Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

这脚本好像不支持阿里云? #3

Open
fyhong opened this issue Aug 24, 2017 · 3 comments
Open

这脚本好像不支持阿里云? #3

fyhong opened this issue Aug 24, 2017 · 3 comments

Comments

@fyhong
Copy link

fyhong commented Aug 24, 2017

我在阿里云的主机上安装这脚本,好像没用。vpn完全连不上。 用秋水大神的脚本就完全没有问题,不过他的脚本只有l2tp.
@onlyforcloud
Copy link

onlyforcloud commented Apr 20, 2018
edited

我今天折腾了一天,确实不行。
/var/log/secure日志里面看起来是建立了连接,然后客户端马上就断了。

Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active}
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: received Delete SA(0x0848e070) payload: deleting IPSEC State #2

Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: responding to Main Mode from unknown peer 118.112.40.33
Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: STATE_MAIN_R1: sent MR1, expecting MI2
Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 20 20:52:05 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: STATE_MAIN_R2: sent MR2, expecting MI3
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: ignoring informational payload IPSEC_INITIAL_CONTACT, msgid=00000000, length=28
Apr 20 20:52:06 lawrence pluto[2449]: | ISAKMP Notification Payload
Apr 20 20:52:06 lawrence pluto[2449]: | 00 00 00 1c 00 00 00 01 01 10 60 02
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.105'
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[1] 118.112.40.33 #1: switched from "L2TP-PSK-NAT"[1] 118.112.40.33 to "L2TP-PSK-NAT"
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: deleting connection "L2TP-PSK-NAT"[1] 118.112.40.33 instance with peer 118.112.40.33 {isakmp=#0/ipsec=#0}
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: new NAT mapping for #1, was 118.112.40.33:500, now 118.112.40.33:4500
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_256 integ=sha2_256 group=MODP2048}
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: the peer proposed: 47.52.136.162/32:17/1701 -> 192.168.0.105/32:17/0
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: NAT-Traversal: received 2 NAT-OA. Using first, ignoring others
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: responding to Quick Mode proposal {msgid:f943fd3d}
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: us: 172.31.162.138<172.31.162.138>:17/1701
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: them: 118.112.40.33[192.168.0.105]:17/54806===192.168.0.105/32
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active}
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Apr 20 20:52:06 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0848e070 <0xf270bc91 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.0.105 NATD=118.112.40.33:4500 DPD=active}
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: received Delete SA(0x0848e070) payload: deleting IPSEC State #2
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: deleting other state #2 (STATE_QUICK_R2) "L2TP-PSK-NAT"[2] 118.112.40.33
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33 #1: ESP traffic information: in=113B out=96B
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT" #1: deleting state (STATE_MAIN_R3)
Apr 20 20:52:07 lawrence pluto[2449]: "L2TP-PSK-NAT"[2] 118.112.40.33: deleting connection "L2TP-PSK-NAT"[2] 118.112.40.33 instance with peer 118.112.40.33 {isakmp=#0/ipsec=#0}
Apr 20 20:52:07 lawrence pluto[2449]: packet from 118.112.40.33:4500: received and ignored empty informational notification payload

@onlyforcloud
Copy link

onlyforcloud commented Apr 20, 2018
edited

@fyhong 非常感谢你,我去查了秋水的脚本,果然可以。我一个运维大神同事对比两套脚本,唯一的不同,是第二个脚本开头把SELINUX禁用了,其余都一样。秋水脚本:
wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh

@lihua123569
Copy link

好用:https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@onlyforcloud @lihua123569 @fyhong