如何使 l2tp vpn 客户端在 Linux Mint 上工作?

tag-icon tag-icon linux linux-mint vpn l2tp xl2tpd
如何使 l2tp vpn 客户端在 Linux Mint 上工作?

我根据此说明设置了 VPN 连接 -https://www.rapidvpn.com/setup-vpn-l2tp-mint

我与我的服务器建立了 VPN 连接。连接已建立,但 ping 不通,互联网上的页面打不开,无法访问服务器后面的本地网络。好像在我通过 dhcp 从远程服务器接收到配置后数据包路由出现问题。大约 60 秒后,连接断开。

我会立即进行预订,这样从 Windows 或 MacOS 下连接到同一服务器是没有问题的。我尝试更改互联网连接。问题不在于 ISP。将网络管理器中的 xl2tpd 插件替换为 kl2tpd。问题并没有消失。在重新安装 Linux 之前,VPN 客户端可以正常工作。

Linux Mint 上的配置有什么问题?附上客户端的日志

Apr 15 20:31:30 LenovoPC charon[10498]: 13[IKE] local host is behind NAT, sending keep alives
Apr 15 20:31:30 LenovoPC charon[10498]: 14[IKE] IKE_SA 955a0158-8008-45b4-b61b-aae634aad51b[1] established between 192.168.1.100[192.168.1.100]...80.80.33.101[80.80.33.101]
Apr 15 20:31:30 LenovoPC charon[10498]: 15[IKE] CHILD_SA 955a0158-8008-45b4-b61b-aae634aad51b{1} established with SPIs c82f58b7_i ca6daee4_o and TS 192.168.1.100/32[udp/l2f] === 80.80.33.101/32[udp/l2f]
Apr 15 20:31:30 LenovoPC nm-l2tp-service[10469]: strongSwan IPsec connection is up.
Apr 15 20:31:30 LenovoPC pppd[10534]: Using interface ppp0
Apr 15 20:31:30 LenovoPC pppd[10534]: Connect: ppp0 <-->
Apr 15 20:31:30 LenovoPC pppd[10534]: Overriding mtu 1500 to 1400
Apr 15 20:31:30 LenovoPC pppd[10534]: Overriding mru 1500 to mtu value 1400
Apr 15 20:32:12 LenovoPC pppd[10628]: CHAP authentication succeeded
Apr 15 20:32:12 LenovoPC charon[10592]: 07[KNL] 10.100.20.1 appeared on ppp0
Apr 15 20:32:12 LenovoPC charon[10592]: 09[KNL] interface ppp0 activated
pr 15 20:32:12 LenovoPC pppd[10628]: local IP address 10.100.20.1
Apr 15 20:32:12 LenovoPC pppd[10628]: remote IP address 80.80.33.101
Apr 15 20:32:12 LenovoPC NetworkManager[917]: [1681583532.4651] device (ppp0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Apr 15 20:32:12 LenovoPC pppd[10628]: primary DNS address 1.1.1.1
Apr 15 20:32:12 LenovoPC pppd[10628]: secondary DNS address 8.8.8.8
Apr 15 20:32:12 LenovoPC NetworkManager[917]: [1681583532.4662] device (ppp0): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'external')
Apr 15 20:32:12 LenovoPC dbus-daemon[753]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.16' (uid=0 pid=917 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
Apr 15 20:32:12 LenovoPC NetworkManager[917]: [1681583532.4861] policy: set 'VPN' (ppp0) as default for IPv4 routing and DNS
Apr 15 20:32:12 LenovoPC systemd-resolved[721]: wlp3s0: Bus client set default route setting: no
Apr 15 20:32:12 LenovoPC systemd-resolved[721]: wlp3s0: Bus client reset DNS server list.
Apr 15 20:32:12 LenovoPC systemd-resolved[721]: ppp0: Bus client set default route setting: yes
Apr 15 20:32:12 LenovoPC systemd-resolved[721]: ppp0: Bus client set DNS server list to: 1.1.1.1, 8.8.8.8
Apr 15 20:32:12 LenovoPC nm-dispatcher[10671]: /etc/network/if-up.d/resolved: 12: mystatedir: not found
Apr 15 20:32:28 LenovoPC systemd-resolved[721]: Using degraded feature set UDP instead of UDP+EDNS0 for DNS server 8.8.8.8.
Apr 15 20:32:33 LenovoPC systemd-resolved[721]: Using degraded feature set UDP instead of UDP+EDNS0 for DNS server 1.1.1.1.
Apr 15 20:33:10 LenovoPC NetworkManager[10627]: xl2tpd[10627]: check_control: Received out of order control packet on tunnel 56426 (got 2, expected 3)
Apr 15 20:33:10 LenovoPC NetworkManager[10627]: xl2tpd[10627]: handle_control: bad control packet!
Apr 15 20:33:12 LenovoPC NetworkManager[10627]: xl2tpd[10627]: check_control: Received out of order control packet on tunnel 56426 (got 2, expected 3)
Apr 15 20:33:12 LenovoPC NetworkManager[10627]: xl2tpd[10627]: handle_control: bad control packet!
Apr 15 20:33:16 LenovoPC NetworkManager[10627]: xl2tpd[10627]: check_control: Received out of order control packet on tunnel 56426 (got 2, expected 3)
Apr 15 20:33:16 LenovoPC NetworkManager[10627]: xl2tpd[10627]: handle_control: bad control packet!
Apr 15 20:33:40 LenovoPC NetworkManager[10627]: xl2tpd[10627]: Maximum retries exceeded for tunnel 4711. Closing.
Apr 15 20:33:40 LenovoPC NetworkManager[10627]: xl2tpd[10627]: Terminating pppd: sending TERM signal to pid 10628
Apr 15 20:33:40 LenovoPC NetworkManager[10627]: xl2tpd[10627]: Connection 56426 closed to 80.80.33.101, port 1701 (Timeout)
Apr 15 20:33:40 LenovoPC pppd[10628]: Terminating on signal 15
Apr 15 20:33:40 LenovoPC pppd[10628]: Connect time 1.5 minutes.

答案1

由于您已经在使用 ppa:nm-l2tp/network-manager-l2tp 中的 network-manager-l2tp 1.20.8,它为 NetworkManager 提供了 PTP 主机和 Ext 网关详细信息,因此这是 NetworkManager 的路由错误。

您可以尝试/etc/ppp/ip-up.d/0001routes以下帖子中描述的 ppp 脚本:

或者,您可以编写一个命令行脚本来启动 VPN 连接,然后删除路由,例如(替换MyVPN为您的 VPN 连接名称):

#! /bin/sh

nmcli con up 'MyVPN' --ask
sudo ip route del 80.80.33.101 dev ppp0

编辑:只是一些添加的评论,我收到关于此路由问题(当 VPN Ext 网关和 PTP 主机是相同 IP 地址时)是否已在更高版本的 NetworkManager 中修复的混合消息,似乎已修复某些问题,但不适用于某些问题其他的。如果任何具有编程技能的人能够重现此问题(我个人从未遇到过)并且可能想要尝试修复它,那么这里是 NetworkManager 1.36.6 代码中的相关位置,其中 PTP 主机和 Ext 网关值是获得(从 NetworkManager-l2tp 提供给它的值):

NM_VPN_PLUGIN_IP4_CONFIG_PTP:

NM_VPN_PLUGIN_CONFIG_EXT_GATEWAY:

src/core/vpn/nm-vpn-connection.c是添加 VPN 路由并查询内核以添加一些路由的地方。

相关内容