如何将 android 设备连接到 PPTP VPN
How to connect android Device to PPTP VPN
我已经使用 ubuntu's guide 创建了一个 PPTP VPN 服务器。
现在我有:
我现在的问题是我的 android phone 无法连接到我创建的 pptp。当我尝试输入用户名和密码然后点击连接时,我收到的唯一消息是 Connecting... 但之后是 Unsuccessful.
所以我搜索并发现这个 link for general overview on how to connect to my PPTP VPN. I also came here but I still cant get my phone connected to the VPN. I have exactly followed what ubuntu's guide 在说,我现在不知道该怎么做才能实现我的目标。请提供一些 link 或指导,以便我的 android phone 能够连接到我的 PPTP VPN。
服务器系统日志
Aug 26 14:44:50 jameshwart-System-Product-Name pptpd[31320]: CTRL: Client 192.168.1.27 control connection started
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Starting call (launching pppd, opening GRE)
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: pppd 2.4.5 started by root, uid 0
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Using interface ppp0
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Connect: ppp0 <--> /dev/pts/24
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: <warn> /sys/devices/virtual/net/ppp0: couldn't determine device driver; ignoring...
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: peer from calling number 192.168.1.27 authorized
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Connection terminated.
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Exit.
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: GRE: read(fd=6,buffer=7f2daa2874a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Reaping child PPP[31321]
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Client 192.168.1.27 control connection finished
客户端系统日志
Sent control packet type is 1 'Start-Control-Connection-Request'
Aug 26 14:45:17 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Aug 26 14:45:17 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 21504).
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pppd[10328]: CHAP authentication succeeded
Aug 26 14:45:19 felman-To-be-filled-by-O-E-M pppd[10328]: MPPE 128-bit stateless compression e
options.pptp 文件
###############################################################################
# $Id: options.pptp,v 1.3 2006/03/26 23:11:05 quozl Exp $
#
# Sample PPTP PPP options file /etc/ppp/options.pptp
# Options used by PPP when a connection is made by a PPTP client.
# This file can be referred to by an /etc/ppp/peers file for the tunnel.
# Changes are effective on the next connection. See "man pppd".
#
# You are expected to change this file to suit your system. As
# packaged, it requires PPP 2.4.2 or later from http://ppp.samba.org/
# and the kernel MPPE module available from the CVS repository also on
# http://ppp.samba.org/, which is packaged for DKMS as kernel_ppp_mppe.
###############################################################################
# Lock the port
lock
# Authentication
# We don't need the tunnel server to authenticate itself
noauth
# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate
# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use. Note that MPPE
# requires the use of MSCHAP-V2 during authentication)
# http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# {{{
# Require MPPE 128-bit encryption
#require-mppe-128
# }}}
# http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
mppe required,stateless
# }}}
这么少的信息,有点难猜。这是基于您的 phone 正在连接的假设,但您无法判断这是因为它无法访问互联网或某些其他网络资源。
然而,您的 phone 可能已连接到您的 pptp VPN,但并未通过它路由互联网。您可能需要在您的 ubuntu 服务器上设置代理并指示您的 phone 使用它来访问互联网。
要安装微型代理 运行:
sudo apt-get install tinyproxy
有关如何设置的教程,请参阅 http://www.justinmccandless.com/blog/Set+Up+Tinyproxy+in+Ubuntu
现在 phone 有许多应用程序可以帮助您轻松设置 phone 以使用您刚刚在 vpn 中设置的代理服务器。我使用可以在 Google Play 中找到的 ASProxy。 https://play.google.com/store/apps/details?id=com.Alsu.ASProxy&hl=en
这个解决方案只是一个猜测。如果没有更多关于您想要实现的目标和您所做的事情的信息,我只是猜测并且可能不合时宜。
首先,您需要检查哪一方导致连接失败,客户端还是服务器?您可以使用另一台 PC 而不是 phone 来连接 pptpd 服务器。如果它也失败了,问题可能出在服务器端。您可以在 /var/log/syslog 中找到日志信息。此外,您可能希望使用 debug 选项重新启动 pptpd 服务器以启用详细日志。
根据您的日志,原因如下:
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.
它说你的内核没有 MPPE support.Do 你有 ppp_mppe 作为模块启用或在你的内核中编译?在内核的 .config 文件中,您会看到类似
的内容
CONFIG_PPP_MPPE=m
或
CONFIG_PPP_MPPE=y
谢谢大家,但我通过检查我的 pptpd-options 文件并更改
来解决它
#require-mschap-v2 至 require-mschap-v2
#require-mppe-128 到 require-mppe-128
我也改了,去掉#这样
refuse-pap
refuse-chap
refuse-mschap
newpeople更新:
并确保删除 noauth 选项。在他的情况下,因为它在 require-mppe-128 和 require-mschap-v2 之前,所以它没有任何效果,但如果你仍然不能让它发生,请检查 noauth 并将其删除。
我知道这是一个老问题,可能不适用于这种情况,但我在 android 上找到的一个简单的解决 vpn 连接问题的方法是确保关闭省电模式。我在互联网上到处查看以弄清楚这一点并偶然发现了它。希望它能帮助别人。我使用的是 Betternet,这是一个很棒的 VPN 服务,但无法连接。我关闭省电模式并立即连接。
我已经使用 ubuntu's guide 创建了一个 PPTP VPN 服务器。
现在我有:
我现在的问题是我的 android phone 无法连接到我创建的 pptp。当我尝试输入用户名和密码然后点击连接时,我收到的唯一消息是 Connecting... 但之后是 Unsuccessful.
所以我搜索并发现这个 link for general overview on how to connect to my PPTP VPN. I also came here but I still cant get my phone connected to the VPN. I have exactly followed what ubuntu's guide 在说,我现在不知道该怎么做才能实现我的目标。请提供一些 link 或指导,以便我的 android phone 能够连接到我的 PPTP VPN。
服务器系统日志
Aug 26 14:44:50 jameshwart-System-Product-Name pptpd[31320]: CTRL: Client 192.168.1.27 control connection started
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Starting call (launching pppd, opening GRE)
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: pppd 2.4.5 started by root, uid 0
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Using interface ppp0
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Connect: ppp0 <--> /dev/pts/24
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp0, iface: ppp0): no ifupdown configuration found.
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: <warn> /sys/devices/virtual/net/ppp0: couldn't determine device driver; ignoring...
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: peer from calling number 192.168.1.27 authorized
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Connection terminated.
Aug 26 14:44:51 jameshwart-System-Product-Name NetworkManager[969]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp0, iface: ppp0)
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: Exit.
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: GRE: read(fd=6,buffer=7f2daa2874a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Reaping child PPP[31321]
Aug 26 14:44:51 jameshwart-System-Product-Name pptpd[31320]: CTRL: Client 192.168.1.27 control connection finished
客户端系统日志
Sent control packet type is 1 'Start-Control-Connection-Request'
Aug 26 14:45:17 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Aug 26 14:45:17 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pptp[10347]: nm-pptp-service-10324 log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 21504).
Aug 26 14:45:18 felman-To-be-filled-by-O-E-M pppd[10328]: CHAP authentication succeeded
Aug 26 14:45:19 felman-To-be-filled-by-O-E-M pppd[10328]: MPPE 128-bit stateless compression e
options.pptp 文件
###############################################################################
# $Id: options.pptp,v 1.3 2006/03/26 23:11:05 quozl Exp $
#
# Sample PPTP PPP options file /etc/ppp/options.pptp
# Options used by PPP when a connection is made by a PPTP client.
# This file can be referred to by an /etc/ppp/peers file for the tunnel.
# Changes are effective on the next connection. See "man pppd".
#
# You are expected to change this file to suit your system. As
# packaged, it requires PPP 2.4.2 or later from http://ppp.samba.org/
# and the kernel MPPE module available from the CVS repository also on
# http://ppp.samba.org/, which is packaged for DKMS as kernel_ppp_mppe.
###############################################################################
# Lock the port
lock
# Authentication
# We don't need the tunnel server to authenticate itself
noauth
# We won't do PAP, EAP, CHAP, or MSCHAP, but we will accept MSCHAP-V2
# (you may need to remove these refusals if the server is not using MPPE)
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
# Compression
# Turn off compression protocols we know won't be used
nobsdcomp
nodeflate
# Encryption
# (There have been multiple versions of PPP with encryption support,
# choose with of the following sections you will use. Note that MPPE
# requires the use of MSCHAP-V2 during authentication)
# http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
# ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
# {{{
# Require MPPE 128-bit encryption
#require-mppe-128
# }}}
# http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec
# ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
# {{{
# Require MPPE 128-bit encryption
mppe required,stateless
# }}}
这么少的信息,有点难猜。这是基于您的 phone 正在连接的假设,但您无法判断这是因为它无法访问互联网或某些其他网络资源。
然而,您的 phone 可能已连接到您的 pptp VPN,但并未通过它路由互联网。您可能需要在您的 ubuntu 服务器上设置代理并指示您的 phone 使用它来访问互联网。
要安装微型代理 运行:
sudo apt-get install tinyproxy
有关如何设置的教程,请参阅 http://www.justinmccandless.com/blog/Set+Up+Tinyproxy+in+Ubuntu
现在 phone 有许多应用程序可以帮助您轻松设置 phone 以使用您刚刚在 vpn 中设置的代理服务器。我使用可以在 Google Play 中找到的 ASProxy。 https://play.google.com/store/apps/details?id=com.Alsu.ASProxy&hl=en
这个解决方案只是一个猜测。如果没有更多关于您想要实现的目标和您所做的事情的信息,我只是猜测并且可能不合时宜。
首先,您需要检查哪一方导致连接失败,客户端还是服务器?您可以使用另一台 PC 而不是 phone 来连接 pptpd 服务器。如果它也失败了,问题可能出在服务器端。您可以在 /var/log/syslog 中找到日志信息。此外,您可能希望使用 debug 选项重新启动 pptpd 服务器以启用详细日志。
根据您的日志,原因如下:
Aug 26 14:44:51 jameshwart-System-Product-Name pppd[31321]: MPPE required, but MS-CHAP[v2] nor EAP-TLS auth are performed.
它说你的内核没有 MPPE support.Do 你有 ppp_mppe 作为模块启用或在你的内核中编译?在内核的 .config 文件中,您会看到类似
的内容CONFIG_PPP_MPPE=m
或
CONFIG_PPP_MPPE=y
谢谢大家,但我通过检查我的 pptpd-options 文件并更改
来解决它
#require-mschap-v2 至 require-mschap-v2
#require-mppe-128 到 require-mppe-128
我也改了,去掉#这样
refuse-pap
refuse-chap
refuse-mschap
newpeople更新:
并确保删除 noauth 选项。在他的情况下,因为它在 require-mppe-128 和 require-mschap-v2 之前,所以它没有任何效果,但如果你仍然不能让它发生,请检查 noauth 并将其删除。
我知道这是一个老问题,可能不适用于这种情况,但我在 android 上找到的一个简单的解决 vpn 连接问题的方法是确保关闭省电模式。我在互联网上到处查看以弄清楚这一点并偶然发现了它。希望它能帮助别人。我使用的是 Betternet,这是一个很棒的 VPN 服务,但无法连接。我关闭省电模式并立即连接。