我正在使用 Debian OS pptpd。我的客户端(Windows 和 Mac)无法完成连接。
syslog 中显示以下内容:
Jun 2 12:52:37 vpn pptpd[891]: MGR: Maximum of 6 connections available
Jun 2 12:52:48 vpn pptpd[892]: MGR: Launching /usr/sbin/pptpctrl to handle client
Jun 2 12:52:48 vpn pptpd[892]: CTRL: local address = 192.168.30.91
Jun 2 12:52:48 vpn pptpd[892]: CTRL: remote address = 192.168.30.50
Jun 2 12:52:48 vpn pptpd[892]: CTRL: pppd options file = /etc/ppp/pptpd-options
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Client 192.168.28.154 control connection started
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 1)
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Made a START CTRL CONN RPLY packet
Jun 2 12:52:48 vpn pptpd[892]: CTRL: I wrote 156 bytes to the client.
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Sent packet to client
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 7)
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Made a OUT CALL RPLY packet
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Starting call (launching pppd, opening GRE)
Jun 2 12:52:48 vpn pptpd[892]: CTRL: pty_fd = 6
Jun 2 12:52:48 vpn pptpd[892]: CTRL: tty_fd = 7
Jun 2 12:52:48 vpn pptpd[892]: CTRL: I wrote 32 bytes to the client.
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Sent packet to client
Jun 2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Jun 2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): local address = 192.168.30.91
Jun 2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): remote address = 192.168.30.50
Jun 2 12:52:48 vpn pppd[893]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Jun 2 12:52:48 vpn pppd[893]: pppd 2.4.5 started by root, uid 0
Jun 2 12:52:48 vpn pppd[893]: Using interface ppp0
Jun 2 12:52:48 vpn pppd[893]: Connect: ppp0 <--> /dev/pts/1
Jun 2 12:52:48 vpn pptpd[892]: GRE: Bad checksum from pppd.
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 15)
Jun 2 12:52:48 vpn pptpd[892]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jun 2 12:52:48 vpn pptpd[892]: GRE: accepting packet #1
Jun 2 12:52:51 vpn pptpd[892]: GRE: accepting packet #2
Jun 2 12:52:54 vpn pptpd[892]: GRE: accepting packet #3
Jun 2 12:52:57 vpn pptpd[892]: GRE: accepting packet #4
Jun 2 12:53:00 vpn pptpd[892]: GRE: accepting packet #5
Jun 2 12:53:03 vpn pptpd[892]: GRE: accepting packet #6
Jun 2 12:53:06 vpn pptpd[892]: GRE: accepting packet #7
Jun 2 12:53:09 vpn pptpd[892]: GRE: accepting packet #8
Jun 2 12:53:12 vpn pptpd[892]: GRE: accepting packet #9
Jun 2 12:53:15 vpn pptpd[892]: GRE: accepting packet #10
Jun 2 12:53:18 vpn pppd[893]: LCP: timeout sending Config-Requests
Jun 2 12:53:18 vpn pptpd[892]: GRE: read(fd=6,buffer=610d20,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Jun 2 12:53:18 vpn pptpd[892]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Jun 2 12:53:18 vpn pptpd[892]: CTRL: Reaping child PPP[893]
Jun 2 12:53:18 vpn pptpd[892]: CTRL: Client 192.168.28.154 control connection finished
Jun 2 12:53:18 vpn pptpd[892]: CTRL: Exiting now
Jun 2 12:53:18 vpn pptpd[891]: MGR: Reaped child 892
这是我的 pptpd-options 文件:
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
noipx
#mtu 1490
#mru 1490
当我观察连接时出现的 ppp0 接口的活动时,我根本看不到任何活动。
请提供意见。谢谢!
答案1
这可能是防火墙问题。请检查您是否允许正确的流量进入 VPN 服务器,具体来说,您需要允许TCP 1723并且Protocol 47 (GRE)才能PPTP正常工作。您在日志中看到的问题可能是由于GRE防火墙未正确中继而导致的。
mppe-stateful您可能还需要在文件中添加pptpd-options以允许 Windows 主机。根据您的连接可能经过的中间路由器数量,NAT您需要减少mru和mtu设置。
答案2
更改/etc/ppp/pptpd-options为以下选项对我有用:
refuse-pap
refuse-chap
refuse-mschap
#require-chap
#require-mschap
#require-mschap-v2
#require-mppe-128
mppe-stateful