Добрый день.
Есть сервер L2TP+IPSec (ubuntu 20.04, xl2tpd, strongswan). Клиенты Windows и Mikrotik подключаются, при этом клиенты linux (Ubuntu 14.04, 18.04, 20.04) ни в какую. Подключение проходит без ошибок, назначается интерфейс ppp# без ip адреса, который остается в статусе down и виден только по "ifconfig -a". При этом наличие\отсутствие логина-пароля chap-secrets в конфигах никак не влияет. Так же и включение\отключение IPSec не влияет на это поведение.
Если кто-то знает как побороть, буду признателен за помощь.
Конфиги. Сервер
xl2tpd.conf
[global]
port = 1701
access control = no
ipsec saref = yes
force userspace = yes
auth file = /etc/ppp/chap-secrets
[lns default]
ip range = 172.16.10.10-172.16.10.200
local ip = 172.16.10.1
name = l2tpserver
pppoptfile = /etc/ppp/options.xl2tpd
flow bit = yes
exclusive = no
hidden bit = no
length bit = yes
require authentication = yes
require chap = yes
refuse pap = yes
Сервер. options.xl2tpd
noccp
auth
crtscts
mtu 1410
mru 1410
nodefaultroute
lock
noproxyarp
silent
modem
asyncmap 0
hide-password
require-mschap-v2
name l2tpserver
Сервер. chap-secrets
l2tpclient l2tpserver l2tpclientpassword *
Клиент. xl2tpd.conf
[lac l2tpvpn]
lns = 123.123.123.123
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
Клиент. options.l2tpd.client
noccp
mtu 1410
mru 1410
nodefaultroute
noproxyarp
silent
asyncmap 0
hide-password
require-mschap-v2
name l2tpclient
debug
noauth
Клиент. chap-secrets
l2tpclient l2tpserver l2tpclientpassword *
Логи при подключении
Клиент xl2tpd status
CGroup: /system.slice/xl2tpd.service
├─263811 /usr/sbin/xl2tpd
└─263846 /usr/sbin/pppd /dev/pts/2 passive nodetach : debug file /etc/ppp/options.l2tpd.client
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "passive"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "nodetach"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: ":"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "debug"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "file"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "/etc/ppp/options.l2tpd.client"
Feb 13 22:34:31 ubuntu-client pppd[263846]: pppd 2.4.7 started by root, uid 0
Feb 13 22:34:31 ubuntu-client pppd[263846]: using channel 14
Feb 13 22:34:31 ubuntu-client pppd[263846]: Using interface ppp0
Feb 13 22:34:31 ubuntu-client pppd[263846]: Connect: ppp0 <--> /dev/pts/2
Сервер xl2tpd status
CGroup: /system.slice/xl2tpd.service
├─21398 /usr/sbin/xl2tpd
├─21399 /usr/sbin/pppd /dev/pts/0 passive nodetach 172.16.10.1:172.16.10.10 refuse-pap auth require-chap name l2tpserver file /etc/ppp/options.xl2tpd
├─21554 /usr/sbin/pppd /dev/pts/1 passive nodetach 172.16.10.1:172.16.10.11 refuse-pap auth require-chap name l2tpserver file /etc/ppp/options.xl2tpd
└─21744 /usr/sbin/pppd /dev/pts/2 passive nodetach 172.16.10.1:172.16.10.12 refuse-pap auth require-chap name l2tpserver file /etc/ppp/options.xl2tpd
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "auth"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "require-chap"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "name"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "l2tpserver"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "file"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "/etc/ppp/options.xl2tpd"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: Call established with 111.222.111.222, PID: 21744, Local: 60440, Remote: 1381, Serial: 2
Feb 13 21:39:31 ubuntu-server pppd[21744]: pppd 2.4.7 started by root, uid 0
Feb 13 21:39:31 ubuntu-server pppd[21744]: Using interface ppp2
Feb 13 21:39:31 ubuntu-server pppd[21744]: Connect: ppp2 <--> /dev/pts/2
Сервер syslog
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: Connection established to 111.222.111.222, 1701. Local: 63785, Remote: 63941 (ref=0/0). LNS session is 'default'
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: control_finish: Warning: Peer did not specify transmit speed
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: start_pppd: I'm running:
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "/usr/sbin/pppd"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "/dev/pts/2"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "passive"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "nodetach"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "172.16.10.1:172.16.10.12"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "refuse-pap"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "auth"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "require-chap"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "name"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "l2tpserver"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "file"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: "/etc/ppp/options.xl2tpd"
Feb 13 21:39:31 ubuntu-server xl2tpd[21398]: Call established with 111.222.111.222, PID: 21744, Local: 60440, Remote: 1381, Serial: 2
Feb 13 21:39:31 ubuntu-server pppd[21744]: pppd 2.4.7 started by root, uid 0
Feb 13 21:39:31 ubuntu-server networkd-dispatcher[721]: WARNING:Unknown index 177 seen, reloading interface list
Feb 13 21:39:31 ubuntu-server pppd[21744]: Using interface ppp2
Feb 13 21:39:31 ubuntu-server pppd[21744]: Connect: ppp2 <--> /dev/pts/2
Feb 13 21:39:31 ubuntu-server systemd-udevd[21745]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Клиент syslog
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: Connecting to host 123.123.123.123, port 1701
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: Connection established to 123.123.123.123, 1701. Local: 54635, Remote: 56423 (ref=0/0).
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: Calling on tunnel 54635
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: Call established with 123.123.123.123, Local: 21056, Remote: 57938, Serial: 1 (ref=0/0)
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: start_pppd: I'm running:
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "/usr/sbin/pppd"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "/dev/pts/2"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "passive"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "nodetach"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: ":"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "debug"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "file"
Feb 13 22:34:31 ubuntu-client xl2tpd[263811]: "/etc/ppp/options.l2tpd.client"
Feb 13 22:34:31 ubuntu-client pppd[263846]: pppd 2.4.7 started by root, uid 0
Feb 13 22:34:31 ubuntu-client pppd[263846]: using channel 14
Feb 13 22:34:31 ubuntu-client networkd-dispatcher[451]: WARNING:Unknown index 141 seen, reloading interface list
Feb 13 22:34:31 ubuntu-client pppd[263846]: Using interface ppp0
Feb 13 22:34:31 ubuntu-client pppd[263846]: Connect: ppp0 <--> /dev/pts/2
Feb 13 22:34:31 ubuntu-client systemd-udevd[263844]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
ifconfig -a
ppp2: flags=4240<POINTOPOINT,NOARP,MULTICAST> mtu 1500
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip link
177: ppp2: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 3
link/ppp
Тема: Сервер L2TP+IPSec. Не подключается клиент Ubuntu (Прочитано 1420 раз)
