Debian pptpd 突然之间的 LCP: timeout sending Config-Requests ?

496 views
Skip to first unread message

Alpha Cheng

unread,
May 8, 2012, 12:17:08 AM5/8/12
to sh...@googlegroups.com
本来在CentOS上搞pptpd的, 后来突然坏掉了, 顺手rebuild成了Debian.

在设置/etc/pptpd.conf里面localip, remoteip之前还是可以连接上的(只是没有IP分配) , 设置过之后就开始LCP: timeout sending Config-Requests, 把localip, remoteip注释掉再重启N多次也没有用.

Windows的各种提示, 但是619端口已关闭最多.

不知道是墙的问题还是我的问题...

老师开始不高兴了(他一直在用我的服务器).我已经搞了一整天了,还是不行, 只能来求诸神赐教

下面是 cat /var/log/messages | grep ppp, netstat -antl, iptables -L, cat /etc/ppp/pptpd-options, cat /etc/pptpd.conf


  1. root@localhost:~# cat /var/log/messages | grep ppp
  2. May 8 03:28:05 localhost pppd[5070]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
  3. May 8 03:28:05 localhost pppd[5070]: pppd 2.4.5 started by root, uid 0
  4. May 8 03:28:05 localhost pppd[5070]: Using interface ppp0
  5. May 8 03:28:05 localhost pppd[5070]: Connect: ppp0 <--> /dev/pts/0
  6. May 8 03:28:35 localhost pppd[5070]: LCP: timeout sending Config-Requests
  7. May 8 03:28:35 localhost pppd[5070]: Connection terminated.
  8. May 8 03:28:35 localhost pppd[5070]: Modem hangup
  9. May 8 03:28:35 localhost pppd[5070]: Exit.
  10.  
  11. root@localhost:~# netstat -antl
  12. Active Internet connections (servers and established)
  13. Proto Recv-Q Send-Q Local Address Foreign Address State
  14. tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
  15. tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
  16. tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
  17. tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN
  18. tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
  19. tcp 0 0 74.82.186.9:22 180.110.17.140:41682 ESTABLISHED
  20. tcp6 0 0 :::80 :::* LISTEN
  21. tcp6 0 0 :::21 :::* LISTEN
  22. tcp6 0 0 :::22 :::* LISTEN
  23.  
  24. root@localhost:~# iptables -L
  25. Chain INPUT (policy DROP)
  26. target prot opt source destination
  27. ACCEPT tcp -- anywhere anywhere tcp dpt:www
  28. ACCEPT tcp -- anywhere anywhere tcp dpt:1723
  29. ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
  30. ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
  31. ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
  32.  
  33. Chain FORWARD (policy ACCEPT)
  34. target prot opt source destination
  35.  
  36. Chain OUTPUT (policy ACCEPT)
  37. target prot opt source destination
  38.  
  39. root@localhost:~# cat /etc/ppp/pptpd-options
  40. ###############################################################################
  41. # $Id: pptpd-options 4643 2006-11-06 18:42:43Z rene $
  42. #
  43. # Sample Poptop PPP options file /etc/ppp/pptpd-options
  44. # Options used by PPP when a connection arrives from a client.
  45. # This file is pointed to by /etc/pptpd.conf option keyword.
  46. # Changes are effective on the next connection. See "man pppd".
  47. #
  48. # You are expected to change this file to suit your system. As
  49. # packaged, it requires PPP 2.4.2 and the kernel MPPE module.
  50. ###############################################################################
  51.  
  52.  
  53. # Authentication
  54.  
  55. # Name of the local system for authentication purposes
  56. # (must match the second field in /etc/ppp/chap-secrets entries)
  57. name pptpd
  58.  
  59. # Optional: domain name to use for authentication
  60. # domain mydomain.net
  61.  
  62. # Strip the domain prefix from the username before authentication.
  63. # (applies if you use pppd with chapms-strip-domain patch)
  64. #chapms-strip-domain
  65.  
  66.  
  67. # Encryption
  68. # Debian: on systems with a kernel built with the package
  69. # kernel-patch-mppe >= 2.4.2 and using ppp >= 2.4.2, ...
  70. # {{{
  71. refuse-pap
  72. refuse-chap
  73. refuse-mschap
  74. # Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
  75. # Challenge Handshake Authentication Protocol, Version 2] authentication.
  76. require-mschap-v2
  77. # Require MPPE 128-bit encryption
  78. # (note that MPPE requires the use of MSCHAP-V2 during authentication)
  79. require-mppe-128
  80. # }}}
  81.  
  82.  
  83.  
  84.  
  85. # Network and Routing
  86.  
  87. # If pppd is acting as a server for Microsoft Windows clients, this
  88. # option allows pppd to supply one or two DNS (Domain Name Server)
  89. # addresses to the clients. The first instance of this option
  90. # specifies the primary DNS address; the second instance (if given)
  91. # specifies the secondary DNS address.
  92. # Attention! This information may not be taken into account by a Windows
  93. # client. See KB311218 in Microsoft's knowledge base for more information.
  94. ms-dns 8.8.8.8
  95. ms-dns 8.8.4.4
  96.  
  97. # If pppd is acting as a server for Microsoft Windows or "Samba"
  98. # clients, this option allows pppd to supply one or two WINS (Windows
  99. # Internet Name Services) server addresses to the clients. The first
  100. # instance of this option specifies the primary WINS address; the
  101. # second instance (if given) specifies the secondary WINS address.
  102. #ms-wins 10.0.0.3
  103. #ms-wins 10.0.0.4
  104.  
  105. # Add an entry to this system's ARP [Address Resolution Protocol]
  106. # table with the IP address of the peer and the Ethernet address of this
  107. # system. This will have the effect of making the peer appear to other
  108. # systems to be on the local ethernet.
  109. # (you do not need this if your PPTP server is responsible for routing
  110. # packets to the clients -- James Cameron)
  111. proxyarp
  112.  
  113. # Debian: do not replace the default route
  114. nodefaultroute
  115.  
  116.  
  117. # Logging
  118.  
  119. # Enable connection debugging facilities.
  120. # (see your syslog configuration for where pppd sends to)
  121. #debug
  122.  
  123. # Print out all the option values which have been set.
  124. # (often requested by mailing list to verify options)
  125. #dump
  126.  
  127.  
  128. # Miscellaneous
  129.  
  130. # Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
  131. # access.
  132. lock
  133.  
  134. # Disable BSD-Compress compression
  135. nobsdcomp
  136.  
  137. root@localhost:~# cat /etc/pptpd.conf
  138. ###############################################################################
  139. # $Id: pptpd.conf 4255 2004-10-03 18:44:00Z rene $
  140. #
  141. # Sample Poptop configuration file /etc/pptpd.conf
  142. #
  143. # Changes are effective when pptpd is restarted.
  144. ###############################################################################
  145.  
  146. # TAG: ppp
  147. # Path to the pppd program, default '/usr/sbin/pppd' on Linux
  148. #
  149. #ppp /usr/sbin/pppd
  150.  
  151. # TAG: option
  152. # Specifies the location of the PPP options file.
  153. # By default PPP looks in '/etc/ppp/options'
  154. #
  155. option /etc/ppp/pptpd-options
  156.  
  157. # TAG: debug
  158. # Turns on (more) debugging to syslog
  159. #
  160. #debug
  161.  
  162. # TAG: stimeout
  163. # Specifies timeout (in seconds) on starting ctrl connection
  164. #
  165. # stimeout 10
  166.  
  167. # TAG: noipparam
  168. # Suppress the passing of the client's IP address to PPP, which is
  169. # done by default otherwise.
  170. #
  171. #noipparam
  172.  
  173. # TAG: logwtmp
  174. # Use wtmp(5) to record client connections and disconnections.
  175. #
  176. logwtmp
  177.  
  178. # TAG: bcrelay <if>
  179. # Turns on broadcast relay to clients from interface <if>
  180. #
  181. #bcrelay eth1
  182.  
  183. # TAG: localip
  184. # TAG: remoteip
  185. # Specifies the local and remote IP address ranges.
  186. #
  187. # Any addresses work as long as the local machine takes care of the
  188. # routing. But if you want to use MS-Windows networking, you should
  189. # use IP addresses out of the LAN address space and use the proxyarp
  190. # option in the pppd options file, or run bcrelay.
  191. #
  192. # You can specify single IP addresses seperated by commas or you can
  193. # specify ranges, or both. For example:
  194. #
  195. # 192.168.0.234,192.168.0.245-249,192.168.0.254
  196. #
  197. # IMPORTANT RESTRICTIONS:
  198. #
  199. # 1. No spaces are permitted between commas or within addresses.
  200. #
  201. # 2. If you give more IP addresses than MAX_CONNECTIONS, it will
  202. # start at the beginning of the list and go until it gets
  203. # MAX_CONNECTIONS IPs. Others will be ignored.
  204. #
  205. # 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238,
  206. # you must type 234-238 if you mean this.
  207. #
  208. # 4. If you give a single localIP, that's ok - all local IPs will
  209. # be set to the given one. You MUST still give at least one remote
  210. # IP for each simultaneous client.
  211. #
  212. # (Recommended)
  213. localip 192.168.0.1
  214. #remoteip 192.168.0.234-238,192.168.0.245
  215. # or
  216. #localip 192.168.0.100-238,192.168.0.200
  217. remoteip 192.168.1.100-238,192.168.1.200
  218.  
  219. root@localhost:~#


--

Wishes.

Alpha.L Cheng
程方宁

Disclaimer:

This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.


Zang MingJie

unread,
May 8, 2012, 3:50:55 AM5/8/12
to sh...@googlegroups.com
这么多信息,怎么没有tcpdump的内容。。。

Ma Xiaojun

unread,
May 8, 2012, 5:45:32 AM5/8/12
to sh...@googlegroups.com
貼長信息用pastebin.com
Reply all
Reply to author
Forward
0 new messages