|
|
本帖最后由 15828493370 于 2010-5-20 10:58 编辑
JUNIPER L2TP VPN建立过程抓包分析
环境1:
源192.168.0.73 目的cdquanma.dyndns.org 结果:能成功建立L2TP VPN
发下是netscreen防火墙日志
红色为建立过程,
=============================================================================
System Event Log (Current system time: Thu, 20 May 2010 09:47:59)
=============================================================================
Date
Time
Module
level
Type
Description
2010-05-20 09:47:35
system
alert
00043
Receive StopCCN_msg, remove l2tp tunnel (222.212.66.239-222.176.208.70), Result code 6 (Requester is being shut down).
2010-05-20 09:47:34
system
notif
00572
PPP on interface L2TP is terminated by receiving Terminate-Request.
2010-05-20 09:47:34
system
notif
00572
PPP LCP on interface L2TP is DOWN.
2010-05-20 09:47:34
system
alert
00045
Receive CDN_msg, remove l2tp call, id = 1, user = zhoubx, assigned ip = 10.10.10.1, Result code 3 (Call disconnected for administrative reasons).
2010-05-20 09:46:08
system
info
00536
l2tp(222.212.66.239/1701->222.176.208.70/21613), user authentication passed. IP address 10.10.10.1 assigned to user.
2010-05-20 09:46:08
system
notif
00572
PPP authentication state on interface L2TP: peer authenticated itself successfully.
2010-05-20 09:46:08
system
notif
00572
PPP LCP on interface L2TP is UP.
2010-05-20 09:46:08
system
info
00536
L2TP tunnel l2TP created between 222.212.66.239:1701 and 222.176.208.70:21613.
2010-05-20 09:45:41
system
notif
00767
All logged events or alarms were cleared by admin netscreen
=============================================================================
End of System Event Log
环境2,源192.168.0.73 ,目的221.182.10.166 结是:不能成功建立(已确认防火墙配置正确,
分析原因可能是中间运营商把端口等限制了)
可见,只有发出去的包,没收到服务器返回的包. |
评分
-
1
查看全部评分
-
|
发表于 2010-5-20 10:42:17
发表于 2010-5-20 13:38:38