lac = 0.0.0.0 ; * These can connect as LAC's ; no lac = untrusted.marko.net ; * This guy can't connect hidden bit = yes ; * Use hidden AVP's? local ip = 10.250.250.3 ; * Our local IP to use length bit = yes ; * Use length bit in payload? require chap = yes ; * Require CHAP auth. by peer refuse pap = yes ; * Refuse PAP authentication refuse chap = no ; * Refuse CHAP authentication refuse authentication = no ; * Refuse authentication altogether require authentication = no ; * Require peer to authenticate unix authentication = no ; * Use /etc/passwd for auth. name = gw-01 ; * Report this as our hostname ppp debug = no ; * Turn on PPP debugging pppoptfile = /etc/ppp/l2tpd-options ; * ppp options file call rws = 10 ; * RWS for call (-1 is valid) tunnel rws = 4 ; * RWS for tunnel (must be > 0) flow bit = yes --- l2tpd-options noipv6 logfile /var/log/l2tpd.log proxyarp nodefaultroute noipx nobsdcomp nodeflate lock --- chap-secrets test * test 10.250.250.18 Cisco: --- debug 000065: *Aug 14 01:23:17.575 Yakutsk: %LINK-3-UPDOWN: Interface Virtual-PPP10, c hanged state to up 000066: *Aug 14 01:23:17.579 Yakutsk: Vp10 PPP: Using vpn set call direction 000067: *Aug 14 01:23:17.579 Yakutsk: Vp10 PPP: Treating connection as a callout 000068: *Aug 14 01:23:17.579 Yakutsk: Vp10 PPP: Session handle[40000002] Session id[4] 000069: *Aug 14 01:23:17.579 Yakutsk: Vp10 PPP: Phase is ESTABLISHING, Active Op en 000070: *Aug 14 01:23:17.579 Yakutsk: Vp10 PPP: Authorization required 000071: *Aug 14 01:23:17.579 Yakutsk: Vp10 LCP: O CONFREQ [Closed] id 5 len 15 000072: *Aug 14 01:23:17.579 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000073: *Aug 14 01:23:17.579 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x050 64C79C590) 000074: *Aug 14 01:23:19.579 Yakutsk: Vp10 LCP: Timeout: State REQsent 000075: *Aug 14 01:23:19.579 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 6 len 15 000076: *Aug 14 01:23:19.579 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000077: *Aug 14 01:23:19.579 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x050 64C79C590) 000078: *Aug 14 01:23:21.595 Yakutsk: Vp10 LCP: Timeout: State REQsent 000079: *Aug 14 01:23:21.595 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 7 len 15 000080: *Aug 14 01:23:21.595 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000081: *Aug 14 01:23:21.595 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x05064C79C590) 000082: *Aug 14 01:23:23.611 Yakutsk: Vp10 LCP: Timeout: State REQsent 000083: *Aug 14 01:23:23.611 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 8 len 15 000084: *Aug 14 01:23:23.611 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000085: *Aug 14 01:23:23.611 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x05064C79C590) 000086: *Aug 14 01:23:25.627 Yakutsk: Vp10 LCP: Timeout: State REQsent 000087: *Aug 14 01:23:25.627 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 9 len 15 000088: *Aug 14 01:23:25.627 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000089: *Aug 14 01:23:25.627 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x05064C79C590) 000090: *Aug 14 01:23:27.643 Yakutsk: Vp10 LCP: Timeout: State REQsent 000091: *Aug 14 01:23:27.643 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 10 len 15 000092: *Aug 14 01:23:27.643 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000093: *Aug 14 01:23:27.643 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x05064C79C590) 000094: *Aug 14 01:23:29.659 Yakutsk: Vp10 LCP: Timeout: State REQsent 000095: *Aug 14 01:23:29.659 Yakutsk: Vp10 LCP: O CONFREQ [REQsent] id 11 len 15 000096: *Aug 14 01:23:29.659 Yakutsk: Vp10 LCP: AuthProto CHAP (0x0305C22305) 000097: *Aug 14 01:23:29.659 Yakutsk: Vp10 LCP: MagicNumber 0x4C79C590 (0x05064C79C590) 000098: *Aug 14 01:23:31.675 Yakutsk: Vp10 LCP: Timeout: State REQsent --- config Building configuration... Current configuration : 2846 bytes ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname gw-kol ! boot-start-marker boot system flash c180x-adventerprisek9-mz.124-24.T1.bin boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging message-counter syslog logging buffered 51200 logging console critical ! no aaa new-model ! ! dot11 syslog no ip source-route ! ! ! ! ip cef no ip bootp server ip domain name aigul.local ip name-server 10.222.149.194 no ipv6 cef l2tp-class class1 ! ! multilink bundle-name authenticated ! ! ! ! ! ! archive log config hidekeys ! ! ip tcp synwait-time 10 ip ssh version 2 pseudowire-class psclass1 encapsulation l2tpv2 protocol l2tpv2 class1 ip local interface FastEthernet0 ! ! ! ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip flow ingress shutdown no atm ilmi-keepalive ! interface BRI0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip flow ingress encapsulation hdlc shutdown ! interface FastEthernet0 description $ES_WAN$$ETH-WAN$ ip address dhcp client-id FastEthernet0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat outside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ! interface FastEthernet5 ! interface FastEthernet6 ! interface FastEthernet7 ! interface FastEthernet8 ! interface Virtual-PPP10 ip address negotiated no cdp enable ppp authentication chap ppp chap hostname test ppp chap password 7 010703174F pseudowire 10.222.149.194 1 pw-class psclass1 ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$$ES_LAN$$FW_INSIDE$ ip address 10.10.10.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 10.222.31.1 ip route 10.222.149.194 255.255.255.255 10.222.31.1 ip http server no ip http secure-server ! ! ip nat inside source list 1 interface FastEthernet0 overload ! logging trap debugging access-list 1 remark CCP_ACL Category=2 access-list 1 permit 10.10.10.0 0.0.0.255 no cdp run ! ! ! ! ! ! control-plane ! ! line con 0 transport output none line aux 0 transport output none line vty 0 4 exec-timeout 0 0 privilege level 15 login local transport input telnet ssh ! scheduler interval 500 end Изменено 15 августа, 2010 пользователем V1talya Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
V1talya Опубликовано 15 августа, 2010 · Жалоба тема закрыта. все заработало. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...