我想要连接到一个具有预共享密钥的 IPSec 安全 L2TP 隧道 VPN 网络。
networkmanager-l2tp
我正在为此使用。Phase1 Algorithms
以及Phase2 Algorithms
我有:aes128-sha1-modp2048!
否则,我喜欢标准设置。
我查看了我的操作系统的日志,但我只看到CHAP authentication failed, I can't see anything helpful in the rest of the log. I can see on the server in
/var/log/auth.log` 表示请求进入了服务器。
有人能看看日志并帮我吗?我已将我的 IP 地址屏蔽为12.123.123.1
,将远程地址屏蔽为98.987.98.987
客户(杂志):
pc audit[738]: USYS_CONFIG pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1395] audit: op="connection-activate" uuid="06be7e74-f0fc-49be-884f-48f679984be7" name="VPN connection 3" pid=1491 uid=1000 result="success"
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1111 audit(1554190253.133:141): pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1434] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Started the VPN service, PID 19814
pc NetworkManager[738]: <info> [1554190253.1518] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Saw the service appear; activating connection
pc NetworkManager[738]: <info> [1554190253.2070] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN connection: (ConnectInteractive) reply received
pc nm-l2tp-service[19814]: Check port 1701
pc NetworkManager[738]: Stopping strongSwan IPsec failed: starter is not running
pc NetworkManager[738]: Starting strongSwan 5.7.2 IPsec [starter]...
pc ipsec_starter[19827]: Starting strongSwan 5.7.2 IPsec [starter]...
pc NetworkManager[738]: Loading config setup
pc NetworkManager[738]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc ipsec_starter[19827]: Loading config setup
pc ipsec_starter[19827]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc NetworkManager[738]: found netkey IPsec stack
pc ipsec_starter[19827]: found netkey IPsec stack
pc ipsec_starter[19843]: Attempting to start charon...
pc charon[19844]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.0.5-arch1-1-ARCH, x86_64)
pc charon[19844]: 00[CFG] PKCS11 module '<name>' lacks library path
pc charon[19844]: 00[CFG] attr-sql plugin: database URI not set
pc charon[19844]: 00[NET] using forecast interface wlp3s0
pc charon[19844]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
pc charon[19844]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
pc charon[19844]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
pc charon[19844]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
pc charon[19844]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
pc charon[19844]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 00[CFG] loaded IKE secret for %any
pc charon[19844]: 00[CFG] sql plugin: database URI not set
pc charon[19844]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
pc charon[19844]: 00[CFG] loaded 0 RADIUS server configurations
pc charon[19844]: 00[CFG] HA config misses local/remote address
pc charon[19844]: 00[CFG] no script for ext-auth script defined, disabled
pc charon[19844]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru newhope bliss curl mysql sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
pc charon[19844]: 00[LIB] dropped capabilities, running as uid 0, gid 0
pc charon[19844]: 00[JOB] spawning 16 worker threads
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc charon[19844]: 05[IKE] installed bypass policy for 192.168.178.0/24
pc charon[19844]: 05[KNL] received netlink error: Invalid argument (22)
pc charon[19844]: 05[KNL] unable to install source route for %any6
pc charon[19844]: 05[IKE] installed bypass policy for ::1/128
pc charon[19844]: 05[IKE] installed bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 05[IKE] installed bypass policy for fe80::/64
pc kernel: audit: type=1415 audit(1554190255.439:142): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:143): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:144): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:145): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:146): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:147): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:148): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:149): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:150): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc ipsec_starter[19843]: charon (19844) started after 20 ms
pc charon[19844]: 09[CFG] received stroke: add connection '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 09[CFG] added configuration '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 11[CFG] rereading secrets
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 11[CFG] loaded IKE secret for %any
pc charon[19844]: 14[CFG] received stroke: initiate '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[ENC] generating ID_PROT request 0 [ SA V V V V V ]
pc charon[19844]: 15[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc charon[19844]: 16[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc charon[19844]: 16[ENC] parsed ID_PROT response 0 [ SA V V V ]
pc charon[19844]: 16[IKE] received FRAGMENTATION vendor ID
pc charon[19844]: 16[IKE] received DPD vendor ID
pc charon[19844]: 16[IKE] received NAT-T (RFC 3947) vendor ID
pc charon[19844]: 16[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc charon[19844]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 16[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc charon[19844]: 07[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc charon[19844]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 07[IKE] local host is behind NAT, sending keep alives
pc charon[19844]: 07[IKE] remote host is behind NAT
pc charon[19844]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
pc charon[19844]: 07[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 06[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc charon[19844]: 06[ENC] parsed ID_PROT response 0 [ ID HASH V ]
pc charon[19844]: 06[ENC] received unknown vendor ID: 49:4b:45:76:32
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] scheduling reauthentication in 9921s
pc charon[19844]: 06[IKE] maximum IKE_SA lifetime 10461s
pc charon[19844]: 06[ENC] generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc charon[19844]: 06[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc charon[19844]: 08[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc charon[19844]: 08[ENC] parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc charon[19844]: 08[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be7{1} established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be7{1} established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[ENC] generating QUICK_MODE request 723900467 [ HASH ]
pc NetworkManager[738]: initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc NetworkManager[738]: generating ID_PROT request 0 [ SA V V V V V ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ SA V V V ]
pc NetworkManager[738]: received FRAGMENTATION vendor ID
pc NetworkManager[738]: received DPD vendor ID
pc NetworkManager[738]: received NAT-T (RFC 3947) vendor ID
pc NetworkManager[738]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc NetworkManager[738]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: local host is behind NAT, sending keep alives
pc NetworkManager[738]: remote host is behind NAT
pc NetworkManager[738]: generating ID_PROT request 0 [ ID HASH ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ ID HASH V ]
pc NetworkManager[738]: received unknown vendor ID: 49:4b:45:76:32
pc NetworkManager[738]: IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc NetworkManager[738]: scheduling reauthentication in 9921s
pc NetworkManager[738]: maximum IKE_SA lifetime 10461s
pc NetworkManager[738]: generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc NetworkManager[738]: parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc NetworkManager[738]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc NetworkManager[738]: CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be7{1} established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc NetworkManager[738]: connection '06be7e74-f0fc-49be-884f-48f679984be7' established successfully
pc charon[19844]: 08[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (60 bytes)
pc nm-l2tp-service[19814]: xl2tpd started with pid 19877
pc NetworkManager[738]: xl2tpd[19877]: Not looking for kernel SAref support.
pc NetworkManager[738]: xl2tpd[19877]: Using l2tp kernel support.
pc NetworkManager[738]: xl2tpd[19877]: xl2tpd version xl2tpd-1.3.13 started on farbbox PID:19877
pc NetworkManager[738]: xl2tpd[19877]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
pc NetworkManager[738]: xl2tpd[19877]: Forked by Scott Balmos and David Stipp, (C) 2001
pc NetworkManager[738]: xl2tpd[19877]: Inherited by Jeff McAdams, (C) 2002
pc NetworkManager[738]: xl2tpd[19877]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
pc NetworkManager[738]: xl2tpd[19877]: Listening on IP address 0.0.0.0, port 1701
pc NetworkManager[738]: xl2tpd[19877]: Connecting to host 98.987.98.987, port 1701
pc NetworkManager[738]: <info> [1554190256.7594] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: starting (3)
pc NetworkManager[738]: xl2tpd[19877]: Connection established to 98.987.98.987, 1701. Local: 18031, Remote: 6532 (ref=0/0).
pc NetworkManager[738]: xl2tpd[19877]: Calling on tunnel 18031
pc NetworkManager[738]: xl2tpd[19877]: Call established with 98.987.98.987, Local: 59328, Remote: 58391, Serial: 1 (ref=0/0)
pc NetworkManager[738]: xl2tpd[19877]: start_pppd: I'm running:
pc NetworkManager[738]: xl2tpd[19877]: "/usr/sbin/pppd"
pc NetworkManager[738]: xl2tpd[19877]: "plugin"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp.so"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp"
pc NetworkManager[738]: xl2tpd[19877]: "7"
pc NetworkManager[738]: xl2tpd[19877]: "passive"
pc NetworkManager[738]: xl2tpd[19877]: "nodetach"
pc NetworkManager[738]: xl2tpd[19877]: ":"
pc NetworkManager[738]: xl2tpd[19877]: "file"
pc NetworkManager[738]: xl2tpd[19877]: "/var/run/nm-l2tp-06be7e74-f0fc-49be-884f-48f679984be7/ppp-options"
pc pppd[19878]: Plugin pppol2tp.so loaded.
pc pppd[19878]: Plugin /usr/lib/pppd/2.4.7/nm-l2tp-pppd-plugin.so loaded.
pc pppd[19878]: pppd 2.4.7 started by root, uid 0
pc pppd[19878]: Using interface ppp0
pc pppd[19878]: Connect: ppp0 <-->
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc NetworkManager[738]: <info> [1554190256.8151] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/8)
pc systemd-udevd[19881]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc pppd[19878]: Connection terminated.
pc charon[19844]: 06[KNL] interface ppp0 deleted
pc NetworkManager[738]: xl2tpd[19877]: death_handler: Fatal signal 15 received
pc NetworkManager[738]: xl2tpd[19877]: Terminating pppd: sending TERM signal to pid 19878
pc NetworkManager[738]: xl2tpd[19877]: Connection 6532 closed to 98.987.98.987, port 1701 (Server closing)
pc NetworkManager[738]: <warn> [1554190259.8744] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: failed: connect-failed (1)
pc NetworkManager[738]: <info> [1554190259.8773] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopping (5)
pc NetworkManager[738]: Stopping strongSwan IPsec...
pc charon[19844]: 00[DMN] signal of type SIGINT received. Shutting down
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be7{1} with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1415 audit(1554190259.883:158): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc kernel: audit: type=1415 audit(1554190259.883:159): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc kernel: audit: type=1415 audit(1554190259.883:160): op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc kernel: audit: type=1415 audit(1554190259.883:161): op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc kernel: audit: type=1415 audit(1554190259.883:162): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:163): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:164): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:165): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:166): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:167): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be7{1} with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c1cacaf0
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 1337363464 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] sending DELETE for IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1]
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 2220117092 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (92 bytes)
pc audit: MAC_IPSEC_EVENT op=SA-notfound src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) seqno=13
pc pppd[19878]: Exit.
pc charon[19844]: 00[IKE] uninstalling bypass policy for 192.168.178.0/24
pc charon[19844]: 00[IKE] uninstalling bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for fe80::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for ::1/128
pc ipsec_starter[19843]: child 19844 (charon) has quit (exit code 0)
pc ipsec_starter[19843]:
pc ipsec_starter[19843]: charon stopped after 200 ms
pc ipsec_starter[19843]: ipsec starter stopped
pc nm-l2tp-service[19814]: ipsec shut down
pc NetworkManager[738]: <info> [1554190260.0988] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopped (6)
pc NetworkManager[738]: <info> [1554190260.1019] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN service disappeared
答案1
这似乎是与 pppd 相关的问题,您可以做些什么nm-l2tp-service --debug
来增加 pppd 调试,请参阅 NetworkManager-l2tp 的 README.md 文件的调试部分:
注意:pppd 日志输出不会发送到 stdout/stderr,因此您需要使用 journalctl 来查看它。