Не работают маршрутизаторы по L2tp (mpd5.6)

[ZeM]

Добрый день! Имеем

Код: Выделить всё

FreeBSD VPN_New 9.0-RELEASE-p4 FreeBSD 9.0-RELEASE-p4 #0: Mon Oct 29 11:12:56 MSK 2012     root@VPN_New:/sys/amd64/compile/VPN_New  amd64

и mpd 5.6
На впн сервере настроены 2 Влана в режиме tag.

Интересная картина - все компьютеры без проблем работают по l2tp под любой ОС, Mikrotik RB1000 без проблем работает.
Маршрутизатор что D-link Dir 300 или Zyxel Keenetik Giga и прочие модели конектятся к впн серверу - пинги идут наружу как только открываешь в браузере любую страницу дисконект и отвал пингов.
По pptp проблем нет - все везде без проблем работает.
Вот конфиг mpd в части l2tp

Код: Выделить всё

  default:
    load l2tp_server
    load pptp_server

l2tp_server:
    set ippool add pool1 10.100.136.2 10.100.139.253
    create bundle template B
    set iface enable proxy-arp
    set iface idle 0
    set iface enable tcpmssfix
    set iface enable netflow-in netflow-out
    set ipcp no vjcomp
    set ipcp ranges 10.100.136.1/22 ippool pool1
    set ipcp dns X.X.X.X X.X.X.X
    set bundle enable compression
    #set ccp yes mppc
    set mppc yes e40
    set mppc yes e128
    set mppc yes stateless
    create link template L l2tp
    set link action bundle B
    set link max-children 1500
    set link enable multilink
    set link yes acfcomp protocomp
    set link no pap #22.11.2012
    set link enable chap
    set link enable peer-as-calling
    load radius
    set link keep-alive 10 60
    set link mtu 1460
    set l2tp self X.X.X.X #22.11.2012
    set link enable incoming
    #set bundle disable ipv6cp

Есть у кого какие мысли? Возможно в mpdшке что подкрутить надо.

[Wishmaster]

Аналогичная проблема. Кроме того тестировали роутеры ASUS RT-N16, RT-N10, RT-N56U, RT-N66U, WL-500GP. Прошивки роутеров тоже пробовали разные, dd-wrt, tomato, "от Энтузиастов", оригинальную.

Более детально разобраться руки не доходили, но раз уж тут такая тема появилась, тоже поучаствую.

Просьба автору, включите максимальную детализацию логов в mpd, и выложите части, которые появляются при обрывах. Если будет много информации, можно коллективно написать Александру Мотину, думаю, он заинтересуется проблемой.

P.S. Пробовали BSD 8.x, 9.x - все едино. MPD тоже пробовали разных версий.

[xxxupg]

mtu пробовали менять?

[Wishmaster]

mtu пробовали менять?

Пробовали. Был и 1500 и 1470 и 1396 - без разницы. Причем, винда нормально работала со всеми вариантами mtu.

[ZeM]

На тестовой тачке
Уровень логирования mpd

Код: Выделить всё

log +PHYS2

Windows 7 l2tp все работает ниже лог

Код: Выделить всё

Mar 19 11:25:34 NAT_new mpd: caught fatal signal TERM
Mar 19 11:25:34 NAT_new mpd: [B-2] IFACE: Close event
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: Close event
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: state change Opened --> Closing
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: SendTerminateReq #2
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: LayerDown
Mar 19 11:25:34 NAT_new mpd: [B-2] IFACE: Down event
Mar 19 11:25:34 NAT_new mpd: [B-2] CCP: Close event
Mar 19 11:25:34 NAT_new mpd: [B-2] CCP: state change Stopped --> Closed
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: rec'd Terminate Ack #2 (Closing)
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: state change Closing --> Closed
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: LayerFinish
Mar 19 11:25:34 NAT_new mpd: [B-2] Bundle: No NCPs left. Closing links...
Mar 19 11:25:34 NAT_new mpd: [B-2] Bundle: closing link "L-2"...
Mar 19 11:25:34 NAT_new mpd: [L-2] Link: CLOSE event
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: Close event
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: state change Opened --> Closing
Mar 19 11:25:34 NAT_new mpd: [L-2] Link: Leave bundle "B-2"
Mar 19 11:25:34 NAT_new mpd: [L-2] RADIUS: Accounting user 'camm' (Type: 2)
Mar 19 11:25:34 NAT_new mpd: [B-2] Bundle: Status update: up 0 links, total bandwidth 9600 bps
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: Close event
Mar 19 11:25:34 NAT_new mpd: [B-2] CCP: Close event
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: Down event
Mar 19 11:25:34 NAT_new mpd: [B-2] IPCP: state change Closed --> Initial
Mar 19 11:25:34 NAT_new mpd: [B-2] CCP: Down event
Mar 19 11:25:34 NAT_new mpd: [B-2] CCP: state change Closed --> Initial
Mar 19 11:25:34 NAT_new mpd: [B-2] Bundle: Shutdown
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: SendTerminateReq #4
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: LayerDown
Mar 19 11:25:34 NAT_new mpd: [L-2] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'camm'
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: rec'd Terminate Ack #4 (Closing)
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: state change Closing --> Closed
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: LayerFinish
Mar 19 11:25:34 NAT_new mpd: [L-2] device: CLOSE event
Mar 19 11:25:34 NAT_new mpd: [L-2] L2TP: Call #0 terminated locally
Mar 19 11:25:34 NAT_new mpd: [L-2] device: DOWN event
Mar 19 11:25:34 NAT_new mpd: [L-2] Link: DOWN event
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: Down event
Mar 19 11:25:34 NAT_new mpd: [L-2] LCP: state change Closed --> Initial
Mar 19 11:25:34 NAT_new mpd: [L-2] Link: SHUTDOWN event
Mar 19 11:25:34 NAT_new mpd: [L-2] Link: Shutdown
Mar 19 11:25:34 NAT_new mpd: L2TP: Control connection 0x802be7610 terminated: 0 ()
Mar 19 11:25:36 NAT_new mpd: [B] Bundle: Shutdown
Mar 19 11:25:36 NAT_new mpd: [C] Bundle: Shutdown
Mar 19 11:25:36 NAT_new mpd: [L] Link: Shutdown
Mar 19 11:25:36 NAT_new mpd: L2TP: stop waiting for connection on 172.28.200.12 1701
Mar 19 11:25:36 NAT_new mpd: [M] Link: Shutdown
Mar 19 11:25:36 NAT_new mpd: PPTP: stop waiting for connection on 172.28.200.12 1723
Mar 19 11:25:36 NAT_new mpd: PPTP: Total shutdown
Mar 19 11:25:36 NAT_new mpd: L2TP: Total shutdown
Mar 19 11:25:36 NAT_new mpd: process 36825 terminated
Mar 19 11:25:36 NAT_new mpd: Multi-link PPP daemon for FreeBSD
Mar 19 11:25:36 NAT_new mpd:  
Mar 19 11:25:36 NAT_new mpd: process 37106 started, version 5.6 (root@NAT_new 10:22 21-Nov-2012)
Mar 19 11:25:36 NAT_new mpd: CONSOLE: listening on 127.0.0.1 5005
Mar 19 11:25:36 NAT_new mpd: web: listening on 172.28.200.12 5006
Mar 19 11:25:36 NAT_new mpd: L2TP: waiting for connection on 172.28.200.12 1701
Mar 19 11:25:36 NAT_new mpd: PPTP: waiting for connection on 172.28.200.12 1723
Mar 19 11:25:54 NAT_new mpd: Incoming L2TP packet from 172.28.28.110 1701
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; L2TP&#58; Control connection 0x802be7610 172.28.200.12 1701 <-> 172.28.28.110 1701 accepted
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; L2TP&#58; Control connection 0x802be7610 172.28.200.12 1701 <-> 172.28.28.110 1701 connected
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; L2TP&#58; Incoming call #0 via connection 0x802be7610 received
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; L2TP&#58; Incoming call #0 via control connection 0x802be7610 accepted
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; OPEN event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Open event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Initial --> Starting
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; LayerStart
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; device&#58; OPEN event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; L2tpOpen&#40;&#41; on incoming call
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; L2TP&#58; Call #0 connected
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; device&#58; UP event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; UP event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; origination is remote
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Up event
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Starting --> Req-Sent
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #1
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM e68a4798
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #0 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM 26705594
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   CALLBACK 6
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigRej #0
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   CALLBACK 6
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM 26705594
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM 26705594
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Req-Sent --> Ack-Sent
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #2
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM e68a4798
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Reject #2 &#40;Ack-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #3
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM e68a4798
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Ack #3 &#40;Ack-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM e68a4798
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Ack-Sent --> Opened
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; auth&#58; peer wants nothing, I want CHAP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; CHAP&#58; sending CHALLENGE #1 len&#58; 21
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; LayerUp
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Ident #2 &#40;Opened&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MESG&#58; MSRASV5.20
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Ident #3 &#40;Opened&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MESG&#58; MSRAS-0-NBOOK-HP
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Ident #4 &#40;Opened&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MESG&#58; ЧypЫбE;OM-^SM-^Rъ^&#93;^_^ВД
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; CHAP&#58; rec'd RESPONSE #1 len&#58; 58
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   Name&#58; "camm"
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; AUTH&#58; Trying RADIUS
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; RADIUS&#58; Authenticating user 'camm'
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; RADIUS&#58; Rec'd RAD_ACCESS_ACCEPT for user 'camm'
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; AUTH&#58; RADIUS returned&#58; authenticated
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; CHAP&#58; Auth return status&#58; authenticated
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; CHAP&#58; Reply message&#58; S=474CA78705BC1046E72A25D14FD5D34E039121DD
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; CHAP&#58; sending SUCCESS #1 len&#58; 46
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; authorization successful
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; Matched action 'bundle "B" ""'
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; Creating new bundle using template "B".
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; Bundle&#58; Interface ng0 created
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; Join bundle "B-2"
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; Bundle&#58; Status update&#58; up 1 link, total bandwidth 64000 bps
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; Open event
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; state change Initial --> Starting
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; LayerStart
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; Open event
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; state change Initial --> Starting
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; LayerStart
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; Up event
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; state change Starting --> Req-Sent
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; SendConfigReq #1
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 10.100.1.1
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; Up event
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; state change Starting --> Req-Sent
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #1
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; RADIUS&#58; Accounting user 'camm' &#40;Type&#58; 1&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;L-2&#93; RADIUS&#58; Rec'd RAD_ACCOUNTING_RESPONSE for user 'camm'
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Configure Request #5 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   MPPC
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     0x01000001&#58;MPPC, stateless
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigRej #5
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   MPPC
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     0x01000001&#58;MPPC, stateless
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; rec'd Configure Request #6 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRIDNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 109.197.112.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRINBNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECDNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 109.197.113.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECNBNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; SendConfigRej #6
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRINBNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECNBNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; rec'd Configure Ack #1 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 10.100.1.1
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; state change Req-Sent --> Ack-Rcvd
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Configure Ack #1 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; state change Req-Sent --> Ack-Rcvd
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Request #7 &#40;Ack-Rcvd&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; state change Ack-Rcvd --> Req-Sent
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendTerminateAck #2
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; rec'd Configure Request #8 &#40;Ack-Rcvd&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRIDNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 109.197.112.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECDNS 0.0.0.0
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     NAKing with 109.197.113.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; SendConfigNak #8
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRIDNS 109.197.112.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECDNS 109.197.113.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; rec'd Configure Request #9 &#40;Ack-Rcvd&#41;
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;     10.100.1.250 is OK
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRIDNS 109.197.112.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECDNS 109.197.113.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; SendConfigAck #9
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   IPADDR 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   PRIDNS 109.197.112.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   SECDNS 109.197.113.254
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; state change Ack-Rcvd --> Opened
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IPCP&#58; LayerUp
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93;   10.100.1.1 -> 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IFACE&#58; No interface to proxy arp on for 10.100.1.250
Mar 19 11&#58;25&#58;56 NAT_new mpd&#58; &#91;B-2&#93; IFACE&#58; Up event
Mar 19 11&#58;25&#58;57 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Request #10 &#40;Req-Sent&#41;
Mar 19 11&#58;25&#58;57 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendTerminateAck #3
Mar 19 11&#58;25&#58;58 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #4
Mar 19 11&#58;26&#58;00 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #5
Mar 19 11&#58;26&#58;00 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #5 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;02 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #6
Mar 19 11&#58;26&#58;02 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #6 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;04 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #7
Mar 19 11&#58;26&#58;04 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #7 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;06 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #8
Mar 19 11&#58;26&#58;06 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #8 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;08 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #9
Mar 19 11&#58;26&#58;08 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #9 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;10 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #10
Mar 19 11&#58;26&#58;10 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #10 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;12 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #11
Mar 19 11&#58;26&#58;12 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #11 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;14 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #12
Mar 19 11&#58;26&#58;14 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #12 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;16 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; SendConfigReq #13
Mar 19 11&#58;26&#58;16 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; rec'd Terminate Ack #13 &#40;Req-Sent&#41;
Mar 19 11&#58;26&#58;18 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; parameter negotiation failed
Mar 19 11&#58;26&#58;18 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; state change Req-Sent --> Stopped
Mar 19 11&#58;26&#58;18 NAT_new mpd&#58; &#91;B-2&#93; CCP&#58; LayerFinish

Далее маршрутизатор Zyxel Keenetic Giga

Код: Выделить всё

Mar 19 11:51:40 NAT_new mpd: Incoming L2TP packet from 172.28.28.6 1701
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; L2TP&#58; Control connection 0x802be7610 172.28.200.12 1701 <-> 172.28.28.6 1701 accepted
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; L2TP&#58; Control connection 0x802be7610 172.28.200.12 1701 <-> 172.28.28.6 1701 connected
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; L2TP&#58; Incoming call #1 via connection 0x802be7610 received
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; L2TP&#58; Incoming call #1 via control connection 0x802be7610 accepted
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; OPEN event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Open event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Initial --> Starting
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; LayerStart
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; device&#58; OPEN event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; L2tpOpen&#40;&#41; on incoming call
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; L2TP&#58; Call #1 connected
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; device&#58; UP event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; UP event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; origination is remote
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Up event
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Starting --> Req-Sent
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #1
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Req-Sent&#41;
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;40 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Req-Sent --> Ack-Sent
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #2
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;42 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;43 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #3
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;44 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #4
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;46 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #5
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;48 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;49 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #6
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;50 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #7
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;52 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #8
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;54 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;55 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #9
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;56 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigReq #10
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   ACFCOMP
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   PROTOCOMP
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1500
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM c590c9f2
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   AUTHPROTO CHAP MSOFTv2
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MP MRRU 2048
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MP SHORTSEQ
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   ENDPOINTDISC &#91;802.1&#93; 00 1b 21 67 81 88
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; rec'd Configure Request #1 &#40;Ack-Sent&#41;
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; SendConfigAck #1
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MRU 1400
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   ACCMAP 0x00000000
Mar 19 11&#58;51&#58;58 NAT_new mpd&#58; &#91;L-2&#93;   MAGICNUM de11dff1
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; parameter negotiation failed
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Ack-Sent --> Stopped
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; LayerFinish
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; device&#58; CLOSE event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; L2TP&#58; Call #1 terminated locally
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; device&#58; DOWN event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; DOWN event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Close event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Stopped --> Closed
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; Down event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; LCP&#58; state change Closed --> Initial
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; SHUTDOWN event
Mar 19 11&#58;52&#58;00 NAT_new mpd&#58; &#91;L-2&#93; Link&#58; Shutdown

P.S. Ключевое LCP: parameter negotiation failed буду дальше экспериментировать. Измененый конфиг mpd выложу позже.

[ZeM]

И так имеею стабильный конект с маршрутизатора но инета пока нет.
В качестве ната pf

Код: Выделить всё

pfctl -sn
No ALTQ support in kernel
ALTQ related functions disabled
nat on igb0 inet from <CLIENTS_POOL> to any -> X.X.X.X

[ZeM]

Починил и инет надо провести кучу экспериментов еще

Код: Выделить всё

Mar 19 12:43:13 NAT_new mpd: [L-2] LCP: state change Ack-Sent --> Opened
Mar 19 12:43:13 NAT_new mpd: [L-2] LCP: auth: peer wants nothing, I want CHAP
Mar 19 12:43:13 NAT_new mpd: [L-2] CHAP: sending CHALLENGE #1 len: 31
Mar 19 12:43:13 NAT_new mpd: [L-2] LCP: LayerUp
Mar 19 12:43:13 NAT_new mpd: [L-2] CHAP: rec'd RESPONSE #1 len: 25
Mar 19 12:43:13 NAT_new mpd: [L-2]   Name: "camm"
Mar 19 12:43:13 NAT_new mpd: [L-2] AUTH: Trying RADIUS
Mar 19 12:43:13 NAT_new mpd: [L-2] RADIUS: Authenticating user 'camm'
Mar 19 12:43:13 NAT_new mpd: [L-2] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'camm'
Mar 19 12:43:13 NAT_new mpd: [L-2] AUTH: RADIUS returned: authenticated
Mar 19 12:43:13 NAT_new mpd: [L-2] CHAP: Auth return status: authenticated
Mar 19 12:43:13 NAT_new mpd: [L-2] CHAP: Reply message: Welcome
Mar 19 12:43:13 NAT_new mpd: [L-2] CHAP: sending SUCCESS #1 len: 11
Mar 19 12:43:13 NAT_new mpd: [L-2] LCP: authorization successful
Mar 19 12:43:13 NAT_new mpd: [L-2] Link: Matched action 'bundle "B" ""'
Mar 19 12:43:13 NAT_new mpd: [L-2] Creating new bundle using template "B".
Mar 19 12:43:13 NAT_new mpd: [B-2] Bundle: Interface ng0 created
Mar 19 12:43:13 NAT_new mpd: [L-2] Link: Join bundle "B-2"
Mar 19 12:43:13 NAT_new mpd: [B-2] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: Open event
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: state change Initial --> Starting
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: LayerStart
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: Up event
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: state change Starting --> Req-Sent
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: SendConfigReq #1
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 10.100.1.1
Mar 19 12:43:13 NAT_new mpd: [L-2] RADIUS: Accounting user 'camm' (Type: 1)
Mar 19 12:43:13 NAT_new mpd: [L-2] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'camm'
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: rec'd Configure Request #1 (Req-Sent)
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 0.0.0.0
Mar 19 12:43:13 NAT_new mpd: [B-2]     NAKing with 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2]   PRIDNS 0.0.0.0
Mar 19 12:43:13 NAT_new mpd: [B-2]     NAKing with X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2]   SECDNS 0.0.0.0
Mar 19 12:43:13 NAT_new mpd: [B-2]     NAKing with X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: SendConfigNak #1
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2]   PRIDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2]   SECDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: rec'd Configure Ack #1 (Req-Sent)
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 10.100.1.1
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: state change Req-Sent --> Ack-Rcvd
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: rec'd Configure Request #2 (Ack-Rcvd)
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2]     10.100.1.250 is OK
Mar 19 12:43:13 NAT_new mpd: [B-2]   PRIDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2]   SECDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: SendConfigAck #2
Mar 19 12:43:13 NAT_new mpd: [B-2]   IPADDR 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2]   PRIDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2]   SECDNS X.X.X.X
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: state change Ack-Rcvd --> Opened
Mar 19 12:43:13 NAT_new mpd: [B-2] IPCP: LayerUp
Mar 19 12:43:13 NAT_new mpd: [B-2]   10.100.1.1 -> 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2] IFACE: No interface to proxy arp on for 10.100.1.250
Mar 19 12:43:13 NAT_new mpd: [B-2] IFACE: Up event

P.S. Проработал инет но не долго при этом

Код: Выделить всё

ng0&#58; flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1460
        inet 10.100.1.1 --> 10.100.1.250 netmask 0xffffffff
        inet6 fe80&#58;&#58;21b&#58;21ff&#58;fe67&#58;8188%ng0 prefixlen 64 scopeid 0xd
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

[ZeM]

Самое интресное идем на speedtest.net интрерфейс ng0 висит а инет пропадает
в логах в это время

Код: Выделить всё

Mar 19 13:05:26 NAT_new mpd: [B-2] IPCP: rec'd Configure Ack #1 (Req-Sent)
Mar 19 13:05:26 NAT_new mpd: [B-2]   IPADDR 10.100.1.1
Mar 19 13:05:26 NAT_new mpd: [B-2] IPCP: state change Req-Sent --> Ack-Rcvd
Mar 19 13:05:26 NAT_new mpd: [L-2] LCP: rec'd Protocol Reject #2 (Opened)
Mar 19 13:05:26 NAT_new mpd: [L-2] LCP: protocol CCP was rejected
Mar 19 13:05:26 NAT_new mpd: [B-2] CCP: protocol was rejected by peer
Mar 19 13:05:26 NAT_new mpd: [B-2] CCP: state change Req-Sent --> Stopped
Mar 19 13:05:26 NAT_new mpd: [B-2] CCP: LayerFinish

tcpdump

Код: Выделить всё

NAT_new# tcpdump -i igb1 -nn -tttt port 1701
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on igb1, link-type EN10MB (Ethernet), capture size 65535 bytes
2013-03-19 15:00:41.953636 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=0,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:41.953763 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=2,Nr=1 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:44.954363 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=1,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:44.954498 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=3,Nr=2 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:47.955340 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=2,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:47.955470 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=4,Nr=3 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:48.934579 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=5,Nr=3 {LCP, Conf-Request (0x01), id 2, length 36}
2013-03-19 15:00:50.956335 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=3,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:50.956460 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=6,Nr=4 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:53.957429 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=4,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:53.957557 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=7,Nr=5 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:56.958402 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=5,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:56.958530 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=8,Nr=6 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:00:58.935581 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=9,Nr=6 {LCP, Conf-Request (0x01), id 3, length 36}
2013-03-19 15:00:59.959266 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=6,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:00:59.959393 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=10,Nr=7 {LCP, Conf-Ack (0x02), id 1, length 22}
^[2013-03-19 15:01:02.960301 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=7,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:01:02.960428 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=11,Nr=8 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:01:05.961340 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](64272/56983)Ns=8,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:01:05.961469 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=12,Nr=9 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:01:08.936577 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](64397/13201)Ns=13,Nr=9 {LCP, Conf-Request (0x01), id 4, length 36}
2013-03-19 15:01:08.972831 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](64272/0)Ns=4,Nr=2 *MSGTYPE(StopCCN) *ASSND_TUN_ID(64397) *RESULT_CODE(1/0 Goodbye!)
2013-03-19 15:01:09.023489 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[TLS](64397/0)Ns=2,Nr=5 ZLB
2013-03-19 15:01:14.301862 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)
2013-03-19 15:01:15.302213 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)
2013-03-19 15:01:16.302374 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)
2013-03-19 15:01:17.303209 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)
2013-03-19 15:01:18.303224 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)
2013-03-19 15:01:19.303249 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(43447) *RECV_WIN_SIZE(4)

[ZeM]

На кинетике ошибка протокола.
Метод проверки подлинности Автоопределение и безопасность данных (MPPE).
На сервере --->

Код: Выделить всё

NAT_new# tcpdump -i igb1 -nn -tttt port 1701
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on igb1, link-type EN10MB (Ethernet), capture size 65535 bytes
2013-03-19 15:05:57.224355 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(19956) *RECV_WIN_SIZE(4)
2013-03-19 15:05:58.224837 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(KEENETIC_GIGA) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(19956) *RECV_WIN_SIZE(4)
2013-03-19 15:05:58.225277 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[TLS](19956/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *HOST_NAME(NAT_new) *VENDOR_NAME(FreeBSD MPD) *BEARER_CAP(AD) *RECV_WIN_SIZE(8) *PROTO_VER(1.0) *FRAMING_CAP(AS) *ASSND_TUN_ID(12289)
2013-03-19 15:05:58.225907 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](12289/0)Ns=1,Nr=1 *MSGTYPE(SCCCN)
2013-03-19 15:05:58.226873 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](12289/0)Ns=2,Nr=1 *MSGTYPE(ICRQ) *ASSND_SESS_ID(51177) *CALL_SER_NUM(1) *BEARER_TYPE()
2013-03-19 15:05:58.227006 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[TLS](19956/51177)Ns=1,Nr=3 *MSGTYPE(ICRP) *ASSND_SESS_ID(15039)
2013-03-19 15:05:58.228446 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](12289/15039)Ns=3,Nr=2 *MSGTYPE(ICCN) *TX_CONN_SPEED(10000000) *FRAMING_TYPE(S) *RX_CONN_SPEED(10000000)
2013-03-19 15:05:58.228701 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=0,Nr=0 {LCP, Conf-Request (0x01), id 1, length 36}
2013-03-19 15:05:58.260989 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[](12289/15039) {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:05:58.261111 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=1,Nr=0 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:05:58.278491 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[TLS](19956/0)Ns=2,Nr=4 ZLB
2013-03-19 15:06:01.261795 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=0,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:01.261920 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=2,Nr=1 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:04.262767 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=1,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:04.262888 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=3,Nr=2 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:07.263753 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=2,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:07.263881 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=4,Nr=3 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:08.229580 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=5,Nr=3 {LCP, Conf-Request (0x01), id 2, length 36}
2013-03-19 15:06:10.264812 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=3,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:10.264935 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=6,Nr=4 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:13.265747 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=4,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:13.265874 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=7,Nr=5 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:16.266721 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=5,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:16.266846 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=8,Nr=6 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:18.230657 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=9,Nr=6 {LCP, Conf-Request (0x01), id 3, length 36}
2013-03-19 15:06:19.267787 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=6,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:19.267917 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=10,Nr=7 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:22.268682 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=7,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:22.268808 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=11,Nr=8 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:25.269697 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[S](12289/15039)Ns=8,Nr=0 {LCP, Conf-Request (0x01), id 1, length 22}
2013-03-19 15:06:25.269823 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=12,Nr=9 {LCP, Conf-Ack (0x02), id 1, length 22}
2013-03-19 15:06:28.231585 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[S](19956/51177)Ns=13,Nr=9 {LCP, Conf-Request (0x01), id 4, length 36}
2013-03-19 15:06:28.277369 IP 172.28.28.6.1701 > 172.28.200.12.1701:  l2tp:[TLS](12289/0)Ns=4,Nr=2 *MSGTYPE(StopCCN) *ASSND_TUN_ID(19956) *RESULT_CODE(1/0 Goodbye!)
2013-03-19 15:06:28.327492 IP 172.28.200.12.1701 > 172.28.28.6.1701:  l2tp:[TLS](19956/0)Ns=2,Nr=5 ZLB

[ZeM]

Вот рабочий конфиг - проверено на том же Zyxel прошивка ветки 2.0

Код: Выделить всё

l2tp_server:
    set ippool add pool1 10.100.1.2 10.100.1.253
    create bundle template B
    set iface enable proxy-arp
    set iface idle 0
    set iface enable tcpmssfix
    #set iface enable netflow-in netflow-out
    set ipcp no vjcomp
    set ipcp ranges 10.100.1.1/24 ippool pool1
    set ipcp dns X.X.X.X X.X.X.X
    #set bundle enable compression
        #set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless
    create link template L l2tp
    set link action bundle B
    set link fsm-timeout 10
    set link max-children 1500
    set link enable multilink
    set link yes acfcomp protocomp
    set link no pap eap chap
    set link enable chap
    set link enable peer-as-calling
    load radius
    set link keep-alive 10 60
    set link mtu 1460
    #set link mru 1480
    set l2tp self X.X.X.X
    set link enable incoming

Жду ваших предложений / комментов. На других моделях потестю позже.

[Wishmaster]

Респект! Круто вы расписали все. )

Завтра попробую ваш конфиг, в наличии несколько роутеров ASUS. По результатам отпишусь.

P.S. Любопытно, сравнил сейчас со своим конфигом, который не работал, ваш отличается только этими строками:

#set bundle enable compression
#set ccp yes mppc
set ipcp no vjcomp

У меня они раскомментированы и vjcomp стоит yes.

Если завтра все заработает, выходит проблема - в сжатии?

[ZeM]

Да вполне. На Asus не знаю как пойдет но на Zyxel Kenetik Giga все стабильно на l2tp, а ранее ни в какую более под рукой ничего не было)).
Где то была темка моя тут про mpd 5 и вланы так вот с этим

Код: Выделить всё

set ipcp no vjcomp

не работало ничего ну и еще пару параметров подкрутил.
А так можем объединить усилия пишите в асю два два девять 154 восемь два семь.

[gravis]

Вопрос, а почему вы решили использовать L2TP?

[ZeM]

Так исторически сложилось еще до меня. Рекомендуете PPPoE?
Многие провайдеры используют l2tp/pptp помимо набирающего моду IPoE...
На этом форуме достаточно людей я думаю которые используют l2tp/pptp.

[gravis]

L2TP существенно выигрывает в безопасности, но проигрывает в использовании системных ресурсов.

У вас же цель пользователя авторизовать. Никакого практического смысла в шифровании его трафика ведь нет.

Если есть межсегментная маршрутизация то PPTP, если нету то PPPoE, а еще лучше вообще не использовать туннели. Как вообще можно в настоящее время построить сеть, отвечающую современным требованиям без использования управляемых коммутаторов? А если они есть, то тем более, выбор туннелей вместо port-security - это не вменяемый выбор.