debian 9错误连接vpn l2tp
我尝试了vpn l2tp连接,但无法连接。我使用GUI网络管理器。这是调试代码debian 9错误连接vpn l2tp,debian,vpn,l2tp,Debian,Vpn,L2tp,我尝试了vpn l2tp连接,但无法连接。我使用GUI网络管理器。这是调试代码 nm-l2tp[25816] <info> starting ipsec Stopping strongSwan IPsec failed: starter is not running Starting strongSwan 5.5.1 IPsec [starter]... Loading config setup Loading conn 'b90b8bb2-cbd9-456c-a33e-b43ad
nm-l2tp[25816] <info> starting ipsec
Stopping strongSwan IPsec failed: starter is not running
Starting strongSwan 5.5.1 IPsec [starter]...
Loading config setup
Loading conn 'b90b8bb2-cbd9-456c-a33e-b43adc975dec'
found netkey IPsec stack
nm-l2tp[25816] <info> Spawned ipsec up script with PID 25879.
initiating Main Mode IKE_SA b90b8bb2-cbd9-456c-a33e-b43adc975dec[1] to 103.76.22.130
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 192.168.42.162[500] to 103.76.22.130[500] (240 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from 192.168.42.162[500] to 103.76.22.130[500] (240 bytes)
nm-l2tp[25816] <warn> Timeout trying to establish IPsec connection
nm-l2tp[25816] <info> Terminating ipsec script with PID 25879.
Stopping strongSwan IPsec...
destroying IKE_SA in state CONNECTING without notification
establishing connection 'b90b8bb2-cbd9-456c-a33e-b43adc975dec' failed
nm-l2tp[25816] <warn> Could not establish IPsec tunnel.
(nm-l2tp-service:25816): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
nm-l2tp[25816]启动ipsec
停止IPsec失败:启动器未运行
正在启动strongSwan 5.5.1 IPsec[启动器]。。。
加载配置设置
装载接头“b90b8bb2-cbd9-456c-a33e-b43adc975dec”
找到netkey IPsec堆栈
nm-l2tp[25816]生成了带有PID 25879的ipsec up脚本。
启动主模式IKE_SA b90b8bb2-cbd9-456c-a33e-b43adc975dec[1]至103.76.22.130
正在生成ID_保护请求0[SA V]
发送数据包:从192.168.42.162[500]到103.76.22.130[500](240字节)
正在发送请求消息ID 0的重传1,序号1
发送数据包:从192.168.42.162[500]到103.76.22.130[500](240字节)
尝试建立IPsec连接时nm-l2tp[25816]超时
nm-l2tp[25816]使用PID 25879终止ipsec脚本。
正在停止IPsec。。。
在未通知的情况下正在连接状态下销毁IKE_SA
建立连接“b90b8bb2-cbd9-456c-a33e-b43adc975dec”失败
nm-l2tp[25816]无法建立IPsec隧道。
(nm-l2tp-service:25816):GLib GIO CRITICAL**:g_dbus_方法_调用_take_错误:断言'error!=“NULL”失败
有人能帮我解决问题吗?
我已尝试在中运行教程。/ike-scan.sh脚本,该脚本来自您提供结果的第二个链接:
sudo ipsec stop
sudo ./ike-scan.sh 103.76.22.130 | grep SA=
SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=14:modp2048 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=2:modp1024 KeyLength=128 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=14:modp2048 KeyLength=128 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=2:modp1024 KeyLength=192 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=14:modp2048 KeyLength=192 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=2:modp1024 KeyLength=256 LifeType=Seconds LifeDuration(4)=0x00007080)
SA=(Enc=AES Hash=SHA1 Auth=PSK Group=14:modp2048 KeyLength=256 LifeType=Seconds LifeDuration(4)=0x00007080)
由于使用SHA1和/或modp1024,该VPN服务器的所有建议都被认为是薄弱的。您能否尝试以下第1阶段和第2阶段算法:
- 阶段1算法:aes256-sha1-modp2048,aes256-sha1-modp1024李>
- 阶段2算法:aes256-sha1李>
!
)用于将VPN客户端限制为指定的方案,而不包括strongSwan的默认方案。一些VPN服务器不喜欢被来自客户端的大量建议淹没