Linux

PPTP VPN問題

  • May 3, 2016

我正在使用 Debian 作業系統pptpd。我的客戶端(Windows 和 Mac)無法完成連接。

syslog 中顯示以下內容:

Jun  2 12:52:37 vpn pptpd[891]: MGR: Maximum of 6 connections available
Jun  2 12:52:48 vpn pptpd[892]: MGR: Launching /usr/sbin/pptpctrl to handle client
Jun  2 12:52:48 vpn pptpd[892]: CTRL: local address = 192.168.30.91
Jun  2 12:52:48 vpn pptpd[892]: CTRL: remote address = 192.168.30.50
Jun  2 12:52:48 vpn pptpd[892]: CTRL: pppd options file = /etc/ppp/pptpd-options
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Client 192.168.28.154 control connection started
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 1)
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Made a START CTRL CONN RPLY packet
Jun  2 12:52:48 vpn pptpd[892]: CTRL: I wrote 156 bytes to the client.
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Sent packet to client
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 7)
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Made a OUT CALL RPLY packet
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Starting call (launching pppd, opening GRE)
Jun  2 12:52:48 vpn pptpd[892]: CTRL: pty_fd = 6
Jun  2 12:52:48 vpn pptpd[892]: CTRL: tty_fd = 7
Jun  2 12:52:48 vpn pptpd[892]: CTRL: I wrote 32 bytes to the client.
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Sent packet to client
Jun  2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Jun  2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): local address = 192.168.30.91
Jun  2 12:52:48 vpn pptpd[893]: CTRL (PPPD Launcher): remote address = 192.168.30.50
Jun  2 12:52:48 vpn pppd[893]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Jun  2 12:52:48 vpn pppd[893]: pppd 2.4.5 started by root, uid 0
Jun  2 12:52:48 vpn pppd[893]: Using interface ppp0
Jun  2 12:52:48 vpn pppd[893]: Connect: ppp0 <--> /dev/pts/1
Jun  2 12:52:48 vpn pptpd[892]: GRE: Bad checksum from pppd.
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Received PPTP Control Message (type: 15)
Jun  2 12:52:48 vpn pptpd[892]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jun  2 12:52:48 vpn pptpd[892]: GRE: accepting packet #1
Jun  2 12:52:51 vpn pptpd[892]: GRE: accepting packet #2
Jun  2 12:52:54 vpn pptpd[892]: GRE: accepting packet #3
Jun  2 12:52:57 vpn pptpd[892]: GRE: accepting packet #4
Jun  2 12:53:00 vpn pptpd[892]: GRE: accepting packet #5
Jun  2 12:53:03 vpn pptpd[892]: GRE: accepting packet #6
Jun  2 12:53:06 vpn pptpd[892]: GRE: accepting packet #7
Jun  2 12:53:09 vpn pptpd[892]: GRE: accepting packet #8
Jun  2 12:53:12 vpn pptpd[892]: GRE: accepting packet #9
Jun  2 12:53:15 vpn pptpd[892]: GRE: accepting packet #10
Jun  2 12:53:18 vpn pppd[893]: LCP: timeout sending Config-Requests
Jun  2 12:53:18 vpn pptpd[892]: GRE: read(fd=6,buffer=610d20,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Jun  2 12:53:18 vpn pptpd[892]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Jun  2 12:53:18 vpn pptpd[892]: CTRL: Reaping child PPP[893]
Jun  2 12:53:18 vpn pptpd[892]: CTRL: Client 192.168.28.154 control connection finished
Jun  2 12:53:18 vpn pptpd[892]: CTRL: Exiting now
Jun  2 12:53:18 vpn pptpd[891]: MGR: Reaped child 892

這是我的 pptpd 選項文件:

refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
noipx
#mtu 1490
#mru 1490

當我觀察連接時出現的 ppp0 介面的活動時,我根本看不到任何活動。

請指教。謝謝 !

這可能是防火牆問題。檢查您是否允許正確的流量進入您的 VPN 伺服器,特別是您需要允許TCP 1723並且Protocol 47 (GRE)之前PPTP將正常工作。您在日誌中看到的問題可能是由於GRE未從防火牆正確中繼造成的。

您可能還需要添加mppe-stateful到您的pptpd-options文件以允許 Windows 主機。根據您的連接可能通過多少個中間NAT路由器,您需要減少mrumtu設置。

引用自:https://serverfault.com/questions/276226