vpn-deploy-playbook icon indicating copy to clipboard operation
vpn-deploy-playbook copied to clipboard
verified publisher icon ftao

你好,这样的日志应该怎么判断是怎么问题呀

Open alroyso opened this issue 10 years ago • 3 comments

Jan 14 10:12:02 noxx64 charon: 06[IKE] sending cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X1" Jan 14 10:12:02 noxx64 charon: 06[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ] Jan 14 10:12:02 noxx64 charon: 06[NET] sending packet: from 50.117.73.250[500] to 27.20.19.175[500](337 bytes) Jan 14 10:12:03 noxx64 charon: 11[NET] received packet: from 27.20.19.175[4500] to 50.117.73.250[4500](716 bytes) Jan 14 10:12:03 noxx64 charon: 11[ENC] parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ] Jan 14 10:12:03 noxx64 charon: 11[IKE] received 20 cert requests for an unknown ca Jan 14 10:12:03 noxx64 charon: 11[CFG] looking for peer configs matching 50.117.73.250[%any]...27.20.19.175[192.168.88.222] Jan 14 10:12:03 noxx64 charon: 11[CFG] selected peer config 'ikev2' Jan 14 10:12:03 noxx64 charon: 11[IKE] initiating EAP_IDENTITY method (id 0x00) Jan 14 10:12:03 noxx64 charon: 11[IKE] peer supports MOBIKE Jan 14 10:12:03 noxx64 charon: 11[IKE] authentication of 'v.1xiaoshivpn.org' (myself) with RSA signature successful Jan 14 10:12:03 noxx64 charon: 11[IKE] sending end entity cert "CN=v.1xiaoshivpn.org" Jan 14 10:12:03 noxx64 charon: 11[IKE] sending issuer cert "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X1" Jan 14 10:12:03 noxx64 charon: 11[ENC] generating IKE_AUTH response 1 [ IDr CERT CERT AUTH EAP/REQ/ID ] Jan 14 10:12:03 noxx64 charon: 11[NET] sending packet: from 50.117.73.250[4500] to 27.20.19.175[4500](2860 bytes) Jan 14 10:12:03 noxx64 charon: 05[NET] received packet: from 27.20.19.175[4500] to 50.117.73.250[4500](92 bytes) Jan 14 10:12:03 noxx64 charon: 05[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ] Jan 14 10:12:03 noxx64 charon: 05[IKE] received EAP identity 'waiyouvpn' Jan 14 10:12:03 noxx64 charon: 05[CFG] sending RADIUS Access-Request to server 'vpnserver-1' Jan 14 10:12:03 noxx64 charon: 05[CFG] received RADIUS Access-Accept from server 'vpnserver-1' Jan 14 10:12:03 noxx64 charon: 05[IKE] RADIUS authentication of 'waiyouvpn' failed

alroyso avatar Feb 03 '16 01:02 alroyso

这个时radius 认证失败了。 这个你去看 radius 服务器的错误日志。

ftao avatar Feb 03 '16 01:02 ftao

IKV2 是不能支持这个xauth-radius 认证的么?

alroyso avatar Feb 03 '16 01:02 alroyso

之前测试下来时不行的。
这个问题你要自己解决了。

ftao avatar Feb 03 '16 02:02 ftao