0

我已经在这个 VPN 隧道上呆了一个多星期了,Peer not responding当我打开隧道时,我一直在使用。我安装了 Strongswan 并且我还创建了 1 个工作正常并建立连接的隧​​道,然后我添加了第二个,但是每当我打开第二个隧道时,经过 5 次尝试,我得到了Peer not responding. 远程服务器看不到我的任何连接。这是我的 ipsec.conf 文件:

config setup
    charondebug="all"

conn %default
        ikelifetime=24h
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        authby=secret
        mobike=no

conn Foo-to-Bar
        keyexchange=ikev1
        left=196.xxx.xxx.xx #PUBLIC IP of my server
        leftsubnet=196.xxx.xx.xx/32 #PUBLIC IP of my server
        leftid=196.xxx.xx.xx #PUBLIC IP of my server
        leftfirewall=yes
        right=41.xxx.xx.xx #Remote Peer IP
        rightsubnet=41.xxx.xx.xx/32 #Remote Host IP
        rightid=41.xxx.xx.xx
        auto=route
        esp=3des-sha1
        ike=3des-sha1-modp1024
        type=tunnel
        lifetime=24h
        dpdaction=clear
        ike_dhgroup=group2

conn Foo-to-Bar2
        also=Foo-to-Bar
        rightsubnet=xxx.xxx.xx.xx/32 #Another remote host
        esp=3des-sha1

当我这样做时strongswan up Foo-to-Bar,我得到:

strongswan up Foo-to-Bar
initiating Main Mode IKE_SA Foo-to-Bar[2] to xxx.xxx.xx.xx
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)

sending retransmit 1 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)

sending retransmit 2 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 4 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 5 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
giving up after 5 retransmits
establishing IKE_SA failed, peer not responding
establishing connection 'Foo-to-Bar' failed

另外,当我检查我的时候,/var/log/messages我得到了

# localhost charon: 04[NET] sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
# localhost charon: 03[NET] error writing to socket: Network is unreachable

可能是什么原因?我有点困惑,我在同一个文件的上面有一个配置,可以建立连接,而这个没有,远程主机在他们的日志上看不到我的连接尝试。

我会很感激任何帮助。

4

0 回答 0