pfSense ¸¦ ÀÌ¿ëÇؼ­ VPN ¼­¹ö¸¦ ±¸Ãà

DSUN   
   Á¶È¸ 3988   Ãßõ 1    

1.zip (783.9K), Down : 2, 2017-07

 

안녕하세요?

pfSense 를 이용해서 VPN 서버를 구축하고 싶은데요.

아래 링크를 통해서 설정을 했는데 접속이 되지 않네요.

https://doc.pfsense.org/index.php/L2TP/IPsec

공장초기화 상태에서 따라 했는데 접속을 할 수 가 없습니다.


Status/ IPsec/ Overview

에서 확인해 보면


203.225.X.X NAT-T IKEv1 responder 28127 seconds (07:48:47) AES_CBC HMAC_SHA1_96 PRF_HMAC_SHA1  MODP_2048 ESTABLISHED 31 seconds (00:00:31) ago 

되는 거를 보면 접속은 되는거 같은데 어느 단계서 진행이 되지 않는 것 같습니다.

pfSense 에서 L2TP VPN 설정 방법이 잘 설명된 사이트나 방법을 알려 주실 수 있나요??

.
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
¸Þ½ÃÁö·Î º¸¸é Á¤»óÀûÀ¸·Î Á¢¼ÓµÇ¾ú´Âµ¥¿ä?
ÁøÇàÀÌ ¾ÈµÇ´Â ºÎºÐÀÌ ¹«¾ùÀÎÁö¿ä?
DSUN 2017-07
·Î±× ÀÔ´Ï´Ù.

Jul 14 03:18:50  charon  11[IKE] <con1|16> IKE_SA con1[16] state change: CONNECTING => ESTABLISHED 
Jul 14 03:18:50  charon  11[IKE] <con1|16> scheduling reauthentication in 27846s 
Jul 14 03:18:50  charon  11[IKE] <con1|16> maximum IKE_SA lifetime 28386s 
Jul 14 03:18:50  charon  11[IKE] <con1|16> DPD not supported by peer, disabled 
Jul 14 03:18:50  charon  11[ENC] <con1|16> generating ID_PROT response 0 [ ID HASH ] 
Jul 14 03:18:50  charon  11[NET] <con1|16> sending packet: from 121.159.x.x[4500] to 203.225.x.x[45428] (76 bytes) 
Jul 14 03:18:50  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (444 bytes) 
Jul 14 03:18:50  charon  08[ENC] <con1|16> parsed QUICK_MODE request 1 [ HASH SA No ID ID NAT-OA NAT-OA ] 
Jul 14 03:18:50  charon  08[IKE] <con1|16> changing received traffic selectors 172.20.107.154/32|/0[udp/l2f]=== 121.159.x.x/32|/0[udp/l2f] due to NAT 
Jul 14 03:18:50  charon  08[CFG] <con1|16> looking for a child config for 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposing traffic selectors for us: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> 121.159.x.x/32|/0 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposing traffic selectors for other: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> 203.225.x.x/32|/0 
Jul 14 03:18:50  charon  08[CFG] <con1|16> candidate "con1" with prio 1+1 
Jul 14 03:18:50  charon  08[CFG] <con1|16> found matching child config "con1" with prio 2 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting traffic selectors for other: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> config: 203.225.x.x/32|/0, received: 203.225.x.x/32|/0[udp/l2f] => match: 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting traffic selectors for us: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> config: 121.159.x.x/32|/0, received: 121.159.x.x/32|/0[udp/l2f] => match: 121.159.x.x/32|/0[udp/l2f] 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting proposal: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> no acceptable ENCRYPTION_ALGORITHM found 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selecting proposal: 
Jul 14 03:18:50  charon  08[CFG] <con1|16> proposal matches 
Jul 14 03:18:50  charon  08[CFG] <con1|16> received proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:NULL/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[CFG] <con1|16> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[CFG] <con1|16> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ 
Jul 14 03:18:50  charon  08[IKE] <con1|16> received 250000000 lifebytes, configured 0 
Jul 14 03:18:50  charon  08[ENC] <con1|16> generating QUICK_MODE response 1 [ HASH SA No ID ID NAT-OA NAT-OA ] 
Jul 14 03:18:50  charon  08[NET] <con1|16> sending packet: from 121.159.x.x[4500] to 203.225.x.x[45428] (204 bytes) 
Jul 14 03:18:50  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (60 bytes) 
Jul 14 03:18:50  charon  08[ENC] <con1|16> parsed QUICK_MODE request 1 [ HASH ] 
Jul 14 03:18:50  charon  08[CHD] <con1|16> using AES_CBC for encryption 
Jul 14 03:18:50  charon  08[CHD] <con1|16> using HMAC_SHA1_96 for integrity 
Jul 14 03:18:50  charon  08[CHD] <con1|16> adding inbound ESP SA 
Jul 14 03:18:50  charon  08[CHD] <con1|16> SPI 0xc23fd4c7, src 203.225.x.x dst 121.159.x.x 
Jul 14 03:18:50  charon  08[CHD] <con1|16> adding outbound ESP SA 
Jul 14 03:18:50  charon  08[CHD] <con1|16> SPI 0x9307bfee, src 121.159.x.x dst 203.225.x.x 
Jul 14 03:18:50  charon  08[IKE] <con1|16> CHILD_SA con1{9} established with SPIs c23fd4c7_i 9307bfee_o and TS 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:19:26  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (76 bytes) 
Jul 14 03:19:26  charon  08[ENC] <con1|16> parsed INFORMATIONAL_V1 request 3477500816 [ HASH D ] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> received DELETE for ESP CHILD_SA with SPI 9307bfee 
Jul 14 03:19:26  charon  08[IKE] <con1|16> closing CHILD_SA con1{9} with SPIs c23fd4c7_i (792 bytes) 9307bfee_o (0 bytes) and TS 121.159.x.x/32|/0[udp/l2f] === 203.225.x.x/32|/0[udp/l2f] 
Jul 14 03:19:26  charon  08[NET] <con1|16> received packet: from 203.225.x.x[45428] to 121.159.x.x[4500] (92 bytes) 
Jul 14 03:19:26  charon  08[ENC] <con1|16> parsed INFORMATIONAL_V1 request 2348248911 [ HASH D ] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> received DELETE for IKE_SA con1[16] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> deleting IKE_SA con1[16] between 121.159.x.x[121.159.x.x]...203.225.x.x[172.20.107.154] 
Jul 14 03:19:26  charon  08[IKE] <con1|16> IKE_SA con1[16] state change: ESTABLISHED => DELETING 
Jul 14 03:19:26  charon  08[IKE] <con1|16> IKE_SA con1[16] state change: DELETING => DELETING
¼³Á¤³»¿ë ĸÃÄÇؼ­ ¿Ã·ÁÁÖ½Ç ¼ö ÀÖ´ÂÁö¿ä? ¹Î°¨ÇÑ Á¤º¸´Â °¡¸®½Ã°í ¿Ã·ÁºÁÁÖ¼¼¿ä..
     
DSUN 2017-07
1.zip ÆÄÀÏ·Î ¿Ã·È½À´Ï´Ù.
     
DSUN 2017-07
1. lan ip´Â ¾Æ´Õ´Ï´Ù.
2.dynamic À¸·Î º¯°æ Çß½À´Ï´Ù.

¿ª½Ã ¾ÈµË´Ï´Ù ¤Ð¤Ð

ÂÊÁö·Î À̾߱â Çصµ µÉ±î¿ä??


QnA
Á¦¸ñPage 1878/5686
2014-05   4972286   Á¤ÀºÁØ1
2015-12   1508599   ¹é¸Þ°¡
2013-01   6107   µþ±â´ëÀå
2008-05   6107   ±è¿ë¼ö_
2011-12   6107   Á¶¼ºÇöÀÔ´Ï´Ù
2014-10   6107   clover
2020-02   6107   ³Ä¹Ì³Ä¹Ì
2005-08   6107   Á¤»ó¾ï
2015-07   6107   Á¤ÀºÁØ1
2005-04   6107   ±è»ó¼·
2009-09   6107   Â÷Áø
2016-10   6107   »¡°£¸Á¶Ç
2013-03   6107   TeaRoom
2017-12   6106   ¾Æ¸¶µ¥¿ì¾²
2007-07   6106   ¾ç±¹Çü
2011-09   6106   ºÐ´ç±èµ¿¼ö
2006-04   6106   ±èâ¼ö
2012-02   6106   ¹æoÈ¿o¹®
2011-09   6106   ±èÈ¿¼ö
2005-06   6106   ±èÁ¤È£
2013-04   6106   ¹«¾Æ
2012-06   6106   ÄÚ»Ô»ç³É