Jump to content
Калькуляторы

Win2003 RemoteAccess Error 20111 Не поднимается VPN клиент через РТК

Reply to this topic

a-zazell   

a-zazell
Posted (edited)

Здравствуйте, на Win srv2003 настроен DOD интерфейс в службе "Маршрутизация и удаленный доступ", подключается к PPTP серверу. После переезда с Beeline на Ростелеком, не устанавливается коннект (на Билайне работало 2 недели без проблем), иногда помогал перезапуск службы RemoteAccess, но сейчас и это не помогает.

 

Самые интересные моменты:

 


  •  
  • Конфигурация VPN и Ethernet интерфейсов не изменялась (на Ethernet DHCP)
  • Созданный мастером новых подключений pptp-client интерфейс поднимается на ура через РТК
     

Ошибка в логах системы:

 

Тип события:	Ошибка
Источник события:	RemoteAccess
Категория события:	Отсутствует
Код события:	20111
Дата:		26.04.2013
Время:		0:09:58
Пользователь:		Н/Д
Компьютер:	<hostname>
Описание:
Подключение по требованию к удаленному интерфейсу "hq" через порт "VPN4-0" успешно инициировано, но не закончено, из-за ошибки: 
Не удается подключиться к удаленному компьютеру. Возможно потребуется изменение сетевой настройки подключения. 
Нажмите кнопку "Дополнительно" или обратитесь в центр поддержки за помощью, указав номер ошибки.

Дополнительные сведения можно найти в центре справки и поддержки, в "http://go.microsoft.com/fwlink/events.asp".
Данные:
0000: d0 02 00 00               Ð...

 

Во вложении схемы включения до (Beeline) и после (RTK), ниже логи и дампы на стороне сервера.

Может кто встречался с проблемой?

 

Tcpdump -v:

 

 

 

:/# tcpdump -v -tpni wan host <CLIENT>
tcpdump: listening on wan, link-type EN10MB (Ethernet), capture size 65535 bytes

IP (tos 0x0, ttl 119, id 19370, offset 0, flags [DF], proto TCP (6), length 48)
   <CLIENT>.1065 > <SERVER>.1723: Flags [s], cksum 0x7fb0 (correct), seq 343444393, win 65535, options [mss 1440,nop,nop,sackOK], length 0
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 48)
   <SERVER>.1723 > <CLIENT>.1065: Flags [s.], cksum 0x3fb3 (correct), seq 3605090854, ack 343444394, win 5840, options [mss 1460,nop,nop,sackOK], length 0
IP (tos 0x0, ttl 119, id 19404, offset 0, flags [DF], proto TCP (6), length 40)
   <CLIENT>.1065 > <SERVER>.1723: Flags [.], cksum 0x8347 (correct), ack 1, win 65535, length 0
IP (tos 0x0, ttl 119, id 19405, offset 0, flags [DF], proto TCP (6), length 196)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x1807 (correct), seq 1:157, ack 1, win 65535, length 156: pptp Length=156 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(3790) HOSTNAME() VENDOR(Microsoft)
IP (tos 0x0, ttl 64, id 23053, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x698b (correct), ack 157, win 6432, length 0
IP (tos 0x0, ttl 64, id 23054, offset 0, flags [DF], proto TCP (6), length 196)
   <SERVER>.1723 > <CLIENT>.1065: Flags [P.], cksum 0x811d (correct), seq 1:157, ack 157, win 6432, length 156: pptp Length=156 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1:Successful channel establishment) ERR_CODE(0:None) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
IP (tos 0x0, ttl 119, id 19445, offset 0, flags [DF], proto TCP (6), length 208)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x3e3b (correct), seq 157:325, ack 157, win 65379, length 168: pptp Length=168 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=OCRQ CALL_ID(1065) CALL_SER_NUM(7) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
IP (tos 0x0, ttl 64, id 23055, offset 0, flags [DF], proto TCP (6), length 72)
   <SERVER>.1723 > <CLIENT>.1065: Flags [P.], cksum 0xab6e (correct), seq 157:189, ack 325, win 7504, length 32: pptp Length=32 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=OCRP CALL_ID(30080) PEER_CALL_ID(1065) RESULT_CODE(1:Connected) ERR_CODE(0:None) CAUSE_CODE(0) CONN_SPEED(100000000) RECV_WIN(64) PROC_DELAY(0) PHY_CHAN_ID(0)
IP (tos 0x0, ttl 64, id 2103, offset 0, flags [DF], proto GRE (47), length 61)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 0, length 41
       LCP, Conf-Request (0x01), id 1, length 27
       encoded length 25 (=Option(s) length 21)
         ACCM Option (0x02), length 6: 0x00000000
         Auth-Prot Option (0x03), length 5: CHAP, MS-CHAPv2
         Magic-Num Option (0x05), length 6: 0x21ceebb0
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 119, id 19466, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb5c2 (correct), seq 325:349, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 119, id 19467, offset 0, flags [none], proto GRE (47), length 57)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 0, length 37
       LCP, Conf-Request (0x01), id 0, length 23
       encoded length 21 (=Option(s) length 17)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
         Call-Back Option (0x0d), length 3: Callback Operation CBCP (6)
IP (tos 0x0, ttl 64, id 2104, offset 0, flags [DF], proto GRE (47), length 47)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 1, ack 0, length 27
       LCP, Conf-Reject (0x04), id 0, length 9
       encoded length 7 (=Option(s) length 3)
         Call-Back Option (0x0d), length 3: Callback Operation CBCP (6)
IP (tos 0x0, ttl 119, id 19468, offset 0, flags [none], proto GRE (47), length 65)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 1, ack 0, length 45
       LCP, Conf-Ack (0x02), id 1, length 27
       encoded length 25 (=Option(s) length 21)
         ACCM Option (0x02), length 6: 0x00000000
         Auth-Prot Option (0x03), length 5: CHAP, MS-CHAPv2
         Magic-Num Option (0x05), length 6: 0x21ceebb0
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 119, id 19473, offset 0, flags [none], proto GRE (47), length 58)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 2, ack 1, length 38
       LCP, Conf-Request (0x01), id 1, length 20
       encoded length 18 (=Option(s) length 14)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 64, id 2105, offset 0, flags [DF], proto GRE (47), length 58)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 2, ack 2, length 38
       LCP, Conf-Ack (0x02), id 1, length 20
       encoded length 18 (=Option(s) length 14)
         MRU Option (0x01), length 4: 1400
         Magic-Num Option (0x05), length 6: 0x35fb31ce
         PFC Option (0x07), length 2:
         ACFC Option (0x08), length 2:
IP (tos 0x0, ttl 64, id 2106, offset 0, flags [DF], proto GRE (47), length 42)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 3, length 22
       LCP, Echo-Request (0x09), id 0, length 10
       encoded length 8 (=Option(s) length 4)
         Magic-Num 0x21ceebb0
IP (tos 0x0, ttl 64, id 2107, offset 0, flags [DF], proto GRE (47), length 60)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 4, length 40
       CHAP, Challenge (0x01), id 124, Value 723b750cf16ccc33f604e61346abaa55, Name alpha
IP (tos 0x0, ttl 64, id 23056, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63df (correct), ack 349, win 7504, length 0
IP (tos 0x0, ttl 119, id 19480, offset 0, flags [none], proto GRE (47), length 56)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 3, ack 4, length 36
       LCP, Ident (0x0c), id 2, length 20
       encoded length 18 (=Option(s) length 14)
         Magic-Num 0x35fb31ce
         Message
           MSRASV5.20
IP (tos 0x0, ttl 119, id 19481, offset 0, flags [none], proto GRE (47), length 65)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 4, length 45
       LCP, Ident (0x0c), id 3, length 33
       encoded length 31 (=Option(s) length 27)
         Magic-Num 0x35fb31ce
         Message
           MSRAS-0-<CLIENT hostname>
IP (tos 0x0, ttl 119, id 19482, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb5aa (correct), seq 349:373, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0x00000000) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 64, id 23057, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63c7 (correct), ack 373, win 7504, length 0
IP (tos 0x0, ttl 119, id 19483, offset 0, flags [none], proto GRE (47), length 42)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 5, length 22
       LCP, Echo-Reply (0x0a), id 0, length 10
       encoded length 8 (=Option(s) length 4)
         Magic-Num 0x35fb31ce
IP (tos 0x0, ttl 119, id 19484, offset 0, flags [none], proto GRE (47), length 93)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 6, length 73
       CHAP, Response (0x02), id 124, Value d9768..., Name <CLIENT AUTHNAME>
IP (tos 0x0, ttl 64, id 2108, offset 0, flags [DF], proto GRE (47), length 101)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 5, ack 6, length 81
       CHAP, Success (0x03), id 124, Msg S=DDFA... M=Access granted
IP (tos 0x0, ttl 64, id 2109, offset 0, flags [DF], proto GRE (47), length 44)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 6, length 24
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 1, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19489, offset 0, flags [none], proto GRE (47), length 48)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 7, ack 6, length 28
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 4, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 00e1
IP (tos 0x0, ttl 64, id 2110, offset 0, flags [DF], proto GRE (47), length 48)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 7, ack 7, length 28
       unknown ctrl-proto (0x80fd), Conf-Nack (0x03), id 4, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19490, offset 0, flags [none], proto GRE (47), length 44)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 8, length 24
       unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 1, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 119, id 19495, offset 0, flags [none], proto GRE (47), length 48)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 9, ack 7, length 28
       unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 5, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 64, id 2111, offset 0, flags [DF], proto GRE (47), length 48)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 8, ack 9, length 28
       unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 5, length 12
       encoded length 10 (=Option(s) length 6)
         MPPC Option (0x12), length 6:
           0x0000:  0100 0040
IP (tos 0x0, ttl 64, id 2112, offset 0, flags [DF], proto GRE (47), length 50)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present], call 1065, seq 9, length 30
       IPCP, Conf-Request (0x01), id 1, length 18
       encoded length 16 (=Option(s) length 12)
         IP-Comp Option (0x02), length 6: VJ-Comp (0x2d):
         IP-Addr Option (0x03), length 6: 192.168.1.1
IP (tos 0x0, ttl 119, id 19497, offset 0, flags [none], proto GRE (47), length 60)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present, ack present], call 30080, seq 10, ack 9, length 40
       LCP, Prot-Reject (0x08), id 6, length 24
       encoded length 22 (=Option(s) length 18)
         Rejected IPCP Protocol (0x8021)
         Rejected Packet
           0x0000:  0101 0010 0206 002d 0f01 0306 c0a8 0701
IP (tos 0x0, ttl 119, id 19507, offset 0, flags [DF], proto TCP (6), length 64)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0xb592 (correct), seq 373:397, ack 189, win 65347, length 24: pptp Length=24 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=SLI PEER_CALL_ID(30080) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP (tos 0x0, ttl 64, id 23058, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x63af (correct), ack 397, win 7504, length 0
IP (tos 0x0, ttl 119, id 19508, offset 0, flags [none], proto GRE (47), length 52)
   <CLIENT> > <SERVER>: GREv1, Flags [key present, sequence# present], call 30080, seq 11, length 32
       LCP, Term-Request (0x05), id 7, length 18
       encoded length 16 (=Option(s) length 12)
IP (tos 0x0, ttl 64, id 2113, offset 0, flags [DF], proto GRE (47), length 44)
   <SERVER> > <CLIENT>: GREv1, Flags [key present, sequence# present, ack present], call 1065, seq 10, ack 11, length 24
       LCP, Term-Ack (0x06), id 7, length 6
IP (tos 0x0, ttl 119, id 19519, offset 0, flags [DF], proto TCP (6), length 56)
   <CLIENT>.1065 > <SERVER>.1723: Flags [P.], cksum 0x26e5 (correct), seq 397:413, ack 189, win 65347, length 16: pptp Length=16 CTRL-MSG Magic-Cookie=1a2b3c4d CTRL_MSGTYPE=CCRQ CALL_ID(1065)
IP (tos 0x0, ttl 64, id 23059, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x639f (correct), ack 413, win 7504, length 0
IP (tos 0x0, ttl 64, id 23060, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [F.], cksum 0x639e (correct), seq 189, ack 413, win 7504, length 0
IP (tos 0x0, ttl 119, id 19525, offset 0, flags [DF], proto TCP (6), length 40)
   <CLIENT>.1065 > <SERVER>.1723: Flags [F.], cksum 0x81a9 (correct), seq 413, ack 190, win 65347, length 0
IP (tos 0x0, ttl 64, id 23061, offset 0, flags [DF], proto TCP (6), length 40)
   <SERVER>.1723 > <CLIENT>.1065: Flags [.], cksum 0x639d (correct), ack 414, win 7504, length 0
^C
42 packets captured
42 packets received by filter
0 packets dropped by kernel

 

 

 

Tcpdump:

 

 

:/# tcpdump -tpni wan host <CLIENT>
tcpdump: listening on wan, link-type EN10MB (Ethernet), capture size 65535 bytes

IP CLIENT.1066 > SERVER.1723: Flags [s], seq 852260401, win 65535, options [mss 1440,nop,nop,sackOK], length 0
IP SERVER.1723 > CLIENT.1066: Flags [s.], seq 3703765933, ack 852260402, win 5840, options [mss 1460,nop,nop,sackOK], length 0
IP CLIENT.1066 > SERVER.1723: Flags [.], ack 1, win 65535, length 0
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 1:157, ack 1, win 65535, length 156: pptp CTRL_MSGTYPE=SCCRQ PROTO_VER(1.0) FRAME_CAP(A) BEARER_CAP(A) MAX_CHAN(0) FIRM_REV(3790) HOSTNAME() VENDOR(Microsoft)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 157, win 6432, length 0
IP SERVER.1723 > CLIENT.1066: Flags [P.], seq 1:157, ack 157, win 6432, length 156: pptp CTRL_MSGTYPE=SCCRP PROTO_VER(1.0) RESULT_CODE(1) ERR_CODE(0) FRAME_CAP() BEARER_CAP() MAX_CHAN(1) FIRM_REV(1) HOSTNAME(local) VENDOR(linux)
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 157:325, ack 157, win 65379, length 168: pptp CTRL_MSGTYPE=OCRQ CALL_ID(1066) CALL_SER_NUM(8) MIN_BPS(300) MAX_BPS(100000000) BEARER_TYPE(Any) FRAME_TYPE(E) RECV_WIN(64) PROC_DELAY(0) PHONE_NO_LEN(0) PHONE_NO() SUB_ADDR()
IP SERVER.1723 > CLIENT.1066: Flags [P.], seq 157:189, ack 325, win 7504, length 32: pptp CTRL_MSGTYPE=OCRP CALL_ID(30208) PEER_CALL_ID(1066) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) CONN_SPEED(100000000) RECV_WIN(64) PROC_DELAY(0) PHY_CHAN_ID(0)
IP SERVER > CLIENT: GREv1, call 1066, seq 0, length 41: LCP, Conf-Request (0x01), id 1, length 27
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 325:349, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP CLIENT > SERVER: GREv1, call 30208, seq 0, length 37: LCP, Conf-Request (0x01), id 0, length 23
IP SERVER > CLIENT: GREv1, call 1066, seq 1, ack 0, length 27: LCP, Conf-Reject (0x04), id 0, length 9
IP CLIENT > SERVER: GREv1, call 30208, seq 1, ack 1, length 38: LCP, Conf-Request (0x01), id 1, length 20
IP SERVER > CLIENT: GREv1, call 1066, seq 2, ack 1, length 38: LCP, Conf-Ack (0x02), id 1, length 20
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 349, win 7504, length 0
IP SERVER > CLIENT: GREv1, call 1066, seq 3, length 41: LCP, Conf-Request (0x01), id 1, length 27
IP CLIENT > SERVER: GREv1, call 30208, seq 2, ack 3, length 45: LCP, Conf-Ack (0x02), id 1, length 27
IP SERVER > CLIENT: GREv1, call 1066, seq 4, ack 2, length 26: LCP, Echo-Request (0x09), id 0, length 10
IP SERVER > CLIENT: GREv1, call 1066, seq 5, length 40: CHAP, Challenge (0x01), id 254, Value 30c..., Name pptpd
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 349:373, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0x00000000) RECV_ACCM(0xffffffff)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 373, win 7504, length 0
IP CLIENT > SERVER: GREv1, call 30208, seq 3, length 32: LCP, Ident (0x0c), id 2, length 20
IP CLIENT > SERVER: GREv1, call 30208, seq 4, length 45: LCP, Ident (0x0c), id 3, length 33
IP CLIENT > SERVER: GREv1, call 30208, seq 5, ack 4, length 26: LCP, Echo-Reply (0x0a), id 0, length 10
IP CLIENT > SERVER: GREv1, call 30208, seq 6, ack 5, length 77: CHAP, Response (0x02), id 254, Value e76da38583..., Name CLIENT-AUTH-NAME
IP SERVER > CLIENT: GREv1, call 1066, seq 6, ack 6, length 81: CHAP, Success (0x03), id 254, Msg S=960877... M=Access granted
IP SERVER > CLIENT: GREv1, call 1066, seq 7, length 24: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 1, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 7, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 4, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 8, ack 7, length 28: unknown ctrl-proto (0x80fd), Conf-Nack (0x03), id 4, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 8, length 24: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 1, length 12
IP CLIENT > SERVER: GREv1, call 30208, seq 9, ack 8, length 28: unknown ctrl-proto (0x80fd), Conf-Request (0x01), id 5, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 9, ack 9, length 28: unknown ctrl-proto (0x80fd), Conf-Ack (0x02), id 5, length 12
IP SERVER > CLIENT: GREv1, call 1066, seq 10, length 30: IPCP, Conf-Request (0x01), id 1, length 18
IP CLIENT > SERVER: GREv1, call 30208, seq 10, ack 10, length 40: LCP, Prot-Reject (0x08), id 6, length 24
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 373:397, ack 189, win 65347, length 24: pptp CTRL_MSGTYPE=SLI PEER_CALL_ID(30208) SEND_ACCM(0xffffffff) RECV_ACCM(0xffffffff)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 397, win 7504, length 0
IP CLIENT > SERVER: GREv1, call 30208, seq 11, length 32: LCP, Term-Request (0x05), id 7, length 18
IP SERVER > CLIENT: GREv1, call 1066, seq 11, ack 11, length 24: LCP, Term-Ack (0x06), id 7, length 6
IP CLIENT.1066 > SERVER.1723: Flags [P.], seq 397:413, ack 189, win 65347, length 16: pptp CTRL_MSGTYPE=CCRQ CALL_ID(1066)
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 413, win 7504, length 0
IP SERVER.1723 > CLIENT.1066: Flags [F.], seq 189, ack 413, win 7504, length 0
IP CLIENT.1066 > SERVER.1723: Flags [F.], seq 413, ack 190, win 65347, length 0
IP SERVER.1723 > CLIENT.1066: Flags [.], ack 414, win 7504, length 0
^C
43 packets captured
43 packets received by filter
0 packets dropped by kernel

 

 

 

PPTPd log:

 

 

 

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name alpha              # (from /etc/ppp/pptpd-options)
pptpd-original-ip <pptp-client IP>         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam <pptp-client IP>           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 237
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x21ceebb0> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x21ceebb0> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x35fb31ce> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x21ceebb0]
sent [CHAP Challenge id=0x7c <723................................>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x35fb31ce "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x35fb31ce "MSRAS-0-<hostname pptp-client>"]
rcvd [LCP EchoRep id=0x0 magic=0x35fb31ce]
rcvd [CHAP Response id=0x7c <d9768c00ecb52521878d...>, name = "pptp-client"]
sent [CHAP Success id=0x7c "S=DDFA... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x5 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "5\377777777731\37777777716\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (5M-{1M-N^@<M-Mt^@^@^@^@)
sent [LCP TermAck id=0x7]
Hangup (SIGHUP)
Modem hangup
Connection terminated.
Connect time 0.1 minutes.
Sent 46 bytes, received 30 bytes.
^C

 

 

 

Спасибо за внимание

 

Update 1.

Посмотрел лог PPTPD при подключении PPTP VPN client и DOD RemoteAccess

 

 

# Включаем PPTP-Client созданный мастером новых подключений

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name pptpd              # (from /etc/ppp/pptpd-options)
pptpd-original-ip CLIENT         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam CLIENT           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 245
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x77b21469> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x77b21469> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x77b21469> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x966ccc75> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x966ccc75]
sent [CHAP Challenge id=0x6 <3fc...>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x77b21469 "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x77b21469 "MSRAS-0-<CLIENT HOSTNAME>"]
rcvd [LCP EchoRep id=0x0 magic=0x77b21469]
rcvd [CHAP Response id=0x6 <b919...>, name = "<CLIENT AUTH NAME>"]
sent [CHAP Success id=0x6 "S=4C74... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D -C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [iPCP ConfReq id=0x5 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
sent [iPCP TermAck id=0x5]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [iPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [iPCP ConfReq id=0x2 <addr 192.168.1.1>]
rcvd [iPCP ConfAck id=0x2 <addr 192.168.1.1>]
rcvd [iPCP ConfReq id=0x7 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
sent [iPCP ConfRej id=0x7 <ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns2 0.0.0.0> <ms-wins 0.0.0.0>]
rcvd [iPCP ConfReq id=0x8 <addr 0.0.0.0>]
sent [iPCP ConfNak id=0x8 <addr 192.168.1.21>]
rcvd [iPCP ConfReq id=0x9 <addr 192.168.1.21>]
sent [iPCP ConfAck id=0x9 <addr 192.168.1.21>]
found interface lan for proxy arp
local  IP address 192.168.1.1
remote IP address 192.168.1.21
pptpd-logwtmp.so ip-up ppp0 <CLIENT AUTH NAME> CLIENT
Script /etc/ppp/ip-up started (pid 9684)
Script /etc/ppp/ip-up finished (pid 9684), status = 0x0

# Разрываем соединение

rcvd [LCP TermReq id=0xa "w\37777777662\024i\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (wM-2^Ti^@<M-Mt^@^@^@^@)
pptpd-logwtmp.so ip-down ppp0
Connect time 0.3 minutes.
Sent 272 bytes, received 656 bytes.
Script /etc/ppp/ip-down started (pid 9797)
sent [LCP TermAck id=0xa]
Script /etc/ppp/ip-down finished (pid 9797), status = 0x0
Hangup (SIGHUP)
Modem hangup
Connection terminated.
^C

#
# Включаем интерфейс в оснастке "Маршрутизация м удаленный доступ"
#

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
pppd options in effect:
debug           # (from /etc/ppp/pptpd-options)
logfile /var/log/ppp/pptpd.log          # (from /etc/ppp/pptpd-options)
dump            # (from /etc/ppp/pptpd-options)
plugin /usr/lib/pptpd/pptpd-logwtmp.so          # (from command line)
require-mschap-v2               # (from /etc/ppp/pptpd-options)
refuse-pap              # (from /etc/ppp/pptpd-options)
refuse-chap             # (from /etc/ppp/pptpd-options)
refuse-mschap           # (from /etc/ppp/pptpd-options)
name pptpd              # (from /etc/ppp/pptpd-options)
pptpd-original-ip CLIENT         # (from command line)
115200          # (from command line)
lock            # (from /etc/ppp/pptpd-options)
crtscts         # (from /etc/ppp/options)
local           # (from command line)
asyncmap 0              # (from /etc/ppp/options)
lcp-echo-failure 4              # (from /etc/ppp/options)
lcp-echo-interval 30            # (from /etc/ppp/options)
hide-password           # (from /etc/ppp/options)
ipparam CLIENT           # (from command line)
nodefaultroute          # (from /etc/ppp/pptpd-options)
proxyarp                # (from /etc/ppp/pptpd-options)
192.168.1.1:192.168.1.20                # (from command line)
nobsdcomp               # (from /etc/ppp/pptpd-options)
require-mppe-128                # (from /etc/ppp/pptpd-options)
noipx           # (from /etc/ppp/options)
using channel 246
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xaa8f6334> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xaa8f6334> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x67fc42d2> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xaa8f6334]
sent [CHAP Challenge id=0x47 <af66...>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x67fc42d2 "MSRASV5.20"]
rcvd [LCP Ident id=0x3 magic=0x67fc42d2 "MSRAS-0-<CLIENT HOSTNAME>"]
rcvd [LCP EchoRep id=0x0 magic=0x67fc42d2]
rcvd [CHAP Response id=0x47 <9c7...>, name = "<CLIENT AUTH NAME>"]
sent [CHAP Success id=0x47 "S=4FF... M=Access granted"]
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x5 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x5 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "g\37777777774B\37777777722\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (gM-|BM-R^@<M-Mt^@^@^@^@)
sent [LCP TermAck id=0x7]
Hangup (SIGHUP)
Modem hangup
Connection terminated.
Connect time 0.1 minutes.
Sent 46 bytes, received 30 bytes.

 

 

 

Из явного:

 

# PPTP-Client
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [iPCP ConfRej id=0x1 <compress VJ 0f 01>]

# DOD RemoteAccess
MPPE 128-bit stateless compression enabled
sent [iPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.1>]
rcvd [LCP ProtRej id=0x6 80 21 01 01 00 10 02 06 00 2d 0f 01 03 06 c0 a8 07 01]
Protocol-Reject for 'Internet Protocol Control Protocol' (0x8021) received
rcvd [LCP TermReq id=0x7 "g\37777777774B\37777777722\000<\37777777715t\000\000\000\000"]
LCP terminated by peer (gM-|BM-R^@<M-Mt^@^@^@^@)

 

IPCP и LCP - разные протоколы контроля соединения, работают на разных уровнях (L3 и L2 соответственно), DOD дропает IPCP пакеты, не понятно ... =(

post-87545-014798400 1366923302_thumb.png

post-87545-041117400 1366923310_thumb.png

Edited by a-zazell

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Followers 0
Go to topic listing Программное обеспечение, биллинг и *unix системы