URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 21592
[ Назад ]

Исходное сообщение
"PPTP для доступа извне в лок сеть.."

Отправлено Vladsky , 12-Сен-10 21:55 
перечитал кучу мануалов, в том числе на сайте первоисточника. везде уннель PPTP  используется для доступа к инету. мне же необходимо сделать доступ из инета в лок сеть..

след конф:

aaa authentication ppp vpn local
aaa authentication login default local
aaa authorization network vpn local

vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
  protocol pptp
  virtual-template 1

username guest password xxxx
username guest aaa attribute list vpn

interface GigabitEthernet0/0
description ---WAN---
ip address x.x.x.x 255.255.255.248
ip inspect FIREWALL out
ip virtual-reassembly
load-interval 30
duplex auto
speed auto
crypto map dynmap
service-policy output intersite
!
interface GigabitEthernet0/1
description ---to LAN---
ip address 172.16.2.1 255.255.255.0
ip virtual-reassembly
ip tcp adjust-mss 1372
duplex auto
speed auto

interface Virtual-Template1
ip unnumbered GigabitEthernet0/1
ip mtu 1492
ip nat inside
ip virtual-reassembly
autodetect encapsulation ppp
peer default ip address pool SDM_POOL_1
no keepalive
ppp encrypt mppe auto
ppp authentication ms-chap-v2 ms-chap

ip local pool SDM_POOL_1 172.16.2.100 172.16.2.120


если конектится из нутри - соединяюсь и адрес получаю. если извне то нет..

вот лог отваливается по таймауту..

Sep 12 21:52:02 172.16.2.1 4351: 004345: Sep 12 17:52:02.243: AAA/BIND(00000760): Bind i/f  
Sep 12 21:52:02 172.16.2.1 4352: 004346: Sep 12 17:52:02.263: AAA/BIND(00000760): Bind i/f Virtual-Template1
Sep 12 21:52:02 172.16.2.1 4353: 004347: Sep 12 17:52:02.271: ppp91 PPP: Send Message[Dynamic Bind Response]
Sep 12 21:52:02 172.16.2.1 4354: 004348: Sep 12 17:52:02.271: ppp91 PPP: Using vpn set call direction
Sep 12 21:52:02 172.16.2.1 4355: 004349: Sep 12 17:52:02.271: ppp91 PPP: Treating connection as a callin
Sep 12 21:52:02 172.16.2.1 4356: 004350: Sep 12 17:52:02.271: ppp91 PPP: Session handle[53000070] Session id[91]
Sep 12 21:52:02 172.16.2.1 4357: 004351: Sep 12 17:52:02.271: ppp91 PPP: Phase is ESTABLISHING, Passive Open
Sep 12 21:52:02 172.16.2.1 4358: 004352: Sep 12 17:52:02.271: ppp91 LCP: State is Listen
Sep 12 21:52:02 172.16.2.1 4359: 004353: Sep 12 17:52:02.307: ppp91 LCP: I CONFREQ [Listen] id 1 len 20
Sep 12 21:52:02 172.16.2.1 4360: 004354: Sep 12 17:52:02.311: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:02 172.16.2.1 4361: 004355: Sep 12 17:52:02.311: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:02 172.16.2.1 4362: 004356: Sep 12 17:52:02.311: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:02 172.16.2.1 4363: 004357: Sep 12 17:52:02.311: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:02 172.16.2.1 4364: 004358: Sep 12 17:52:02.311: AAA/AUTHOR (00000760): Method list id=0 not configured. Skip author
Sep 12 21:52:02 172.16.2.1 4365: 004359: Sep 12 17:52:02.311: ppp91 PPP: Authorization NOT required
Sep 12 21:52:02 172.16.2.1 4366: 004360: Sep 12 17:52:02.311: ppp91 LCP: O CONFREQ [Listen] id 1 len 15
Sep 12 21:52:02 172.16.2.1 4367: 004361: Sep 12 17:52:02.311: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:02 172.16.2.1 4368: 004362: Sep 12 17:52:02.311: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:03 172.16.2.1 4369: 004363: Sep 12 17:52:02.311: ppp91 LCP: O CONFACK [Listen] id 1 len 20
Sep 12 21:52:03 172.16.2.1 4370: 004364: Sep 12 17:52:02.311: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:03 172.16.2.1 4371: 004365: Sep 12 17:52:02.311: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:03 172.16.2.1 4372: 004366: Sep 12 17:52:02.311: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:03 172.16.2.1 4373: 004367: Sep 12 17:52:02.311: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:05 172.16.2.1 4374: 004368: Sep 12 17:52:04.307: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:05 172.16.2.1 4375: 004369: Sep 12 17:52:04.307: ppp91 LCP: O CONFREQ [ACKsent] id 2 len 15
Sep 12 21:52:05 172.16.2.1 4376: 004370: Sep 12 17:52:04.307: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:05 172.16.2.1 4377: 004371: Sep 12 17:52:04.307: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:05 172.16.2.1 4378: 004372: Sep 12 17:52:05.307: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:05 172.16.2.1 4379: 004373: Sep 12 17:52:05.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:05 172.16.2.1 4380: 004374: Sep 12 17:52:05.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:05 172.16.2.1 4381: 004375: Sep 12 17:52:05.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:05 172.16.2.1 4382: 004376: Sep 12 17:52:05.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:05 172.16.2.1 4383: 004377: Sep 12 17:52:05.307: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:05 172.16.2.1 4384: 004378: Sep 12 17:52:05.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:05 172.16.2.1 4385: 004379: Sep 12 17:52:05.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:05 172.16.2.1 4386: 004380: Sep 12 17:52:05.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:06 172.16.2.1 4387: 004381: Sep 12 17:52:05.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:07 172.16.2.1 4388: 004382: Sep 12 17:52:06.323: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:07 172.16.2.1 4389: 004383: Sep 12 17:52:06.323: ppp91 LCP: O CONFREQ [ACKsent] id 3 len 15
Sep 12 21:52:07 172.16.2.1 4390: 004384: Sep 12 17:52:06.323: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:07 172.16.2.1 4391: 004385: Sep 12 17:52:06.323: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:08 172.16.2.1 4392: 004386: Sep 12 17:52:08.307: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:08 172.16.2.1 4393: 004387: Sep 12 17:52:08.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:08 172.16.2.1 4394: 004388: Sep 12 17:52:08.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:08 172.16.2.1 4395: 004389: Sep 12 17:52:08.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:08 172.16.2.1 4396: 004390: Sep 12 17:52:08.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:08 172.16.2.1 4397: 004391: Sep 12 17:52:08.307: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:08 172.16.2.1 4398: 004392: Sep 12 17:52:08.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:08 172.16.2.1 4399: 004393: Sep 12 17:52:08.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:08 172.16.2.1 4400: 004394: Sep 12 17:52:08.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:09 172.16.2.1 4401: 004395: Sep 12 17:52:08.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:09 172.16.2.1 4402: 004396: Sep 12 17:52:08.339: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:09 172.16.2.1 4403: 004397: Sep 12 17:52:08.339: ppp91 LCP: O CONFREQ [ACKsent] id 4 len 15
Sep 12 21:52:09 172.16.2.1 4404: 004398: Sep 12 17:52:08.339: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:09 172.16.2.1 4405: 004399: Sep 12 17:52:08.339: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:11 172.16.2.1 4406: 004400: Sep 12 17:52:10.355: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:11 172.16.2.1 4407: 004401: Sep 12 17:52:10.355: ppp91 LCP: O CONFREQ [ACKsent] id 5 len 15
Sep 12 21:52:11 172.16.2.1 4408: 004402: Sep 12 17:52:10.355: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:11 172.16.2.1 4409: 004403: Sep 12 17:52:10.355: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:11 172.16.2.1 4410: 004404: Sep 12 17:52:11.307: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:11 172.16.2.1 4411: 004405: Sep 12 17:52:11.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:11 172.16.2.1 4412: 004406: Sep 12 17:52:11.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:11 172.16.2.1 4413: 004407: Sep 12 17:52:11.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:11 172.16.2.1 4414: 004408: Sep 12 17:52:11.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:12 172.16.2.1 4415: 004409: Sep 12 17:52:11.307: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:12 172.16.2.1 4416: 004410: Sep 12 17:52:11.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:12 172.16.2.1 4417: 004411: Sep 12 17:52:11.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:12 172.16.2.1 4418: 004412: Sep 12 17:52:11.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:12 172.16.2.1 4419: 004413: Sep 12 17:52:11.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:13 172.16.2.1 4420: 004414: Sep 12 17:52:12.371: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:13 172.16.2.1 4421: 004415: Sep 12 17:52:12.371: ppp91 LCP: O CONFREQ [ACKsent] id 6 len 15
Sep 12 21:52:13 172.16.2.1 4422: 004416: Sep 12 17:52:12.371: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:13 172.16.2.1 4423: 004417: Sep 12 17:52:12.371: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:14 172.16.2.1 4424: 004418: Sep 12 17:52:14.311: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:14 172.16.2.1 4425: 004419: Sep 12 17:52:14.311: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:14 172.16.2.1 4426: 004420: Sep 12 17:52:14.311: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:14 172.16.2.1 4427: 004421: Sep 12 17:52:14.311: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:14 172.16.2.1 4428: 004422: Sep 12 17:52:14.315: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:14 172.16.2.1 4429: 004423: Sep 12 17:52:14.315: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:14 172.16.2.1 4430: 004424: Sep 12 17:52:14.315: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:14 172.16.2.1 4431: 004425: Sep 12 17:52:14.315: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:14 172.16.2.1 4432: 004426: Sep 12 17:52:14.315: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:15 172.16.2.1 4433: 004427: Sep 12 17:52:14.315: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:15 172.16.2.1 4434: 004428: Sep 12 17:52:14.387: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:15 172.16.2.1 4435: 004429: Sep 12 17:52:14.387: ppp91 LCP: O CONFREQ [ACKsent] id 7 len 15
Sep 12 21:52:15 172.16.2.1 4436: 004430: Sep 12 17:52:14.387: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:15 172.16.2.1 4437: 004431: Sep 12 17:52:14.387: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:17 172.16.2.1 4438: 004432: Sep 12 17:52:16.403: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:17 172.16.2.1 4439: 004433: Sep 12 17:52:16.403: ppp91 LCP: O CONFREQ [ACKsent] id 8 len 15
Sep 12 21:52:17 172.16.2.1 4440: 004434: Sep 12 17:52:16.403: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:17 172.16.2.1 4441: 004435: Sep 12 17:52:16.403: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:17 172.16.2.1 4442: 004436: Sep 12 17:52:17.307: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:17 172.16.2.1 4443: 004437: Sep 12 17:52:17.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:17 172.16.2.1 4444: 004438: Sep 12 17:52:17.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:17 172.16.2.1 4445: 004439: Sep 12 17:52:17.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:17 172.16.2.1 4446: 004440: Sep 12 17:52:17.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:18 172.16.2.1 4447: 004441: Sep 12 17:52:17.307: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:18 172.16.2.1 4448: 004442: Sep 12 17:52:17.307: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:18 172.16.2.1 4449: 004443: Sep 12 17:52:17.307: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:18 172.16.2.1 4450: 004444: Sep 12 17:52:17.307: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:18 172.16.2.1 4451: 004445: Sep 12 17:52:17.307: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:19 172.16.2.1 4452: 004446: Sep 12 17:52:18.420: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:19 172.16.2.1 4453: 004447: Sep 12 17:52:18.420: ppp91 LCP: O CONFREQ [ACKsent] id 9 len 15
Sep 12 21:52:19 172.16.2.1 4454: 004448: Sep 12 17:52:18.420: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:19 172.16.2.1 4455: 004449: Sep 12 17:52:18.420: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:20 172.16.2.1 4456: 004450: Sep 12 17:52:20.312: ppp91 LCP: I CONFREQ [ACKsent] id 1 len 20
Sep 12 21:52:20 172.16.2.1 4457: 004451: Sep 12 17:52:20.312: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:20 172.16.2.1 4458: 004452: Sep 12 17:52:20.312: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:20 172.16.2.1 4459: 004453: Sep 12 17:52:20.312: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:20 172.16.2.1 4460: 004454: Sep 12 17:52:20.312: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:20 172.16.2.1 4461: 004455: Sep 12 17:52:20.312: ppp91 LCP: O CONFACK [ACKsent] id 1 len 20
Sep 12 21:52:20 172.16.2.1 4462: 004456: Sep 12 17:52:20.312: ppp91 LCP:    ACCM 0x00000000 (0x020600000000)
Sep 12 21:52:20 172.16.2.1 4463: 004457: Sep 12 17:52:20.312: ppp91 LCP:    MagicNumber 0x5AA07937 (0x05065AA07937)
Sep 12 21:52:20 172.16.2.1 4464: 004458: Sep 12 17:52:20.312: ppp91 LCP:    PFC (0x0702)
Sep 12 21:52:21 172.16.2.1 4465: 004459: Sep 12 17:52:20.312: ppp91 LCP:    ACFC (0x0802)
Sep 12 21:52:21 172.16.2.1 4466: 004460: Sep 12 17:52:20.436: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:21 172.16.2.1 4467: 004461: Sep 12 17:52:20.436: ppp91 LCP: O CONFREQ [ACKsent] id 10 len 15
Sep 12 21:52:21 172.16.2.1 4468: 004462: Sep 12 17:52:20.436: ppp91 LCP:    AuthProto MS-CHAP-V2 (0x0305C22381)
Sep 12 21:52:21 172.16.2.1 4469: 004463: Sep 12 17:52:20.436: ppp91 LCP:    MagicNumber 0x24EA5466 (0x050624EA5466)
Sep 12 21:52:23 172.16.2.1 4470: 004464: Sep 12 17:52:22.452: ppp91 LCP: Timeout: State ACKsent
Sep 12 21:52:23 172.16.2.1 4471: 004465: Sep 12 17:52:22.452: ppp91 LCP: O TERMREQ [ACKsent] id 10 len 4
Sep 12 21:52:23 172.16.2.1 4472: 004466: Sep 12 17:52:22.452: ppp91 PPP: Phase is TERMINATING
Sep 12 21:52:23 172.16.2.1 4473: 004467: Sep 12 17:52:22.452: ppp91 LCP: State is Listen
Sep 12 21:52:23 172.16.2.1 4474: 004468: Sep 12 17:52:22.452: ppp91 PPP: Sending Acct Event[Down] id[760]
Sep 12 21:52:23 172.16.2.1 4475: 004469: Sep 12 17:52:22.452: ppp91 LCP: State is Closed
Sep 12 21:52:23 172.16.2.1 4476: 004470: Sep 12 17:52:22.452: ppp91 PPP: Phase is DOWN
Sep 12 21:52:23 172.16.2.1 4477: 004471: Sep 12 17:52:22.452: ppp91 PPP: Send Message[Disconnect]
Sep 12 21:52:23 172.16.2.1 4478: 004472: Sep 12 17:52:22.480: VPDN Failed to get session from socket handle D500005B


Содержание

Сообщения в этом обсуждении
"PPTP для доступа извне в лок сеть.."
Отправлено Vladsky , 12-Сен-10 23:51 
>[оверквотинг удален]
> ip nat inside
> ip virtual-reassembly
> autodetect encapsulation ppp
> peer default ip address pool SDM_POOL_1
> no keepalive
> ppp encrypt mppe auto
> ppp authentication ms-chap-v2 ms-chap
>
>ip local pool SDM_POOL_1 172.16.2.100 172.16.2.120
>

все работает.. косяк был в домашнем инете.. вернее в настройках роутера, который в упор не пропускает PPTP зато работает IPSEC .. капец.. асус рулит..