Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
VPN-соединение -- не ходят пакеты [solved]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Russian
View previous topic :: View next topic  
Author Message
dish
Apprentice
Apprentice


Joined: 19 Dec 2004
Posts: 266
Location: Moscow, Russia

PostPosted: Mon May 23, 2005 7:43 pm    Post subject: VPN-соединение -- не ходят пакеты [so Reply with quote

Перевели меня с авторизации по mac-IP на VPN
Без патчей соединение не хотело работать, поэтому спросил у гугля. Гугль вывел на этот ресурс. Сделал все, как там написано: скачал и установил патч для ядра (2.6.11), создал скрипты и конфиги.
Соединение создалось, но пакеты через него не ходят...

pppd nodetach debug call vdi.ru выдает:
Code:
using channel 7
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xdcad583f> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <accomp> <pcomp> <asyncmap 0x0> <mru 1500> <magic 0x338bd1e6> <auth chap MS-v2>]
sent [LCP ConfAck id=0x1 <accomp> <pcomp> <asyncmap 0x0> <mru 1500> <magic 0x338bd1e6> <auth chap MS-v2>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xdcad583f> <pcomp> <accomp>]
rcvd [CHAP Challenge id=0x1 <37343136303636343838363330333733>, name = ""]
sent [CHAP Response id=0x1 <f6097689bf7ac48a6847276a2d954caa00000000000000008cd5dcb79baf337813169ff4cb2edf437e22f6c60fd0988500>, name = "andrey9131"]
rcvd [CHAP Success id=0x1 "S=B562D51F66E2D18C353ED8408C6BCA254476C960"]
sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
rcvd [CCP ConfReq id=0x1 <deflate 15> <predictor 1> <mppe -H -M +S +L -D -C>]
sent [CCP ConfReq id=0x1]
sent [CCP ConfRej id=0x1 <deflate 15> <mppe -H -M +S +L -D -C>]
rcvd [IPCP ConfReq id=0x1 <addr 172.16.1.1> <compress VJ 0f 01>]
sent [IPCP ConfAck id=0x1 <addr 172.16.1.1> <compress VJ 0f 01>]
rcvd [IPCP ConfNak id=0x1 <addr 172.16.1.71>]
sent [IPCP ConfReq id=0x2 <compress VJ 0f 01> <addr 172.16.1.71>]
rcvd [CCP ConfAck id=0x1]
rcvd [CCP ConfReq id=0x2 <predictor 1>]
sent [CCP ConfRej id=0x2 <predictor 1>]
rcvd [IPCP ConfAck id=0x2 <compress VJ 0f 01> <addr 172.16.1.71>]
local  IP address 172.16.1.71
remote IP address 172.16.1.1
Script /etc/ppp/ip-up started (pid 7953)
rcvd [CCP ConfReq id=0x3]
sent [CCP ConfAck id=0x3]
Script /etc/ppp/ip-up finished (pid 7953), status = 0x1
Terminating on signal 2.
Script /etc/ppp/ip-down started (pid 7956)
sent [LCP TermReq id=0x2 "User request"]
Modem hangup
Connection terminated.
Connect time 0.4 minutes.
Sent 76 bytes, received 72 bytes.
Waiting for 2 child processes...
  script /etc/ppp/ip-down, pid 7956
  script /usr/sbin/pptp 192.168.1.1 --nolaunchpppd, pid 7939
Script /usr/sbin/pptp 192.168.1.1 --nolaunchpppd finished (pid 7939), status = 0x0
Script /etc/ppp/ip-down finished (pid 7956), status = 0x1
Connect time 0.4 minutes.
Sent 76 bytes, received 72 bytes.


Независимо от того, пытаюсь я пинговать что-нибудь из инета или нет, последняя строчка не меняется.

ifconfig говорит:
Code:
eth0      Link encap:Ethernet  HWaddr 00:11:2F:48:65:E6 
          inet addr:192.168.9.131  Bcast:192.168.9.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7660 errors:0 dropped:0 overruns:0 frame:0
          TX packets:235 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2255557 (2.1 Mb)  TX bytes:23618 (23.0 Kb)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:504 (504.0 b)  TX bytes:504 (504.0 b)

ppp0      Link encap:Point-to-Point Protocol 
          inet addr:172.16.1.71  P-t-P:172.16.1.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1372  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:72 (72.0 b)  TX bytes:76 (76.0 b)



route говорит:
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.1.71     localhost       255.255.255.255 UGH   1      0        0 lo
172.16.1.1      *               255.255.255.255 UH    0      0        0 ppp0
192.168.9.0     *               255.255.255.0   U     0      0        0 eth0
loopback        localhost       255.0.0.0       UG    0      0        0 lo
default         192.168.9.1     0.0.0.0         UG    0      0        0 eth0


Конфиги:

/etc/ppp/peers/vdi.ru:
Code:
name andrey9131
ipparam vdi.ru
mtu 1372
nobsdcomp
nodeflate
noauth
#require-mppe-128
pty "/usr/sbin/pptp 192.168.1.1 --nolaunchpppd"


options.pptp:
Code:
#
# Lock the port
#
lock

#
# We don't need the tunnel server to authenticate itself
#
noauth

#
# Turn off transmission protocols we know won't be used
#
nobsdcomp
nodeflate

#
# We want MPPE
#
require-mppe

#
# We want a sane mtu/mru
#
mtu 1000
mru 1000

#
# Time this thing out of it goes poof
#
lcp-echo-failure 10
lcp-echo-interval 10


ip-down.local:
Code:
f [ "$6" == "vdi.ru" ]
then
/sbin/route add default gw 192.168.9.1
fi


ip-up:
Code:
#!/bin/sh

# this is a script which is executed after connecting the ppp interface.
# look at man pppd for details

# the followings parameters are available:
# $1 = interface-name
# $2 = tty-device
# $3 = speed
# $4 = local-IP-address
# $5 = remote-IP-address
# $6 = ipparam

if [ "$USEPEERDNS" ]; then

   # add the server supplied DNS entries to /etc/resolv.conf
   # (taken from debian's 0000usepeerdns)

   # follow any symlink to find the real file
   REALRESOLVCONF=$(readlink --canonicalize /etc/resolv.conf)

   if [ "$REALRESOLVCONF" != "/etc/ppp/resolv.conf" ]; then

      # merge the new nameservers with the other options from the old configuration
      {
         grep --invert-match '^nameserver[[:space:]]' $REALRESOLVCONF
         cat /etc/ppp/resolv.conf
      } > $REALRESOLVCONF.tmp

      # backup the old configuration and install the new one
      cp -a $REALRESOLVCONF $REALRESOLVCONF.pppd-backup
      mv $REALRESOLVCONF.tmp $REALRESOLVCONF

      # correct permissions
      chmod 0644 /etc/resolv.conf
      chown root:root /etc/resolv.conf

   fi

fi

[ -f /etc/ppp/ip-up.local ] && . /etc/ppp/ip-up.local "$@"


ip-up.local
Code:
f [ "$6" == "vdi.ru" ]
then
/sbin/route del default
/sbin/route add default gw "$IPREMOTE"
fi


ip-down:
Code:
#!/bin/sh

# this is a script which is executed after disconnecting the ppp interface.
# look at man pppd for details

# the followings parameters are available:
# $1 = interface-name
# $2 = tty-device
# $3 = speed
# $4 = local-IP-address
# $5 = remote-IP-address
# $6 = ipparam

if [ "$USEPEERDNS" ]; then

   # taken from debian's 0000usepeerdns
   # follow any symlink to find the real file
   REALRESOLVCONF=$(readlink --canonicalize /etc/resolv.conf)

   if [ "$REALRESOLVCONF" != "/etc/ppp/resolv.conf" ]; then

      # if an old resolv.conf file exists, restore it
      if [ -e $REALRESOLVCONF.pppd-backup ]; then
         mv $REALRESOLVCONF.pppd-backup $REALRESOLVCONF
      fi

   fi

fi

# Recreate the default route so autodial works
[ -s /etc/conf.d/net ] && . /etc/conf.d/net
if [ -n "${gateway}" ] && [ "${gateway%/*}" = "$1" ]; then
   /sbin/route add default dev ${gateway%/*}
fi

[ -f /etc/ppp/ip-down.local ] && . /etc/ppp/ip-down.local "$@"


Подскажите, плз, куда копать?
_________________
Contrary to popular belief, UNIX is user-friendly. It just happens to be very selective about who it decides to make friends with. A. Haiut.


Last edited by dish on Mon May 23, 2005 9:23 pm; edited 1 time in total
Back to top
View user's profile Send private message
dish
Apprentice
Apprentice


Joined: 19 Dec 2004
Posts: 266
Location: Moscow, Russia

PostPosted: Mon May 23, 2005 9:23 pm    Post subject: Reply with quote

Модифицировал ip-up.local до:
Code:
f [ "$6" == "vdi.ru" ]
then
/sbin/route del default
/sbin/route add default gw "$IPREMOTE"
/sbin/route add -host 192.168.1.1 gw 192.168.9.1
/sbin/route del default
/sbin/route add default gw "$IPLOCAL"
fi

Все заработало.
_________________
Contrary to popular belief, UNIX is user-friendly. It just happens to be very selective about who it decides to make friends with. A. Haiut.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Russian All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum