服务端是 MS-CHAP-V2, pppd 拨号无法验证。

2020-11-05 10:40:29 +08:00
 DoubleX

在 linux 下手动配置 l2tp/ipsec 客户端时,在 pppd 拨号的时候,因为服务器使用的是 mschap-v2,无法完成验证。 请问有什么解决方法吗?

PS:不能使用 netmanager-l2tp 配置,要求手动配置。。。。

附 pppd log: Nov 5 10:03:58 iZbp130bctfwzletru94waZ xl2tpd[2633]: start_pppd: I'm running:

Nov 5 10:03:58 iZbp130bctfwzletru94waZ xl2tpd[2633]: "/usr/sbin/pppd"

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: Plugin pppol2tp.so loaded.

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: pppd 2.4.7 started by root, uid 0

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: using channel 8

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: Using interface ppp0

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: Connect: ppp0 <-->

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: Overriding mtu 1500 to 1410

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: PPPoL2TP options: debugmask 0

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: Overriding mru 1500 to mtu value 1410

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP ConfReq id=0x1 <mru 1410> <asyncmap 0x0> <magic 0x36613b7a>]

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [LCP ConfReq id=0x1 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x991e173d>]

Nov 5 10:03:58 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP ConfAck id=0x1 <mru 1400> <asyncmap 0x0> <auth chap MS-v2> <magic 0x991e173d>]

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP ConfReq id=0x1 <mru 1410> <asyncmap 0x0> <magic 0x36613b7a>]

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [LCP ConfAck id=0x1 <mru 1410> <asyncmap 0x0> <magic 0x36613b7a>]

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: PPPoL2TP options: debugmask 0

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP EchoReq id=0x0 magic=0x36613b7a]

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [CHAP Challenge id=0xd5 <f200c9035920382e26656e852cd22f00>, name = "l2tpd"]

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: added response cache entry 0

Nov 5 10:04:01 iZbp130bctfwzletru94waZ pppd[2644]: sent [CHAP Response id=0xd5 <6a8c0cba228c6b514625a15be42305ee0000000000000000cd3e3770a0bbf946e503278ec156d0ee48b0bb73f88a856b00>, name = "test"]

Nov 5 10:04:02 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [LCP EchoRep id=0x0 magic=0x991e173d]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [CHAP Failure id=0xd5 ""]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: MS-CHAP authentication failed:

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: CHAP authentication failed

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: Overriding mtu 1500 to 1410

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: PPPoL2TP options: debugmask 0

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: Overriding mru 1500 to mtu value 1410

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [LCP TermReq id=0x2 "Authentication failed"]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: sent [LCP TermAck id=0x2]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: rcvd [LCP TermAck id=0x2]

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: Connection terminated.

Nov 5 10:04:03 iZbp130bctfwzletru94waZ pppd[2644]: Exit.

1080 次点击
所在节点    问与答
2 条回复
DoubleX
2020-11-06 11:37:46 +08:00
已找到原因。
用户密码里包含特殊字符‘#’,

根据 https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-zh.md#%E4%BD%BF%E7%94%A8%E5%91%BD%E4%BB%A4%E8%A1%8C%E9%85%8D%E7%BD%AE-linux-vpn-%E5%AE%A2%E6%88%B7%E7%AB%AF

配置完客户端后会出现 authentication failed 的场景,推测是密码里的特殊字符没有发送,造成密码不匹配,从而验证失败。

解决方法:
修改 /etc/ppp/options.l2tpd.client 文件
在 name,password 值上加上双引号“”。
julyclyde
2020-11-07 12:50:01 +08:00
恭喜你自己解决了

#符号大概是注释的意思吧

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/721940

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX