cloudstack-users-cn mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From 王耀锋 <wilc...@hotmail.com>
Subject RE: 网络中配置vpn,无法连接
Date Fri, 20 Dec 2013 02:04:35 GMT
在cloudstack4.2中发现,在高级网络中创建vpn server,只能使用源地址创建vpn
server,获取出来的公共IP创建出的VPN server 无法使用。 
在虚拟路由器中抓包看见使用获取的公网IP创建的VPN,vpn客户端连接时候返回的数据包是由源地址(虚拟路由器公网IP)发出,可能是这个原因导致的。

> From: wilckee@hotmail.com
> To: users-cn@cloudstack.apache.org
> Subject: 网络中配置vpn,无法连接
> Date: Thu, 19 Dec 2013 06:54:23 +0000
> 
> 在高级网络中,使用一个公共IP创建vpn server。创建完成后,在windows
XP中创建一个vpn client连接vpn server。用户、密码、公共密钥都配置好了,但连接时总“报错:678,远程计算机没反应”。在虚拟路由器中的查看日志:/var/log/auto.log
> Dec 19 01:45:01 r-409-VM CRON[17872]: pam_unix(cron:session): session closed for user
root
> Dec 19 01:45:14 r-409-VM pluto[28116]: packet from 192.168.0.34:500: ignoring Vendor
ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Dec 19 01:45:14 r-409-VM pluto[28116]: packet from 192.168.0.34:500: ignoring Vendor
ID payload [FRAGMENTATION]
> Dec 19 01:45:14 r-409-VM pluto[28116]: packet from 192.168.0.34:500: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
> Dec 19 01:45:14 r-409-VM pluto[28116]: packet from 192.168.0.34:500: ignoring Vendor
ID payload [Vid-Initial-Contact]
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: responding to
Main Mode from unknown peer 192.168.0.34
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: transition from
state STATE_MAIN_R0 to state STATE_MAIN_R1
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: STATE_MAIN_R1:
sent MR1, expecting MI2
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: NAT-Traversal:
Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: STATE_MAIN_R2:
sent MR2, expecting MI3
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: Main mode peer
ID is ID_IPV4_ADDR: '192.168.0.34'
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: transition from
state STATE_MAIN_R2 to state STATE_MAIN_R3
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: STATE_MAIN_R3:
sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp2048}
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: the peer proposed:
192.168.0.170/32:17/1701 -> 192.168.0.34/32:17/0
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34: responding to
Quick Mode proposal {msgid:4c4ddaec}
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34:     us: 192.168.0.170<192.168.0.170>[+S=C]:17/1701
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34:   them: 192.168.0.34[+S=C]:17/1701
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34: transition from
state STATE_QUICK_R1 to state STATE_QUICK_R2
> Dec 19 01:45:14 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #34: STATE_QUICK_R2:
IPsec SA established tunnel mode {ESP=>0x477764e3 <0xe4997faf xfrm=3DES_0-HMAC_MD5 NATOA=none
NATD=none DPD=none}
> Dec 19 01:45:49 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: received Delete
SA(0x477764e3) payload: deleting IPSEC State #34
> Dec 19 01:45:49 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: received and
ignored informational message
> Dec 19 01:45:49 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34 #33: received Delete
SA payload: deleting ISAKMP State #33
> Dec 19 01:45:49 r-409-VM pluto[28116]: "L2TP-PSK"[17] 192.168.0.34: deleting connection
"L2TP-PSK" instance with peer 192.168.0.34 {isakmp=#0/ipsec=#0}
> Dec 19 01:45:49 r-409-VM pluto[28116]: packet from 192.168.0.34:500: received and ignored
informational message这是什么问题? 		 	   		  
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message