我正在尝试在 Ubuntu 上连接到我大学的 VPN。遗憾的是,他们没有提供任何有关 Linux(我在 Ubuntu 16.04)VPN 设置的指导,只有 Windows 和 Mac,所以我尝试根据他们提供的信息进行连接。
这是他们的在线指南 -https://www.stir.ac.uk/is/student/it/connect/off-campus/
根据 Mac 安装指南,其中说明:
“VPN 类型:L2TP over IPsec”..所以我运行了sudo apt-get install network-manager-l2tp-gnome,重新启动了 Ubuntu,现在我可以选择创建第 2 层隧道协议 (L2TP) 连接。
我按照他们的指示输入了网关和用户名。由于他们还要求“通过 IPsec”,我选中了“IPsec 设置...”>“启用到 L2TP 主机的 IPsec 隧道”框,我还在预共享密钥框中输入了“秘密”。顺便说一句,在设置这些之前我也尝试过连接,但没有成功,现在我输入了它们也还是没有成功。
如果有帮助的话,以下是来自的日志sudo tail -f /var/log/syslog:
Mar 1 15:29:32 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918172.6221] audit: op="connection-activate" uuid="9f1fcb5e-7d9b-41e2-9637-2a9545283b10" name="UoS VPN" pid=2301 uid=1000 result="success"
Mar 1 15:29:32 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918172.6310] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: Started the VPN service, PID 4452
Mar 1 15:29:32 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918172.6452] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: Saw the service appear; activating connection
Mar 1 15:29:32 martyn-Lenovo-B590 gnome-session[1999]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918177.6835] keyfile: update /etc/NetworkManager/system-connections/UoS VPN (9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN")
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918177.6915] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: VPN connection: (ConnectInteractive) reply received
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <info> ipsec enable flag: yes
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: ** Message: Check port 1701
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: ** Message: Can't bind to port 1701
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <warn> L2TP port 1701 is busy, using ephemeral.
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <info> starting ipsec
Mar 1 15:29:37 martyn-Lenovo-B590 NetworkManager[954]: Stopping strongSwan IPsec failed: starter is not running
Mar 1 15:29:39 martyn-Lenovo-B590 NetworkManager[954]: Starting strongSwan 5.3.5 IPsec [starter]...
Mar 1 15:29:39 martyn-Lenovo-B590 NetworkManager[954]: Loading config setup
Mar 1 15:29:39 martyn-Lenovo-B590 NetworkManager[954]: Loading conn '9f1fcb5e-7d9b-41e2-9637-2a9545283b10'
Mar 1 15:29:39 martyn-Lenovo-B590 NetworkManager[954]: found netkey IPsec stack
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-116-generic, x86_64)
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-9f1fcb5e-7d9b-41e2-9637-2a9545283b10.secrets'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[CFG] loaded IKE secret for %any
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[LIB] loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 00[JOB] spawning 16 worker threads
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 13[CFG] received stroke: add connection '9f1fcb5e-7d9b-41e2-9637-2a9545283b10'
Mar 1 15:29:39 martyn-Lenovo-B590 charon: 13[CFG] added configuration '9f1fcb5e-7d9b-41e2-9637-2a9545283b10'
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 01[CFG] rereading secrets
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 01[CFG] loading secrets from '/etc/ipsec.secrets'
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 01[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-9f1fcb5e-7d9b-41e2-9637-2a9545283b10.secrets'
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 01[CFG] loaded IKE secret for %any
Mar 1 15:29:40 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <info> Spawned ipsec up script with PID 4531.
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 11[CFG] received stroke: initiate '9f1fcb5e-7d9b-41e2-9637-2a9545283b10'
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 07[IKE] initiating Main Mode IKE_SA 9f1fcb5e-7d9b-41e2-9637-2a9545283b10[1] to 139.153.12.200
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 07[ENC] generating ID_PROT request 0 [ SA V V V V ]
Mar 1 15:29:40 martyn-Lenovo-B590 charon: 07[NET] sending packet: from 192.168.1.134[500] to 139.153.12.200[500] (248 bytes)
Mar 1 15:29:44 martyn-Lenovo-B590 charon: 02[IKE] sending retransmit 1 of request message ID 0, seq 1
Mar 1 15:29:44 martyn-Lenovo-B590 charon: 02[NET] sending packet: from 192.168.1.134[500] to 139.153.12.200[500] (248 bytes)
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <warn> Timeout trying to establish IPsec connection
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <info> Terminating ipsec script with PID 4531.
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: Stopping strongSwan IPsec...
Mar 1 15:29:50 martyn-Lenovo-B590 charon: 00[DMN] signal of type SIGINT received. Shutting down
Mar 1 15:29:50 martyn-Lenovo-B590 charon: 00[IKE] destroying IKE_SA in state CONNECTING without notification
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: initiating Main Mode IKE_SA 9f1fcb5e-7d9b-41e2-9637-2a9545283b10[1] to 139.153.12.200
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: generating ID_PROT request 0 [ SA V V V V ]
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: sending packet: from 192.168.1.134[500] to 139.153.12.200[500] (248 bytes)
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: sending retransmit 1 of request message ID 0, seq 1
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: sending packet: from 192.168.1.134[500] to 139.153.12.200[500] (248 bytes)
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: destroying IKE_SA in state CONNECTING without notification
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: nm-l2tp[4452] <warn> Could not establish IPsec tunnel.
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: (nm-l2tp-service:4452): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918190.9294] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: VPN plugin: state changed: stopped (6)
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918190.9315] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: VPN plugin: state change reason: unknown (0)
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: <info> [1519918190.9339] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: VPN service disappeared
Mar 1 15:29:50 martyn-Lenovo-B590 NetworkManager[954]: <warn> [1519918190.9360] vpn-connection[0x27291e0,9f1fcb5e-7d9b-41e2-9637-2a9545283b10,"UoS VPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
我确实尝试用谷歌搜索一些错误,但没有找到任何有用的东西,尽管这有点超出我的理解范围。
我可能遗漏了什么吗?提前致谢。
答案1
您正在连接的 VPN 服务器(extvpn.stir.ac.uk) 仅提出了弱算法,请参阅 README.md 文件:
您需要在 IPsec 选项对话框的高级部分中输入以下内容:
- 第一阶段算法:aes-sha1-modp1024
- Phase2 算法:aes-sha1
您可能还需要停止系统 xl2tpd,请参阅 README.md 文件: