Проблемы с VPN L2TP

[panov_ds]

Добрый день! Пытаюсь настроить VPN в Network Manager через L2TP , но соединение постоянно разрывается.

Код: [Выделить]

Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: <info>  [1517040682.6912] audit: op="connection-activate" uuid="4020adb6-c0c2-46d6-be0d-e2976ebd9504" name="Medsi" pid=2227 uid=1000 result="success"
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: <info>  [1517040682.7161] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: Started the VPN service, PID 6863
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: <info>  [1517040682.7430] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: Saw the service appear; activating connection
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: <info>  [1517040682.7547] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN connection: (ConnectInteractive) reply received
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: nm-l2tp[6863] <info>  ipsec enable flag: (null)
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: ** Message: Check port 1701
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: ** Message: Can't bind to port 1701
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: nm-l2tp[6863] <warn>  L2TP port 1701 is busy, using ephemeral.
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: ** Message: xl2tpd started with pid 6867
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: setsockopt recvref[30]: Protocol not available
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Using l2tp kernel support.
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: xl2tpd version xl2tpd-1.3.6 started on dmitry-panov PID:6867
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Forked by Scott Balmos and David Stipp, (C) 2001
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Inherited by Jeff McAdams, (C) 2002
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Listening on IP address 0.0.0.0, port 56967
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Connecting to host 82.204.180.55, port 1701
Jan 27 11:11:22 dmitry-panov NetworkManager[4259]: <info>  [1517040682.8456] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN plugin: state changed: starting (3)
Jan 27 11:11:27 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Maximum retries exceeded for tunnel 22449.  Closing.
Jan 27 11:11:27 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Connection 0 closed to 82.204.180.55, port 1701 (Timeout)
Jan 27 11:11:32 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: Unable to deliver closing message for tunnel 22449. Destroying anyway.
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: nm-l2tp[6863] <warn>  Looks like pppd didn't initialize our dbus module
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: nm-l2tp[6863] <info>  Terminated xl2tpd daemon with PID 6867.
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: xl2tpd[6867]: death_handler: Fatal signal 15 received
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: <warn>  [1517040696.8608] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN plugin: failed: connect-failed (1)
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: <warn>  [1517040696.8609] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN plugin: failed: connect-failed (1)
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: <info>  [1517040696.8611] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN plugin: state changed: stopping (5)
Jan 27 11:11:36 dmitry-panov NetworkManager[4259]: <info>  [1517040696.8745] vpn-connection[0x8667170,4020adb6-c0c2-46d6-be0d-e2976ebd9504,"Medsi",0]: VPN service disappeared
Jan 27 11:11:36 dmitry-panov gnome-session[2102]: "Интерфейс «org.freedesktop.DBus.Properties» для пути /org/freedesktop/NetworkManager/ActiveConnection/1 объекта не найден"

[fisher74]

ИМХО, оно даже не поднимается.

Не поднимая L2TP показываем выхлоп

Код: [Выделить]

ip a; ip r
tracepath -n 82.204.180.55

[panov_ds]

ИМХО, оно даже не поднимается.

Не поднимая L2TP показываем выхлоп

Код: [Выделить]

ip a; ip r
tracepath -n 82.204.180.55

ip a; ip r

Код: [Выделить]

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 74:27:ea:40:0d:b3 brd ff:ff:ff:ff:ff:ff
    inet 10.65.173.208/20 brd 10.65.175.255 scope global dynamic enp2s0
       valid_lft 30426sec preferred_lft 30426sec
    inet6 fe80::6d06:87db:c5ba:1d59/64 scope link
       valid_lft forever preferred_lft forever
3: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN group default qlen 3
    link/ppp
    inet 91.239.17.130 peer 109.197.192.195/32 scope global ppp0
       valid_lft forever preferred_lft forever
default dev ppp0  scope link
10.65.160.0/20 dev enp2s0  proto kernel  scope link  src 10.65.173.208  metric 100
109.197.192.195 dev ppp0  proto kernel  scope link  src 91.239.17.130
169.254.0.0/16 dev enp2s0  scope link  metric 1000
192.168.15.1 dev enp2s0  proto dhcp  scope link  metric 100

tracepath -n 82.204.180.55

 

Код: [Выделить]

1?: [LOCALHOST]                                         pmtu 1492
 1:  109.197.192.195                                       0.427ms
 1:  109.197.192.195                                       0.421ms
 2:  109.197.192.194                                      22.053ms
 3:  109.197.192.83                                        2.367ms
 4:  37.29.5.181                                          17.354ms
 5:  10.222.73.121                                        17.418ms asymm  8
 6:  no reply
 7:  no reply
 8:  83.169.204.26                                        21.545ms asymm  5
 9:  212.188.16.133                                       16.456ms asymm  7
10:  212.188.28.138                                       29.547ms asymm  8
11:  212.188.54.214                                       16.960ms asymm  7
12:  195.34.50.150                                        30.676ms asymm  8
13:  195.34.53.234                                        21.250ms asymm  8
14:  195.34.38.14                                         23.147ms asymm  2

[fisher74]

Ну здесь туннель поднят и я не вижу проблем

[3mx]

Помогите разобраться. Точно такая же ситуёвина. Лог аналогичный:

Код: [Выделить]

** Message: 22:25:00.943: xl2tpd started with pid 12246
xl2tpd[12246]: Not looking for kernel SAref support.
xl2tpd[12246]: Using l2tp kernel support.
xl2tpd[12246]: xl2tpd version xl2tpd-1.3.12 started on notebook PID:12246
xl2tpd[12246]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[12246]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[12246]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[12246]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[12246]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[12246]: get_call: allocating new tunnel for host 46.148.213.202, port 1701.
xl2tpd[12246]: Connecting to host 123.123.123.123, port 1701
xl2tpd[12246]: control_finish: message type is (null)(0).  Tunnel is 0, call is 0.
xl2tpd[12246]: control_finish: sending SCCRQ
nm-l2tp[12242] <warn>  Looks like pppd didn't initialize our dbus module
nm-l2tp[12242] <info>  Terminated xl2tpd daemon with PID 12246.
xl2tpd[12246]: death_handler: Fatal signal 15 received
xl2tpd[12246]: Connection 0 closed to 123.123.123.123, port 1701 (Server closing)Проблема явно с моей стороны. Виндовые клиенты коннектятся нормально.
Система Kubuntu 20.04. Сервис xl2tpd выгружен и отключен.

[3mx]

Нашёл! В настройках роутера надо разрешить Пропуск трафика L2TP.