我正在尝试连接到 PPTP VPN 服务器。同样的配置在 Windows 中运行良好,但在 Ubuntu 12.10 中失败。一定是配置问题。
sudo pptpsetup --create MYVPN --server xxx.xxx.xxx.xxx --username username --password password
一切都设置正确。但是当我尝试实际运行 VPN 时,我得到了以下信息:
$ sudo pppd call MYVPN updetach
Using interface ppp1
Connect: ppp1 <--> /dev/pts/2
LCP: timeout sending Config-Requests
Connection terminated.
Modem hangup
当我这样做以获取更多详细信息时:
tail -n 30 /var/log/syslog | grep -i ppp
Mar 18 06:33:08 tp pppd[5082]: pppd 2.4.5 started by root, uid 0
Mar 18 06:33:08 tp pppd[5082]: Using interface ppp1
Mar 18 06:33:08 tp pppd[5082]: Connect: ppp1 <--> /dev/pts/2
Mar 18 06:33:08 tp NetworkManager[988]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Mar 18 06:33:08 tp NetworkManager[988]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp1, iface: ppp1): no ifupdown configuration found.
Mar 18 06:33:08 tp NetworkManager[988]: <warn> /sys/devices/virtual/net/ppp1: couldn't determine device driver; ignoring...
Mar 18 06:34:18 tp pppd[5082]: LCP: timeout sending Config-Requests
Mar 18 06:34:18 tp pppd[5082]: Connection terminated.
Mar 18 06:34:18 tp NetworkManager[988]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Mar 18 06:34:18 tp pppd[5082]: Modem hangup
Mar 18 06:34:18 tp pptp[5084]: anon warn[decaps_hdlc:pptp_gre.c:216]: pppd may have shutdown, see pppd log
Mar 18 06:34:18 tp pppd[5082]: Exit.
为什么无法连接?它在 Windows 上运行良好,因此一定是 Ubuntu 12.10 设置出了问题...
编辑:
sudo pppd call MYVPN debug dump logfd 2 updetach
是否有关于如何利用这些信息来查看可能出了什么问题的信息?
pppd options in effect:
debug # (from command line)
updetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/peers/MYVPN)
name username # (from /etc/ppp/peers/MYVPN)
remotename MYVPN # (from /etc/ppp/peers/MYVPN)
# (from /etc/ppp/peers/MYVPN)
pty pptp xxx.xxx.xxx.xxx --nolaunchpppd # (from /etc/ppp/peers/MYVPN)
crtscts # (from /etc/ppp/options)
# (from /etc/ppp/options)
asyncmap 0 # (from /etc/ppp/options)
lcp-echo-failure 4 # (from /etc/ppp/options)
lcp-echo-interval 30 # (from /etc/ppp/options)
hide-password # (from /etc/ppp/options)
ipparam MYVPN # (from /etc/ppp/peers/MYVPN)
nobsdcomp # (from /etc/ppp/peers/MYVPN)
nodeflate # (from /etc/ppp/peers/MYVPN)
noipx # (from /etc/ppp/options)
using channel 27
Using interface ppp1
Connect: ppp1 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]> < 17 04 01 00>]
sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 01 00>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]> < 17 04 01 00>]
sent [LCP ConfRej id=0x1 <callback CBCP> <mrru 1614> < 17 04 01 00>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x4 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]> < 17 04 01 00>]
sent [LCP ConfRej id=0x4 <callback CBCP> <mrru 1614> < 17 04 01 00>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x6 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
sent [LCP ConfAck id=0x6 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x9 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
sent [LCP ConfAck id=0x9 <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e812c17> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0xc <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
sent [LCP ConfAck id=0xc <mru 1400> <auth chap MD5> <magic 0x27f847d4> <pcomp> <accomp> <endpoint [local:f8.7d.55.9e.60.00.42.53.ac.37.23.b6.c9.f4.6d.2f.00.00.00.00]>]
LCP: timeout sending Config-Requests
Connection terminated.
Modem hangup
Waiting for 1 child processes...
script pptp xxx.xxx.xx.xxx --nolaunchpppd, pid 6815
Script pptp xxx.xxx.xx.xxx --nolaunchpppd finished (pid 6815), status = 0x0
答案1
我在 VPN 上遇到了完全相同的问题,该问题在 Ubuntu 14.04 LTS 上安装 Utopic HWE 内核 3.16.0 后开始出现。
经过研究我找到了问题的根本原因:
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x792e9abe> <pcomp> <accomp>]
LCP: timeout sending Config-Requests
Connection terminated.
Modem hangup
根本原因是启动时没有加载两个必需的 netfilter 内核模块:
nf_conntrack_pptp
nf_conntrack_proto_gre
解决方法:加载nf_conntrack_pptp模块,后者是其依赖项,会自动加载。
sudo modprobe nf_conntrack_pptp
参考:
答案2
我在 Google 上搜索了一段时间的“LCP:发送配置请求超时”,但找不到解决方案。有些帖子说这与路由器设置有关,但我的 MAC 和安卓手机连接没有问题,所以这不是我的路由器的问题。
在仔细研究了 ppp 设置后,我找到了适合我的解决方案。编辑 /etc/ppp/options,启用选项 silent,然后问题就解决了。
# With this option, pppd will not transmit LCP packets to initiate a
# connection until a valid LCP packet is received from the peer (as for
# the "passive" option with old versions of pppd).
silent
我使用 Ubuntu 12.04,并从 GUI 设置 VPN
答案3
对于大多数发行版,您必须为某些 PPTP/VPN 服务器加载nf_conntrack_pptp和nf_conntrack_proto_gre内核模块。这可以通过以下方式完成:
$ sudo modprobe nf_conntrack_pptp
(nf_conntrack_proto_gre作为依赖项自动加载nf_conntrack_pptp)
答案4
其他解决方案都没用,但我找到了另一个解决方案。遇到了同样的错误,尝试连接但超时了。
调试
我照做了$ tail -f /var/log/syslog,看到了大约 10 行这样的消息:
4 月 21 日 22:20:37 用户 PC 内核:[3008.652602] [UFW BLOCK] IN=wlxxxxxxxxxxxx OUT= MAC=00:a0:a0:00:00:00:a0:a0:a0:00:00:00:00:00 SRC=111.222.333.444 DST=111.222.333.444 LEN=54 TOS=0x00 PREC=0x00 TTL=59 ID=43069 PROTO=47
然后出现失败消息
4 月 21 日 22:20:38 tp pppd[5082]: LCP: 发送配置请求超时
使固定
由于我看到 [UFW BLOCK],我发现 UFW(防火墙)正在阻止传入流量。然后使用以下命令向 UFW 添加规则以允许来自我的 VPN 客户端的流量:
$ sudo ufw allow proto gre from [ip_of_pptp_server]
$ sudo service ufw restart
然后我尝试重新连接 PPTP VPN,并且成功了。