SAGAK

Подскажите, как вы "отключили у соединения внутренний DNS"?

По факту различных действий помог сброс до заводских настроек.

Добрый день! Подскажите, пожалуйста, создал VPN подключение, L2TP/IPSec, но оно не подключается (хотя если создать аналогичное в винде - всё нормально подключается и работает): Сен 8 09:33:04 ndm IpSec::Netfilter: netfilter configuration reloading is done. Сен 8 09:33:06 ipsec Starting strongSwan 5.9.7 IPsec [starter]... Сен 8 09:33:06 ipsec 00[DMN] Starting IKE charon daemon (strongSwan 5.9.7, Linux 4.9-ndm-5, mips) Сен 8 09:33:06 ipsec 00[LIB] providers loaded by OpenSSL: legacy default Сен 8 09:33:06 ipsec 00[CFG] loading secrets Сен 8 09:33:06 ipsec 00[CFG] loaded 1 RADIUS server configuration Сен 8 09:33:06 ipsec 00[CFG] enabling systime-fix, threshold: Tue Jan 1 00:00:00 2030 Сен 8 09:33:06 ipsec 00[CFG] Сен 8 09:33:06 ipsec 00[CFG] starting system time check, interval: 10s Сен 8 09:33:06 ipsec 00[LIB] loaded plugins: charon random save-keys nonce x509 pubkey pkcs7 pem openssl pkcs8 xcbc cmac hmac ctr attr kernel-netlink resolve socket-default stroke vici updown eap-identity eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-peap xauth-generic xauth-eap error-notify systime-fix unity counters Сен 8 09:33:06 ipsec 00[LIB] dropped capabilities, running as uid 65534, gid 65534 Сен 8 09:33:06 ndm Io::UnixStreamSocket: connected after 1 retries. Сен 8 09:33:06 ipsec 05[CFG] loaded IKE shared key with id 'L2TP2-PSK' for: 'cmap:L2TP2' Сен 8 09:33:06 ipsec 13[CFG] loaded 0 entries for attr plugin configuration Сен 8 09:33:06 ipsec 13[CFG] loaded 1 RADIUS server configuration Сен 8 09:33:06 ipsec 07[CFG] added vici connection: L2TP2 Сен 8 09:33:06 ipsec 07[CFG] initiating 'L2TP2' Сен 8 09:33:06 ipsec 07[IKE] sending DPD vendor ID Сен 8 09:33:06 ipsec 07[IKE] sending FRAGMENTATION vendor ID Сен 8 09:33:06 ipsec 07[IKE] sending NAT-T (RFC 3947) vendor ID Сен 8 09:33:06 ipsec 07[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID Сен 8 09:33:06 ipsec 07[IKE] initiating Main Mode IKE_SA L2TP2[1] to 146.0.79.21 Сен 8 09:33:06 ipsec 09[IKE] received FRAGMENTATION vendor ID Сен 8 09:33:06 ipsec 09[IKE] received DPD vendor ID Сен 8 09:33:06 ipsec 09[IKE] received NAT-T (RFC 3947) vendor ID Сен 8 09:33:06 ipsec 09[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Сен 8 09:33:06 ipsec 09[CFG] configured proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC=128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024 Сен 8 09:33:06 ipsec 09[CFG] selected proposal: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Сен 8 09:33:06 ipsec 14[IKE] found linked key for crypto map 'L2TP2' Сен 8 09:33:07 ipsec 14[IKE] local host is behind NAT, sending keep alives Сен 8 09:33:07 ipsec 14[IKE] remote host is behind NAT Сен 8 09:33:07 ipsec 11[IKE] IKE_SA L2TP2[1] established between 192.168.0.14[192.168.0.14]...146.0.79.21[146.0.79.21] Сен 8 09:33:07 ipsec 11[IKE] scheduling rekeying in 28765s Сен 8 09:33:07 ipsec 11[IKE] maximum IKE_SA lifetime 28785s Сен 8 09:33:07 ipsec 13[CFG] received proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ Сен 8 09:33:07 ipsec 13[CFG] configured proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=128/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:CHACHA20_POLY1305/NO_EXT_SEQ Сен 8 09:33:07 ipsec 13[CFG] selected proposal: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ Сен 8 09:33:07 ipsec 13[IKE] CHILD_SA L2TP2{1} established with SPIs cd0a534b_i 2227ea66_o and TS 192.168.0.14/32[udp/42754] === 146.0.79.21/32[udp/l2tp] Сен 8 09:33:07 ndm IpSec::Configurator: "L2TP2": crypto map is up. И все, на этом больше никаких признаков жизни, в статусе соединения "Идёт подключение". В какую сторону копать? Проблема как в 4.1.7 версии, так и в 4.2 Beta 3.