我使用Ubuntu 12.04下的network-manager-pptp来配置vpn。
IPv4 Settings:
Automatic
VPN:
Gateway - set
User name - set
Password - Always Ask
PPTP Advanced Option:
PAP, CHAP, MSCHAP, EAP - unchecked
MSCHAPv2 - checked
Use Point-to Point encryption (MPPE) - checked
Securtity - 128-bit
all other settings are unchecked
但当我尝试连接到 vpn 时,我总是收到相同的消息:连接失败。Ubuntu 10.04 上也存在同样的问题。在系统日志中,我有:
<info> VPN service 'pptp' started (org.freedesktop.NetworkManager.pptp), PID 3042
May 23 22:17:42 NR5 NetworkManager[983]: <info> VPN service 'pptp' appeared; activating connections
May 23 22:17:42 NR5 NetworkManager[983]: <info> VPN plugin state changed: init (1)
May 23 22:17:42 NR5 NetworkManager[983]: <info> VPN plugin state changed: starting (3)
May 23 22:17:42 NR5 NetworkManager[983]: <info> VPN connection 'VPN NAME' (Connect) reply received.
May 24 00:21:00 NR5 pppd[9773]: Plugin /usr/lib/pppd/2.4.5/nm-pptp-pppd-plugin.so loaded.
May 24 00:21:00 NR5 pppd[9773]: pppd 2.4.5 started by root, uid 0
May 24 00:21:00 NR5 pppd[9773]: Using interface ppp0
May 24 00:21:00 NR5 pppd[9773]: Connect: ppp0 <--> /dev/pts/3
May 24 00:21:00 NR5 pptp[9776]: nm-pptp-service-9764 log[main:pptp.c:314]: The synchronous pptp option is NOT activated
May 23 22:17:42 NR5 NetworkManager[983]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
May 23 22:17:42 NR5 NetworkManager[983]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
May 24 00:21:01 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
May 24 00:21:01 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
May 24 00:21:01 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
May 24 00:21:02 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
May 24 00:21:02 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
May 24 00:21:02 NR5 pptp[9786]: nm-pptp-service-9764 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 32930).
May 24 00:21:31 NR5 pppd[9773]: LCP: timeout sending Config-Requests
May 24 00:21:31 NR5 pppd[9773]: Connection terminated.
May 23 22:18:13 NR5 NetworkManager[983]: <warn> VPN plugin failed: 1
May 23 22:18:14 NR5 NetworkManager[983]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
May 23 22:18:14 NR5 NetworkManager[983]: <warn> VPN plugin failed: 1
May 23 22:18:14 NR5 NetworkManager[983]: <warn> VPN plugin failed: 1
May 23 22:18:14 NR5 NetworkManager[983]: <info> VPN plugin state changed: stopped (6)
May 23 22:18:14 NR5 NetworkManager[983]: <info> VPN plugin state change reason: 0
May 23 22:18:14 NR5 NetworkManager[983]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
在我开始 VPN 连接之前,路由表如下所示:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
在我尝试启动 vpn 之后,来自 vpn 服务器的 ip 地址 XXXX 被添加到路由表中:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
X.X.X.X 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
相同的 VPN 连接在 Windows 下的同一台机器上也能正常运行。
如果您有任何建议,我会很高兴。非常感谢。
答案1
您的连接超时 ( LCP: timeout sending Config-Requests
),这可能是由于您的路由器不允许 PPTP 连接从 WAN 传递到 NAT 后面的主机所致。请检查您的路由器配置,确定是否启用了 PPTP 传递功能并将其转发到您想要建立隧道的计算机。
答案2
这帮助我解决了 12.04 中的问题,希望它也能帮到你。复制自这个 Ubuntu 维基页面
运行以下命令:
sudo apt-get install pptp-linux
创建/etc/ppp/peers/YOUR_COMPANY
包含以下内容的文件:
pty "pptp YOUR_VPN_GATEWAY --nolaunchpppd"
debug
nodetach
logfd 2
noproxyarp
ipparam YOUR_COMPANY
remotename YOUR_COMPANY
name YOUR_DOMAIN_OR_SERVER_NAME\\YOUR_VPN_LOGIN
require-mppe-128
nobsdcomp
nodeflate
lock
noauth
refuse-eap
refuse-chap
refuse-mschap
添加/etc/ppp/chap-secrets
:
YOUR_DOMAIN_OR_SERVER_NAME\\YOUR_VPN_LOGIN * YOUR_VPN_PASSWORD *
创建/etc/ppp/ip-up.d/add-subnet
内容类似于以下内容的文件:
[ "$PPP_IPPARAM" = "YOUR_COMPANY" ] || exit 0
route add -net 192.168.100.0/24 dev $PPP_IFACE
在上面一行中,根据需要调整子网值(192.168.100.0/24)
然后运行:
sudo chmod a+x /etc/ppp/ip-up.d/add-subnet
连接到 VPN:sudo pon YOUR_COMPANY 要断开连接,请按 Ctrl+C 或关闭终端。
如果您不想看到 VPN 连接调试输出,请在文件 /etc/ppp/peers/YOUR_COMPANY 中删除 3 行:debug nodetach logfd 2
在这种情况下,“pon YOUR_COMPANY”将作为后台进程运行。使用“poff YOUR_COMPANY”断开连接。