V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
hambut
V2EX  ›  宽带症候群

求指教 EdgeMax Router L2TP 配置问题, PSK 认证失败

  •  1
     
  •   hambut · 2016-12-22 11:32:28 +08:00 · 3748 次点击
    这是一个创建于 2884 天前的主题,其中的信息可能已经有所发展或是发生改变。

    在本版推荐买了 EdgeMax 路由一个比较满意。

    最近折腾 L2TP 出现了一点问题求指教。

    现在是接口的信息

    下面是 l2tp 的相关操作

    ubnt@ubnt:~$ configure
    set vpn ipsec ipsec-interfaces interface eth0
    set vpn ipsec nat-networks allowed-network 0.0.0.0/0
    set vpn ipsec nat-traversal enable
    set vpn l2tp remote-access authentication local-users username ubnt password letmein
    set vpn l2tp remote-access authentication mode local
    set vpn l2tp remote-access client-ip-pool start 10.0.1.241
    set vpn l2tp remote-access client-ip-pool stop 10.0.1.245
    set vpn l2tp remote-access dns-servers server-1 10.0.1.1
    set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
    set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret sharedpass
    set vpn l2tp remote-access ipsec-settings ike-lifetime 3600
    set vpn l2tp remote-access outside-address 0.0.0.0
    

    防火墙操作如下

    最后连接 L2TP 时,错误提示为

    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: received Vendor ID payload [RFC 3947]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: ignoring Vendor ID payload [FRAGMENTATION 80000000]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: received Vendor ID payload [Dead Peer Detection]
    Dec 22 11:04:38 ubnt pluto[3091]: packet from {client ip}:1011: initial Main Mode message received on {router ip}:500 but no connection has been authorized with policy=PSK
    

    求明白人,解答一下,是什么情况- -

    第 1 条附言  ·  2016-12-31 20:05:43 +08:00
    问题解决了。是固件的问题,路由固件升级到最新就解决问题了。
    5 条回复    2016-12-26 09:57:23 +08:00
    julyclyde
        1
    julyclyde  
       2016-12-22 15:45:11 +08:00
    你这个不是 L2TP 啊,是 L2TP/IPsec
    hambut
        2
    hambut  
    OP
       2016-12-22 16:01:06 +08:00
    @julyclyde 是的,同学了解我的设置出什么问题么。
    julyclyde
        3
    julyclyde  
       2016-12-22 22:34:10 +08:00
    @hambut 我猜是 outside-address 需要明确
    ericFork
        4
    ericFork  
       2016-12-24 01:23:51 +08:00
    server 端的日志呢?
    hambut
        5
    hambut  
    OP
       2016-12-26 09:57:23 +08:00
    @ericFork 最后一部分就是日志啊。 but no connection has been authorized 。根据关键词搜了很多资料,也没解决问题。
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1997 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 16:19 · PVG 00:19 · LAX 08:19 · JFK 11:19
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.