Jump to content

Win2003 RemoteAccess Error 20111

a-zazell
 Share

Recommended Posts

a-zazell

a-zazell

Posted
Posted (edited)

Здравствуйте, на Win srv2003 настроен DOD интерфейс в службе "Маршрутизация и удаленный доступ", подключается к PPTP серверу. После переезда с Beeline на Ростелеком, не устанавливается коннект (на Билайне работало 2 недели без проблем), иногда помогал перезапуск службы RemoteAccess, но сейчас и это не помогает.

 

Самые интересные моменты:

 


  •  
  • Конфигурация VPN и Ethernet интерфейсов не изменялась (на Ethernet DHCP)
  • Созданный мастером новых подключений pptp-client интерфейс поднимается на ура через РТК
     

Ошибка в логах системы:

 

Тип события:	Ошибка
Источник события:	RemoteAccess
Категория события:	Отсутствует
Код события:	20111
Дата:		26.04.2013
Время:		0:09:58
Пользователь:		Н/Д
Компьютер:	<hostname>
Описание:
Подключение по требованию к удаленному интерфейсу "hq" через порт "VPN4-0" успешно инициировано, но не закончено, из-за ошибки: 
Не удается подключиться к удаленному компьютеру. Возможно потребуется изменение сетевой настройки подключения. 
Нажмите кнопку "Дополнительно" или обратитесь в центр поддержки за помощью, указав номер ошибки.

Дополнительные сведения можно найти в центре справки и поддержки, в "http://go.microsoft.com/fwlink/events.asp".
Данные:
0000: d0 02 00 00               Ð...

 

Во вложении схемы включения до (Beeline) и после (RTK), ниже логи и дампы на стороне сервера.

Может кто встречался с проблемой?

 

Tcpdump -v:

 

 

 

:/# tcpdump -v -tpni wan host <CLIENT>
tcpdump: listening on wan, link-type EN10MB (Ethernet), capture size 65535 bytes

IP (tos 0x0, ttl 119, id 19370, offset 0, flags [DF], proto TCP (6), length 48)
   <CLIENT>.1065 > <SERVER>.1723: Flags [s], cksum 0x7fb0 (correct), seq 343444393, win 65535, options [mss 1440,nop,nop,sackOK], length 0
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 48)
   <SERVER>.1723 > <CLIENT>.1065: Flags [s.], cksum 0x3fb3 (correct), seq 3605090854, ack 343444394, win 5840, options [mss 1460,nop,nop,sackOK], length 0
IP (tos 0x0, ttl 119, id 19404, offset 0, flags [DF], proto TCP (6), length 40)
   <CLIENT>.1065 > <SERVER>.1723: Flags [.], cksum 0x8347 (correct), ack 1, win 65535, length 0
IP (tos 0x0, ttl 119, id 19405, offset 0, flags [DF], proto TCP (6), length 196)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x1807 (correct), seq 1:157, ack 1, win 65535, length 156: pptp Length=156 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(3790) HOSTNAME() VENDOR(Microsoft)
IP (tos 0x0, ttl 64, id 23053, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x698b (correct), ack 157, win 6432, length 0
IP (tos 0x0, ttl 64, id 23054, offset 0, flags [DF], proto TCP (6), length 196)
   <SERVER>.1723 > <CLIENT>.1065: Flags [P.], cksum 0x811d (correct), seq 1:157, ack 157, win 6432, length 156: pptp Length=156 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1:Successful channel establishment) ERR_CODE(0:None) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
IP (tos 0x0, ttl 119, id 19445, offset 0, flags [DF], proto TCP (6), length 208)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x3e3b (correct), seq 157:325, ack 157, win 65379, length 168: pptp Length=168 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=OCRQ CALL_ID(1065) CALL_SER_NUM(7) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
IP (tos 0x0, ttl 64, id 23055, offset 0, flags [DF], proto TCP (6), length 72)
   <SERVER>.1723 > <CLIENT>.1065: Flags [P.], cksum 0xab6e (correct), seq 157:189, ack 325, win 7504, length 32: pptp Length=32 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=OCRP CALL_ID(30080) PEER_CALL_ID(1065) RESULT_CODE(1:Connected) ERR_CODE(0:None) CAUSE_CODE(0) CONN_SPEED(100000000) RECV_WIN(64) PROC_DELAY(0) PHY_CHAN_ID(0)
IP (tos 0x0, ttl 64, id 2103, offset 0, flags [DF], proto GRE (47), length 61)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 0, length 41
       LCP, Conf-Request (0x01), id 1, length 27
       encoded length 25 (=Option(s) length 21)
         ACCM Option (0x02), length 6: 0x00000000
         Auth-Prot Option (0x03), length 5: CHAP, MS-CHAPv2
         Magic-Num Option (0x05), length 6: 0x21ceebb0
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 119, id 19466, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb5c2 (correct), seq 325:349, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 119, id 19467, offset 0, flags [none], proto GRE (47), length 57)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 0, length 37
       LCP, Conf-Request (0x01), id 0, length 23
       encoded length 21 (=Option(s) length 17)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
         Call-Back Option (0x0d), length 3: Callback Operation CBCP (6)
IP (tos 0x0, ttl 64, id 2104, offset 0, flags [DF], proto GRE (47), length 47)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 1, ack 0, length 27
       LCP, Conf-Reject (0x04), id 0, length 9
       encoded length 7 (=Option(s) length 3)
         Call-Back Option (0x0d), length 3: Callback Operation CBCP (6)
IP (tos 0x0, ttl 119, id 19468, offset 0, flags [none], proto GRE (47), length 65)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 1, ack 0, length 45
       LCP, Conf-Ack (0x02), id 1, length 27
       encoded length 25 (=Option(s) length 21)
         ACCM Option (0x02), length 6: 0x00000000
         Auth-Prot Option (0x03), length 5: CHAP, MS-CHAPv2
         Magic-Num Option (0x05), length 6: 0x21ceebb0
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 119, id 19473, offset 0, flags [none], proto GRE (47), length 58)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 2, ack 1, length 38
       LCP, Conf-Request (0x01), id 1, length 20
       encoded length 18 (=Option(s) length 14)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 64, id 2105, offset 0, flags [DF], proto GRE (47), length 58)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 2, ack 2, length 38
       LCP, Conf-Ack (0x02), id 1, length 20
       encoded length 18 (=Option(s) length 14)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 64, id 2106, offset 0, flags [DF], proto GRE (47), length 42)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 3, length 22
       LCP, Echo-Request (0x09), id 0, length 10
       encoded length 8 (=Option(s) length 4)
         Magic-Num 0x21ceebb0
IP (tos 0x0, ttl 64, id 2107, offset 0, flags [DF], proto GRE (47), length 60)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 4, length 40
       CHAP, Challenge (0x01), id 124, Value 723b750cf16ccc33f604e61346abaa55, Name alpha
IP (tos 0x0, ttl 64, id 23056, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63df (correct), ack 349, win 7504, length 0
IP (tos 0x0, ttl 119, id 19480, offset 0, flags [none], proto GRE (47), length 56)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 3, ack 4, length 36
       LCP, Ident (0x0c), id 2, length 20
       encoded length 18 (=Option(s) length 14)
         Magic-Num 0x35fb31ce
         Message
           MSRASV5.20
IP (tos 0x0, ttl 119, id 19481, offset 0, flags [none], proto GRE (47), length 65)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 4, length 45
       LCP, Ident (0x0c), id 3, length 33
       encoded length 31 (=Option(s) length 27)
         Magic-Num 0x35fb31ce
         Message
           MSRAS-0-<CLIENT hostname>
IP (tos 0x0, ttl 119, id 19482, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb5aa (correct), seq 349:373, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0x00000000) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 64, id 23057, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63c7 (correct), ack 373, win 7504, length 0
IP (tos 0x0, ttl 119, id 19483, offset 0, flags [none], proto GRE (47), length 42)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 5, length 22
       LCP, Echo-Reply (0x0a), id 0, length 10
       encoded length 8 (=Option(s) length 4)
         Magic-Num 0x35fb31ce
IP (tos 0x0, ttl 119, id 19484, offset 0, flags [none], proto GRE (47), length 93)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 6, length 73
       CHAP, Response (0x02), id 124, Value d9768..., Name <CLIENT AUTHNAME>
IP (tos 0x0, ttl 64, id 2108, offset 0, flags [DF], proto GRE (47), length 101)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 5, ack 6, length 81
       CHAP, Success (0x03), id 124, Msg S=DDFA... M=Access granted
IP (tos 0x0, ttl 64, id 2109, offset 0, flags [DF], proto GRE (47), length 44)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 6, length 24
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 1, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19489, offset 0, flags [none], proto GRE (47), length 48)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 7, ack 6, length 28
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 4, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 00e1
IP (tos 0x0, ttl 64, id 2110, offset 0, flags [DF], proto GRE (47), length 48)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 7, ack 7, length 28
       unknown ctrl-proto (0x80fd), Conf-Nack (0x03), id 4, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19490, offset 0, flags [none], proto GRE (47), length 44)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 8, length 24
       unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 1, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19495, offset 0, flags [none], proto GRE (47), length 48)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 9, ack 7, length 28
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 5, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 64, id 2111, offset 0, flags [DF], proto GRE (47), length 48)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 8, ack 9, length 28
       unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 5, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 64, id 2112, offset 0, flags [DF], proto GRE (47), length 50)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 9, length 30
       IPCP, Conf-Request (0x01), id 1, length 18
       encoded length 16 (=Option(s) length 12)
         IP-Comp Option (0x02), length 6: VJ-Comp (0x2d):
         IP-Addr Option (0x03), length 6: 192.168.1.1
IP (tos 0x0, ttl 119, id 19497, offset 0, flags [none], proto GRE (47), length 60)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 10, ack 9, length 40
       LCP, Prot-Reject (0x08), id 6, length 24
       encoded length 22 (=Option(s) length 18)
         Rejected IPCP Protocol (0x8021)
         Rejected Packet
           0x0000:  0101 0010 0206 002d 0f01 0306 c0a8 0701
IP (tos 0x0, ttl 119, id 19507, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb592 (correct), seq 373:397, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 64, id 23058, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63af (correct), ack 397, win 7504, length 0
IP (tos 0x0, ttl 119, id 19508, offset 0, flags [none], proto GRE (47), length 52)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 11, length 32
       LCP, Term-Request (0x05), id 7, length 18
       encoded length 16 (=Option(s) length 12)
IP (tos 0x0, ttl 64, id 2113, offset 0, flags [DF], proto GRE (47), length 44)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 10, ack 11, length 24
       LCP, Term-Ack (0x06), id 7, length 6
IP (tos 0x0, ttl 119, id 19519, offset 0, flags [DF], proto TCP (6), length 56)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x26e5 (correct), seq 397:413, ack 189, win 65347, length 16: pptp Length=16 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=CCRQ CALL_ID(1065)
IP (tos 0x0, ttl 64, id 23059, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x639f (correct), ack 413, win 7504, length 0
IP (tos 0x0, ttl 64, id 23060, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [F.], cksum 0x639e (correct), seq 189, ack 413, win 7504, length 0
IP (tos 0x0, ttl 119, id 19525, offset 0, flags [DF], proto TCP (6), length 40)
   <CLIENT>.1065 > <SERVER>.1723: Flags [F.], cksum 0x81a9 (correct), seq 413, ack 190, win 65347, length 0
IP (tos 0x0, ttl 64, id 23061, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x639d (correct), ack 414, win 7504, length 0
^C
42 packets captured
42 packets received by filter
0 packets dropped by kernel

 

 

 

Tcpdump:

 

 

:/# tcpdump -tpni wan host <CLIENT>
tcpdump: listening on wan, link-type EN10MB (Ethernet), capture size 65535 bytes

IP CLIENT.1066 > SERVER.1723: Flags [s], seq 852260401, win 65535, options [mss 1440,nop,nop,sackOK], length 0
IP SERVER.1723 > CLIENT.1066: Flags [s.], seq 3703765933, ack 852260402, win 5840, options [mss 1460,nop,nop,sackOK], length 0
IP CLIENT.1066 > SERVER.1723: Flags [.], ack 1, win 65535, length 0
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 1:157, ack 1, win 65535, length 156: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(3790) HOSTNAME() VENDOR(Microsoft)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 157, win 6432, length 0
IP SERVER.1723 > CLIENT.1066: Flags [P.], seq 1:157, ack 157, win 6432, length 156: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 157:325, ack 157, win 65379, length 168: pptp CTRL_MSGTYPE=OCRQ CALL_ID(1066) CALL_SER_NUM(8) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
IP SERVER.1723 > CLIENT.1066: Flags [P.], seq 157:189, ack 325, win 7504, length 32: pptp CTRL_MSGTYPE=OCRP CALL_ID(30208) PEER_CALL_ID(1066) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(100000000) RECV_WIN(64) PROC_DELAY(0) PHY_CHAN_ID(0)
IP SERVER > CLIENT: GREv1, call 1066, seq 0, length 41: LCP, Conf-Request (0x01), id 1, length 27
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 325:349, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP CLIENT > SERVER: GREv1, call 30208, seq 0, length 37: LCP, Conf-Request (0x01), id 0, length 23
IP SERVER > CLIENT: GREv1, call 1066, seq 1, ack 0, length 27: LCP, Conf-Reject (0x04), id 0, length 9
IP CLIENT > SERVER: GREv1, call 30208, seq 1, ack 1, length 38: LCP, Conf-Request (0x01), id 1, length 20
IP SERVER > CLIENT: GREv1, call 1066, seq 2, ack 1, length 38: LCP, Conf-Ack (0x02), id 1, length 20
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 349, win 7504, length 0
IP SERVER > CLIENT: GREv1, call 1066, seq 3, length 41: LCP, Conf-Request (0x01), id 1, length 27
IP CLIENT > SERVER: GREv1, call 30208, seq 2, ack 3, length 45: LCP, Conf-Ack (0x02), id 1, length 27
IP SERVER > CLIENT: GREv1, call 1066, seq 4, ack 2, length 26: LCP, Echo-Request (0x09), id 0, length 10
IP SERVER > CLIENT: GREv1, call 1066, seq 5, length 40: CHAP, Challenge (0x01), id 254, Value 30c..., Name pptpd
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 349:373, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0x00000000) RECV_ACCM(0xffffffff)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 373, win 7504, length 0
IP CLIENT > SERVER: GREv1, call 30208, seq 3, length 32: LCP, Ident (0x0c), id 2, length 20
IP CLIENT > SERVER: GREv1, call 30208, seq 4, length 45: LCP, Ident (0x0c), id 3, length 33
IP CLIENT > SERVER: GREv1, call 30208, seq 5, ack 4, length 26: LCP, Echo-Reply (0x0a), id 0, length 10
IP CLIENT > SERVER: GREv1, call 30208, seq 6, ack 5, length 77: CHAP, Response (0x02), id 254, Value e76da38583..., Name CLIENT-AUTH-NAME
IP SERVER > CLIENT: GREv1, call 1066, seq 6, ack 6, length 81: CHAP, Success (0x03), id 254, Msg S=960877... M=Access granted
IP SERVER > CLIENT: GREv1, call 1066, seq 7, length 24: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 1, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 7, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 4, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 8, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Nack (0x03), id 4, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 8, length 24: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 1, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 9, ack 8, length 28: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 5, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 9, ack 9, length 28: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 5, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 10, length 30: IPCP, Conf-Request (0x01), id 1, length 18
IP CLIENT > SERVER: GREv1, call 30208, seq 10, ack 10, length 40: LCP, Prot-Reject (0x08), id 6, length 24
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 373:397, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 397, win 7504, length 0
IP CLIENT > SERVER: GREv1, call 30208, seq 11, length 32: LCP, Term-Request (0x05), id 7, length 18
IP SERVER > CLIENT: GREv1, call 1066, seq 11, ack 11, length 24: LCP, Term-Ack (0x06), id 7, length 6
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 397:413, ack 189, win 65347, length 16: pptp CTRL_MSGTYPE=CCRQ CALL_ID(1066)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 413, win 7504, length 0
IP SERVER.1723 > CLIENT.1066: Flags [F.], seq 189, ack 413, win 7504, length 0
IP CLIENT.1066 > SERVER.1723: Flags [F.], seq 413, ack 190, win 65347, length 0
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 414, win 7504, length 0
^C
43 packets captured
43 packets received by filter
0 packets dropped by kernel

 

 

 

PPTPd log:

 

 

 

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name alpha              # (from /etc/ppp/pptpd-options)
pptpd-original-ip <pptp-client IP>         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam <pptp-client IP>           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 237
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x21ceebb0> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x21ceebb0> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x21ceebb0]
sent [CHAP Challenge id=0x7c <723................................>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x35fb31ce "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x35fb31ce "MSRAS-0-<hostname pptp-client>"]
rcvd [LCP EchoRep id=0x0 magic=0x35fb31ce]
rcvd [CHAP Response id=0x7c <d9768c00ecb52521878d...>, name = "pptp-client"]
sent [CHAP Success id=0x7c "S=DDFA... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x5 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "5\377777777731\37777777716\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (5M-{1M-N^@<M-Mt^@^@^@^@)
sent [LCP TermAck id=0x7]
Hangup (SIGHUP)
Modem hangup
Connection terminated.
Connect time 0.1 minutes.
Sent 46 bytes, received 30 bytes.
^C

 

 

 

Спасибо за внимание

 

Update 1.

Посмотрел лог PPTPD при подключении PPTP VPN client и DOD RemoteAccess

 

 

# Включаем PPTP-Client созданный мастером новых подключений

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name pptpd              # (from /etc/ppp/pptpd-options)
pptpd-original-ip CLIENT         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam CLIENT           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 245
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x77b21469> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x77b21469> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x77b21469> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x966ccc75]
sent [CHAP Challenge id=0x6 <3fc...>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x77b21469 "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x77b21469 "MSRAS-0-<CLIENT HOSTNAME>"]
rcvd [LCP EchoRep id=0x0 magic=0x77b21469]
rcvd [CHAP Response id=0x6 <b919...>, name = "<CLIENT AUTH NAME>"]
sent [CHAP Success id=0x6 "S=4C74... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D -C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [iPCP ConfReq id=0x5 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
sent [iPCP TermAck id=0x5]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [iPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [iPCP ConfReq id=0x2 <addr 192.168.1.1>]
rcvd [iPCP ConfAck id=0x2 <addr 192.168.1.1>]
rcvd [iPCP ConfReq id=0x7 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
sent [iPCP ConfRej id=0x7 <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
rcvd [iPCP ConfReq id=0x8 <addr 0.0.0.0>]
sent [iPCP ConfNak id=0x8 <addr 192.168.1.21>]
rcvd [iPCP ConfReq id=0x9 <addr 192.168.1.21>]
sent [iPCP ConfAck id=0x9 <addr 192.168.1.21>]
found interface lan for proxy arp
local  IP address 192.168.1.1
remote IP address 192.168.1.21
pptpd-logwtmp.so ip-up ppp0 <CLIENT AUTH NAME> CLIENT
Script /etc/ppp/ip-up started (pid 9684)
Script /etc/ppp/ip-up finished (pid 9684), status = 0x0

# Разрываем соединение

rcvd [LCP TermReq id=0xa "w\37777777662\024i\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (wM-2^Ti^@<M-Mt^@^@^@^@)
pptpd-logwtmp.so ip-down ppp0
Connect time 0.3 minutes.
Sent 272 bytes, received 656 bytes.
Script /etc/ppp/ip-down started (pid 9797)
sent [LCP TermAck id=0xa]
Script /etc/ppp/ip-down finished (pid 9797), status = 0x0
Hangup (SIGHUP)
Modem hangup
Connection terminated.
^C

#
# Включаем интерфейс в оснастке "Маршрутизация м удаленный доступ"
#

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name pptpd              # (from /etc/ppp/pptpd-options)
pptpd-original-ip CLIENT         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam CLIENT           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 246
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xaa8f6334> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xaa8f6334> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xaa8f6334]
sent [CHAP Challenge id=0x47 <af66...>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x67fc42d2 "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x67fc42d2 "MSRAS-0-<CLIENT HOSTNAME>"]
rcvd [LCP EchoRep id=0x0 magic=0x67fc42d2]
rcvd [CHAP Response id=0x47 <9c7...>, name = "<CLIENT AUTH NAME>"]
sent [CHAP Success id=0x47 "S=4FF... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x5 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "g\37777777774B\37777777722\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (gM-|BM-R^@<M-Mt^@^@^@^@)
sent [LCP TermAck id=0x7]
Hangup (SIGHUP)
Modem hangup
Connection terminated.
Connect time 0.1 minutes.
Sent 46 bytes, received 30 bytes.

 

 

 

Из явного:

 

# PPTP-Client
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [iPCP ConfRej id=0x1 <compress VJ 0f 01>]

# DOD RemoteAccess
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "g\37777777774B\37777777722\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (gM-|BM-R^@<M-Mt^@^@^@^@)

 

IPCP и LCP - разные протоколы контроля соединения, работают на разных уровнях (L3 и L2 соответственно), DOD дропает IPCP пакеты, не понятно ... =(

post-87545-014798400 1366923302_thumb.png

post-87545-041117400 1366923310_thumb.png

Edited by a-zazell

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.