[Sysadmins] pptp over pptp
Ilis
=?iso-8859-1?q?ilis=2Ekrou_=CE=C1_gmail=2Ecom?=
Пт Июн 6 12:41:00 MSD 2008
Пытаюсь настроить pptp через существующий pptp
После серии наводящих вопросов меня послали из desktop@ в sysadmins@
Есть подключение к провайдеру с авторизацией через VPN (eth0+ppp0)
Надо поднять ещё один VPN (pptp) для доступа в корпоративную сеть.
[root на altus ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:80:48:53:E0:27
inet addr:10.0.0.253 Bcast:10.0.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13785018 errors:0 dropped:0 overruns:0 frame:0
TX packets:7024790 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1205455111 (1.1 GiB) TX bytes:3852340608 (3.5 GiB)
Interrupt:201 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:17428 errors:0 dropped:0 overruns:0 frame:0
TX packets:17428 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:876370 (855.8 KiB) TX bytes:876370 (855.8 KiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:87.224.170.26 P-t-P:172.30.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:2190566 errors:0 dropped:0 overruns:0 frame:0
TX packets:3259729 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:174651239 (166.5 MiB) TX bytes:3590369504 (3.3 GiB)
Сделал настройки по аналогии с ppp0
[root на altus ~]# cat /etc/net/ifaces/ppp1/*
ONBOOT=no
PPPTYPE=pptp
PPTP_SERVER=217.148.52.5
REQUIRES=ppp0
user ilis
nomppe
nodefaultroute
noreplacedefaultroute
nopersist
[root на altus ~]# ifup ppp1
[root на altus ~]# cat /var/log/messages | egrep '7236|7241|7242'
Jun 2 08:11:12 altus sshd[9542]: Failed password for UNKNOWN USER
from 218.234.21.151 port 57242 ssh2
Jun 2 20:18:40 altus pppd[7236]: pppd 2.4.4 started by root, uid 0
Jun 2 20:18:40 altus pppd[7236]: Using interface ppp1
Jun 2 20:18:40 altus pppd[7236]: Connect: ppp1 <--> /dev/pts/4
Jun 2 20:18:40 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 1 'Start-Control-Connection-Request'
Jun 2 20:18:40 altus pptp[7241]: anon
log[ctrlp_disp:pptp_ctrl.c:738]: Received Start Control Connection
Reply
Jun 2 20:18:40 altus pptp[7241]: anon
log[ctrlp_disp:pptp_ctrl.c:772]: Client connection established.
Jun 2 20:18:41 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 7 'Outgoing-Call-Request'
Jun 2 20:18:41 altus pptp[7241]: anon
log[ctrlp_disp:pptp_ctrl.c:857]: Received Outgoing Call Reply.
Jun 2 20:18:41 altus pptp[7241]: anon
log[ctrlp_disp:pptp_ctrl.c:896]: Outgoing call established (call ID 0,
peer's call ID 2597).
Jun 2 20:18:41 altus pppd[7236]: CHAP authentication succeeded
Jun 2 20:18:41 altus pppd[7236]: CHAP authentication succeeded
Jun 2 20:18:42 altus pppd[7236]: local IP address 192.168.254.218
Jun 2 20:18:42 altus pppd[7236]: remote IP address 217.148.52.5
Jun 2 20:18:54 altus pppd[7242]: Script /etc/ppp/ip-up finished (pid
7243), status = 0x0
Jun 2 20:20:38 altus pptp[7241]: anon log[logecho:pptp_ctrl.c:676]:
Echo Request received.
Jun 2 20:20:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 6 'Echo-Reply'
Jun 2 20:21:36 altus pppd[7242]: LCP terminated by peer (Peer Terminated)
Jun 2 20:21:36 altus pppd[7242]: Connect time 2.9 minutes.
Jun 2 20:21:36 altus pppd[7242]: Sent 1748727312 bytes, received 0 bytes.
Jun 2 20:21:37 altus pppd[7242]: Script /etc/ppp/ip-down finished
(pid 8819), status = 0x1
Jun 2 20:21:38 altus pptp[7241]: anon
log[pptp_handle_timer:pptp_ctrl.c:1049]: closing control connection
due to missing echo reply
Jun 2 20:21:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 12 'Call-Clear-Request'
Jun 2 20:21:38 altus pptp[7241]: anon
log[pptp_conn_close:pptp_ctrl.c:430]: Closing PPTP connection
Jun 2 20:21:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 3 'Stop-Control-Connection-Request'
Jun 2 20:21:38 altus pptp[7241]: anon
log[call_callback:pptp_callmgr.c:78]: Closing connection (call state)
Jun 2 20:21:38 altus pppd[7242]: Modem hangup
Jun 2 20:21:38 altus pppd[7242]: Connection terminated.
Jun 2 20:21:43 altus pppd[7242]: Exit.
Сразу после авторизации через интерфейс пролетает безответно куча
трафика на всю ширину канала (за три минуты 1,5Г) интерфейс
отключается...
ppp1 Link encap:Point-to-Point Protocol
inet addr:192.168.254.218 P-t-P:217.148.52.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:4433815 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:73 (73.0 b) TX bytes:1623110547 (1.5 GiB)
[root на altus ~]# tcpdump -ni ppp1
22:14:35.071130 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67779, length 108: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67765, length 72: IP [|ip]
22:14:35.071714 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67780, length 144: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67766, length 108: IP [|ip]
22:14:35.072296 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67781, length 180: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67767, length 144: IP [|ip]
22:14:35.072884 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67782, length 396: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67770, length 360: IP [|ip]
22:14:35.073689 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67783, length 1480: IP truncated-ip - 36 byte! 87.224.170.26 >
217.148.52.5: GREv1, call 2599, seq 67771, length 1480: IP [|ip]
22:14:35.073731 IP 87.224.170.26 > 217.148.52.5: ip-proto-47
22:14:35.074479 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67784, length 72: IP 87.224.170.26 > 217.148.proto-47
22:14:35.075084 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67785, length 108: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67772, length 72: IP [|ip]
22:14:35.075669 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67786, length 144: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67773, length 108: IP [|ip]
22:14:35.076251 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67787, length 180: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67774, length 144: IP [|ip]
22:14:35.076866 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67788, length 1480: IP truncated-ip - 36 byte! 87.224.170.26 >
217.148.52.5: GREv1, call 2599, seq 67777, length 1480: IP [|ip]
22:14:35.076891 IP 87.224.170.26 > 217.148.52.5: ip-proto-47
13509 packets captured
19277 packets received by filter
5591 packets dropped by kernel
> Таблицу маршрутизации ДО и ВО ВРЕМЯ покажите тож.
До:
[root на altus ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.30.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
Во время:
[root на altus ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
217.148.52.5 0.0.0.0 255.255.255.255 UH 0 0 0 ppp1
172.30.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
Что можно сделать?
--
Кругликов Илья
Подробная информация о списке рассылки Sysadmins