我在 Ubuntu20 上进行了配置,运行良好。最近我将系统升级到 Ubuntu 22.04,但现在无法连接到办公室 vpn。
我正在附上日志
journalctl-xe
May 03 12:59:27 pluto[20972]: adding interface wlp0s20f3/wlp0s20f3 192.168.0.108:4500
May 03 12:59:27 pluto[20972]: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
May 03 12:59:27 pluto[20972]: adding interface lo/lo 127.0.0.1:4500
May 03 12:59:27 pluto[20972]: adding interface lo/lo (esp-hw-offload not supported by kernel) [::1]:500
May 03 12:59:27 pluto[20972]: loading secrets from "/etc/ipsec.secrets"
May 03 12:59:27 pluto[20972]: loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
May 03 12:59:27 pluto[20972]: listening for IKE messages
May 03 12:59:27 NetworkManager[20983]: 002 listening for IKE messages
May 03 12:59:27 NetworkManager[20983]: 002 forgetting secrets
May 03 12:59:27 NetworkManager[20983]: 002 loading secrets from "/etc/ipsec.secrets"
May 03 12:59:27 NetworkManager[20983]: 002 loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
May 03 12:59:27 pluto[20972]: forgetting secrets
May 03 12:59:27 pluto[20972]: loading secrets from "/etc/ipsec.secrets"
May 03 12:59:27 pluto[20972]: loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
May 03 12:59:27 NetworkManager[20989]: debugging mode enabled
May 03 12:59:27 NetworkManager[20989]: end of file /run/nm-l2tp-362cefc3-d0c3-40eb-8259-0d4ad4c16c58/ipsec.conf
May 03 12:59:27 NetworkManager[20989]: Loading conn 362cefc3-d0c3-40eb-8259-0d4ad4c16c58
May 03 12:59:27 NetworkManager[20989]: starter: left is KH_DEFAULTROUTE
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgdns=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgdomains=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgbanner=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark-in=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark-out=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" vti_iface=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" redirect-to=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" accept-redirect-to=<unset>
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" esp=aes256-sha1,aes128-sha1,3des-sha1
May 03 12:59:27 NetworkManager[20989]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" ike=3des-sha1;modp1024
May 03 12:59:27 NetworkManager[20989]: opening file: /run/nm-l2tp-362cefc3-d0c3-40eb-8259-0d4ad4c16c58/ipsec.conf
May 03 12:59:27 NetworkManager[20989]: loading named conns: 362cefc3-d0c3-40eb-8259-0d4ad4c16c58
May 03 12:59:27 NetworkManager[20989]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
May 03 12:59:27 NetworkManager[20989]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
May 03 12:59:27 NetworkManager[20989]: dst via 192.168.0.1 dev wlp0s20f3 src table 254
May 03 12:59:27 NetworkManager[20989]: set nexthop: 192.168.0.1
May 03 12:59:27 NetworkManager[20989]: dst 169.254.0.0 via dev wlp0s20f3 src table 254
May 03 12:59:27 NetworkManager[20989]: dst 172.17.0.0 via dev docker0 src 172.17.0.1 table 254
May 03 12:59:27 NetworkManager[20989]: dst 192.168.0.0 via dev wlp0s20f3 src 192.168.0.108 table 254
May 03 12:59:27 NetworkManager[20989]: dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 172.17.0.1 via dev docker0 src 172.17.0.1 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 172.17.255.255 via dev docker0 src 172.17.0.1 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 192.168.0.108 via dev wlp0s20f3 src 192.168.0.108 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: dst 192.168.0.255 via dev wlp0s20f3 src 192.168.0.108 table 255 (ignored)
May 03 12:59:27 NetworkManager[20989]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
May 03 12:59:27 NetworkManager[20989]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
May 03 12:59:27 NetworkManager[20989]: dst 192.168.0.1 via dev wlp0s20f3 src 192.168.0.108 table 254
May 03 12:59:27 NetworkManager[20989]: set addr: 192.168.0.108
May 03 12:59:27 NetworkManager[20989]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
May 03 12:59:27 pluto[20972]: Failed to add connection "362cefc3-d0c3-40eb-8259-0d4ad4c16c58": ike string error: IKE DH algorithm 'modp1024' is not supported
May 03 12:59:27 nm-l2tp-service[20671]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed`enter
系统日志
May 3 13:11:40 nm-l2tp-service[21869]: Check port 1701
May 3 13:11:40 nm-l2tp-service[21869]: Can't bind to port 1701
May 3 13:11:40 NetworkManager[21881]: Redirecting to: systemctl restart ipsec.service
May 3 13:11:40 systemd[1]: Stopping Internet Key Exchange (IKE) Protocol Daemon for IPsec...
May 3 13:11:40 whack[21885]: 002 shutting down
May 3 13:11:40 systemd[1]: ipsec.service: Deactivated successfully.
May 3 13:11:40 systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
May 3 13:11:40 systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
May 3 13:11:40 ipsec[22159]: nflog ipsec capture disabled
May 3 13:11:40 systemd[1]: Started Internet Key Exchange (IKE) Protocol Daemon for IPsec.
May 3 13:11:40 NetworkManager[22181]: 002 listening for IKE messages
May 3 13:11:40 NetworkManager[22181]: 002 forgetting secrets
May 3 13:11:40 NetworkManager[22181]: 002 loading secrets from "/etc/ipsec.secrets"
May 3 13:11:40 NetworkManager[22181]: 002 loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
May 3 13:11:41 NetworkManager[22187]: debugging mode enabled
May 3 13:11:41 NetworkManager[22187]: end of file /run/nm-l2tp-362cefc3-d0c3-40eb-8259-0d4ad4c16c58/ipsec.conf
May 3 13:11:41 NetworkManager[22187]: Loading conn 362cefc3-d0c3-40eb-8259-0d4ad4c16c58
May 3 13:11:41 NetworkManager[22187]: starter: left is KH_DEFAULTROUTE
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgdns=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgdomains=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" modecfgbanner=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark-in=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" mark-out=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" vti_iface=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" redirect-to=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" accept-redirect-to=<unset>
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" esp=aes256-sha1,aes128-sha1,3des-sha1
May 3 13:11:41 NetworkManager[22187]: conn: "362cefc3-d0c3-40eb-8259-0d4ad4c16c58" ike=3des-sha1;modp1024
May 3 13:11:41 NetworkManager[22187]: opening file: /run/nm-l2tp-362cefc3-d0c3-40eb-8259-0d4ad4c16c58/ipsec.conf
May 3 13:11:41 NetworkManager[22187]: loading named conns: 362cefc3-d0c3-40eb-8259-0d4ad4c16c58
May 3 13:11:41 NetworkManager[22187]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
May 3 13:11:41 NetworkManager[22187]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
May 3 13:11:41 NetworkManager[22187]: dst via 192.168.0.1 dev wlp0s20f3 src table 254
May 3 13:11:41 NetworkManager[22187]: set nexthop: 192.168.0.1
May 3 13:11:41 NetworkManager[22187]: dst 169.254.0.0 via dev wlp0s20f3 src table 254
May 3 13:11:41 NetworkManager[22187]: dst 172.17.0.0 via dev docker0 src 172.17.0.1 table 254
May 3 13:11:41 NetworkManager[22187]: dst 192.168.0.0 via dev wlp0s20f3 src 192.168.0.108 table 254
May 3 13:11:41 NetworkManager[22187]: dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 172.17.0.1 via dev docker0 src 172.17.0.1 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 172.17.255.255 via dev docker0 src 172.17.0.1 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 192.168.0.108 via dev wlp0s20f3 src 192.168.0.108 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: dst 192.168.0.255 via dev wlp0s20f3 src 192.168.0.108 table 255 (ignored)
May 3 13:11:41 NetworkManager[22187]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
May 3 13:11:41 NetworkManager[22187]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
May 3 13:11:41 NetworkManager[22187]: dst 192.168.0.1 via dev wlp0s20f3 src 192.168.0.108 table 254
May 3 13:11:41 NetworkManager[22187]: set addr: 192.168.0.108
May 3 13:11:41 NetworkManager[22187]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
May 3 13:11:41 nm-l2tp-service[21869]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
May 3 13:11:44 rtkit-daemon[1537]: Supervising 11 threads of 4 processes of 1 users.
我认为错误出在阶段 1 算法上。我没有使用阶段 2 算法。此外,升级后我还没有更改 VPN 配置
我的 xl2tpd 版本
$ apt list xl2tpd -a
Listing... Done
xl2tpd/jammy-updates,now 1.3.16-1ubuntu0.1 amd64 [installed]
xl2tpd/jammy 1.3.16-1 amd64
我是这个主题的新手,需要连接到 vpn 进行工作。任何指导都会有帮助。