ubuntu 22.04 中的 L2TP IPSec VPN 问题

tag-icon tag-icon networking vpn ipsec l2tp
ubuntu 22.04 中的 L2TP IPSec VPN 问题

我必须连接到 VPN L2TP/Ipsec

在 Ubuntu 18.04 下,我使用了:IPsec 隧道到 L2TP 服务器 - 是的 Phase1 = 3des-sha1-modp1024!Phase2 = 3des-sha1!强制 UDP 封装

我现在已经安装了 Ubuntu 22.04,VPN 已连接,但我无法访问互联网或受保护的网站。

在服务器上工作的同事建议我尝试Phase1:aes256-sha1-modp2048,3des-sha1-modp2048Phase2:aes256-sha1,3des-sha1

我已经尝试了此页面上的某些选项,但没有帮助: 22.04 l2tp 客户端不工作

  • 降级 xl2tpd 至 1.13.12
  • 使用 kl2tpd 代替 xl2tpd
  • libreswan 代替 strongswan

有人能帮我看一下输出吗 journalctl -b --no-hostname _SYSTEMD_UNIT=NetworkManager.service + SYSLOG_IDENTIFIER=pppd



Mai 02 15:23:57 NetworkManager[619]: <info>  [1683033837.7111] vpn[0x55fb9af943e0,0623f3db-a0ee-408a-b6d0-a9bb051f0401,"NAME_REMOVED"]: starting l2tp
Mai 02 15:23:57 NetworkManager[619]: <info>  [1683033837.7117] audit: op="connection-activate" uuid="0623f3db-a0ee-408a-b6d0-a9bb051f0401" name="NAME_REMOVED" pid=5428 uid=1000 result="success"
Mai 02 15:23:57 nm-l2tp-service[12181]: Check port 1701
Mai 02 15:23:57 nm-l2tp-service[12181]: Can't bind to port 1701
Mai 02 15:23:57 NetworkManager[12196]: Stopping strongSwan IPsec failed: starter is not running
Mai 02 15:23:59 NetworkManager[12193]: Starting strongSwan 5.9.5 IPsec [starter]...
Mai 02 15:23:59 NetworkManager[12193]: Loading config setup
Mai 02 15:23:59 NetworkManager[12193]: Loading conn '0623f3db-a0ee-408a-b6d0-a9bb051f0401'
Mai 02 15:23:59 ipsec_starter[12193]: Starting strongSwan 5.9.5 IPsec [starter]...
Mai 02 15:23:59 ipsec_starter[12193]: Loading config setup
Mai 02 15:23:59 ipsec_starter[12193]: Loading conn '0623f3db-a0ee-408a-b6d0-a9bb051f0401'
Mai 02 15:23:59 ipsec_starter[12205]: Attempting to start charon...
Mai 02 15:23:59 charon[12206]: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.5, Linux 5.19.0-41-generic, x86_64)
Mai 02 15:23:59 charon[12206]: 00[CFG] PKCS11 module '<name>' lacks library path
Mai 02 15:23:59 charon[12206]: 00[PTS] TPM 2.0 - could not load "libtss2-tcti-tabrmd.so.0"
Mai 02 15:23:59 charon[12206]: 00[LIB] plugin 'tpm': failed to load - tpm_plugin_create returned NULL
Mai 02 15:23:59 charon[12206]: 00[LIB] providers loaded by OpenSSL: legacy default
Mai 02 15:23:59 charon[12206]: 00[NET] using forecast interface eno1
Mai 02 15:23:59 charon[12206]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
Mai 02 15:23:59 charon[12206]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Mai 02 15:23:59 charon[12206]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Mai 02 15:23:59 charon[12206]: 00[CFG]   loaded IKE secret for %any
Mai 02 15:23:59 charon[12206]: 00[CFG] loaded 0 RADIUS server configurations
Mai 02 15:23:59 charon[12206]: 00[CFG] HA config misses local/remote address
Mai 02 15:23:59 charon[12206]: 00[LIB] loaded plugins: charon test-vectors ldap pkcs11 aesni aes rc2 sha2 sha1 md5 mgf1 rdrand random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey>
Mai 02 15:23:59 charon[12206]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Mai 02 15:23:59 charon[12206]: 00[JOB] spawning 16 worker threads
Mai 02 15:23:59 ipsec_starter[12205]: charon (12206) started after 40 ms
Mai 02 15:23:59 charon[12206]: 06[CFG] received stroke: add connection '0623f3db-a0ee-408a-b6d0-a9bb051f0401'
Mai 02 15:23:59 charon[12206]: 06[CFG] added configuration '0623f3db-a0ee-408a-b6d0-a9bb051f0401'
Mai 02 15:24:00 charon[12206]: 07[CFG] rereading secrets
Mai 02 15:24:00 charon[12206]: 07[CFG] loading secrets from '/etc/ipsec.secrets'
Mai 02 15:24:00 charon[12206]: 07[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Mai 02 15:24:00 charon[12206]: 07[CFG]   loaded IKE secret for %any
Mai 02 15:24:00 charon[12206]: 09[CFG] received stroke: initiate '0623f3db-a0ee-408a-b6d0-a9bb051f0401'
Mai 02 15:24:00 charon[12206]: 11[IKE] initiating Main Mode IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] to IP_ADDRESS_REMOVED
Mai 02 15:24:00 charon[12206]: 11[IKE] initiating Main Mode IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] to IP_ADDRESS_REMOVED
Mai 02 15:24:00 charon[12206]: 11[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Mai 02 15:24:00 charon[12206]: 11[NET] sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (212 bytes)
Mai 02 15:24:04 charon[12206]: 12[IKE] sending retransmit 1 of request message ID 0, seq 1
Mai 02 15:24:04 charon[12206]: 12[NET] sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (212 bytes)
Mai 02 15:24:04 charon[12206]: 13[NET] received packet: from IP_ADDRESS_REMOVED[500] to 192.168.0.107[500] (368 bytes)
Mai 02 15:24:04 charon[12206]: 13[ENC] parsed ID_PROT response 0 [ SA V V V V V V V V V ]
Mai 02 15:24:04 charon[12206]: 13[ENC] received unknown vendor ID: f7:58:f2:26:68:75:0f:03:b0:8d:f6:eb:e1:d0:04:03
Mai 02 15:24:04 charon[12206]: 13[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Mai 02 15:24:04 charon[12206]: 13[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Mai 02 15:24:04 charon[12206]: 13[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Mai 02 15:24:04 charon[12206]: 13[IKE] received NAT-T (RFC 3947) vendor ID
Mai 02 15:24:04 charon[12206]: 13[IKE] received XAuth vendor ID
Mai 02 15:24:04 charon[12206]: 13[ENC] received unknown vendor ID: f9:19:6d:f8:6b:81:2f:b0:f6:80:26:d8:87:6d:cb:7b:00:04:32:00
Mai 02 15:24:04 charon[12206]: 13[ENC] received unknown vendor ID: ac:40:f8:c4:38:99:27:c6:e8:ac:24:53:1b:b7:8b:2b:f1:44:56:32:9d:f4:65:34:0e:31:9d:04:21:6f:0f:0a:60:6e:31:6f:fd:3b:6c:78:02:ba:58:c0:53:eb:6c:23>
Mai 02 15:24:04 charon[12206]: 13[ENC] received unknown vendor ID: b6:c9:8c:ca:29:0a:eb:be:37:f1:9f:31:12:d2:d7:cb
Mai 02 15:24:04 charon[12206]: 13[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Mai 02 15:24:04 charon[12206]: 13[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Mai 02 15:24:04 charon[12206]: 13[NET] sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (372 bytes)
Mai 02 15:24:06 charon[12206]: 14[NET] received packet: from IP_ADDRESS_REMOVED[500] to 192.168.0.107[500] (356 bytes)
Mai 02 15:24:06 charon[12206]: 14[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Mai 02 15:24:06 charon[12206]: 14[IKE] local host is behind NAT, sending keep alives
Mai 02 15:24:06 charon[12206]: 14[IKE] remote host is behind NAT
Mai 02 15:24:06 charon[12206]: 14[ENC] generating ID_PROT request 0 [ ID HASH ]
Mai 02 15:24:06 charon[12206]: 14[NET] sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (68 bytes)
Mai 02 15:24:06 charon[12206]: 15[NET] received packet: from IP_ADDRESS_REMOVED[4500] to 192.168.0.107[4500] (68 bytes)
Mai 02 15:24:06 charon[12206]: 15[ENC] parsed ID_PROT response 0 [ ID HASH ]
Mai 02 15:24:06 charon[12206]: 15[IKE] IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] established between 192.168.0.107[192.168.0.107]...IP_ADDRESS_REMOVED[192.168.178.100]
Mai 02 15:24:06 charon[12206]: 15[IKE] IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] established between 192.168.0.107[192.168.0.107]...IP_ADDRESS_REMOVED[192.168.178.100]
Mai 02 15:24:06 charon[12206]: 15[IKE] scheduling reauthentication in 10224s
Mai 02 15:24:06 charon[12206]: 15[IKE] maximum IKE_SA lifetime 10764s
Mai 02 15:24:06 charon[12206]: 15[ENC] generating QUICK_MODE request 3926193982 [ HASH SA No ID ID NAT-OA NAT-OA ]
Mai 02 15:24:06 charon[12206]: 15[NET] sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (220 bytes)
Mai 02 15:24:06 charon[12206]: 01[NET] received packet: from IP_ADDRESS_REMOVED[4500] to 192.168.0.107[4500] (172 bytes)
Mai 02 15:24:06 charon[12206]: 01[ENC] parsed QUICK_MODE response 3926193982 [ HASH SA No ID ID NAT-OA NAT-OA ]
Mai 02 15:24:06 charon[12206]: 01[CFG] selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Mai 02 15:24:06 charon[12206]: 01[IKE] CHILD_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401{1} established with SPIs c5fae539_i 1726e4f4_o and TS 192.168.0.107/32[udp] === IP_ADDRESS_REMOVED/32[udp/l2f]
Mai 02 15:24:06 charon[12206]: 01[IKE] CHILD_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401{1} established with SPIs c5fae539_i 1726e4f4_o and TS 192.168.0.107/32[udp] === IP_ADDRESS_REMOVED/32[udp/l2f]
Mai 02 15:24:06 charon[12206]: 01[ENC] generating QUICK_MODE request 3926193982 [ HASH ]
Mai 02 15:24:06 NetworkManager[12235]: initiating Main Mode IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] to IP_ADDRESS_REMOVED
Mai 02 15:24:06 NetworkManager[12235]: generating ID_PROT request 0 [ SA V V V V V ]
Mai 02 15:24:06 NetworkManager[12235]: sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (212 bytes)
Mai 02 15:24:06 NetworkManager[12235]: sending retransmit 1 of request message ID 0, seq 1
Mai 02 15:24:06 NetworkManager[12235]: sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (212 bytes)
Mai 02 15:24:06 NetworkManager[12235]: received packet: from IP_ADDRESS_REMOVED[500] to 192.168.0.107[500] (368 bytes)
Mai 02 15:24:06 NetworkManager[12235]: parsed ID_PROT response 0 [ SA V V V V V V V V V ]
Mai 02 15:24:06 NetworkManager[12235]: received unknown vendor ID: f7:58:f2:26:68:75:0f:03:b0:8d:f6:eb:e1:d0:04:03
Mai 02 15:24:06 NetworkManager[12235]: received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Mai 02 15:24:06 NetworkManager[12235]: received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Mai 02 15:24:06 NetworkManager[12235]: received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Mai 02 15:24:06 NetworkManager[12235]: received NAT-T (RFC 3947) vendor ID
Mai 02 15:24:06 NetworkManager[12235]: received XAuth vendor ID
Mai 02 15:24:06 NetworkManager[12235]: received unknown vendor ID: f9:19:6d:f8:6b:81:2f:b0:f6:80:26:d8:87:6d:cb:7b:00:04:32:00
Mai 02 15:24:06 NetworkManager[12235]: received unknown vendor ID: ac:40:f8:c4:38:99:27:c6:e8:ac:24:53:1b:b7:8b:2b:f1:44:56:32:9d:f4:65:34:0e:31:9d:04:21:6f:0f:0a:60:6e:31:6f:fd:3b:6c:78:02:ba:58:c0:53:eb:6c:23>
Mai 02 15:24:06 NetworkManager[12235]: received unknown vendor ID: b6:c9:8c:ca:29:0a:eb:be:37:f1:9f:31:12:d2:d7:cb
Mai 02 15:24:06 NetworkManager[12235]: selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Mai 02 15:24:06 NetworkManager[12235]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Mai 02 15:24:06 NetworkManager[12235]: sending packet: from 192.168.0.107[500] to IP_ADDRESS_REMOVED[500] (372 bytes)
Mai 02 15:24:06 NetworkManager[12235]: received packet: from IP_ADDRESS_REMOVED[500] to 192.168.0.107[500] (356 bytes)
Mai 02 15:24:06 NetworkManager[12235]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Mai 02 15:24:06 NetworkManager[12235]: local host is behind NAT, sending keep alives
Mai 02 15:24:06 NetworkManager[12235]: remote host is behind NAT
Mai 02 15:24:06 NetworkManager[12235]: generating ID_PROT request 0 [ ID HASH ]
Mai 02 15:24:06 NetworkManager[12235]: sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (68 bytes)
Mai 02 15:24:06 NetworkManager[12235]: received packet: from IP_ADDRESS_REMOVED[4500] to 192.168.0.107[4500] (68 bytes)
Mai 02 15:24:06 NetworkManager[12235]: parsed ID_PROT response 0 [ ID HASH ]
Mai 02 15:24:06 charon[12206]: 01[NET] sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (60 bytes)
Mai 02 15:24:06 NetworkManager[12235]: IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] established between 192.168.0.107[192.168.0.107]...IP_ADDRESS_REMOVED[192.168.178.100]
Mai 02 15:24:06 NetworkManager[12235]: scheduling reauthentication in 10224s
Mai 02 15:24:06 NetworkManager[12235]: maximum IKE_SA lifetime 10764s
Mai 02 15:24:06 NetworkManager[12235]: generating QUICK_MODE request 3926193982 [ HASH SA No ID ID NAT-OA NAT-OA ]
Mai 02 15:24:06 NetworkManager[12235]: sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (220 bytes)
Mai 02 15:24:06 NetworkManager[12235]: received packet: from IP_ADDRESS_REMOVED[4500] to 192.168.0.107[4500] (172 bytes)
Mai 02 15:24:06 NetworkManager[12235]: parsed QUICK_MODE response 3926193982 [ HASH SA No ID ID NAT-OA NAT-OA ]
Mai 02 15:24:06 NetworkManager[12235]: selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Mai 02 15:24:06 NetworkManager[12235]: CHILD_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401{1} established with SPIs c5fae539_i 1726e4f4_o and TS 192.168.0.107/32[udp] === IP_ADDRESS_REMOVED/32[udp/l2f]
Mai 02 15:24:06 NetworkManager[12235]: connection '0623f3db-a0ee-408a-b6d0-a9bb051f0401' established successfully
Mai 02 15:24:06 nm-l2tp-service[12181]: xl2tpd started with pid 12243
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Not looking for kernel SAref support.
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Using l2tp kernel support.
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: xl2tpd version xl2tpd-1.3.12 started on PARA-BER-C-00025 PID:12243
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Forked by Scott Balmos and David Stipp, (C) 2001
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Inherited by Jeff McAdams, (C) 2002
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Listening on IP address 0.0.0.0, port 44832
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Connecting to host IP_ADDRESS_REMOVED, port 1701
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Connection established to IP_ADDRESS_REMOVED, 1701.  Local: 35053, Remote: 29135 (ref=0/0).
Mai 02 15:24:06 NetworkManager[12243]: xl2tpd[12243]: Calling on tunnel 35053
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: Call established with IP_ADDRESS_REMOVED, Local: 23566, Remote: 43987, Serial: 1 (ref=0/0)
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: start_pppd: I'm running:
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "/usr/sbin/pppd"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "plugin"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "pppol2tp.so"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "pppol2tp"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "7"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "passive"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "nodetach"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: ":"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "file"
Mai 02 15:24:07 NetworkManager[12243]: xl2tpd[12243]: "/run/nm-l2tp-0623f3db-a0ee-408a-b6d0-a9bb051f0401/ppp-options"
Mai 02 15:24:07 pppd[12244]: Plugin pppol2tp.so loaded.
Mai 02 15:24:07 pppd[12244]: Plugin /usr/lib/pppd/2.4.9/nm-l2tp-pppd-plugin.so loaded.
Mai 02 15:24:07 pppd[12244]: pppd 2.4.9 started by root, uid 0
Mai 02 15:24:07 pppd[12244]: Using interface ppp0
Mai 02 15:24:07 pppd[12244]: Connect: ppp0 <-->
Mai 02 15:24:07 pppd[12244]: Overriding mtu 1500 to 1400
Mai 02 15:24:07 pppd[12244]: Overriding mru 1500 to mtu value 1400
Mai 02 15:24:07 NetworkManager[619]: <info>  [1683033847.0233] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/11)
Mai 02 15:24:07 pppd[12244]: PAP authentication succeeded
Mai 02 15:24:07 charon[12206]: 10[KNL] 192.168.100.11 appeared on ppp0
Mai 02 15:24:07 charon[12206]: 12[KNL] 192.168.100.11 disappeared from ppp0
Mai 02 15:24:07 charon[12206]: 14[KNL] 192.168.100.11 appeared on ppp0
Mai 02 15:24:07 charon[12206]: 09[KNL] interface ppp0 activated
Mai 02 15:24:07 NetworkManager[619]: <info>  [1683033847.5148] device (ppp0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Mai 02 15:24:07 pppd[12244]: local  IP address 192.168.100.11
Mai 02 15:24:07 pppd[12244]: remote IP address IP_ADDRESS_REMOVED
Mai 02 15:24:07 pppd[12244]: primary   DNS address 192.168.1.225
Mai 02 15:24:07 NetworkManager[619]: <info>  [1683033847.5157] device (ppp0): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'external')
Mai 02 15:24:07 NetworkManager[619]: <info>  [1683033847.5723] policy: set 'NAME_REMOVED' (ppp0) as default for IPv4 routing and DNS
Mai 02 15:24:07 charon[12206]: 09[NET] using forecast interface eno1
Mai 02 15:24:07 charon[12206]: 09[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
Mai 02 15:24:27 charon[12206]: 14[IKE] sending keep alive to IP_ADDRESS_REMOVED[4500]
Mai 02 15:24:47 charon[12206]: 07[IKE] sending keep alive to IP_ADDRESS_REMOVED[4500]
Mai 02 15:25:09 NetworkManager[619]: <info>  [1683033909.2111] manager: NetworkManager state is now CONNECTED_SITE
Mai 02 15:25:25 charon[12206]: 05[IKE] sending keep alive to IP_ADDRESS_REMOVED[4500]
Mai 02 15:25:38 NetworkManager[12243]: xl2tpd[12243]: Maximum retries exceeded for tunnel 35053.  Closing.
Mai 02 15:25:38 NetworkManager[12243]: xl2tpd[12243]: Terminating pppd: sending TERM signal to pid 12244
Mai 02 15:25:38 NetworkManager[12243]: xl2tpd[12243]: Connection 29135 closed to IP_ADDRESS_REMOVED, port 1701 (Timeout)
Mai 02 15:25:38 pppd[12244]: Terminating on signal 15
Mai 02 15:25:38 pppd[12244]: Connect time 1.5 minutes.
Mai 02 15:25:38 pppd[12244]: Sent 5911590 bytes, received 0 bytes.
Mai 02 15:25:38 charon[12206]: 06[KNL] interface ppp0 deactivated
Mai 02 15:25:38 charon[12206]: 05[KNL] 192.168.100.11 disappeared from ppp0
Mai 02 15:25:38 NetworkManager[619]: <info>  [1683033938.0585] device (ppp0): state change: disconnected -> unmanaged (reason 'connection-assumed', sys-iface-state: 'external')
Mai 02 15:25:38 pppd[12244]: Overriding mtu 1500 to 1400
Mai 02 15:25:38 pppd[12244]: Overriding mru 1500 to mtu value 1400
Mai 02 15:25:38 NetworkManager[12243]: xl2tpd[12243]: get_call: can't find call 23566 in tunnel 35053
Mai 02 15:25:38 NetworkManager[12243]:  (ref=0/0)xl2tpd[12243]: get_call: can't find call 23566 in tunnel 35053
Mai 02 15:25:38 NetworkManager[12243]:  (ref=0/0)xl2tpd[12243]: control_finish: Connection closed to IP_ADDRESS_REMOVED, port 1701 (), Local: 35053, Remote: 29135
Mai 02 15:25:38 pppd[12244]: Connection terminated.
Mai 02 15:25:38 charon[12206]: 07[KNL] interface ppp0 deleted
Mai 02 15:25:38 NetworkManager[12352]: Stopping strongSwan IPsec...
Mai 02 15:25:38 charon[12206]: 00[DMN] SIGINT received, shutting down
Mai 02 15:25:38 charon[12206]: 00[IKE] closing CHILD_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401{1} with SPIs c5fae539_i (693 bytes) 1726e4f4_o (5357287 bytes) and TS 192.168.0.107/32[udp] === IP_ADDRESS_REMOVED/32[udp/l>
Mai 02 15:25:38 charon[12206]: 00[IKE] closing CHILD_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401{1} with SPIs c5fae539_i (693 bytes) 1726e4f4_o (5357287 bytes) and TS 192.168.0.107/32[udp] === IP_ADDRESS_REMOVED/32[udp/l>
Mai 02 15:25:38 charon[12206]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c5fae539
Mai 02 15:25:38 charon[12206]: 00[ENC] generating INFORMATIONAL_V1 request 1271279599 [ HASH D ]
Mai 02 15:25:38 charon[12206]: 00[NET] sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (76 bytes)
Mai 02 15:25:38 charon[12206]: 00[IKE] deleting IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] between 192.168.0.107[192.168.0.107]...IP_ADDRESS_REMOVED[192.168.178.100]
Mai 02 15:25:38 charon[12206]: 00[IKE] deleting IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1] between 192.168.0.107[192.168.0.107]...IP_ADDRESS_REMOVED[192.168.178.100]
Mai 02 15:25:38 charon[12206]: 00[IKE] sending DELETE for IKE_SA 0623f3db-a0ee-408a-b6d0-a9bb051f0401[1]
Mai 02 15:25:38 charon[12206]: 00[ENC] generating INFORMATIONAL_V1 request 1179617094 [ HASH D ]
Mai 02 15:25:38 charon[12206]: 00[NET] sending packet: from 192.168.0.107[4500] to IP_ADDRESS_REMOVED[4500] (84 bytes)
Mai 02 15:25:38 NetworkManager[12243]: xl2tpd[12243]: death_handler: Fatal signal 15 received
Mai 02 15:25:38 pppd[12244]: Exit.
Mai 02 15:25:38 ipsec_starter[12205]: child 12206 (charon) has quit (exit code 0)
Mai 02 15:25:38 ipsec_starter[12205]:
Mai 02 15:25:38 ipsec_starter[12205]: charon stopped after 200 ms
Mai 02 15:25:38 ipsec_starter[12205]: ipsec starter stopped
Mai 02 15:25:38 nm-l2tp-service[12181]: ipsec shut down
Mai 02 15:25:38 NetworkManager[619]: <info>  [1683033938.2166] policy: set 'Wired connection 1' (eno1) as default for IPv4 routing and DNS
Mai 02 15:25:40 NetworkManager[619]: <info>  [1683033940.2914] manager: NetworkManager state is now CONNECTED_GLOBAL

答案1

解决了,感谢askubuntu.com/a/1466325/1692785

相关内容