Como configurar um cliente VPN no roteador com base em um log de conexão do meu computador?
0
Eu sou lutando com o cliente PPTP do DD-WRT, como todas as configurações (e compilações) que eu tentei com base no importantíssimo wiki , mas também postagens mais antigas no fórum levaram a nenhuma conexão ppp0 aparecendo com ifconfig . ( Há é uma conexão com o IP público do servidor VPN remoto aparecendo na vlan2 com route . Veja abaixo.) Agora eu simplesmente tenho um log detalhado completo de abertura e fechamento da conexão do meu mac, que funciona muito bem. (Eu mascarei o endereço do servidor.) Que endereços devo especificar para o DD-WRT para poder ver os IPs privados da LAN remota no meu computador (mas o roteador está conectando, não o computador)? Melhor ainda se o tráfego regular não for roteado através da VPN.
Eu realmente me preocupo com o fato de o build do DD-WRT ser quebrado, mas eu tentei muitos, muitos, e não encontrei nenhuma informação definitiva sobre qual compilação teria esses recursos funcionando. (Eu preciso de um servidor PPTP para uma conexão de entrada, que seria então roteada novamente através do cliente PPTP. O hardware é um Linksys e900, então não posso voltar muito longe entre as construções).
Tue Jul 15 21:57:48 2014 : publish_entry SCDSet() failed: Success!
Tue Jul 15 21:57:48 2014 : publish_entry SCDSet() failed: Success!
Tue Jul 15 21:57:48 2014 : PPTP connecting to server 'VPN-SERVER-DOMAIN-NAME' (VPN.SERVER.IP.ADDRESS)...
Tue Jul 15 21:57:48 2014 : PPTP connection established.
Tue Jul 15 21:57:48 2014 : PPTP set port-mapping for en0, interface: 4, protocol: 0, privatePort: 0
Tue Jul 15 21:57:48 2014 : using link 0
Tue Jul 15 21:57:48 2014 : Using interface ppp0
Tue Jul 15 21:57:48 2014 : Connect: ppp0 <--> socket[34:17]
Tue Jul 15 21:57:48 2014 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4f8a4883> <pcomp> <accomp>]
Tue Jul 15 21:57:48 2014 : rcvd [LCP ConfReq id=0x0 <mru 1400> <auth eap> <magic 0x14c3361a> <pcomp> <accomp> <callback CBCP> <mrru 1614> <endpoint 13 17 01 4c 08 dc fd b1 13 4f 36 97 16 78 b7 c5 fe fb 5a 00 00 00 00> < 17 04 14 d5>]
Tue Jul 15 21:57:48 2014 : lcp_reqci: rcvd unknown option 13
Tue Jul 15 21:57:48 2014 : lcp_reqci: rcvd unknown option 23
Tue Jul 15 21:57:48 2014 : lcp_reqci: returning CONFREJ.
Tue Jul 15 21:57:48 2014 : sent [LCP ConfRej id=0x0 <callback CBCP> <mrru 1614> < 17 04 14 d5>]
Tue Jul 15 21:57:48 2014 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4f8a4883> <pcomp> <accomp>]
Tue Jul 15 21:57:48 2014 : rcvd [LCP ConfReq id=0x1 <mru 1400> <auth eap> <magic 0x14c3361a> <pcomp> <accomp> <endpoint 13 17 01 4c 08 dc fd b1 13 4f 36 97 16 78 b7 c5 fe fb 5a 00 00 00 00>]
Tue Jul 15 21:57:48 2014 : lcp_reqci: returning CONFNAK.
Tue Jul 15 21:57:48 2014 : sent [LCP ConfNak id=0x1 <auth chap MS-v2>]
Tue Jul 15 21:57:48 2014 : rcvd [LCP ConfReq id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x14c3361a> <pcomp> <accomp> <endpoint 13 17 01 4c 08 dc fd b1 13 4f 36 97 16 78 b7 c5 fe fb 5a 00 00 00 00>]
Tue Jul 15 21:57:48 2014 : lcp_reqci: returning CONFACK.
Tue Jul 15 21:57:48 2014 : sent [LCP ConfAck id=0x2 <mru 1400> <auth chap MS-v2> <magic 0x14c3361a> <pcomp> <accomp> <endpoint 13 17 01 4c 08 dc fd b1 13 4f 36 97 16 78 b7 c5 fe fb 5a 00 00 00 00>]
Tue Jul 15 21:57:48 2014 : sent [LCP EchoReq id=0x0 magic=0x4f8a4883]
Tue Jul 15 21:57:48 2014 : rcvd [CHAP Challenge id=0x0 <c21f7ac19090fa400ed060d6e085324d>, name = "IFNFS01"]
Tue Jul 15 21:57:48 2014 : sent [CHAP Response id=0x0 <0e07edf42cd3adcc49bb73bb183f0433000000000000000088b7aed8c5259c14c2429637f999770628b91d58e5a3951f00>, name = "laszlos"]
Tue Jul 15 21:57:48 2014 : rcvd [LCP EchoRep id=0x0 magic=0x14c3361a]
Tue Jul 15 21:57:49 2014 : rcvd [CHAP Success id=0x0 "S=8B21C8FD6BB8DD40CBF438D2085F4EB0337398C3"]
Tue Jul 15 21:57:49 2014 : sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
Tue Jul 15 21:57:49 2014 : rcvd [CCP ConfReq id=0x4 <mppe +H -M -S -L -D +C>]
Tue Jul 15 21:57:49 2014 : sent [CCP ConfNak id=0x4 <mppe +H -M +S +L -D -C>]
Tue Jul 15 21:57:49 2014 : rcvd [IPCP ConfReq id=0x5 <addr 192.168.77.200>]
Tue Jul 15 21:57:49 2014 : sent [IPCP TermAck id=0x5]
Tue Jul 15 21:57:49 2014 : rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
Tue Jul 15 21:57:49 2014 : sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
Tue Jul 15 21:57:49 2014 : rcvd [CCP ConfReq id=0x6 <mppe +H -M +S -L -D -C>]
Tue Jul 15 21:57:49 2014 : sent [CCP ConfAck id=0x6 <mppe +H -M +S -L -D -C>]
Tue Jul 15 21:57:49 2014 : rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
Tue Jul 15 21:57:49 2014 : MPPE 128-bit stateless compression enabled
Tue Jul 15 21:57:49 2014 : sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
Tue Jul 15 21:57:49 2014 : sent [IPV6CP ConfReq id=0x1 <addr fe80::129a:ddff:fe6c:6cce>]
Tue Jul 15 21:57:49 2014 : rcvd [IPCP ConfRej id=0x1 <ms-dns3 0.0.0.0>]
Tue Jul 15 21:57:49 2014 : sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 0.0.0.0>]
Tue Jul 15 21:57:49 2014 : rcvd [LCP ProtRej id=0x7 80 57 01 01 00 0e 01 0a 12 9a dd ff fe 6c 6c ce]
Tue Jul 15 21:57:49 2014 : rcvd [IPCP ConfNak id=0x2 <addr 192.168.77.204> <ms-dns1 192.168.77.5>]
Tue Jul 15 21:57:49 2014 : sent [IPCP ConfReq id=0x3 <addr 192.168.77.204> <ms-dns1 192.168.77.5>]
Tue Jul 15 21:57:49 2014 : rcvd [IPCP ConfAck id=0x3 <addr 192.168.77.204> <ms-dns1 192.168.77.5>]
Tue Jul 15 21:57:50 2014 : rcvd [IPCP ConfReq id=0x8 <addr 192.168.77.200>]
Tue Jul 15 21:57:50 2014 : ipcp: returning Configure-ACK
Tue Jul 15 21:57:50 2014 : sent [IPCP ConfAck id=0x8 <addr 192.168.77.200>]
Tue Jul 15 21:57:50 2014 : ipcp: up
Tue Jul 15 21:57:50 2014 : local IP address 192.168.77.204
Tue Jul 15 21:57:50 2014 : remote IP address 192.168.77.200
Tue Jul 15 21:57:50 2014 : primary DNS address 192.168.77.5
Tue Jul 15 21:57:50 2014 : Received protocol dictionaries
Tue Jul 15 21:57:50 2014 : Committed PPP store
Tue Jul 15 21:57:50 2014 : Script /etc/ppp/ip-up started (pid 43217)
Tue Jul 15 21:57:50 2014 : pptp_wait_input: Address added. previous interface setting (name: en0, address: 192.168.1.109), current interface setting (name: ppp0, family: PPP, address: 192.168.77.204, subnet: 255.255.255.0, destination: 192.168.77.200).
Tue Jul 15 21:57:50 2014 : Script /etc/ppp/ip-up finished (pid 43217), status = 0x0
Tue Jul 15 21:57:52 2014 : [DISCONNECT]
Tue Jul 15 21:57:52 2014 : Hangup (SIGHUP)
Tue Jul 15 21:57:52 2014 : ipcp: down
Tue Jul 15 21:57:52 2014 : Script /etc/ppp/ip-down started (pid 43226)
Tue Jul 15 21:57:52 2014 : MPPE disabled
Tue Jul 15 21:57:52 2014 : sent [LCP TermReq id=0x2 "MPPE disabled"]
Tue Jul 15 21:57:52 2014 : Connection terminated.
Tue Jul 15 21:57:52 2014 : sent [LCP TermReq id=0x3 "MPPE disabled"]
Tue Jul 15 21:57:52 2014 : Connect time 0.1 minutes.
Tue Jul 15 21:57:52 2014 : Sent 165818 bytes, received 224926 bytes.
Tue Jul 15 21:57:52 2014 : PPTP disconnecting...
Tue Jul 15 21:57:52 2014 : PPTP clearing port-mapping for en0
Tue Jul 15 21:57:52 2014 : PPTP disconnected
Tue Jul 15 21:57:52 2014 : Waiting for 1 child processes...
Tue Jul 15 21:57:52 2014 : script /etc/ppp/ip-down, pid 43226
Tue Jul 15 21:57:52 2014 : Waiting for 1 child processes...
Tue Jul 15 21:57:52 2014 : script /etc/ppp/ip-down, pid 43226
Tue Jul 15 21:57:52 2014 : Script /etc/ppp/ip-down finished (pid 43226), status = 0x44
Ifconfig mostra essas conexões no roteador:
br0 Link encap:Ethernet HWaddr C8:B3:73:36:CB:52
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::cab3:73ff:fe36:cb52/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8815 errors:0 dropped:0 overruns:0 frame:0
TX packets:8510 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1684278 (1.6 MiB) TX bytes:6085903 (5.8 MiB)
br0:0 Link encap:Ethernet HWaddr C8:B3:73:36:CB:52
inet addr:169.254.255.1 Bcast:169.254.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth0 Link encap:Ethernet HWaddr C8:B3:73:36:CB:50
inet6 addr: fe80::cab3:73ff:fe36:cb50/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:89826 errors:0 dropped:0 overruns:0 frame:0
TX packets:36466 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13007531 (12.4 MiB) TX bytes:16062734 (15.3 MiB)
Interrupt:4 Base address:0x2000
eth1 Link encap:Ethernet HWaddr C8:B3:73:36:CB:52
inet6 addr: fe80::cab3:73ff:fe36:cb52/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:3 Base address:0x1000
imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING NOARP MTU:1500 Metric:1
RX packets:4667 errors:0 dropped:0 overruns:0 frame:0
TX packets:4667 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:30
RX bytes:3466514 (3.3 MiB) TX bytes:3466514 (3.3 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:65536 Metric:1
RX packets:14 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1012 (1012.0 B) TX bytes:1012 (1012.0 B)
vlan1 Link encap:Ethernet HWaddr C8:B3:73:36:CB:50
inet6 addr: fe80::cab3:73ff:fe36:cb50/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8817 errors:0 dropped:0 overruns:0 frame:0
TX packets:8520 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1684934 (1.6 MiB) TX bytes:6086811 (5.8 MiB)
vlan2 Link encap:Ethernet HWaddr C8:B3:73:36:CB:51
inet addr:MA.SKED.125.166 Bcast:83.251.127.255 Mask:255.255.240.0
inet6 addr: fe80::cab3:73ff:fe36:cb51/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81009 errors:0 dropped:1 overruns:0 frame:0
TX packets:27938 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9346425 (8.9 MiB) TX bytes:9829363 (9.3 MiB)
A construção e a saída route aparecem na captura de tela (IP mascarado). (O primeiro IP da lista é minha própria sub-rede na WAN [ou seja, o gateway é o mesmo endereço que termina em 1, não 0]. O inferior é o IP público do servidor VPN ao qual estou tentando me conectar e que o Mac se conectou, mesmo de trás do roteador na mesma WAN.)
EaquiestáumacapturadeteladasconfiguraçõesprincipaisdaVPNPPTP,servidorecliente,parafacilitararevisão.
FWIW, aqui estão as minhas principais configurações do roteador. (Eu poupo você DDNS, ele funciona, eu encontrei meu roteador de longe usando seu nome de domínio. Eu também poupá-lo do status WAN e LAN.)
por László
16.07.2014 / 09:53
0 respostas
Tags networking vpn pptp router dd-wrt