我想从运行 OpenSUSE Tumbleweed 的笔记本电脑访问 VPN 网络。问题是我无法连接 NetworkManager,也无法手动配置任何东西。
提供的日志:
● strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.conf
Loaded: loaded (/usr/lib/systemd/system/strongswan.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Thu 2018-08-16 18:49:55 EEST; 1min 6s ago
Process: 3163 ExecStart=/usr/sbin/ipsec start --nofork (code=exited, status=0/SUCCESS)
Main PID: 3163 (code=exited, status=0/SUCCESS)
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 00[LIB] loaded plugins: charon ldap pkcs11 aes des blowfish rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent xcbc cmac hmac ctr ccm gcm curl soup attr kernel-netlink resolve socket-default farp stroke vici smp updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam tnc-imc tnc-imv tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp certexpire led duplicheck radattr addrblock unity counters
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 00[JOB] spawning 16 worker threads
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 06[CFG] received stroke: add connection 'myvpn'
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 06[CFG] added configuration 'myvpn'
Aug 16 18:49:55 linux-u9yv ipsec[3163]: 00[DMN] signal of type SIGINT received. Shutting down
Aug 16 18:49:55 linux-u9yv ipsec_starter[3163]: charon stopped after 200 ms
Aug 16 18:49:55 linux-u9yv ipsec[3163]: charon stopped after 200 ms
Aug 16 18:49:55 linux-u9yv ipsec[3163]: ipsec starter stopped
Aug 16 18:49:55 linux-u9yv ipsec_starter[3163]: ipsec starter stopped
● xl2tpd.service - Level 2 Tunnel Protocol Daemon (L2TP)
Loaded: loaded (/usr/lib/systemd/system/xl2tpd.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2018-08-16 18:49:26 EEST; 1min 45s ago
Main PID: 3216 (xl2tpd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/xl2tpd.service
└─3216 /usr/sbin/xl2tpd -D
Aug 16 18:49:26 linux-u9yv systemd[1]: Started Level 2 Tunnel Protocol Daemon (L2TP).
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: setsockopt recvref[30]: Protocol not available
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Using l2tp kernel support.
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: xl2tpd version xl2tpd-1.3.10 started on linux-u9yv PID:3216
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Forked by Scott Balmos and David Stipp, (C) 2001
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Inherited by Jeff McAdams, (C) 2002
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Aug 16 18:49:26 linux-u9yv xl2tpd[3216]: xl2tpd[3216]: Listening on IP address 0.0.0.0, port 1701
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/NetworkManager.service.d
└─NetworkManager-ovs.conf
Active: active (running) since Thu 2018-08-16 18:47:45 EEST; 3min 34s ago
Docs: man:NetworkManager(8)
Main PID: 1539 (NetworkManager)
Tasks: 4 (limit: 4915)
CGroup: /system.slice/NetworkManager.service
├─1539 /usr/sbin/NetworkManager --no-daemon
└─2359 /sbin/dhclient -d -q -sf /usr/lib/nm-dhcp-helper -pf /var/run/dhclient-wlp2s0.pid -lf /var/lib/NetworkManager/dhclient-965cfe14-cccd-410b-8d8a-1104dd6cb0e4-wlp2s0.lease -cf /var/lib/NetworkManager/dhclient-wlp2s0.conf wlp2s0
Aug 16 18:49:58 linux-u9yv NetworkManager[1539]: Stopping strongSwan IPsec...
Aug 16 18:49:58 linux-u9yv charon[3512]: 00[DMN] signal of type SIGINT received. Shutting down
Aug 16 18:49:59 linux-u9yv ipsec_starter[3511]: child 3512 (charon) has quit (exit code 0)
Aug 16 18:49:59 linux-u9yv ipsec_starter[3511]:
Aug 16 18:49:59 linux-u9yv ipsec_starter[3511]: charon stopped after 200 ms
Aug 16 18:49:59 linux-u9yv ipsec_starter[3511]: ipsec starter stopped
Aug 16 18:49:59 linux-u9yv nm-l2tp-service[3455]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Aug 16 18:49:59 linux-u9yv NetworkManager[1539]: <info> [1534434599.0752] vpn-connection[0x55d60f06c300,435a9c8a-2875-43bf-b20a-5a3af13ee4de,"test",0]: VPN plugin: state changed: stopped (6)
Aug 16 18:49:59 linux-u9yv NetworkManager[1539]: <info> [1534434599.0818] vpn-connection[0x55d60f06c300,435a9c8a-2875-43bf-b20a-5a3af13ee4de,"test",0]: VPN service disappeared
Aug 16 18:49:59 linux-u9yv NetworkManager[1539]: <warn> [1534434599.0842] vpn-connection[0x55d60f06c300,435a9c8a-2875-43bf-b20a-5a3af13ee4de,"test",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
编辑:问题不在于服务器端,因为我可以使用 Windows、Android 和 Ubuntu 设备连接到我的 VPN。
答案1
由于 NetworkManager-l2tp 使用自定义配置文件启动自己的实例,因此与sudo journalctl
使用 strongswan 和 xl2tpd 相比,使用它会获得更好的日志输出。systemctl status
您甚至可能需要停止系统 xl2tpd 服务,请参阅包的 README.md 文件中的“不停止系统 xl2tpd 服务的问题”:
正如以下错误报告中提到的,Tumbleweed 需要更新 xl2tpd 包才能与较新的内核一起使用:
- https://bugzilla.suse.com/show_bug.cgi?id=1094808
- https://github.com/nm-l2tp/network-manager-l2tp/issues/86
第二个链接有一个解决方法,即从源代码构建 xl2tpd。