#91 27.05.09 01:59
#92 27.05.09 08:15
#93 25.11.09 15:43
Re: VPN Hostel
Не получается настроить руками, вот лог:
Код::
fire@Template:~$ sudo pon VPN debug dump logfd 2 nodetach
pppd options in effect:
debug debug # (from command line)
nodetach # (from command line)
logfd 2 # (from command line)
dump # (from command line)
noauth # (from /etc/ppp/options.pptp)
refuse-pap # (from /etc/ppp/options.pptp)
refuse-chap # (from /etc/ppp/options.pptp)
refuse-mschap # (from /etc/ppp/options.pptp)
refuse-eap # (from /etc/ppp/options.pptp)
name kalashnikova-ev # (from /etc/ppp/options)
password ?????? # (from /etc/ppp/options)
remotename VPN # (from /etc/ppp/peers/VPN)
# (from /etc/ppp/options.pptp)
pty pptp vpn.hostel.nstu.ru --nolaunchpppd # (from /etc/ppp/peers/VPN)
asyncmap 0 # (from /etc/ppp/options)
mtu 1400 # (from /etc/ppp/options.pptp)
hide-password # (from /etc/ppp/options)
nodefaultroute # (from /etc/ppp/peers/VPN)
usepeerdns # (from /etc/ppp/options)
nobsdcomp # (from /etc/ppp/options.pptp)
nodeflate # (from /etc/ppp/options.pptp)
using channel 9
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x79003fef> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x40391cad> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x40391cad> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x79003fef> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x79003fef> <pcomp> <accomp>]
rcvd [LCP EchoReq id=0x0 magic=0x40391cad]
sent [LCP EchoRep id=0x0 magic=0x79003fef]
rcvd [CHAP Challenge id=0x66 <54bde8a32033e4bf3cc00f8ecf734a11>, name = "vpn.hostel.nstu.ru"]
sent [CHAP Response id=0x66 <38067351c77d9cfad2c284e06e6308fc00000000000000001cd9c0ca1a4ef064bcc90203ff66b49802e0faaa26b0592600>, name = "kalashnikova-ev"]
rcvd [LCP ConfReq id=0x2 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x1d4f9a36> <pcomp> <accomp>]
sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0xef5d29e7> <pcomp> <accomp>]
sent [LCP ConfAck id=0x2 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x1d4f9a36> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x79003fef> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0xef5d29e7> <pcomp> <accomp>]
rcvd [LCP EchoReq id=0x0 magic=0x1d4f9a36]
sent [LCP EchoRep id=0x0 magic=0xef5d29e7]
rcvd [CHAP Challenge id=0xd9 <bd972b5fbe2a6d83fe864b006d3399b4>, name = "vpn.hostel.nstu.ru"]
sent [CHAP Response id=0xd9 <2ef30d7b1b7be247904e9742f74c509e000000000000000064ec071f25d393e3980621dbb94e82d33f46ad608cb4eb1900>, name = "kalashnikova-ev"]
rcvd [CHAP Success id=0xd9 "S=0B322373FE4B3269ED0815C3822BC51E0A7485E3 M=Access granted"]
CHAP authentication succeeded
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.168.1.70> <ms-dns1 0.0.0.0> <ms-dns2 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <bsd v1 15>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <bsd v1 15>]
rcvd [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 192.0.2.1>]
sent [IPCP ConfAck id=0x1 <compress VJ 0f 01> <addr 192.0.2.1>]
rcvd [IPCP ConfNak id=0x1 <ms-dns1 217.71.141.1> <ms-dns2 80.242.64.7>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 192.168.1.70> <ms-dns1 217.71.141.1> <ms-dns2 80.242.64.7>]
rcvd [CCP ConfAck id=0x1]
rcvd [CCP ConfReq id=0x2]
sent [CCP ConfAck id=0x2]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 192.168.1.70> <ms-dns1 217.71.141.1> <ms-dns2 80.242.64.7>]
local IP address 192.168.1.70
remote IP address 192.0.2.1
primary DNS address 217.71.141.1
secondary DNS address 80.242.64.7
Script /etc/ppp/ip-up started (pid 2744)
rcvd [IPCP TermReq id=0x2 "Unauthorized remote IP address"]
IPCP terminated by peer (Unauthorized remote IP address)
Connect time 0.0 minutes.
Sent 0 bytes, received 0 bytes.
sent [IPCP TermAck id=0x2]
Script /etc/ppp/ip-up finished (pid 2744), status = 0x0
Script /etc/ppp/ip-down started (pid 2754)
rcvd [LCP TermReq id=0x3 "No network protocols running"]
LCP terminated by peer (No network protocols running)
sent [LCP TermAck id=0x3]
Script /etc/ppp/ip-down finished (pid 2754), status = 0x0
Script pptp vpn.hostel.nstu.ru --nolaunchpppd finished (pid 2736), status = 0x0
Modem hangup
Connection terminated.Проблема видимо в
Код::
rcvd [IPCP TermReq id=0x2 "Unauthorized remote IP address"] IPCP terminated by peer (Unauthorized remote IP address)
Что это значит?
Конфиги:
/etc/ppp/options
Код::
asyncmap 0 hide-password lock noauth nodefaultroute usepeerdns name kalashnikova-ev password 123
/etc/ppp/options.pptp
Код::
lock noauth refuse-pap refuse-eap refuse-chap refuse-mschap nobsdcomp nodeflate mtu 1400 mtu 1400
/etc/ppp/peers/VPN
Код::
remotename VPN debug lock deflate 0 nodefaultroute file /etc/ppp/options.pptp pty "pptp vpn.hostel.nstu.ru --nolaunchpppd"
/etc/ppp/chap-secrets
Код::
kalashnikova-ev VPN 123 *
/etc/network/interfaces
Код::
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.1.70 netmask 255.255.248.0 network 192.168.0.0 broadcast 192.168.7.255 gateway 192.168.1.1 iface ppp0 inet ppp provider VPN
/etc/sysclt.conf
Код::
net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0
Offline
#94 26.11.09 00:13
#95 26.11.09 07:16
Re: VPN Hostel
я владелец реального адреса, там впн нгту шный инет раздает, а у Fire Stream написано:
Fire Stream написал(а):
iface eth0 inet static address 192.168.1.70 netmask 255.255.248.0 network 192.168.0.0 broadcast 192.168.7.255 gateway 192.168.1.1
Разве у виртуальных адресов есть впн?
Offline
#96 26.11.09 09:31
Re: VPN Hostel
TomSafe, да есть, я тоже недавно узнал, под виндой все работает)
Matrim, может, но я не знаю как определить рабочий ли скрипт)))
/etc/ppp/ip-up
Код::
#!/bin/sh # # This script is run by the pppd after the link is established. # It uses run-parts to run scripts in /etc/ppp/ip-up.d, so to add routes, # set IP address, run the mailq etc. you should create script(s) there. # # Be aware that other packages may include /etc/ppp/ip-up.d scripts (named # after that package), so choose local script names with that in mind. # # This script is called with the following arguments: # Arg Name Example # $1 Interface name ppp0 # $2 The tty ttyS1 # $3 The link speed 38400 # $4 Local IP number 12.34.56.78 # $5 Peer IP number 12.34.56.99 # $6 Optional ``ipparam'' value foo # The environment is cleared before executing this script # so the path must be reset PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin export PATH # These variables are for the use of the scripts run by run-parts PPP_IFACE="$1" PPP_TTY="$2" PPP_SPEED="$3" PPP_LOCAL="$4" PPP_REMOTE="$5" PPP_IPPARAM="$6" export PPP_IFACE PPP_TTY PPP_SPEED PPP_LOCAL PPP_REMOTE PPP_IPPARAM # as an additional convenience, $PPP_TTYNAME is set to the tty name, # stripped of /dev/ (if present) for easier matching. PPP_TTYNAME=`/usr/bin/basename "$2"` export PPP_TTYNAME # If /var/log/ppp-ipupdown.log exists use it for logging. if [ -e /var/log/ppp-ipupdown.log ]; then exec > /var/log/ppp-ipupdown.log 2>&1 echo $0 $* echo fi # This script can be used to override the .d files supplied by other packages. if [ -x /etc/ppp/ip-up.local ]; then exec /etc/ppp/ip-up.local "$*" fi run-parts /etc/ppp/ip-up.d \ --arg="$1" --arg="$2" --arg="$3" --arg="$4" --arg="$5" --arg="$6" # if pon was called with the "quick" argument, stop pppd if [ -e /var/run/ppp-quick ]; then rm /var/run/ppp-quick wait kill $PPPD_PID fi
Offline
#97 08.12.09 11:09
#98 08.12.09 11:21
#99 08.12.09 12:59
#100 08.12.09 17:26
Re: VPN Hostel
я не хочу юзать NetworkManager, он мне все настройки сети портит, хочу через терминал научиться)
Offline
#101 08.12.09 18:21
#102 08.12.09 21:05
Re: VPN Hostel
xaron, тупо по этому фагу : http://hostel.nstu.ru/viewtopic.php?pid … 0#p1639130
Исправлено TomSafe (09.12.09 09:46)
Offline
#103 08.12.09 23:07
#104 09.12.09 09:47
#105 28.02.10 15:19
Re: VPN Hostel
Не работает впн на убунту 9.10.
По порядку: настроил по данным в этой теме манам. Когда нажимаю активировать, то соединение устанавливается.(!) Захожу в firefox ввожу h-net и ничего нет. Пинга тоже до h-net нет. Есть идеи? может перенаправление надо сделать?)))
Offline
#106 28.02.10 19:02
#107 28.02.10 19:30
Re: VPN Hostel
Всё, настроил. Сделал всё до конца, как написано:
///////////////////// Правда в 9.10 я этого не делал уже, как то само заработало /////////////////////
напоследок делаем:
tomsafe@tomsafe:~$ sudo gedit /etc/sysctl.d/10-network-security.conf
Код::
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks.
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
# of TCP functionality/features under normal conditions. When flood
# protections kick in under high unanswered-SYN load, the system
# should remain more stable, with a trade off of some loss of TCP
# functionality/features (e.g. TCP Window scaling).
net.ipv4.tcp_syncookies=1
сохраняем.
Offline
#108 28.02.10 20:50
#109 28.02.10 23:30
Re: VPN Hostel
Max, tcp_syncookies и не менял))) Такое значение по-умолчанию стояло.
Offline
#110 09.06.10 13:17
#111 09.06.10 16:17
#112 10.06.10 01:00
#113 20.09.10 20:05
#114 20.09.10 22:14
Re: VPN Hostel
На Arch Linux'е я 10-network-security.conf не правил. Всё и так работает. Может и убунте тоже)
P.S. это для тех кто первый раз настраивает vpn на линуксе)))
Исправлено <Diesel4Power> (20.09.10 22:15)
Offline
