URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 21820
[ Назад ]

Исходное сообщение
"PPP в L2TP/IPSEC"
Отправлено drujischeshtirlitz , 26-Окт-10 13:47

Доброго!
Уважаемые, подскажите пожалуйста, где копать:
- VPN server: Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(11)XJ3, RELEASE SOFTWARE (fc1)
- VPN client: win 7
IPSEC + NAT-T работает (pre-shared key), а в PPP затык:
Oct 26 09:28:43.174: ppp65 PPP: Send Message[Dynamic Bind Response]
Oct 26 09:28:43.178: ppp65 PPP: Using vpn set call direction
Oct 26 09:28:43.178: ppp65 PPP: Treating connection as a callin
Oct 26 09:28:43.178: ppp65 PPP: Session handle[3100004B] Session id[65]
Oct 26 09:28:43.178: ppp65 PPP: Phase is ESTABLISHING, Passive Open
Oct 26 09:28:43.178: ppp65 LCP: State is Listen
Oct 26 09:28:43.190: ppp65 LCP: I CONFREQ [Listen] id 0 len 21
Oct 26 09:28:43.190: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:43.190: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:28:43.190: ppp65 LCP:    PFC (0x0702)
Oct 26 09:28:43.190: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:28:43.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:43.190: ppp65 LCP: O CONFREQ [Listen] id 1 len 19
Oct 26 09:28:43.190: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:43.190: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:43.190: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:43.190: ppp65 LCP: O CONFREJ [Listen] id 0 len 7
Oct 26 09:28:43.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:45.194: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:45.194: ppp65 LCP: O CONFREQ [REQsent] id 2 len 19
Oct 26 09:28:45.194: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:45.194: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:45.194: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:45.214: ppp65 LCP: I CONFREQ [REQsent] id 1 len 21
Oct 26 09:28:45.214: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:45.214: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:28:45.214: ppp65 LCP:    PFC (0x0702)
Oct 26 09:28:45.214: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:28:45.214: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:45.214: ppp65 LCP: O CONFREJ [REQsent] id 1 len 7
Oct 26 09:28:45.214: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:47.210: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:47.210: ppp65 LCP: O CONFREQ [REQsent] id 3 len 19
Oct 26 09:28:47.210: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:47.210: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:47.210: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:48.198: ppp65 LCP: I CONFREQ [REQsent] id 2 len 21
Oct 26 09:28:48.198: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:48.198: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:28:48.202: ppp65 LCP:    PFC (0x0702)
Oct 26 09:28:48.202: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:28:48.202: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:48.202: ppp65 LCP: O CONFREJ [REQsent] id 2 len 7
Oct 26 09:28:48.202: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:49.226: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:49.226: ppp65 LCP: O CONFREQ [REQsent] id 4 len 19
Oct 26 09:28:49.226: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:49.226: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:49.226: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:51.242: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:51.242: ppp65 LCP: O CONFREQ [REQsent] id 5 len 19
Oct 26 09:28:51.242: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:51.242: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:51.242: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:52.190: ppp65 LCP: I CONFREQ [REQsent] id 3 len 21
Oct 26 09:28:52.190: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:52.190: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:28:52.190: ppp65 LCP:    PFC (0x0702)
Oct 26 09:28:52.190: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:28:52.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:52.190: ppp65 LCP: O CONFREJ [REQsent] id 3 len 7
Oct 26 09:28:52.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:53.258: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:53.258: ppp65 LCP: O CONFREQ [REQsent] id 6 len 19
Oct 26 09:28:53.258: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:53.258: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:53.258: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:55.274: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:55.274: ppp65 LCP: O CONFREQ [REQsent] id 7 len 19
Oct 26 09:28:55.274: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:55.274: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:55.274: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:56.190: ppp65 LCP: I CONFREQ [REQsent] id 4 len 21
Oct 26 09:28:56.190: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:56.190: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:28:56.190: ppp65 LCP:    PFC (0x0702)
Oct 26 09:28:56.190: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:28:56.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:56.190: ppp65 LCP: O CONFREJ [REQsent] id 4 len 7
Oct 26 09:28:56.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:28:57.290: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:57.290: ppp65 LCP: O CONFREQ [REQsent] id 8 len 19
Oct 26 09:28:57.290: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:57.290: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:57.290: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:28:59.306: ppp65 LCP: Timeout: State REQsent
Oct 26 09:28:59.306: ppp65 LCP: O CONFREQ [REQsent] id 9 len 19
Oct 26 09:28:59.306: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:28:59.306: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:28:59.306: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:29:00.190: ppp65 LCP: I CONFREQ [REQsent] id 5 len 21
Oct 26 09:29:00.190: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:29:00.190: ppp65 LCP:    MagicNumber 0x64A016D8 (0x050664A016D8)
Oct 26 09:29:00.190: ppp65 LCP:    PFC (0x0702)
Oct 26 09:29:00.190: ppp65 LCP:    ACFC (0x0802)
Oct 26 09:29:00.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:29:00.190: ppp65 LCP: O CONFREJ [REQsent] id 5 len 7
Oct 26 09:29:00.190: ppp65 LCP:    Callback 6  (0x0D0306)
Oct 26 09:29:01.322: ppp65 LCP: Timeout: State REQsent
Oct 26 09:29:01.322: ppp65 LCP: O CONFREQ [REQsent] id 10 len 19
Oct 26 09:29:01.322: ppp65 LCP:    MRU 1400 (0x01040578)
Oct 26 09:29:01.322: ppp65 LCP:    AuthProto CHAP (0x0305C22305)
Oct 26 09:29:01.322: ppp65 LCP:    MagicNumber 0x378D3C53 (0x0506378D3C53)
Oct 26 09:29:03.338: ppp65 LCP: Timeout: State REQsent
Oct 26 09:29:03.338: ppp65 LCP: O TERMREQ [REQsent] id 10 len 4
Oct 26 09:29:03.338: ppp65 PPP: Phase is TERMINATING
Oct 26 09:29:03.338: ppp65 LCP: State is Listen
Oct 26 09:29:03.338: ppp65 PPP: Sending Acct Event[Down] id[30A4]
Oct 26 09:29:03.338: ppp65 LCP: State is Closed
Oct 26 09:29:03.338: ppp65 PPP: Phase is DOWN
Oct 26 09:29:03.338: ppp65 PPP: Send Message[Disconnect]
Подскажите как понять, почему не договариваются?
Спасибо заранее!
Алексей

Содержание

PPP в L2TP/IPSEC,Николай, 14:41 , 26-Окт-10
- PPP в L2TP/IPSEC,drujischeshtirlitz, 14:58 , 26-Окт-10
  - PPP в L2TP/IPSEC,Николай, 17:48 , 26-Окт-10
  - PPP в L2TP/IPSEC,svel, 17:51 , 26-Окт-10
- PPP в L2TP/IPSEC,drujischeshtirlitz, 18:56 , 01-Ноя-10

Сообщения в этом обсуждении

"PPP в L2TP/IPSEC"
Отправлено Николай , 26-Окт-10 14:41

конфиг покажите

"PPP в L2TP/IPSEC"
Отправлено drujischeshtirlitz , 26-Окт-10 14:58

> конфиг покажите
Вот про ППП:
aaa new-model
aaa authentication ppp default local
aaa session-id common
vpdn enable
vpdn-group 2
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 10
lcp renegotiation on-mismatch
no l2tp tunnel authentication
username uu password 0 pp
interface Virtual-Template10
mtu 1400
ip unnumbered Vlan1
ip virtual-reassembly
peer default ip address pool VPNPOOL
ppp encrypt mppe auto
ppp authentication chap ms-chap ms-chap-v2
!
ip local pool VPNPOOL 10.44.0.128 10.44.0.160
interface Vlan1
ip address 10.44.0.71 255.255.255.0
!

"PPP в L2TP/IPSEC"
Отправлено Николай , 26-Окт-10 17:48

>[оверквотинг удален]
>  ip unnumbered Vlan1
>  ip virtual-reassembly
>  peer default ip address pool VPNPOOL
>  ppp encrypt mppe auto
>  ppp authentication chap ms-chap ms-chap-v2
> !
> ip local pool VPNPOOL 10.44.0.128 10.44.0.160
> interface Vlan1
>  ip address 10.44.0.71 255.255.255.0
> !
vpdn-group 2
! Default L2TP VPDN group
  accept-dialin
   protocol l2tp
   virtual-template 10
  lcp renegotiation on-mismatch
  no l2tp tunnel authentication
  l2tp security crypto-profile L2TP
  ip pmtu
  ip mtu adjust
  crypto isakmp policy 10
  hash md5
  authentication pre-share
  crypto ipsec transform-set L2TP esp-des esp-md5-hmac
  mode transport
  crypto isakmp key your-pre-shared-key address 0.0.0.0 0.0.0.0
interface Virtual-Template10
  mtu 1400
  ip unnumbered Vlan1
  ip virtual-reassembly
  peer default ip address pool VPNPOOL
  autodetect encapsulation ppp
  ppp encrypt mppe auto
  ppp authentication chap ms-chap ms-chap-v2
на внешнем интерфейсе
interface FastEthernet0/1
crypto map L2TP

"PPP в L2TP/IPSEC"
Отправлено svel , 26-Окт-10 17:51

>[оверквотинг удален]
>  ip unnumbered Vlan1
>  ip virtual-reassembly
>  peer default ip address pool VPNPOOL
>  ppp encrypt mppe auto
>  ppp authentication chap ms-chap ms-chap-v2
> !
> ip local pool VPNPOOL 10.44.0.128 10.44.0.160
> interface Vlan1
>  ip address 10.44.0.71 255.255.255.0
> !
Попробуйте следующее
ppp authentication chap ms-chap ms-chap-v2 callin

"PPP в L2TP/IPSEC"
Отправлено drujischeshtirlitz , 01-Ноя-10 18:56

> конфиг покажите
Доброго всем вечера.
Решилось апгрейдом иоса до c2800nm-advipservicesk9-mz.124-24.T.bin
Конфиг в порядке.
Всем спасибо за внимание и помощь!
Алексей