Ubuntu 16.04: Não é possível estabelecer conexão VPN com Stonesoft VPN

Question

Ubuntu 16.04: Não é possível estabelecer conexão VPN com Stonesoft VPN

#1 resposta do Douglas Kosovic (0 votos)
#2 resposta do Douglas Kosovic (0 votos)

0

Estou usando o Ubuntu 16.04.3 LTS de 64 bits Estou tentando estabelecer uma conexão VPN com uma VPN Stonesoft Tanto quanto eu sei, o stonesoft significa uma VPN L2TP Como o Ubuntu não parece mais suportar o L2TP, segui estas instruções para criar VPN: Xerus - plugin L2TP ausente para o Network-Manager?

Infelizmente ainda não consigo estabelecer conexão. Eles me deram apenas

endereço IP
Nome de usuário
Senha

No syslog, vejo o seguinte:

Nov 12 09:58:42 immediata NetworkManager[996]: <info>  [1510477122.7520] audit: op="connection-activate" uuid="a944d391-ad32-4386-abed-902943385e1f" name="AreaVastaVpn" pid=2853 uid=1000 result="success"
Nov 12 09:58:42 immediata NetworkManager[996]: <info>  [1510477122.8019] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Started the VPN service, PID 4275
Nov 12 09:58:42 immediata NetworkManager[996]: <info>  [1510477122.8207] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Saw the service appear; activating connection
Nov 12 09:58:43 immediata gnome-session[2594]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Nov 12 09:59:16 immediata NetworkManager[996]: <info>  [1510477156.8682] keyfile: update /etc/NetworkManager/system-connections/AreaVastaVpn (a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn")
Nov 12 09:59:16 immediata NetworkManager[996]: <info>  [1510477156.8735] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: (ConnectInteractive) reply received
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <info>  ipsec enable flag: yes
Nov 12 09:59:16 immediata NetworkManager[996]: ** Message: Check port 1701
Nov 12 09:59:16 immediata NetworkManager[996]: ** Message: Can't bind to port 1701
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <warn>  L2TP port 1701 is busy, using ephemeral.
Nov 12 09:59:16 immediata NetworkManager[996]: nm-l2tp[4275] <info>  starting ipsec
Nov 12 09:59:16 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 12 09:59:16 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 12 09:59:16 immediata ipsec[4316]: Stopping strongSwan IPsec failed: starter is not running
Nov 12 09:59:19 immediata NetworkManager[996]: Starting strongSwan 5.3.5 IPsec [starter]...
Nov 12 09:59:19 immediata NetworkManager[996]: Loading config setup
Nov 12 09:59:19 immediata NetworkManager[996]: Loading conn 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:19 immediata NetworkManager[996]: found netkey IPsec stack
Nov 12 09:59:19 immediata charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-98-generic, x86_64)
Nov 12 09:59:19 immediata kernel: [  543.237222] audit: type=1400 audit(1510477159.053:41): apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/usr/local/lib/libxml2.so.2.9.1" pid=4345 comm="charon" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 12 09:59:19 immediata charon: 00[CFG] disabling load-tester plugin, not configured
Nov 12 09:59:19 immediata charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
Nov 12 09:59:19 immediata charon: 00[CFG] dnscert plugin is disabled
Nov 12 09:59:19 immediata charon: 00[CFG] ipseckey plugin is disabled
Nov 12 09:59:19 immediata charon: 00[CFG] attr-sql plugin: database URI not set
Nov 12 09:59:19 immediata charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 12 09:59:19 immediata charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG]   loaded IKE secret for %any
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG]   loaded IKE secret for XX.XXX.XX.XX
Nov 12 09:59:19 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 12 09:59:19 immediata charon: 00[CFG]   loaded IKE secret for %any
Nov 12 09:59:19 immediata charon: 00[CFG] sql plugin: database URI not set
Nov 12 09:59:19 immediata charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Nov 12 09:59:19 immediata charon: 00[CFG] eap-simaka-sql database URI missing
Nov 12 09:59:19 immediata charon: 00[CFG] loaded 0 RADIUS server configurations
Nov 12 09:59:19 immediata charon: 00[CFG] no threshold configured for systime-fix, disabled
Nov 12 09:59:19 immediata charon: 00[CFG] coupling file path unspecified
Nov 12 09:59:19 immediata charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity
Nov 12 09:59:19 immediata charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 12 09:59:19 immediata charon: 00[JOB] spawning 16 worker threads
Nov 12 09:59:19 immediata charon: 07[CFG] received stroke: add connection 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:19 immediata charon: 07[CFG] added configuration 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:20 immediata charon: 06[CFG] rereading secrets
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG]   loaded IKE secret for %any
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG]   loaded IKE secret for XX.XXX.XX.XX
Nov 12 09:59:20 immediata charon: 06[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 12 09:59:20 immediata charon: 06[CFG]   loaded IKE secret for %any
Nov 12 09:59:20 immediata NetworkManager[996]: nm-l2tp[4275] <info>  Spawned ipsec up script with PID 4370.
Nov 12 09:59:20 immediata charon: 10[CFG] received stroke: initiate 'a944d391-ad32-4386-abed-902943385e1f'
Nov 12 09:59:20 immediata charon: 11[IKE] initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 12 09:59:20 immediata charon: 11[ENC] generating ID_PROT request 0 [ SA V V V V ]
Nov 12 09:59:20 immediata charon: 11[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 12 09:59:20 immediata charon: 12[NET] received packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (102 bytes)
Nov 12 09:59:20 immediata charon: 12[ENC] parsed INFORMATIONAL_V1 request 1567910028 [ N(NO_PROP) ]
Nov 12 09:59:20 immediata charon: 12[IKE] received NO_PROPOSAL_CHOSEN error notify
Nov 12 09:59:20 immediata NetworkManager[996]: initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 12 09:59:20 immediata NetworkManager[996]: generating ID_PROT request 0 [ SA V V V V ]
Nov 12 09:59:20 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 12 09:59:20 immediata NetworkManager[996]: received packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (102 bytes)
Nov 12 09:59:20 immediata NetworkManager[996]: parsed INFORMATIONAL_V1 request 1567910028 [ N(NO_PROP) ]
Nov 12 09:59:20 immediata NetworkManager[996]: received NO_PROPOSAL_CHOSEN error notify
Nov 12 09:59:20 immediata NetworkManager[996]: establishing connection 'a944d391-ad32-4386-abed-902943385e1f' failed
Nov 12 09:59:20 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 12 09:59:20 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 12 09:59:20 immediata NetworkManager[996]: nm-l2tp[4275] <warn>  Could not establish IPsec tunnel.
Nov 12 09:59:20 immediata NetworkManager[996]: (nm-l2tp-service:4275): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Nov 12 09:59:20 immediata NetworkManager[996]: <info>  [1510477160.4101] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN service disappeared
Nov 12 09:59:20 immediata NetworkManager[996]: <warn>  [1510477160.4110] vpn-connection[0x1523200,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'

Alguém pode me dar uma dica sobre como posso resolver o problema? obrigado Angelo

UPDATE

Desculpe eu só vi no log eu postei o erro relacionado à porta 1701. Eu esqueci de desativar o serviço xl2tpd. Eu fiz isso e ainda não consigo conectar

Este é o meu novo rastreio de syslog

Nov 13 09:35:35 immediata NetworkManager[996]: <info>  [1510562135.1201] audit: op="connection-activate" uuid="a944d391-ad32-4386-abed-902943385e1f" name="AreaVastaVpn" pid=2853 uid=1000 result="success"
Nov 13 09:35:35 immediata NetworkManager[996]: <info>  [1510562135.1264] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Started the VPN service, PID 8554
Nov 13 09:35:35 immediata NetworkManager[996]: <info>  [1510562135.1374] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: Saw the service appear; activating connection
Nov 13 09:35:35 immediata gnome-session[2594]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
Nov 13 09:35:44 immediata NetworkManager[996]: <info>  [1510562144.2090] keyfile: update /etc/NetworkManager/system-connections/AreaVastaVpn (a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn")
Nov 13 09:35:44 immediata NetworkManager[996]: <info>  [1510562144.2150] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: (ConnectInteractive) reply received
Nov 13 09:35:44 immediata NetworkManager[996]: nm-l2tp[8554] <info>  ipsec enable flag: yes
Nov 13 09:35:44 immediata NetworkManager[996]: ** Message: Check port 1701
Nov 13 09:35:44 immediata NetworkManager[996]: nm-l2tp[8554] <info>  starting ipsec
Nov 13 09:35:44 immediata NetworkManager[996]: Stopping strongSwan IPsec failed: starter is not running
Nov 13 09:35:46 immediata NetworkManager[996]: Starting strongSwan 5.3.5 IPsec [starter]...
Nov 13 09:35:46 immediata NetworkManager[996]: Loading config setup
Nov 13 09:35:46 immediata NetworkManager[996]: Loading conn 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:46 immediata NetworkManager[996]: found netkey IPsec stack
Nov 13 09:35:46 immediata charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.3.5, Linux 4.4.0-98-generic, x86_64)
Nov 13 09:35:46 immediata kernel: [ 2727.978478] audit: type=1400 audit(1510562146.258:46): apparmor="DENIED" operation="open" profile="/usr/lib/ipsec/charon" name="/usr/local/lib/libxml2.so.2.9.1" pid=8601 comm="charon" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Nov 13 09:35:46 immediata charon: 00[CFG] disabling load-tester plugin, not configured
Nov 13 09:35:46 immediata charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
Nov 13 09:35:46 immediata charon: 00[CFG] dnscert plugin is disabled
Nov 13 09:35:46 immediata charon: 00[CFG] ipseckey plugin is disabled
Nov 13 09:35:46 immediata charon: 00[CFG] attr-sql plugin: database URI not set
Nov 13 09:35:46 immediata charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 13 09:35:46 immediata charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG]   loaded IKE secret for %any
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG]   loaded IKE secret for XX.XXX.XX.XX
Nov 13 09:35:46 immediata charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 13 09:35:46 immediata charon: 00[CFG]   loaded IKE secret for %any
Nov 13 09:35:46 immediata charon: 00[CFG] sql plugin: database URI not set
Nov 13 09:35:46 immediata charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Nov 13 09:35:46 immediata charon: 00[CFG] eap-simaka-sql database URI missing
Nov 13 09:35:46 immediata charon: 00[CFG] loaded 0 RADIUS server configurations
Nov 13 09:35:46 immediata charon: 00[CFG] no threshold configured for systime-fix, disabled
Nov 13 09:35:46 immediata charon: 00[CFG] coupling file path unspecified
Nov 13 09:35:46 immediata charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 aes rc2 sha1 sha2 md4 md5 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity
Nov 13 09:35:46 immediata charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 13 09:35:46 immediata charon: 00[JOB] spawning 16 worker threads
Nov 13 09:35:46 immediata charon: 09[CFG] received stroke: add connection 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:46 immediata charon: 09[CFG] added configuration 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:47 immediata charon: 05[CFG] rereading secrets
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-7a4acce7-0546-4531-a80f-5fc950241a95.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG]   loaded IKE secret for %any
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8fa9aa57-6f5a-42cf-adf7-b84da24e632c.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG]   loaded IKE secret for XX.XXX.XX.XX
Nov 13 09:35:47 immediata charon: 05[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-a944d391-ad32-4386-abed-902943385e1f.secrets'
Nov 13 09:35:47 immediata charon: 05[CFG]   loaded IKE secret for %any
Nov 13 09:35:47 immediata NetworkManager[996]: nm-l2tp[8554] <info>  Spawned ipsec up script with PID 8627.
Nov 13 09:35:47 immediata charon: 13[CFG] received stroke: initiate 'a944d391-ad32-4386-abed-902943385e1f'
Nov 13 09:35:47 immediata charon: 03[IKE] initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 13 09:35:47 immediata charon: 03[ENC] generating ID_PROT request 0 [ SA V V V V ]
Nov 13 09:35:47 immediata charon: 03[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:51 immediata charon: 04[IKE] sending retransmit 1 of request message ID 0, seq 1
Nov 13 09:35:51 immediata charon: 04[NET] sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <warn>  Timeout trying to establish IPsec connection
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <info>  Terminating ipsec script with PID 8627.
Nov 13 09:35:57 immediata NetworkManager[996]: Stopping strongSwan IPsec...
Nov 13 09:35:57 immediata charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 13 09:35:57 immediata charon: 00[IKE] destroying IKE_SA in state CONNECTING without notification
Nov 13 09:35:57 immediata NetworkManager[996]: initiating Main Mode IKE_SA a944d391-ad32-4386-abed-902943385e1f[1] to XX.XXX.XX.XX
Nov 13 09:35:57 immediata NetworkManager[996]: generating ID_PROT request 0 [ SA V V V V ]
Nov 13 09:35:57 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: sending retransmit 1 of request message ID 0, seq 1
Nov 13 09:35:57 immediata NetworkManager[996]: sending packet: from XX.XXX.XX.XX[500] to XX.XXX.XX.XX[500] (248 bytes)
Nov 13 09:35:57 immediata NetworkManager[996]: destroying IKE_SA in state CONNECTING without notification
Nov 13 09:35:57 immediata NetworkManager[996]: establishing connection 'a944d391-ad32-4386-abed-902943385e1f' failed
Nov 13 09:35:57 immediata NetworkManager[996]: nm-l2tp[8554] <warn>  Could not establish IPsec tunnel.
Nov 13 09:35:57 immediata NetworkManager[996]: (nm-l2tp-service:8554): GLib-GIO-CRITICAL **: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Nov 13 09:35:57 immediata NetworkManager[996]: <info>  [1510562157.3575] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN service disappeared
Nov 13 09:35:57 immediata NetworkManager[996]: <warn>  [1510562157.3587] vpn-connection[0x15235c0,a944d391-ad32-4386-abed-902943385e1f,"AreaVastaVpn",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
Nov 13 09:36:06 immediata wpa_supplicant[1346]: wlan0: Failed to initiate sched scan

Alguém pode me dar uma dica?

Obrigado

Angelo

UPDATE 2 ike-scan.sh RESULTADO

Eu corro o ike-scan.sh

Resultado do comando sudo ./ike-scan.sh XX.XXX.XX.XX | grep SA

ike-scan grep sa

Resultado do comando sudo ./ike-scan.sh XX.XXX.XX.XX

ike-scan no grep

por Angelo Immediata 12.11.2017 / 10:07

2 respostas

sudo systemct habilitar o apache2 Internet lenta apenas no Ubuntu (windo ok)

score 0 · Answer 1

Você pode excluir os seguintes arquivos temporários que não foram excluídos por algum motivo:

sudo rm -f /etc/ipsec.d/nm-l2tp-ipsec-*.secrets

Como mencionado na seguinte página:

link

Você pode fazer o seguinte para instalar o network-manager-l2tp:

sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp
sudo apt-get update
sudo apt-get install network-manager-l2tp network-manager-l2tp-gnome

O aviso 'Não é possível ligar à porta 1701' xl2tpd não é um erro, mas pode ser um problema para alguns firewalls e / ou servidores VPN quando uma porta efêmera é usada, mais detalhes aqui:

link

Mas acho que o erro 'recebeu NO_PROPOSAL_CHOSEN' é porque o servidor VPN está apenas propondo algoritmos de criptografia quebrados antigos, consulte:

link

Ele fornece detalhes sobre como consultar o servidor VPN para os algoritmos que ele suporta e fornece um exemplo para uma solução alternativa comum do algoritmo quebrado. Mas a correção recomendada é reconfigurar o servidor VPN para usar algoritmos mais strongs.

Se você ainda estiver tendo problemas e supondo que esteja usando o repositório PPA acima, você pode tentar substituir o strongswan pelo libreswan emitindo:

sudo apt install libreswan

mas não se esqueça de remover qualquer algoritmo de fase 1 / fase 2 que você tenha inserido na caixa de diálogo Opções IPsec, pois a versão do libreswan nesse repositório PPA não removeu os algoritmos comuns quebrados de seu conjunto padrão de propostas. / p>

Também pode querer reiniciar o NetworkManager para garantir que a alteração do libreswan tenha sido escolhida pelo NetworkManager-l2tp:

sudo systemctl restart NetworkManager.service

score 0 · Answer 2

Você mencionou que o Ubuntu não parece mais suportar o L2TP. O Ubuntu 17.10 (e posterior) vem com o pacote network-manager-l2tp por padrão em um repositório padrão.

Como mencionado na seguinte página do PPA:

link

% bl0ck_qu0te% Infelizmente apenas 6 usuários do Ubuntu votaram para ter o pacote oficialmente enviado para o Ubuntu 16.04, então parece improvável que isso aconteça.