无法确定代理 ARP (PPTP VPN) 的以太网地址
Cannot determine ethernet address for proxy ARP (PPTP VPN)
我已经在 ubuntu 18.04 上安装了 pptpd,我可以使用 android 和 windows 客户端连接到 vpn,但是当服务器具有完全的互联网访问权限时我无法访问互联网。在 pptpd 日志中,我注意到错误“无法确定代理 ARP 的以太网地址”。
我已经更改了 /etc/ppp/options.pptpd 中的 dns,如下所示:
ms-dns 8.8.8.8
ms-dns 8.8.4.4
我还在 /etc/ppp/chap-secrets 中创建了用户,客户端可以毫无问题地连接(但无法访问互联网。)
我还在 /etc/sysctl.conf
中启用了 IP 转发
net.ipv4.ip_forward = 1
并执行这条命令:
sudo sysctl -p
我在 /etc/pptpd.conf 中更改了本地和远程 IP,如下所示:
localip 10.0.0.1
remoteip 10.0.0.100-200
我也试过:
localip 192.168.0.1
remoteip 192.168.0.100-200
我为 IP 伪装配置了防火墙:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
这是 ifconfig 结果:
photon@ubuntu1804:~$ ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 162.223.91.163 netmask 255.255.255.192 broadcast 162.223.91.191
inet6 fe80::250:56ff:fe94:32d0 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:94:32:d0 txqueuelen 1000 (Ethernet)
RX packets 543184 bytes 41817268 (41.8 MB)
RX errors 0 dropped 566 overruns 0 frame 0
TX packets 50407 bytes 6441592 (6.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 122 bytes 10010 (10.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 122 bytes 10010 (10.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
这是 pptpd 状态:
photon@ubuntu1804:~$ sudo systemctl status pptpd
● pptpd.service - PoPToP Point to Point Tunneling Server
Loaded: loaded (/lib/systemd/system/pptpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-05-23 07:31:03 +0430; 20s ago
Docs: man:pptpd(8)
man:pptpctrl(8)
man:pptpd.conf(5)
Main PID: 6466 (pptpd)
Tasks: 3 (limit: 1107)
CGroup: /system.slice/pptpd.service
├─6466 /usr/sbin/pptpd --fg
├─6475 pptpd [5.119.181.36:478E - 0000]
└─6479 /usr/sbin/pppd local file /etc/ppp/pptpd-options 115200 10.0.0.1:10.0.0.100 ipparam 5.119.181.36 plugin /usr/lib/pptpd/pptpd-logw
May 23 07:31:12 ubuntu1804 pptpd[6475]: CTRL: Starting call (launching pppd, opening GRE)
May 23 07:31:12 ubuntu1804 pppd[6479]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
May 23 07:31:12 ubuntu1804 pppd[6479]: pppd 2.4.7 started by root, uid 0
May 23 07:31:12 ubuntu1804 pppd[6479]: Using interface ppp0
May 23 07:31:12 ubuntu1804 pppd[6479]: Connect: ppp0 <--> /dev/pts/1
May 23 07:31:13 ubuntu1804 pppd[6479]: peer from calling number 5.119.181.36 authorized
May 23 07:31:13 ubuntu1804 pppd[6479]: MPPE 128-bit stateless compression enabled
May 23 07:31:14 ubuntu1804 pppd[6479]: Cannot determine ethernet address for proxy ARP
May 23 07:31:14 ubuntu1804 pppd[6479]: local IP address 10.0.0.1
May 23 07:31:14 ubuntu1804 pppd[6479]: remote IP address 10.0.0.100
在尝试了很多解决方案后,我终于找到了答案。我的以太网接口称为 ens160,所以对于 IP 伪装我应该使用这个:
sudo iptables -t nat -A POSTROUTING -o ens160 -j MASQUERADE
我已经在 ubuntu 18.04 上安装了 pptpd,我可以使用 android 和 windows 客户端连接到 vpn,但是当服务器具有完全的互联网访问权限时我无法访问互联网。在 pptpd 日志中,我注意到错误“无法确定代理 ARP 的以太网地址”。
我已经更改了 /etc/ppp/options.pptpd 中的 dns,如下所示:
ms-dns 8.8.8.8
ms-dns 8.8.4.4
我还在 /etc/ppp/chap-secrets 中创建了用户,客户端可以毫无问题地连接(但无法访问互联网。)
我还在 /etc/sysctl.conf
中启用了 IP 转发net.ipv4.ip_forward = 1
并执行这条命令:
sudo sysctl -p
我在 /etc/pptpd.conf 中更改了本地和远程 IP,如下所示:
localip 10.0.0.1
remoteip 10.0.0.100-200
我也试过:
localip 192.168.0.1
remoteip 192.168.0.100-200
我为 IP 伪装配置了防火墙:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
这是 ifconfig 结果:
photon@ubuntu1804:~$ ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 162.223.91.163 netmask 255.255.255.192 broadcast 162.223.91.191
inet6 fe80::250:56ff:fe94:32d0 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:94:32:d0 txqueuelen 1000 (Ethernet)
RX packets 543184 bytes 41817268 (41.8 MB)
RX errors 0 dropped 566 overruns 0 frame 0
TX packets 50407 bytes 6441592 (6.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 122 bytes 10010 (10.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 122 bytes 10010 (10.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
这是 pptpd 状态:
photon@ubuntu1804:~$ sudo systemctl status pptpd
● pptpd.service - PoPToP Point to Point Tunneling Server
Loaded: loaded (/lib/systemd/system/pptpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-05-23 07:31:03 +0430; 20s ago
Docs: man:pptpd(8)
man:pptpctrl(8)
man:pptpd.conf(5)
Main PID: 6466 (pptpd)
Tasks: 3 (limit: 1107)
CGroup: /system.slice/pptpd.service
├─6466 /usr/sbin/pptpd --fg
├─6475 pptpd [5.119.181.36:478E - 0000]
└─6479 /usr/sbin/pppd local file /etc/ppp/pptpd-options 115200 10.0.0.1:10.0.0.100 ipparam 5.119.181.36 plugin /usr/lib/pptpd/pptpd-logw
May 23 07:31:12 ubuntu1804 pptpd[6475]: CTRL: Starting call (launching pppd, opening GRE)
May 23 07:31:12 ubuntu1804 pppd[6479]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
May 23 07:31:12 ubuntu1804 pppd[6479]: pppd 2.4.7 started by root, uid 0
May 23 07:31:12 ubuntu1804 pppd[6479]: Using interface ppp0
May 23 07:31:12 ubuntu1804 pppd[6479]: Connect: ppp0 <--> /dev/pts/1
May 23 07:31:13 ubuntu1804 pppd[6479]: peer from calling number 5.119.181.36 authorized
May 23 07:31:13 ubuntu1804 pppd[6479]: MPPE 128-bit stateless compression enabled
May 23 07:31:14 ubuntu1804 pppd[6479]: Cannot determine ethernet address for proxy ARP
May 23 07:31:14 ubuntu1804 pppd[6479]: local IP address 10.0.0.1
May 23 07:31:14 ubuntu1804 pppd[6479]: remote IP address 10.0.0.100
在尝试了很多解决方案后,我终于找到了答案。我的以太网接口称为 ens160,所以对于 IP 伪装我应该使用这个:
sudo iptables -t nat -A POSTROUTING -o ens160 -j MASQUERADE