在这台服务器被墙的那两天里,我尝试了让手机连接备机上的 IPSec L2TP ,但是却发现无论如何连不上。本来以为是网络问题,结果却发现 iPad 可以很轻松地连上。回头一看服务器端的日志,果然发现了一些问题。
相关日志如下:
packet from 123.123.123.123:12345: received Vendor ID payload [RFC 3947] method set to=109
packet from 123.123.123.123:12345: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
packet from 123.123.123.123:12345: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
packet from 123.123.123.123:12345: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
packet from 123.123.123.123:12345: ignoring Vendor ID payload [FRAGMENTATION 80000000]
packet from 123.123.123.123:12345: received Vendor ID payload [Dead Peer Detection]
"L2TP-PSK-NAT"[37] 123.123.123.123 #55: responding to Main Mode from unknown peer 123.123.123.123