Народ, помогите настроить подключение L2TP.
Вкратце:
Установил Debian 12.
На роутере с белым IP включил DMZ на ip Debian.
Поднял IKEv2 VPN сервер StrongSwan. Протестировал, всё работает.
Понадобилось добавить возможность подключения по L2TP.
Установил - apt install xl2tpd
Пробовал настраивать по 4м разным инструкциям из сети.
Логи подключения с клиента и сервера
Лог с сервера
авг 02 22:22:11 debian-proxmox xl2tpd[659]: Connection established to 192.168.178.1, 62791. Local: 17689, Remote: 42 (ref=0/0). LNS session is 'default'
авг 02 22:22:11 debian-proxmox xl2tpd[659]: start_pppd: I'm running:
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "/usr/sbin/pppd"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "/dev/pts/2"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "passive"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "nodetach"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "10.10.10.1:10.10.10.200"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "auth"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "name"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "l2tp-vpn"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "file"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: "/etc/ppp/options.xl2tpd"
авг 02 22:22:11 debian-proxmox xl2tpd[659]: Call established with 192.168.178.1, PID: 1656, Local: 54207, Remote: 2366, Serial: 1
авг 02 22:22:11 debian-proxmox pppd[1656]: The remote system is required to authenticate itself
авг 02 22:22:11 debian-proxmox pppd[1656]: but I couldn't find any suitable secret (password) for it to use to do so.
авг 02 22:22:11 debian-proxmox pppd[1656]: (None of the available passwords would let it use an IP address.)
авг 02 22:22:11 debian-proxmox xl2tpd[659]: child_handler : pppd exited for call 2366 with code 1
авг 02 22:22:11 debian-proxmox xl2tpd[659]: call_close: Call 54207 to 192.168.178.1 disconnected
авг 02 22:22:11 debian-proxmox xl2tpd[659]: result_code_avp: result code endianness fix for buggy Apple client. network=768, le=3
авг 02 22:22:11 debian-proxmox xl2tpd[659]: control_finish: Connection closed to 192.168.178.1, serial 1 ()
авг 02 22:22:11 debian-proxmox xl2tpd[659]: Terminating pppd: sending TERM signal to pid 1656
авг 02 22:22:11 debian-proxmox xl2tpd[659]: result_code_avp: result code endianness fix for buggy Apple client. network=256, le=1
авг 02 22:22:11 debian-proxmox xl2tpd[659]: control_finish: Connection closed to 192.168.178.1, port 62791 (), Local: 17689, Remote: 42
авг 02 22:22:11 debian-proxmox xl2tpd[659]: Can not find tunnel 17689 (refhim=0)
авг 02 22:22:11 debian-proxmox xl2tpd[659]: network_thread: unable to find call or tunnel to handle packet. call = 54207, tunnel = 17689 Dumping.
Лог с клиента
Wed Aug 2 22:22:10 2023 : publish_entry SCDSet() failed: Success!
Wed Aug 2 22:22:10 2023 : publish_entry SCDSet() failed: Success!
Wed Aug 2 22:22:10 2023 : l2tp_get_router_address
Wed Aug 2 22:22:10 2023 : l2tp_get_router_address 192.168.178.1 from dict 1
Wed Aug 2 22:22:10 2023 : L2TP connecting to server 'myvpn.ddns.net' (12.34.56.78)...
Wed Aug 2 22:22:10 2023 : IPSec connection started
Wed Aug 2 22:22:10 2023 : IPSec phase 1 client started
Wed Aug 2 22:22:10 2023 : IPSec phase 1 server replied
Wed Aug 2 22:22:11 2023 : IPSec phase 2 started
Wed Aug 2 22:22:11 2023 : IPSec phase 2 established
Wed Aug 2 22:22:11 2023 : IPSec connection established
Wed Aug 2 22:22:11 2023 : L2TP sent SCCRQ
Wed Aug 2 22:22:11 2023 : L2TP received SCCRP
Wed Aug 2 22:22:11 2023 : L2TP sent SCCCN
Wed Aug 2 22:22:11 2023 : L2TP sent ICRQ
Wed Aug 2 22:22:11 2023 : L2TP received ICRP
Wed Aug 2 22:22:11 2023 : L2TP sent ICCN
Wed Aug 2 22:22:11 2023 : L2TP connection established.
Wed Aug 2 22:22:11 2023 : L2TP set port-mapping for en0, interface: 6, protocol: 0, privatePort: 0
Wed Aug 2 22:22:11 2023 : using link 0
Wed Aug 2 22:22:11 2023 : Using interface ppp0
Wed Aug 2 22:22:11 2023 : Connect: ppp0 <--> socket[34:18]
Wed Aug 2 22:22:11 2023 : sent [LCP ConfReq id=0x1 ]
Wed Aug 2 22:22:11 2023 : L2TP port-mapping for en0, interfaceIndex: 0, Protocol: None, Private Port: 0, Public Address: 59630878, Public Port: 0, TTL: 0.
Wed Aug 2 22:22:11 2023 : L2TP port-mapping for en0 inconsistent. is Connected: 1, Previous interface: 6, Current interface 0
Wed Aug 2 22:22:11 2023 : L2TP port-mapping for en0 initialized. is Connected: 1, Previous publicAddress: (0), Current publicAddress 59630878
Wed Aug 2 22:22:11 2023 : L2TP port-mapping for en0 fully initialized. Flagging up
Wed Aug 2 22:22:11 2023 : L2TP received CDN
Wed Aug 2 22:22:11 2023 : L2TP hangup
Wed Aug 2 22:22:11 2023 : Connection terminated.
Wed Aug 2 22:22:11 2023 : L2TP clearing port-mapping for en0
Wed Aug 2 22:22:11 2023 : L2TP disconnecting...
Wed Aug 2 22:22:11 2023 : L2TP sent CDN
Wed Aug 2 22:22:11 2023 : L2TP sent StopCCN
Wed Aug 2 22:22:11 2023 : L2TP disconnected
От количества попыток, или от того что с линуксом занимаюсь безгоду неделя (а точнее просто неделю) - в голове каша. Не пойму где косяк.
Вроде понятно, что аутентификация не проходит...
Но в каком файле прописать, в каком формате, и главное что? :D
Буду рад любым наводкам!