我正在尝试连接到使用 L2TP/IPsec 的 Cisco Meraki VPN。我这边使用 Libreswan/NetworkManager 来配置我的连接。当我尝试连接时,我收到以下日志:
Mar 02 11:29:45 eyrie NetworkManager[375]: <info> [1583148585.6801] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: Saw the service appear; activating connection
Mar 02 11:29:55 eyrie NetworkManager[375]: <info> [1583148595.6107] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN connection: (ConnectInteractive) reply received
Mar 02 11:29:55 eyrie nm-l2tp-service[5582]: Check port 1701
Mar 02 11:29:55 eyrie NetworkManager[5602]: Redirecting to: systemctl restart ipsec.service
Mar 02 11:29:55 eyrie NetworkManager[5569]: 002 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: deleting state (STATE_MAIN_I1) aged 53.138s and NOT sending notification
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 listening for IKE messages
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 forgetting secrets
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 loading secrets from "/etc/ipsec.secrets"
Mar 02 11:29:56 eyrie NetworkManager[5907]: debugging mode enabled
Mar 02 11:29:56 eyrie NetworkManager[5907]: end of file /var/run/nm-l2tp-6dc2f91a-f174-421b-810d-7384b68316ce/ipsec.conf
Mar 02 11:29:56 eyrie NetworkManager[5907]: Loading conn 6dc2f91a-f174-421b-810d-7384b68316ce
Mar 02 11:29:56 eyrie NetworkManager[5907]: starter: left is KH_DEFAULTROUTE
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgdns=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgdomains=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgbanner=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark-in=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark-out=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" vti_iface=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" redirect-to=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" accept-redirect-to=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" esp=aes256-sha1,aes128-sha1,3des-sha1
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" ike=aes256-sha2_256-modp2048,aes256-sha2_256-modp1536,aes256-sha2_256-modp1024,aes256-sha1-modp2048,aes256-sha1-modp1536,aes256-sha1-modp1024,aes256-sha1-ecp_384,aes128-sha1-modp1024,aes128-sha1-ecp_256,3des-sha1-modp2048,3des-sha1-modp1024
Mar 02 11:29:56 eyrie NetworkManager[5907]: opening file: /var/run/nm-l2tp-6dc2f91a-f174-421b-810d-7384b68316ce/ipsec.conf
Mar 02 11:29:56 eyrie NetworkManager[5907]: loading named conns: 6dc2f91a-f174-421b-810d-7384b68316ce
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst via 192.168.42.129 dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: set nexthop: 192.168.42.129
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.0 via dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.0 via dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.85 via dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.255 via dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.129 via dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: set addr: 192.168.42.85
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5909]: 002 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: initiating Main Mode
Mar 02 11:29:56 eyrie NetworkManager[5909]: 104 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: initiate
Mar 02 11:29:57 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 0.5 seconds for response
Mar 02 11:29:57 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 1 seconds for response
Mar 02 11:29:58 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 2 seconds for response
Mar 02 11:30:00 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 4 seconds for response
Mar 02 11:30:04 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 8 seconds for response
Mar 02 11:30:06 eyrie nm-l2tp-service[5582]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Mar 02 11:30:06 eyrie NetworkManager[375]: <info> [1583148606.5734] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN plugin: state changed: stopped (6)
Mar 02 11:30:06 eyrie NetworkManager[375]: <info> [1583148606.5764] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN service disappeared
Mar 02 11:30:06 eyrie NetworkManager[375]: <warn> [1583148606.5777] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
事情显然没有奏效,但我真的不明白实际错误是什么。实际上是什么错误的从这些日志中?
答案1
在我看来,目标 VPN 服务器似乎没有响应。第 42-48 行(使用 Notepad++ 即)至关重要。您的 VPN 客户端尝试启动主模式(第 1 阶段),但无法启动,因为它没有收到响应,并且超时。在我看来,您需要检查服务器端,要么是服务器被阻止,要么是配置错误。
干杯