最近想办法进行vpn网络连接,但是一直不能成功,请各位高手帮忙。
我的系统是ubuntu6.10,vpn的服务器采用的windows2003的自带服务器。客户端软件采用安装源里的pptp-linux和pptpconfig,用户名、密码等信息配置好以后进行连接,失败。网上查找原因,1、有的说需要mppe-128加密,但是因为系统内核2.6.15自带了这个,不用进行安装的;2、我发现pptp采用拨号进行连接,但是我的机器在学校内部,不需要拨号连接,这个原因我不确定;3、网上有的配置说需要将client和server配置同一个网段的ip,但是vpn连接不应该有这个要求才对。
本人刚刚学习ubuntu,对很多东西不太熟悉,敬请见谅。
[问题]请教vpn的连接问题
-
peter_ustc
- 帖子: 4
- 注册时间: 2007-01-14 11:38
-
eexpress
- 帖子: 58428
- 注册时间: 2005-08-14 21:55
- 来自: 长沙
-
ino1
- 帖子: 266
- 注册时间: 2006-10-28 18:05
-
peter_ustc
- 帖子: 4
- 注册时间: 2007-01-14 11:38
把我的连接日志貼出来,请高手指教了
我的主机的ip属于内网ip,即192.168.*.*网段,内网网关192.168.1.1,vpn服务器的ip属于外网ip,202.38.*.*,通过日志可以看出来:
1、我的机器分配的ip地址为local IP address 192.168.200.106,服务器的地址为remote IP address 192.168.200.101,服务器的地址应该是202.38.*.*才对,但是不知道为什么会这样?
2、日志中还有CHAP authentication succeeded,是说明用户名和密码认证正确吗?
3、从MPPE 128-bit stateless compression enabled这个能够推断加密已经起用了吗?
4、从网上查找的资料来看需要添加路由信息:route add -net target_ip netmask 255.255.255.0 gw gateway,通过我的描述,能够帮我确定一下这个target_ip和gateway应该分别填写多少?为什么要添加这样一句话,vpn是直接连接到服务器才对?
下面是日志信息:
peter@FavoriteOS:~$ sudo pon vpn debug dump logfd 2 nodetach
pppd options in effect:
debug # (from command line)
nodetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/peers/vpn)
refuse-chap # (from /etc/ppp/options.pptp)
refuse-eap # (from /etc/ppp/options.pptp)
name ustc # (from /etc/ppp/peers/vpn)
remotename vpnServer # (from /etc/ppp/peers/vpn)
# (from /etc/ppp/options.pptp)
pty pptp 202.38.*.* --nolaunchpppd # (from /etc/ppp/peers/vpn)
crtscts # (from /etc/ppp/options)
# (from /etc/ppp/options)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam vpn # (from /etc/ppp/peers/vpn)
proxyarp # (from /etc/ppp/options)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
require-mppe-128 # (from /etc/ppp/options.pptp)
noipx # (from /etc/ppp/options)
using channel 10
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <auth eap> <magic 0x7ecc1eb5> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]> < 17 04 0d 5d>]
sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 0d 5d>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP ConfNak id=0x1 <auth chap MS-v2>]
rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP ConfAck id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP EchoReq id=0x0 magic=0xaac371e6]
rcvd [CHAP Challenge id=0x0 <2ced2379219ba6af3cd641fd06540188>, name = "XUERU"]
sent [CHAP Response id=0x0 <09776375c58a20434f0ccdf5b9eab1694500000000861113c47c86b90d9abd2d1237fcf8766959dbb07126908dd0fd54b7>, name = "ustc"]
rcvd [LCP EchoRep id=0x0 magic=0x7ecc1eb5]
rcvd [CHAP Success id=0x0 "S=A94AC3DA1E8BF0BE137B01878CAB36047161E9AC"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfReq id=0x5 <addr 192.168.200.101>]
sent [IPCP TermAck id=0x5]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [IPCP ConfNak id=0x2 <addr 192.168.200.106>]
sent [IPCP ConfReq id=0x3 <addr 192.168.200.106>]
rcvd [IPCP ConfAck id=0x3 <addr 192.168.200.106>]
rcvd [IPCP ConfReq id=0x7 <addr 192.168.200.101>]
sent [IPCP ConfAck id=0x7 <addr 192.168.200.101>]
Cannot determine ethernet address for proxy ARP
local IP address 192.168.200.106
remote IP address 192.168.200.101
Script /etc/ppp/ip-up started (pid 7457)
Script /etc/ppp/ip-up finished (pid 7457), status = 0x0
Terminating on signal 2
Connect time 0.6 minutes.
Sent 0 bytes, received 0 bytes.
Script /etc/ppp/ip-down started (pid 7479)
MPPE disabled
sent [LCP TermReq id=0x2 "MPPE disabled"]
sent [LCP TermReq id=0x3 "MPPE disabled"]
Modem hangup
Connection terminated.
Script pptp 202.38.*.* --nolaunchpppd finished (pid 7447), status = 0x0
Waiting for 1 child processes...
script /etc/ppp/ip-down, pid 7479
Script /etc/ppp/ip-down finished (pid 7479), status = 0x0
1、我的机器分配的ip地址为local IP address 192.168.200.106,服务器的地址为remote IP address 192.168.200.101,服务器的地址应该是202.38.*.*才对,但是不知道为什么会这样?
2、日志中还有CHAP authentication succeeded,是说明用户名和密码认证正确吗?
3、从MPPE 128-bit stateless compression enabled这个能够推断加密已经起用了吗?
4、从网上查找的资料来看需要添加路由信息:route add -net target_ip netmask 255.255.255.0 gw gateway,通过我的描述,能够帮我确定一下这个target_ip和gateway应该分别填写多少?为什么要添加这样一句话,vpn是直接连接到服务器才对?
下面是日志信息:
peter@FavoriteOS:~$ sudo pon vpn debug dump logfd 2 nodetach
pppd options in effect:
debug # (from command line)
nodetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/peers/vpn)
refuse-chap # (from /etc/ppp/options.pptp)
refuse-eap # (from /etc/ppp/options.pptp)
name ustc # (from /etc/ppp/peers/vpn)
remotename vpnServer # (from /etc/ppp/peers/vpn)
# (from /etc/ppp/options.pptp)
pty pptp 202.38.*.* --nolaunchpppd # (from /etc/ppp/peers/vpn)
crtscts # (from /etc/ppp/options)
# (from /etc/ppp/options)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam vpn # (from /etc/ppp/peers/vpn)
proxyarp # (from /etc/ppp/options)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
require-mppe-128 # (from /etc/ppp/options.pptp)
noipx # (from /etc/ppp/options)
using channel 10
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <auth eap> <magic 0x7ecc1eb5> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]> < 17 04 0d 5d>]
sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 0d 5d>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xaac371e6> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP ConfNak id=0x1 <auth chap MS-v2>]
rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP ConfAck id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x7ecc1eb5> <pcomp> <accomp> <endpoint [local:81.7b.19.3b.59.92.4c.04.a7.6d.26.7f.87.e9.2f.f1.00.00.00.00]>]
sent [LCP EchoReq id=0x0 magic=0xaac371e6]
rcvd [CHAP Challenge id=0x0 <2ced2379219ba6af3cd641fd06540188>, name = "XUERU"]
sent [CHAP Response id=0x0 <09776375c58a20434f0ccdf5b9eab1694500000000861113c47c86b90d9abd2d1237fcf8766959dbb07126908dd0fd54b7>, name = "ustc"]
rcvd [LCP EchoRep id=0x0 magic=0x7ecc1eb5]
rcvd [CHAP Success id=0x0 "S=A94AC3DA1E8BF0BE137B01878CAB36047161E9AC"]
CHAP authentication succeeded
sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x4 <mppe +H +M +S +L -D +C>]
sent [CCP ConfNak id=0x4 <mppe +H -M +S -L -D -C>]
rcvd [IPCP ConfReq id=0x5 <addr 192.168.200.101>]
sent [IPCP TermAck id=0x5]
rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
MPPE 128-bit stateless compression enabled
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
rcvd [IPCP ConfNak id=0x2 <addr 192.168.200.106>]
sent [IPCP ConfReq id=0x3 <addr 192.168.200.106>]
rcvd [IPCP ConfAck id=0x3 <addr 192.168.200.106>]
rcvd [IPCP ConfReq id=0x7 <addr 192.168.200.101>]
sent [IPCP ConfAck id=0x7 <addr 192.168.200.101>]
Cannot determine ethernet address for proxy ARP
local IP address 192.168.200.106
remote IP address 192.168.200.101
Script /etc/ppp/ip-up started (pid 7457)
Script /etc/ppp/ip-up finished (pid 7457), status = 0x0
Terminating on signal 2
Connect time 0.6 minutes.
Sent 0 bytes, received 0 bytes.
Script /etc/ppp/ip-down started (pid 7479)
MPPE disabled
sent [LCP TermReq id=0x2 "MPPE disabled"]
sent [LCP TermReq id=0x3 "MPPE disabled"]
Modem hangup
Connection terminated.
Script pptp 202.38.*.* --nolaunchpppd finished (pid 7447), status = 0x0
Waiting for 1 child processes...
script /etc/ppp/ip-down, pid 7479
Script /etc/ppp/ip-down finished (pid 7479), status = 0x0