Jump to content

VPN (xl2tpd) и разные подсети

dummy
 Share

Recommended Posts

dummy

dummy

Posted
Posted

приветствую знатоков, может вопрос не в тему но:

1. настроил /etc/xl2tpd/xl2tpd.conf

[global]
port = 1701

[lns default]
ip range = 10.5.1.220-10.5.1.230
local ip = 10.5.1.1
require chap = yes
refuse pap = yes
require authentication = yes
name = AltNetVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
exclusive = no

2. /etc/ppp/options.xl2tpd

ipcp-accept-local
ipcp-accept-remote
ms-dns  10.1.1.3
ms-wins 10.1.1.1
#ms-wins 192.168.1.4
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000

3. /etc/ppp/chap-secrets:

test * test *

4. firewall:

echo "1" > /proc/sys/net/ipv4/ip_forward

iptables -F
iptables -t filter -F
iptables -t filter -X
iptables -t nat -F
iptables -t nat -X
iptables -t filter -P INPUT ACCEPT
iptables -t filter -P FORWARD ACCEPT
iptables -t filter -P OUTPUT ACCEPT.

5. поднят основной интерфейс и виртуальный

eth0 10.1.1.3/24

eth0:1 10.1.48.253/24

 

Вопрос:

когда с клиента с адресом 10,1,48,115 (шлюз 10,1,48,253) подключаюсь до 10,1,48,253 - все нормально, а если пытаюсь до 10,1,1,3 то не подключается.

в логах:

xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 04 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 13098, entropy_buf = 332a
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 13098, call 0
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 4
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 4, call is 0.
packet dump:
HEX: { C8 02 00 69 00 04 00 00 00 00 00 01 80 08 00 00 00 00 00 02 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 03 80 0A 00 00 00 04 00 00 00 00 80 08 00 00 00 06 06 90 80 0E 00 00 00 07 73 65 72 76 2E 6C 61 6E 80 13 00 00 00 08 78 65 6C 65 72 61 6E 63 65 2E 63 6F 6D 80 08 00 00 00 09 33 2A 80 08 00 00 00 0A 00 04 }
ASCII: {    i                                                          serv.lan      xelerance.com      3*        }
xl2tpd[7166]: control_finish: sending SCCRP
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 04 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 30365, entropy_buf = 769d
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 30365, call 0
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 4
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 4, call is 0.
xl2tpd[7166]: control_finish: Peer requested tunnel 4 twice, ignoring second one.
xl2tpd[7166]: build_fdset: closing down tunnel 30365
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 04 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 19333, entropy_buf = 4b85
xl2tpd[7166]: ourcid = 50948, entropy_buf = c704
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 19333, call 50948
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 4
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 4, call is 0.
xl2tpd[7166]: control_finish: Peer requested tunnel 4 twice, ignoring second one.
xl2tpd[7166]: build_fdset: closing down tunnel 19333
xl2tpd[7166]: network_thread: select timeout
xl2tpd[7166]: network_thread: select timeout
xl2tpd[7166]: network_thread: select timeout
xl2tpd[7166]: network_thread: select timeout
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 04 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 8873, entropy_buf = 22a9
xl2tpd[7166]: ourcid = 55207, entropy_buf = d7a7
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 8873, call 55207
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 4
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 4, call is 0.
xl2tpd[7166]: control_finish: Peer requested tunnel 4 twice, ignoring second one.
xl2tpd[7166]: build_fdset: closing down tunnel 8873
xl2tpd[7166]: Maximum retries exceeded for tunnel 13098.  Closing.

 

при нормальном подключении (10,1,48,115 -> 10,1,48,253):

xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 05 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 56853, entropy_buf = de15
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 56853, call 0
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 5
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 5, call is 0.
packet dump:
HEX: { C8 02 00 69 00 05 00 00 00 00 00 01 80 08 00 00 00 00 00 02 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 03 80 0A 00 00 00 04 00 00 00 00 80 08 00 00 00 06 06 90 80 0E 00 00 00 07 73 65 72 76 2E 6C 61 6E 80 13 00 00 00 08 78 65 6C 65 72 61 6E 63 65 2E 63 6F 6D 80 08 00 00 00 09 DE 15 80 08 00 00 00 0A 00 04 }
ASCII: {    i                                                          serv.lan      xelerance.com                }
xl2tpd[7166]: control_finish: sending SCCRP
xl2tpd[7166]: build_fdset: closing down tunnel 13098
packet dump:
HEX: { C8 02 00 2D 00 04 00 00 00 01 00 01 80 08 00 00 00 00 00 04 80 08 00 00 00 09 33 2A 80 11 00 00 00 01 00 01 00 00 54 69 6D 65 6F 75 74 }
ASCII: {    -                      3*          Timeout}
xl2tpd[7166]: Connection 4 closed to 10.1.48.115, port 1701 (Timeout)
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 94, tunnel = 0, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 5E 00 00 00 00 00 00 00 00 00 80 08 00 00 00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00 00 03 00 00 00 01 80 0A 00 00 00 04 00 00 00 00 00 08 00 00 00 06 05 00 80 07 00 00 00 07 78 00 0F 00 00 00 08 4D 69 63 72 6F 73 6F 66 74 80 08 00 00 00 09 00 05 80 08 00 00 00 0A 00 08 }
ASCII: {   ^                                                           x      Microsoft                }
xl2tpd[7166]: get_call: allocating new tunnel for host 10.1.48.115, port 1701.
xl2tpd[7166]: ourtid = 24420, entropy_buf = 5f64
xl2tpd[7166]: check_control: control, cid = 0, Ns = 0, Nr = 0
xl2tpd[7166]: handle_avps: handling avp's for tunnel 24420, call 0
xl2tpd[7166]: message_type_avp: message type 1 (Start-Control-Connection-Request)
xl2tpd[7166]: protocol_version_avp: peer is using version 1, revision 0.
xl2tpd[7166]: framing_caps_avp: supported peer frames: sync
xl2tpd[7166]: bearer_caps_avp: supported peer bearers:
xl2tpd[7166]: firmware_rev_avp: peer reports firmware version 1280 (0x0500)
xl2tpd[7166]: hostname_avp: peer reports hostname 'x'
xl2tpd[7166]: vendor_avp: peer reports vendor 'Microsoft'
xl2tpd[7166]: assigned_tunnel_avp: using peer's tunnel 5
xl2tpd[7166]: receive_window_size_avp: peer wants RWS of 8.  Will use flow control.
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Request(1).  Tunnel is 5, call is 0.
xl2tpd[7166]: control_finish: Peer requested tunnel 5 twice, ignoring second one.
xl2tpd[7166]: build_fdset: closing down tunnel 24420
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 20, tunnel = 56853, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 14 00 15 DE 00 00 01 00 01 00 80 08 00 00 00 00 00 03 }
ASCII: {                     }
xl2tpd[7166]: check_control: control, cid = 0, Ns = 1, Nr = 1
xl2tpd[7166]: handle_avps: handling avp's for tunnel 56853, call 0
xl2tpd[7166]: message_type_avp: message type 3 (Start-Control-Connection-Connected)
xl2tpd[7166]: control_finish: message type is Start-Control-Connection-Connected(3).  Tunnel is 5, call is 0.
xl2tpd[7166]: Connection established to 10.1.48.115, 1701.  Local: 56853, Remote: 5 (ref=0/0).  LNS session is 'default'
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 48, tunnel = 56853, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 30 00 15 DE 00 00 02 00 01 00 80 08 00 00 00 00 00 0A 80 08 00 00 00 0E 00 01 80 0A 00 00 00 0F 00 00 00 00 80 0A 00 00 00 12 00 00 00 02 }
ASCII: {   0                                             }
xl2tpd[7166]: check_control: control, cid = 0, Ns = 2, Nr = 1
xl2tpd[7166]: handle_avps: handling avp's for tunnel 56853, call 0
xl2tpd[7166]: message_type_avp: message type 10 (Incoming-Call-Request)
xl2tpd[7166]: message_type_avp: new incoming call
xl2tpd[7166]: ourcid = 54391, entropy_buf = d477
xl2tpd[7166]: assigned_call_avp: using peer's call 1
xl2tpd[7166]: call_serno_avp: serial number is 0
xl2tpd[7166]: bearer_type_avp: peer bears: analog
xl2tpd[7166]: control_finish: message type is Incoming-Call-Request(10).  Tunnel is 5, call is 0.
packet dump:
HEX: { C8 02 00 1C 00 05 00 01 00 01 00 03 80 08 00 00 00 00 00 0B 80 08 00 00 00 0E D4 77 }
ASCII: {                            w}
xl2tpd[7166]: control_finish: Sending ICRP
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 12, tunnel = 56853, call = 0 ref=0 refhim=0
packet dump:
HEX: { 02 C8 0C 00 15 DE 00 00 03 00 01 00 }
ASCII: {             }
xl2tpd[7166]: check_control: control, cid = 0, Ns = 3, Nr = 1
xl2tpd[7166]: network_thread: recv packet from 10.1.48.115, size = 48, tunnel = 56853, call = 54391 ref=0 refhim=0
packet dump:
HEX: { 02 C8 30 00 15 DE 77 D4 03 00 02 00 80 08 00 00 00 00 00 0C 80 0A 00 00 00 18 05 F5 E1 00 80 0A 00 00 00 13 00 00 00 01 00 08 00 00 00 1D 00 04 }
ASCII: {   0   w                                         }
xl2tpd[7166]: check_control: control, cid = 1, Ns = 3, Nr = 2
xl2tpd[7166]: handle_avps: handling avp's for tunnel 56853, call 54391
xl2tpd[7166]: message_type_avp: message type 12 (Incoming-Call-Connected)
xl2tpd[7166]: tx_speed_avp: transmit baud rate is 100000000
xl2tpd[7166]: frame_type_avp: peer uses:sync frames
xl2tpd[7166]: ignore_avp : Ignoring AVP
xl2tpd[7166]: control_finish: message type is Incoming-Call-Connected(12).  Tunnel is 5, call is 1.
xl2tpd[7166]: start_pppd: I'm running:
xl2tpd[7166]: "/usr/sbin/pppd"
xl2tpd[7166]: "passive"
xl2tpd[7166]: "nodetach"
xl2tpd[7166]: "10.5.1.1:10.5.1.220"
xl2tpd[7166]: "refuse-pap"
xl2tpd[7166]: "auth"
.....

 

в чем проблема ? можно ли чтото сделать ?

мне надо как раз, чтобы подключение было до 10,1,1,3

ЗЫ: на виндовой машине брандмауэр отключен

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.