嘿,我正在尝试通过使用Strongswan和xl2tp连接到L2TP / IPsec vpn服务器;
我从提供商那里得到的信息是:用户名,密码,MS-CHAP v2身份验证,sekret关键字和vpn服务器地址 我用了一段时间的谷歌搜索并找到了一些解决方案,所以这是我的配置:
ipsec.conf
config setup
conn vpn
authby=secret
auto=start
keyexchange=ikev1
type=transport
left=%any
right=vpn.ru
ipsec.secrets
vpn.ru %any : PSK "sekret keyword"
xl2tpd.conf
[global]
access control = yes
debug tunnel = yes
[lac accelerated]
lns = vpn.ru
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
options.l2tpd.client
ipcp-accept-local
ipcp-accept-remote
require-mschap-v2
noauth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
connect-delay 5000
name username
password password
所以我通过/etc/init.d/ipsec start和/etc/init.d/xl2tp启动了守护进程,没有错误,但是之后
ipsec up vpn
我得到这个
initiating Main Mode IKE_SA vpn[4] to 195.60.2.2
generating ID_PROT request 0 [ SA V V V V ]
sending packet: from 89.108.84.26[500] to 195.60.2.2[500] (248 bytes)
received packet: from 195.60.2.2[500] to 89.108.84.26[500] (136 bytes)
parsed ID_PROT response 0 [ SA V V V ]
received NAT-T (RFC 3947) vendor ID
received XAuth vendor ID
received DPD vendor ID
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 89.108.84.26[500] to 195.60.2.2[500] (372 bytes)
received packet: from 195.60.2.2[500] to 89.108.84.26[500] (364 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
generating INFORMATIONAL_V1 request 3821267714 [ N(INVAL_KE) ]
sending packet: from 89.108.84.26[500] to 195.60.2.2[500] (56 bytes)
establishing connection 'vpn' failed
完全没有错误!
我在做什么错人?