Home
Categories
WIKI
Topic
User
LANGUAGE:
中文
English
IPSec VPN服务启动失败
Experiences and Insight
511
views ·
0
replies ·
To
floor
Go
junior_chan
deepin
2019-11-03 21:41
Author
配置IPSec VPN一直无法正常启动,VPN的公网IP是能够ping通的,就是一直连不上去,请问是还缺少了什么?
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2607] audit: op="connection-activate" uuid="64e61d55-0d8b-4b90-8358-32f391fec386" name="gdVPN" pid=3283 uid=1000 result="success"
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2637] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: Started the VPN service, PID 8803
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2711] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: Saw the service appear; activating connection
11月 03 13:38:29 junior nm-l2tp-service[8803]: Check port 1701
11月 03 13:38:29 junior NetworkManager[1795]: Stopping strongSwan IPsec failed: starter is not running
11月 03 13:38:31 junior NetworkManager[1795]: Starting strongSwan 5.6.2 IPsec [starter]...
11月 03 13:38:31 junior NetworkManager[1795]: Loading config setup
11月 03 13:38:31 junior NetworkManager[1795]: Loading conn '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior ipsec_starter[8817]: Starting strongSwan 5.6.2 IPsec [starter]...
11月 03 13:38:31 junior ipsec_starter[8817]: Loading config setup
11月 03 13:38:31 junior ipsec_starter[8817]: Loading conn '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior NetworkManager[1795]: found netkey IPsec stack
11月 03 13:38:31 junior ipsec_starter[8839]: Attempting to start charon...
11月 03 13:38:31 junior charon[8840]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-30deepin-generic, x86_64)
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-423a4d84-432a-4971-9c6b-802b13c7f43e.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loaded IKE secret for %any
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-64e61d55-0d8b-4b90-8358-32f391fec386.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loaded IKE secret for %any
11月 03 13:38:31 junior charon[8840]: 00[LIB] loaded plugins: charon aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-default stroke updown counters
11月 03 13:38:31 junior charon[8840]: 00[LIB] dropped capabilities, running as uid 0, gid 0
11月 03 13:38:31 junior charon[8840]: 00[JOB] spawning 16 worker threads
11月 03 13:38:31 junior ipsec_starter[8839]: charon (8840) started after 20 ms
11月 03 13:38:31 junior charon[8840]: 05[CFG] received stroke: add connection '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior charon[8840]: 05[CFG] added configuration '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:32 junior charon[8840]: 06[CFG] rereading secrets
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-423a4d84-432a-4971-9c6b-802b13c7f43e.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] loaded IKE secret for %any
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-64e61d55-0d8b-4b90-8358-32f391fec386.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] loaded IKE secret for %any
11月 03 13:38:32 junior charon[8840]: 08[CFG] received stroke: initiate '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:32 junior charon[8840]: 09[IKE] initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:32 junior charon[8840]: 09[IKE] initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:32 junior charon[8840]: 09[ENC] generating ID_PROT request 0 [ SA V V V V V ]
11月 03 13:38:32 junior charon[8840]: 09[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (284 bytes)
11月 03 13:38:32 junior charon[8840]: 11[NET] received packet: from 210.77.99.42[500] to 192.168.3.197[500] (128 bytes)
11月 03 13:38:32 junior charon[8840]: 11[ENC] parsed ID_PROT response 0 [ SA V V ]
11月 03 13:38:32 junior charon[8840]: 11[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
11月 03 13:38:32 junior charon[8840]: 11[IKE] received FRAGMENTATION vendor ID
11月 03 13:38:32 junior charon[8840]: 11[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
11月 03 13:38:32 junior charon[8840]: 11[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior charon[8840]: 13[IKE] sending retransmit 1 of request message ID 0, seq 2
11月 03 13:38:36 junior charon[8840]: 13[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior charon[8840]: 14[NET] received packet: from 210.77.99.42[500] to 192.168.3.197[500] (68 bytes)
11月 03 13:38:36 junior charon[8840]: 14[ENC] parsed INFORMATIONAL_V1 request 0 [ N(INVAL_IKE_SPI) ]
11月 03 13:38:36 junior NetworkManager[1795]: initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:36 junior NetworkManager[1795]: generating ID_PROT request 0 [ SA V V V V V ]
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (284 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: received packet: from 210.77.99.42[500] to 192.168.3.197[500] (128 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: parsed ID_PROT response 0 [ SA V V ]
11月 03 13:38:36 junior NetworkManager[1795]: received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
11月 03 13:38:36 junior NetworkManager[1795]: received FRAGMENTATION vendor ID
11月 03 13:38:36 junior NetworkManager[1795]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: sending retransmit 1 of request message ID 0, seq 2
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: received packet: from 210.77.99.42[500] to 192.168.3.197[500] (68 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: parsed INFORMATIONAL_V1 request 0 [ N(INVAL_IKE_SPI) ]
11月 03 13:38:36 junior NetworkManager[1795]: received INVALID_IKE_SPI error notify
11月 03 13:38:36 junior NetworkManager[1795]: establishing connection '64e61d55-0d8b-4b90-8358-32f391fec386' failed
11月 03 13:38:36 junior charon[8840]: 14[IKE] received INVALID_IKE_SPI error notify
11月 03 13:38:36 junior NetworkManager[1795]: Stopping strongSwan IPsec...
11月 03 13:38:36 junior charon[8840]: 00[DMN] signal of type SIGINT received. Shutting down
11月 03 13:38:36 junior nm-l2tp-service[8803]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6712] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN plugin: state changed: stopped (6)
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6729] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN service disappeared
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6736] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
Reply
Like 0
Favorite
View the author
All Replies
No replies yet
Please
sign
in first
Featured Collection
Change
[Tutorial] deepin25 WSL Offline Installation Guide
UOS AI 2.8 Released! Three New Intelligent Agents & Major Evolution
Solid Q&A | deepin 25 Common Questions – The Immutable System Edition
New Thread
Popular Ranking
Change
Restore Contextual Menu Shortcuts (Quicklists/Desktop Actions)
Popular Events
More
中文 
Restore Contextual Menu Shortcuts (Quicklists/Desktop Actions) 
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2607] audit: op="connection-activate" uuid="64e61d55-0d8b-4b90-8358-32f391fec386" name="gdVPN" pid=3283 uid=1000 result="success"
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2637] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: Started the VPN service, PID 8803
11月 03 13:38:29 junior NetworkManager[1795]: [1572759509.2711] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: Saw the service appear; activating connection
11月 03 13:38:29 junior nm-l2tp-service[8803]: Check port 1701
11月 03 13:38:29 junior NetworkManager[1795]: Stopping strongSwan IPsec failed: starter is not running
11月 03 13:38:31 junior NetworkManager[1795]: Starting strongSwan 5.6.2 IPsec [starter]...
11月 03 13:38:31 junior NetworkManager[1795]: Loading config setup
11月 03 13:38:31 junior NetworkManager[1795]: Loading conn '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior ipsec_starter[8817]: Starting strongSwan 5.6.2 IPsec [starter]...
11月 03 13:38:31 junior ipsec_starter[8817]: Loading config setup
11月 03 13:38:31 junior ipsec_starter[8817]: Loading conn '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior NetworkManager[1795]: found netkey IPsec stack
11月 03 13:38:31 junior ipsec_starter[8839]: Attempting to start charon...
11月 03 13:38:31 junior charon[8840]: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-30deepin-generic, x86_64)
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-423a4d84-432a-4971-9c6b-802b13c7f43e.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loaded IKE secret for %any
11月 03 13:38:31 junior charon[8840]: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-64e61d55-0d8b-4b90-8358-32f391fec386.secrets'
11月 03 13:38:31 junior charon[8840]: 00[CFG] loaded IKE secret for %any
11月 03 13:38:31 junior charon[8840]: 00[LIB] loaded plugins: charon aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-default stroke updown counters
11月 03 13:38:31 junior charon[8840]: 00[LIB] dropped capabilities, running as uid 0, gid 0
11月 03 13:38:31 junior charon[8840]: 00[JOB] spawning 16 worker threads
11月 03 13:38:31 junior ipsec_starter[8839]: charon (8840) started after 20 ms
11月 03 13:38:31 junior charon[8840]: 05[CFG] received stroke: add connection '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:31 junior charon[8840]: 05[CFG] added configuration '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:32 junior charon[8840]: 06[CFG] rereading secrets
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-423a4d84-432a-4971-9c6b-802b13c7f43e.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] loaded IKE secret for %any
11月 03 13:38:32 junior charon[8840]: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-64e61d55-0d8b-4b90-8358-32f391fec386.secrets'
11月 03 13:38:32 junior charon[8840]: 06[CFG] loaded IKE secret for %any
11月 03 13:38:32 junior charon[8840]: 08[CFG] received stroke: initiate '64e61d55-0d8b-4b90-8358-32f391fec386'
11月 03 13:38:32 junior charon[8840]: 09[IKE] initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:32 junior charon[8840]: 09[IKE] initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:32 junior charon[8840]: 09[ENC] generating ID_PROT request 0 [ SA V V V V V ]
11月 03 13:38:32 junior charon[8840]: 09[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (284 bytes)
11月 03 13:38:32 junior charon[8840]: 11[NET] received packet: from 210.77.99.42[500] to 192.168.3.197[500] (128 bytes)
11月 03 13:38:32 junior charon[8840]: 11[ENC] parsed ID_PROT response 0 [ SA V V ]
11月 03 13:38:32 junior charon[8840]: 11[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
11月 03 13:38:32 junior charon[8840]: 11[IKE] received FRAGMENTATION vendor ID
11月 03 13:38:32 junior charon[8840]: 11[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
11月 03 13:38:32 junior charon[8840]: 11[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior charon[8840]: 13[IKE] sending retransmit 1 of request message ID 0, seq 2
11月 03 13:38:36 junior charon[8840]: 13[NET] sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior charon[8840]: 14[NET] received packet: from 210.77.99.42[500] to 192.168.3.197[500] (68 bytes)
11月 03 13:38:36 junior charon[8840]: 14[ENC] parsed INFORMATIONAL_V1 request 0 [ N(INVAL_IKE_SPI) ]
11月 03 13:38:36 junior NetworkManager[1795]: initiating Main Mode IKE_SA 64e61d55-0d8b-4b90-8358-32f391fec386[1] to 210.77.99.42
11月 03 13:38:36 junior NetworkManager[1795]: generating ID_PROT request 0 [ SA V V V V V ]
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (284 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: received packet: from 210.77.99.42[500] to 192.168.3.197[500] (128 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: parsed ID_PROT response 0 [ SA V V ]
11月 03 13:38:36 junior NetworkManager[1795]: received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
11月 03 13:38:36 junior NetworkManager[1795]: received FRAGMENTATION vendor ID
11月 03 13:38:36 junior NetworkManager[1795]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: sending retransmit 1 of request message ID 0, seq 2
11月 03 13:38:36 junior NetworkManager[1795]: sending packet: from 192.168.3.197[500] to 210.77.99.42[500] (244 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: received packet: from 210.77.99.42[500] to 192.168.3.197[500] (68 bytes)
11月 03 13:38:36 junior NetworkManager[1795]: parsed INFORMATIONAL_V1 request 0 [ N(INVAL_IKE_SPI) ]
11月 03 13:38:36 junior NetworkManager[1795]: received INVALID_IKE_SPI error notify
11月 03 13:38:36 junior NetworkManager[1795]: establishing connection '64e61d55-0d8b-4b90-8358-32f391fec386' failed
11月 03 13:38:36 junior charon[8840]: 14[IKE] received INVALID_IKE_SPI error notify
11月 03 13:38:36 junior NetworkManager[1795]: Stopping strongSwan IPsec...
11月 03 13:38:36 junior charon[8840]: 00[DMN] signal of type SIGINT received. Shutting down
11月 03 13:38:36 junior nm-l2tp-service[8803]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6712] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN plugin: state changed: stopped (6)
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6729] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN service disappeared
11月 03 13:38:36 junior NetworkManager[1795]: [1572759516.6736] vpn-connection[0x5619fe2b8650,64e61d55-0d8b-4b90-8358-32f391fec386,"gdVPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'