pfSense ¸¦ ÀÌ¿ëÇؼ­ VPN ¼­¹ö¸¦ ±¸Ãà

DSUN   
   Á¶È¸ 4037   Ãßõ 1    

1.zip (783.9K), Down : 2, 2017-07

 

안녕하세요?

pfSense 를 이용해서 VPN 서버를 구축하고 싶은데요.

아래 링크를 통해서 설정을 했는데 접속이 되지 않네요.

https://doc.pfsense.org/index.php/L2TP/IPsec

공장초기화 상태에서 따라 했는데 접속을 할 수 가 없습니다.


Status/ IPsec/ Overview

에서 확인해 보면


203.225.X.X NAT-T IKEv1 responder 28127 seconds (07:48:47) AES_CBC HMAC_SHA1_96 PRF_HMAC_SHA1  MODP_2048 ESTABLISHED 31 seconds (00:00:31) ago 

되는 거를 보면 접속은 되는거 같은데 어느 단계서 진행이 되지 않는 것 같습니다.

pfSense 에서 L2TP VPN 설정 방법이 잘 설명된 사이트나 방법을 알려 주실 수 있나요??

.
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¸Þ½ÃÁö·Î º¸¸é Á¤»óÀûÀ¸·Î Á¢¼ÓµÇ¾ú´Âµ¥¿ä?
ÁøÇàÀÌ ¾ÈµÇ´Â ºÎºÐÀÌ ¹«¾ùÀÎÁö¿ä?
DSUN 2017-07
·Î±× ÀÔ´Ï´Ù.

Jul 14 03:18:50  charon  11[IKE] <con1|16> IKE_SA con1[16] state change: CONNECTING => ESTABLISHED 
Jul 14 03:18:50  charon  11[IKE] <con1|16> scheduling reauthentication in 27846s 
Jul 14 03:18:50  charon  11[IKE] <con1|16> maximum IKE_SA lifetime 28386s 
Jul 14 03:18:50  charon  11[IKE] <con1|16> DPD not supported by peer, disabled 
Jul 14 03:18:50  charon  11[ENC] <con1|16> generating ID_PROT response 0 [ ID HASH ] 
Jul 14 03:18:50  charon  11[NET] <con1|16> sending packet: from 121.159.x.x[4500] to 203.225.x.x[45428] (76 bytes) 
Jul 14 03:18:50  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (444 bytes) 
Jul 14 03:18:50  charon  08[ENC] <con1|16> parsed QUICK_MODE request 1 [ HASH SA No ID ID NAT-OA NAT-OA ] 
Jul 14 03:18:50  charon  08[IKE] <con1|16> changing received traffic selectors 172.20.107.154/32|/0[udp/l2f]=== 121.159.x.x/32|/0[udp/l2f] due to NAT 
Jul 14 03:18:50  charon  08[CFG] <con1|16> looking for a child config for 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposing traffic selectors for us: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> 121.159.x.x/32|/0 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposing traffic selectors for other: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> 203.225.x.x/32|/0 
Jul 14 03:18:50  charon  08[CFG] <con1|16> candidate "con1" with prio 1+1 
Jul 14 03:18:50  charon  08[CFG] <con1|16> found matching child config "con1" with prio 2 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting traffic selectors for other: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> config: 203.225.x.x/32|/0, received: 203.225.x.x/32|/0[udp/l2f] => match: 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting traffic selectors for us: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> config: 121.159.x.x/32|/0, received: 121.159.x.x/32|/0[udp/l2f] => match: 121.159.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting proposal: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> no acceptable ENCRYPTION_ALGORITHM found 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting proposal: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposal matches 
Jul 14 03:18:50  charon  08[CFG] <con1|16> received proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:NULL/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[CFG] <con1|16> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[IKE] <con1|16> received 250000000 lifebytes, configured 0 
Jul 14 03:18:50  charon  08[ENC] <con1|16> generating QUICK_MODE response 1 [ HASH SA No ID ID NAT-OA NAT-OA ] 
Jul 14 03:18:50  charon  08[NET] <con1|16> sending packet: from 121.159.x.x[4500] to 203.225.x.x[45428] (204 bytes) 
Jul 14 03:18:50  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (60 bytes) 
Jul 14 03:18:50  charon  08[ENC] <con1|16> parsed QUICK_MODE request 1 [ HASH ] 
Jul 14 03:18:50  charon  08[CHD] <con1|16> using AES_CBC for encryption 
Jul 14 03:18:50  charon  08[CHD] <con1|16> using HMAC_SHA1_96 for integrity 
Jul 14 03:18:50  charon  08[CHD] <con1|16> adding inbound ESP SA 
Jul 14 03:18:50  charon  08[CHD] <con1|16> SPI 0xc23fd4c7, src 203.225.x.x dst 121.159.x.x 
Jul 14 03:18:50  charon  08[CHD] <con1|16> adding outbound ESP SA 
Jul 14 03:18:50  charon  08[CHD] <con1|16> SPI 0x9307bfee, src 121.159.x.x dst 203.225.x.x 
Jul 14 03:18:50  charon  08[IKE] <con1|16> CHILD_SA con1{9} established with SPIs c23fd4c7_i 9307bfee_o and TS 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:19:26  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (76 bytes) 
Jul 14 03:19:26  charon  08[ENC] <con1|16> parsed INFORMATIONAL_V1 request 3477500816 [ HASH D ] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> received DELETE for ESP CHILD_SA with SPI 9307bfee 
Jul 14 03:19:26  charon  08[IKE] <con1|16> closing CHILD_SA con1{9} with SPIs c23fd4c7_i (792 bytes) 9307bfee_o (0 bytes) and TS 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:19:26  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (92 bytes) 
Jul 14 03:19:26  charon  08[ENC] <con1|16> parsed INFORMATIONAL_V1 request 2348248911 [ HASH D ] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> received DELETE for IKE_SA con1[16] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> deleting IKE_SA con1[16] between 121.159.x.x[121.159.x.x]...203.225.x.x[172.20.107.154] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> IKE_SA con1[16] state change: ESTABLISHED => DELETING 
Jul 14 03:19:26  charon  08[IKE] <con1|16> IKE_SA con1[16] state change: DELETING => DELETING
¼³Á¤³»¿ë ĸÃÄÇؼ­ ¿Ã·ÁÁÖ½Ç ¼ö ÀÖ´ÂÁö¿ä? ¹Î°¨ÇÑ Á¤º¸´Â °¡¸®½Ã°í ¿Ã·ÁºÁÁÖ¼¼¿ä..
     
DSUN 2017-07
1.zip ÆÄÀÏ·Î ¿Ã·È½À´Ï´Ù.
     
DSUN 2017-07
1. lan ip´Â ¾Æ´Õ´Ï´Ù.
2.dynamic À¸·Î º¯°æ Çß½À´Ï´Ù.

¿ª½Ã ¾ÈµË´Ï´Ù ¤Ð¤Ð

ÂÊÁö·Î À̾߱â Çصµ µÉ±î¿ä??


QnA
Á¦¸ñPage 1889/5696
2014-05   5029604   Á¤ÀºÁØ1
2015-12   1566168   ¹é¸Þ°¡
2019-03   4105   MPerformance
2021-03   4105   ÄĹÚ
2018-07   4105   ³×ÀÌÃÄ
2015-11   4105   ÀÌÀ±ÁÖ
2017-01   4105   c4066
2016-05   4105   ¹Ú³²±Ô
2018-06   4105   ÂÞÂÞºÀ
2019-03   4105   ³¿ÀÏÇö
2017-02   4105   ÀÌ»óÀ²1
2015-10   4105   ±è°Ç¿ì
2017-02   4105   ÀÓÁø¿í
2019-09   4105   µÎ½½¾Æºü
2014-07   4106   ¼ÛÁøÈ«
2016-09   4106   perls
2016-07   4106   Olorin
2016-03   4106   ÇØÇǹö±×
2014-12   4106   ADUS
2017-01   4106   ·¦¿À
2016-09   4106   ±¸Äí¸£±×
2014-02   4106   ±è¹Î¼º