致命的な信号15が原因でIPSec VPNを介したL2TP接続が失敗する

tag-icon tag-icon debian kde networkmanager l2tp
致命的な信号15が原因でIPSec VPNを介したL2TP接続が失敗する

KDE Plasma 5.14.5とカーネル5.6.0-0.bpo.2-amd64を含むDebian 10 Busterがあります。 IPSecを介してVPN L2TPに接続しようとしています。しかし、接続しようとすると、明らかな理由なくエラーが発生します。致命的なシグナル15が発生したと記載されていますが、他の情報は提供されません。

Aug  3 15:22:53 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: death_handler: Fatal signal 15 received

これについて助けてくれてありがとう。

/var/log/syslog:

Aug  3 15:22:35 ComputerOfLiza NetworkManager[627]: <info>  [1596457355.6103] audit: op="connection-activate" uuid="8313482f-d2cd-4e39-a18c-86b540d6a8e3" name="Work" pid=990 uid=1000 result="success"
Aug  3 15:22:35 ComputerOfLiza NetworkManager[627]: <info>  [1596457355.6209] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: Started the VPN service, PID 1922
Aug  3 15:22:35 ComputerOfLiza NetworkManager[627]: <info>  [1596457355.6283] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: Saw the service appear; activating connectio
n
Aug  3 15:22:35 ComputerOfLiza NetworkManager[627]: <info>  [1596457355.6332] audit: op="statistics" arg="refresh-rate-ms" pid=990 uid=1000 result="success"
Aug  3 15:22:35 ComputerOfLiza nm-l2tp-service[1922]: Check port 1701
Aug  3 15:22:35 ComputerOfLiza nm-l2tp-service[1922]: Can't bind to port 1701
Aug  3 15:22:35 ComputerOfLiza NetworkManager[1941]: Stopping strongSwan IPsec...
Aug  3 15:22:35 ComputerOfLiza charon: 00[DMN] signal of type SIGINT received. Shutting down
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.6.0-0.bpo.2-amd64, x86_64)
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[CFG] expanding file expression '/etc/ipsec.d/*.secrets' failed
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pe
m openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown counters
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[JOB] spawning 16 worker threads
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 08[KNL] interface wlp0s20f3 deactivated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 12[KNL] interface wlp0s20f3 activated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 08[KNL] interface wlp0s20f3 deactivated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 12[KNL] interface wlp0s20f3 activated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 13[KNL] interface wlp0s20f3 deactivated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 06[KNL] interface wlp0s20f3 activated
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 07[KNL] fe80::42e7:d46c:adef:f62f appeared on wlp0s20f3
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 13[KNL] 192.168.1.38 appeared on wlp0s20f3
Aug  3 15:22:35 ComputerOfLiza ipsec[822]: 00[DMN] signal of type SIGINT received. Shutting down
Aug  3 15:22:35 ComputerOfLiza ipsec[796]: charon stopped after 200 ms
Aug  3 15:22:35 ComputerOfLiza ipsec[796]: ipsec starter stopped
Aug  3 15:22:35 ComputerOfLiza systemd[1]: strongswan.service: Succeeded.
Aug  3 15:22:37 ComputerOfLiza NetworkManager[1938]: Starting strongSwan 5.7.2 IPsec [starter]...
Aug  3 15:22:37 ComputerOfLiza NetworkManager[1938]: Loading config setup
Aug  3 15:22:37 ComputerOfLiza NetworkManager[1938]: Loading conn '8313482f-d2cd-4e39-a18c-86b540d6a8e3'
Aug  3 15:22:37 ComputerOfLiza NetworkManager[1938]: found netkey IPsec stack
Aug  3 15:22:37 ComputerOfLiza charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.6.0-0.bpo.2-amd64, x86_64)
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8313482f-d2cd-4e39-a18c-86b540d6a8e3.secrets'
Aug  3 15:22:37 ComputerOfLiza charon: 00[CFG]   loaded IKE secret for %any
Aug  3 15:22:37 ComputerOfLiza charon: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown counters
Aug  3 15:22:37 ComputerOfLiza charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Aug  3 15:22:37 ComputerOfLiza charon: 00[JOB] spawning 16 worker threads
Aug  3 15:22:37 ComputerOfLiza charon: 05[CFG] received stroke: add connection '8313482f-d2cd-4e39-a18c-86b540d6a8e3'
Aug  3 15:22:37 ComputerOfLiza charon: 05[CFG] added configuration '8313482f-d2cd-4e39-a18c-86b540d6a8e3'
Aug  3 15:22:38 ComputerOfLiza charon: 09[CFG] rereading secrets
Aug  3 15:22:38 ComputerOfLiza charon: 09[CFG] loading secrets from '/etc/ipsec.secrets'
Aug  3 15:22:38 ComputerOfLiza charon: 09[CFG] expanding file expression '/var/lib/strongswan/ipsec.secrets.inc' failed
Aug  3 15:22:38 ComputerOfLiza charon: 09[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8313482f-d2cd-4e39-a18c-86b540d6a8e3.secrets'
Aug  3 15:22:38 ComputerOfLiza charon: 09[CFG]   loaded IKE secret for %any
Aug  3 15:22:38 ComputerOfLiza charon: 08[CFG] received stroke: initiate '8313482f-d2cd-4e39-a18c-86b540d6a8e3'
Aug  3 15:22:38 ComputerOfLiza charon: 11[IKE] initiating Main Mode IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1] to 77.234.209.75
Aug  3 15:22:38 ComputerOfLiza charon: 11[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Aug  3 15:22:38 ComputerOfLiza charon: 11[NET] sending packet: from 192.168.1.38[500] to 77.234.209.75[500] (176 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 12[NET] received packet: from 77.234.209.75[500] to 192.168.1.38[500] (156 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 12[ENC] parsed ID_PROT response 0 [ SA V V V V ]
Aug  3 15:22:38 ComputerOfLiza charon: 12[IKE] received NAT-T (RFC 3947) vendor ID
Aug  3 15:22:38 ComputerOfLiza charon: 12[IKE] received XAuth vendor ID
Aug  3 15:22:38 ComputerOfLiza charon: 12[IKE] received DPD vendor ID
Aug  3 15:22:38 ComputerOfLiza charon: 12[IKE] received FRAGMENTATION vendor ID
Aug  3 15:22:38 ComputerOfLiza charon: 12[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Aug  3 15:22:38 ComputerOfLiza charon: 12[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Aug  3 15:22:38 ComputerOfLiza charon: 12[NET] sending packet: from 192.168.1.38[500] to 77.234.209.75[500] (244 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 13[NET] received packet: from 77.234.209.75[500] to 192.168.1.38[500] (236 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 13[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Aug  3 15:22:38 ComputerOfLiza charon: 13[IKE] local host is behind NAT, sending keep alives
Aug  3 15:22:38 ComputerOfLiza charon: 13[ENC] generating ID_PROT request 0 [ ID HASH ]
Aug  3 15:22:38 ComputerOfLiza charon: 13[NET] sending packet: from 192.168.1.38[4500] to 77.234.209.75[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 14[NET] received packet: from 77.234.209.75[4500] to 192.168.1.38[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 14[ENC] parsed ID_PROT response 0 [ ID HASH ]
Aug  3 15:22:38 ComputerOfLiza charon: 14[IKE] IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1] established between 192.168.1.38[192.168.1.38]...77.234.209.75[77.234.209.75]
Aug  3 15:22:38 ComputerOfLiza charon: 14[IKE] scheduling reauthentication in 9724s
Aug  3 15:22:38 ComputerOfLiza charon: 14[IKE] maximum IKE_SA lifetime 10264s
Aug  3 15:22:38 ComputerOfLiza charon: 14[ENC] generating QUICK_MODE request 2184681364 [ HASH SA No ID ID NAT-OA NAT-OA ]
Aug  3 15:22:38 ComputerOfLiza charon: 14[NET] sending packet: from 192.168.1.38[4500] to 77.234.209.75[4500] (188 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 15[NET] received packet: from 77.234.209.75[4500] to 192.168.1.38[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza charon: 15[ENC] parsed INFORMATIONAL_V1 request 2541531291 [ HASH N(NO_PROP) ]
Aug  3 15:22:38 ComputerOfLiza charon: 15[IKE] received NO_PROPOSAL_CHOSEN error notify
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: initiating Main Mode IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1] to 77.234.209.75
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: generating ID_PROT request 0 [ SA V V V V V ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: sending packet: from 192.168.1.38[500] to 77.234.209.75[500] (176 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received packet: from 77.234.209.75[500] to 192.168.1.38[500] (156 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: parsed ID_PROT response 0 [ SA V V V V ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received NAT-T (RFC 3947) vendor ID
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received XAuth vendor ID
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received DPD vendor ID
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received FRAGMENTATION vendor ID
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: sending packet: from 192.168.1.38[500] to 77.234.209.75[500] (244 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received packet: from 77.234.209.75[500] to 192.168.1.38[500] (236 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: local host is behind NAT, sending keep alives
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: generating ID_PROT request 0 [ ID HASH ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: sending packet: from 192.168.1.38[4500] to 77.234.209.75[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received packet: from 77.234.209.75[4500] to 192.168.1.38[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: parsed ID_PROT response 0 [ ID HASH ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1] established between 192.168.1.38[192.168.1.38]...77.234.209.75[77.234.209.75]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: scheduling reauthentication in 9724s
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: maximum IKE_SA lifetime 10264s
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: generating QUICK_MODE request 2184681364 [ HASH SA No ID ID NAT-OA NAT-OA ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: sending packet: from 192.168.1.38[4500] to 77.234.209.75[4500] (188 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received packet: from 77.234.209.75[4500] to 192.168.1.38[4500] (68 bytes)
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: parsed INFORMATIONAL_V1 request 2541531291 [ HASH N(NO_PROP) ]
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: received NO_PROPOSAL_CHOSEN error notify
Aug  3 15:22:38 ComputerOfLiza NetworkManager[1991]: establishing connection '8313482f-d2cd-4e39-a18c-86b540d6a8e3' failed
Aug  3 15:22:39 ComputerOfLiza nm-l2tp-service[1922]: xl2tpd started with pid 1997
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Not looking for kernel SAref support.
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Using l2tp kernel support.
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: xl2tpd version xl2tpd-1.3.12 started on ComputerOfLiza PID:1997
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Forked by Scott Balmos and David Stipp, (C) 2001
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Inherited by Jeff McAdams, (C) 2002
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Listening on IP address 0.0.0.0, port 47189
Aug  3 15:22:39 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Connecting to host 77.234.209.75, port 1701
Aug  3 15:22:39 ComputerOfLiza NetworkManager[627]: <info>  [1596457359.0670] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN plugin: state changed: starting (3)
Aug  3 15:22:46 ComputerOfLiza PackageKit: get-updates transaction /205_aeabdccb from uid 1000 finished with success after 736ms
Aug  3 15:22:53 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: death_handler: Fatal signal 15 received
Aug  3 15:22:53 ComputerOfLiza NetworkManager[1997]: xl2tpd[1997]: Connection 0 closed to 77.234.209.75, port 1701 (Server closing)
Aug  3 15:22:53 ComputerOfLiza NetworkManager[627]: <warn>  [1596457373.0812] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN plugin: failed: connect-failed (1)
Aug  3 15:22:53 ComputerOfLiza NetworkManager[627]: <warn>  [1596457373.0813] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN plugin: failed: connect-failed (1)
Aug  3 15:22:53 ComputerOfLiza NetworkManager[627]: <info>  [1596457373.0813] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN plugin: state changed: stopping (5)
Aug  3 15:22:53 ComputerOfLiza NetworkManager[2003]: Stopping strongSwan IPsec...
Aug  3 15:22:53 ComputerOfLiza charon: 00[DMN] signal of type SIGINT received. Shutting down
Aug  3 15:22:53 ComputerOfLiza charon: 00[IKE] deleting IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1] between 192.168.1.38[192.168.1.38]...77.234.209.75[77.234.209.75]
Aug  3 15:22:53 ComputerOfLiza charon: 00[IKE] sending DELETE for IKE_SA 8313482f-d2cd-4e39-a18c-86b540d6a8e3[1]
Aug  3 15:22:53 ComputerOfLiza charon: 00[ENC] generating INFORMATIONAL_V1 request 2766966862 [ HASH D ]
Aug  3 15:22:53 ComputerOfLiza charon: 00[NET] sending packet: from 192.168.1.38[4500] to 77.234.209.75[4500] (84 bytes)
Aug  3 15:22:53 ComputerOfLiza nm-l2tp-service[1922]: ipsec shut down
Aug  3 15:22:53 ComputerOfLiza NetworkManager[627]: <info>  [1596457373.1879] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN plugin: state changed: stopped (6)
Aug  3 15:22:53 ComputerOfLiza NetworkManager[627]: <info>  [1596457373.1906] vpn-connection[0x55c0c1266110,8313482f-d2cd-4e39-a18c-86b540d6a8e3,"Work",0]: VPN service disappeared
Aug  3 15:23:02 ComputerOfLiza NetworkManager[627]: <info>  [1596457382.2593] audit: op="statistics" arg="refresh-rate-ms" pid=990 uid=1000 result="success"

ベストアンサー1

同様の問題が発生しましたが、この投稿を公開した時点で、Merakiは「クライアントVPN OSの設定」の記事に誤った2段階の値を投稿しました。 MerakiサポートチームのGene Y.の助けと努力により、私たちは正しい2段階アルゴリズム値を得ることができました。

aes128-sha1、3des-sha1!

構成項目の誤った行は、ステップ1から2に値をコピー/貼り付けることです。 Merakiはおそらく正しい値を反映するために文書をすぐに更新します。しかし、私のような致命的な信号15エラーが発生した他の人がこの投稿を見て問題が解決された場合に備えています。

おすすめ記事