我在 Windows 7 上使用 Cisco Anyconnect VPN 与无线路由器(Belkin F5D8635-4 v1 Wireless N)时遇到了问题。有时可以连接,但通常要等到路由器重置后才能连接。无线网卡是 Realtek RTL8192SE 802.11B/G/N。打开网络监视器,似乎这就是无法连接时发生的情况。
125 5 7:48:44 AM 6/2/2013 2.7738830 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Query for vpn.caltech.edu of type Host Addr on class Internet {DNS:2, UDP:1, IPv4:3}
121 6 7:48:44 AM 6/2/2013 2.7750846 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Query for wpad.Belkin of type Host Addr on class Internet {DNS:4, UDP:3, IPv4:3}
141 7 7:48:44 AM 6/2/2013 2.7751546 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Response - Success, 192.41.208.57 {DNS:2, UDP:1, IPv4:3}
196 8 7:48:44 AM 6/2/2013 2.7761219 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Response - Name Error {DNS:4, UDP:3, IPv4:3}
在响应 wpad.Belkin DNS 查询时,在名称错误处停止。恐怕我对 TCP/IP 了解不够,无法理解这意味着什么。不确定这是否是我的 ISP(Virgin Broadband)的问题。我尝试切换到路由器中的 OpenDNS 服务器。另一个路由器也遇到过类似的问题,但我没有查看那个路由器的数据包。发现其他人在其他地方遇到过类似的问题,但没有解决方案。有什么想法吗?谢谢!
顺便说一下,路由器日志看起来像这样 - 意识到大多数端口扫描警报都是假的,但想知道它们是否与分辨率问题有关。
Jun 2 05:58:33 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: udhcpd (v0.9.9-pre) started
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: received REQUEST
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: received REQUEST
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2
Jun 2 06:07:28 localhost local0.info udhcpd[1864]: Timed out. Exiting
Jun 2 06:08:17 localhost local0.info udhcpd[8647]: udhcpd (v0.9.9-pre) started
Jun 2 06:13:17 localhost local0.info udhcpd[8647]: Timed out. Exiting
Jun 2 06:13:37 localhost local0.info udhcpd[14800]: udhcpd (v0.9.9-pre) started
Jun 2 06:18:37 localhost local0.info udhcpd[14800]: Timed out. Exiting
Jun 2 06:18:53 localhost local0.info udhcpd[20975]: udhcpd (v0.9.9-pre) started
Jun 2 06:23:53 localhost local0.info udhcpd[20975]: Timed out. Exiting
Jun 2 06:24:12 localhost local0.info udhcpd[27065]: udhcpd (v0.9.9-pre) started
Jun 2 06:29:12 localhost local0.info udhcpd[27065]: Timed out. Exiting
Jun 2 06:29:38 localhost local0.info udhcpd[933]: udhcpd (v0.9.9-pre) started
Jun 2 06:33:00 localhost user.crit syslog: User from 192.168.2.2 login success !
Jun 2 06:34:38 localhost local0.info udhcpd[933]: Timed out. Exiting
Jun 2 06:34:56 localhost local0.info udhcpd[7117]: udhcpd (v0.9.9-pre) started
Jun 2 06:39:56 localhost local0.info udhcpd[7117]: Timed out. Exiting
Jun 2 06:41:07 localhost local0.info udhcpd[14308]: udhcpd (v0.9.9-pre) started
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: received REQUEST
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: sending ACK to 192.168.2.2
Jun 2 06:46:07 localhost local0.info udhcpd[14308]: Timed out. Exiting
Jun 2 06:46:32 localhost local0.info udhcpd[20535]: udhcpd (v0.9.9-pre) started
Jun 2 06:46:45 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 06:51:32 localhost local0.info udhcpd[20535]: Timed out. Exiting
Jun 2 06:52:36 localhost local0.info udhcpd[27617]: udhcpd (v0.9.9-pre) started
Jun 2 06:57:36 localhost local0.info udhcpd[27617]: Timed out. Exiting
Jun 2 06:58:19 localhost local0.info udhcpd[1757]: udhcpd (v0.9.9-pre) started
Jun 2 07:03:19 localhost local0.info udhcpd[1757]: Timed out. Exiting
Jun 2 07:03:35 localhost local0.info udhcpd[7847]: udhcpd (v0.9.9-pre) started
Jun 2 07:08:35 localhost local0.info udhcpd[7847]: Timed out. Exiting
Jun 2 07:09:06 localhost local0.info udhcpd[14284]: udhcpd (v0.9.9-pre) started
Jun 2 07:14:06 localhost local0.info udhcpd[14284]: Timed out. Exiting
Jun 2 07:14:26 localhost local0.info udhcpd[20479]: udhcpd (v0.9.9-pre) started
Jun 2 07:19:26 localhost local0.info udhcpd[20479]: Timed out. Exiting
Jun 2 07:20:25 localhost local0.info udhcpd[27465]: udhcpd (v0.9.9-pre) started
Jun 2 07:25:25 localhost local0.info udhcpd[27465]: Timed out. Exiting
Jun 2 07:25:41 localhost local0.info udhcpd[1148]: udhcpd (v0.9.9-pre) started
Jun 2 07:30:41 localhost local0.info udhcpd[1148]: Timed out. Exiting
Jun 2 07:31:04 localhost local0.info udhcpd[7465]: udhcpd (v0.9.9-pre) started
Jun 2 07:36:04 localhost local0.info udhcpd[7465]: Timed out. Exiting
Jun 2 07:37:38 localhost local0.info udhcpd[15008]: udhcpd (v0.9.9-pre) started
Jun 2 07:42:38 localhost local0.info udhcpd[15008]: Timed out. Exiting
Jun 2 07:44:53 localhost local0.info udhcpd[23354]: udhcpd (v0.9.9-pre) started
Jun 2 07:46:40 localhost user.crit syslog: User from 192.168.2.2 login success !
Jun 2 07:49:53 localhost local0.info udhcpd[23354]: Timed out. Exiting
Jun 2 07:54:55 localhost local0.info udhcpd[2936]: udhcpd (v0.9.9-pre) started
Jun 2 07:59:55 localhost local0.info udhcpd[2936]: Timed out. Exiting
Jun 2 08:04:57 localhost local0.info udhcpd[14605]: udhcpd (v0.9.9-pre) started
Jun 2 08:09:08 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 08:09:57 localhost local0.info udhcpd[14605]: Timed out. Exiting
Jun 2 08:12:49 localhost local0.info udhcpd[23749]: udhcpd (v0.9.9-pre) started
Jun 2 08:17:49 localhost local0.info udhcpd[23749]: Timed out. Exiting
Jun 2 08:19:49 localhost local0.info udhcpd[31891]: udhcpd (v0.9.9-pre) started
Jun 2 08:24:49 localhost local0.info udhcpd[31891]: Timed out. Exiting
Jun 2 08:25:01 localhost local0.info udhcpd[5533]: udhcpd (v0.9.9-pre) started
Jun 2 08:30:01 localhost local0.info udhcpd[5533]: Timed out. Exiting
Jun 2 08:35:03 localhost local0.info udhcpd[17262]: udhcpd (v0.9.9-pre) started
Jun 2 08:37:40 localhost user.crit syslog: User from 192.168.2.2 login success !
Firewall log:
Jun 2 03:05:40 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:05:41 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:05:42 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:06:45 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Source port is 33087, and destination port is 61440 which use the UDP protocol.
Jun 2 03:06:46 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 108.160.162.37. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:15:19 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:15:25 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:17:47 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:17:48 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 32.58.65.146. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 04:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 208.85.209.17. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 05:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 198.252.206.25. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 05:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 06:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 06:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 50.18.252.211. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 07:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
编辑:作为参考,这是一个成功的连接。名称错误也发生在那里,但似乎无关紧要。
121 3 9:39:59 AM 6/2/2013 2.4943862 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x3506, QUERY (Standard query), Query for wpad.Belkin of type Host Addr on class Internet {DNS:3, UDP:2, IPv4:1}
392 4 9:39:59 AM 6/2/2013 2.4986302 PS-THINKPAD 255.255.255.255 DHCP DHCP:Request, MsgType = INFORM, TransactionID = 0x0EF1238D {DHCP:6, UDP:11, IPv4:1}
196 5 9:39:59 AM 6/2/2013 2.4989521 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x3506, QUERY (Standard query), Response - Name Error {DNS:3, UDP:2, IPv4:1}
134 6 9:39:59 AM 6/2/2013 2.4995933 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:8, IPv6:7}
114 7 9:39:59 AM 6/2/2013 2.5008695 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:10, IPv4:9}
640 8 9:39:59 AM 6/2/2013 2.5035848 192.168.2.1 PS-THINKPAD DHCP DHCP:Reply, MsgType = ACK, TransactionID = 0x0EF1238D {DHCP:6, UDP:11, IPv4:1}
125 9 9:39:59 AM 6/2/2013 2.5363506 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Query for vpn.caltech.edu of type Host Addr on class Internet {DNS:13, UDP:12, IPv4:1}
141 10 9:39:59 AM 6/2/2013 2.5377057 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Response - Success, 192.41.208.57 {DNS:13, UDP:12, IPv4:1}
134 11 9:39:59 AM 6/2/2013 2.5592248 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:14, IPv6:7}
114 12 9:39:59 AM 6/2/2013 2.5619238 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:15, IPv4:9}
134 13 9:39:59 AM 6/2/2013 2.6067949 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:8, IPv6:7}
114 14 9:39:59 AM 6/2/2013 2.6068906 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:10, IPv4:9}
134 15 9:39:59 AM 6/2/2013 2.6692384 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:14, IPv6:7}
114 16 9:39:59 AM 6/2/2013 2.6693280 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:15, IPv4:9}
142 17 9:39:59 AM 6/2/2013 2.8099953 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 18 9:39:59 AM 6/2/2013 2.8722391 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 19 9:40:00 AM 6/2/2013 3.5738980 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 20 9:40:00 AM 6/2/2013 3.6362705 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 21 9:40:01 AM 6/2/2013 4.3382645 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 22 9:40:01 AM 6/2/2013 4.4006818 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
125 23 9:40:02 AM 6/2/2013 5.2251198 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x717, QUERY (Standard query), Query for vpn.caltech.edu of type AAAA on class Internet {DNS:19, UDP:18, IPv4:1}
181 24 9:40:02 AM 6/2/2013 5.2447957 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x717, QUERY (Standard query), Response - Success {DNS:19, UDP:18, IPv4:1}
125 25 9:40:02 AM 6/2/2013 5.2469250 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x831C, QUERY (Standard query), Query for vpn.caltech.edu of type AAAA on class Internet {DNS:21, UDP:20, IPv4:1}
181 26 9:40:02 AM 6/2/2013 5.2485386 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x831C, QUERY (Standard query), Response - Success {DNS:21, UDP:20, IPv4:1}
116 27 9:40:02 AM 6/2/2013 5.3215829 vpnui.exe PS-THINKPAD vpn.caltech.edu TCP TCP:Flags=......S., SrcPort=49200, DstPort=HTTPS(443), PayloadLen=0, Seq=3900950642, Ack=0, Win=8192 ( Negotiating scale factor 0x2 ) = 8192 {TCP:23, IPv4:22}
答案1
这个问题已经解决了。我做了一些调整,但没有机会单独测试它们(我与另一个使用 BIG-IP Edge Client VPN 工作的人共享连接,它也无法正常工作),所以我将放弃一切 - 希望它能帮助其他遇到同样问题的人。首先,我在路由器上禁用了 UPnP。我在回答别人的问题时发现了这个建议,并怀疑这是罪魁祸首。此外,运行该工具这里显示路由器上 UPnP 的实现不安全,这进一步激发了我的兴趣。我还禁用了 WPS(另一个建议)。我将路由器和 Windows 上的 MTU 大小设置为 1500。我还将路由器设置为仅无线 n(无 b 或 g)。最后,我尝试了几种不同版本的网卡驱动程序,因为它们一直不稳定,并导致间歇性 DRIVER_POWER_STATE_FAILURE BSOD。然而,共享连接的另一个人没有更改他们的驱动程序,所以唯一可能有帮助的方法是,如果我的卡以某种方式绑定了路由器,这似乎不太可能。不幸的是,它并没有帮助提高稳定性,但后来似乎也通过禁用无线网络连接属性中的一些不需要的选项(如 Vlan、链路层发现和 TCP-IP 6)得到了缓解。这不是最令人满意的解决方案,但到目前为止似乎有效(祈祷)。我打算在有时间的时候重新安装一次。