상황
1. softether 서버가 설치된 컴터가 있음.
2. 원격지에서 softether 서버 매니저로 서버가 설치된 컴퓨터에 접근 잘됨. 설정도 잘 수정됨
3. 원격지에서 softether 클라 매니저로 vpn 연결 생성 가능
-연결 생성 후 내부망에는 접석 되나 외부망(일반망, naver.com 등) 에는 접근 안됨
4, 원격지에서 윈도 10 자체 vpn 어댑터 생성으로 softether 서버에 접근 안됨
-서버 단에서 보면 로그인 기록에는 접근 시도 한 것으로 나오나 클라 측에서는 실패함.
윈도 클라 연결 실패 한 부분을 찾아서 서버 단 로그를 까 보니
2017-09-18 13:08:18.833 IPsec Client 8 (클라ip:500 -> 서버ip:500): A new IPsec client is created.
2017-09-18 13:08:18.833 IPsec IKE Session (IKE SA) 2 (Client: 8) (클라ip:500 -> 서버ip:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0xC56DA786CD556610, Responder Cookie: 0xC25E4D993D1E43, DH Group: MODP 1024 (Group 2), Hash Algorithm: SHA-1, Cipher Algorithm: 3DES-CBC, Cipher Key Size: 192 bits, Lifetime: 4294967295 Kbytes or 28800 seconds
2017-09-18 13:08:18.854 IPsec Client 8 (클라ip:4500 -> 서버ip:4500): The port number information of this client is updated.
2017-09-18 13:08:18.854 IPsec Client 8 (클라ip:4500 -> 서버ip:4500):
2017-09-18 13:08:18.854 IPsec IKE Session (IKE SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): This IKE SA is established between the server and the client.
2017-09-18 13:08:18.865 IPsec IKE Session (IKE SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): The client initiates a QuickMode negotiation.
2017-09-18 13:08:18.865 IPsec ESP Session (IPsec SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0xD0CB7ACC, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 250000 Kbytes or 3600 seconds
2017-09-18 13:08:18.865 IPsec ESP Session (IPsec SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0x7014E114, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 250000 Kbytes or 3600 seconds
2017-09-18 13:08:18.875 IPsec ESP Session (IPsec SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): This IPsec SA is established between the server and the client.
2017-09-18 13:08:18.875 IPsec Client 8 (클라ip:4500 -> 서버ip:4500): The L2TP Server Module is started.
2017-09-18 13:08:18.896 L2TP PPP Session [클라ip:1701]: A new PPP session (Upper protocol: L2TP) is started. IP Address of PPP Client: 클라ip (Hostname: "서버허브명"), Port Number of PPP Client: 1701, IP Address of PPP Server: 서버ip, Port Number of PPP Server: 1701, Client Software Name: "L2TP VPN Client - Microsoft", IPv4 TCP MSS (Max Segment Size): 1314 bytes
2017-09-18 13:08:18.907 On the TCP Listener (Port 0), a Client (IP address 클라ip, Host name "클라ip", Port number 1701) has connected.
2017-09-18 13:08:18.907 For the client (IP address: 클라ip, host name: "클라ip", port number: 1701), connection "CID-12" has been created.
2017-09-18 13:08:18.907 SSL communication for connection "CID-12" has been started. The encryption algorithm name is "(null)".
2017-09-18 13:08:18.907 [HUB "서버허브명"] The connection "CID-12" (IP address: 클라ip, Host name: 클라ip, Port number: 1701, Client name: "L2TP VPN Client - Microsoft", Version: 4.22, Build: 9634) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "클라 아이디".
2017-09-18 13:08:18.907 [HUB "서버허브명"] Connection "CID-12": Successfully authenticated as user "클라 아이디".
2017-09-18 13:08:18.907 [HUB "서버허브명"] Connection "CID-12": The new session "SID-클라 아이디-[L2TP]-7" has been created. (IP address: 클라ip, Port number: 1701, Physical underlying protocol: "Legacy VPN - L2TP")
2017-09-18 13:08:18.907 [HUB "서버허브명"] Session "SID-클라 아이디-[L2TP]-7": The parameter has been set. Max number of TCP connections: 1, Use of encryption: Yes, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds.
2017-09-18 13:08:18.907 [HUB "서버허브명"] Session "SID-클라 아이디-[L2TP]-7": VPN Client details: (Client product name: "L2TP VPN Client - Microsoft", Client version: 422, Client build number: 9634, Server product name: "SoftEther VPN Server (64 bit)", Server version: 422, Server build number: 9634, Client OS name: "L2TP VPN Client - Microsoft", Client OS version: "-", Client product ID: "-", Client host name: "서버허브명-yslee", Client IP address: "클라ip", Client port number: 1701, Server host name: "서버ip", Server IP address: "서버ip", Server port number: 1701, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "서버허브명", Client unique ID: "95BC5F63B226E13B81C3CA5DBE75495A")
2017-09-18 13:08:18.917 IPsec ESP Session (IPsec SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): This IPsec SA is deleted.
2017-09-18 13:08:18.917 IPsec IKE Session (IKE SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): This IKE SA is deleted.
2017-09-18 13:08:18.917 IPsec ESP Session (IPsec SA) 2 (Client: 8) (클라ip:4500 -> 서버ip:4500): This IPsec SA is deleted.
2017-09-18 13:08:19.022 L2TP PPP Session [클라ip:1701]: A PPP protocol error occurred, or the PPP session has been disconnected.
2017-09-18 13:08:19.273 [HUB "서버허브명"] Session "SID-클라 아이디-[L2TP]-7": The session has been terminated. The statistical information is as follows: Total outgoing data size: 0 bytes, Total incoming data size: 0 bytes.
2017-09-18 13:08:19.304 Connection "CID-12" terminated by the cause "The VPN session has been deleted. It is possible that either the administrator disconnected the session or the connection from the client to the VPN Server has been disconnected." (code 11).
2017-09-18 13:08:19.304 Connection "CID-12" has been terminated.
2017-09-18 13:08:19.304 The connection with the client (IP address 클라ip, Port number 1701) has been disconnected.
2017-09-18 13:08:29.439 IPsec Client 8 (클라ip:4500 -> 서버ip:4500): This IPsec Client is deleted.
라고 나옵니다.
클라를 이용해서 성공한 로그는
2017-09-18 15:35:47.809 The connection "CID-13" (IP address: 클라ip, Host name: 클라ip, Port number: 65471, Client name: "SoftEther VPN Client", Version: 4.22, Build: 9634) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "클라 아이디".
2017-09-18 15:35:47.809 Connection "CID-13": Successfully authenticated as user "클라 아이디".
2017-09-18 15:35:47.819 Connection "CID-13": The new session "SID-클라 아이디-8" has been created. (IP address: 클라ip, Port number: 65471, Physical underlying protocol: "Standard TCP/IP (IPv4)")
2017-09-18 15:35:47.819 Session "SID-클라 아이디-8": The parameter has been set. Max number of TCP connections: 2, Use of encryption: Yes, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds.
2017-09-18 15:35:47.819 Session "SID-클라 아이디-8": VPN Client details: (Client product name: "SoftEther VPN Client", Client version: 422, Client build number: 9634, Server product name: "SoftEther VPN Server (64 bit)", Server version: 422, Server build number: 9634, Client OS name: "Windows 10", Client OS version: "Build 14393, Multiprocessor Free (14393.rs1_release_inmarket.170906-1810)", Client product ID: "--", Client host name: "skinbio", Client IP address: "192.168.1.17", Client port number: 65471, Server host name: "서버ip", Server IP address: "서버ip", Server port number: 서버_포트, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "skinbio", Client unique ID: "BDEEC6B5FE674887646A1B001743B886")
2017-09-18 15:35:51.988 Session "SID-LOCALBRIDGE-1": The DHCP server of host "서버-맥주소" (192.168.0.1) on this session allocated, for host "SID-클라 아이디-8" on another session "클라맥주소", the new IP address 192.168.0.99.
2017-09-18 15:36:06.414 Session "SID-클라 아이디-8": A large volume of broadcast packets has been detected. There are cases where packets are discarded based on the policy. The source MAC address is 클라_맥주소, the source IP address is 192.168.0.99, the destination IP address is 224.0.0.252. The number of broadcast packets is equal to or larger than 40 items per 1 second (note this information is the result of mechanical analysis of part of the packets and could be incorrect).
2017-09-18 15:36:06.414 Session "SID-클라 아이디-8": A large volume of broadcast packets has been detected. There are cases where packets are discarded based on the policy. The source MAC address is 클라6맥, the source IP address is fe80::185:646c:4bde:5c96, the destination IP address is ff02::1:3. The number of broadcast packets is equal to or larger than 40 items per 1 second (note this information is the result of mechanical analysis of part of the packets and could be incorrect).
라고 나옵니다.
정황상, 실패한 로그의 빨간색 부분이 문제가 되는것 같은데, 혹시 도와주실수 있는 부분이 있는지, 아니면 로그 말고 다른 정보가 필요하시다면 어떤게 필요하신지 말씀해 주시면 감사하겠습니다.
º¸¾È ¼³Á¤À» ÀÚµ¿ À¸·Î ÇßÀ»¶§.
CoId={ADB4BD28-FB74-4598-A462-F744E8DA89F8}: [»ç¿ëÀÚ¸í] »ç¿ëÀÚ°¡ ½ÇÆÐÇÑ 11 ¿¬°á·Î Àüȸ¦ °É¾ú½À´Ï´Ù. ½ÇÆÐ ½Ã ¹ÝȯµÈ ¿À·ù ÄÚµå´Â 720ÀÔ´Ï´Ù.
º¸¾È ¼³Á¤À¸·Î ikev ·Î ÇßÀ»¶§
CoId={D6D1BF40-6131-462C-BCCD-F5A94C5A513D}: [»ç¿ëÀÚ¸í] »ç¿ëÀÚ°¡ ½ÇÆÐÇÑ 11 ¿¬°á·Î Àüȸ¦ °É¾ú½À´Ï´Ù. ½ÇÆÐ ½Ã ¹ÝȯµÈ ¿À·ù ÄÚµå´Â 809ÀÔ´Ï´Ù.
º¸¾È ¼³Á¤À» L2TP ·Î ÇßÀ»¶§
CoId={A63E49D8-ACD1-4CBC-99EA-99574318166F}: [»ç¿ëÀÚ¸í] »ç¿ëÀÚ°¡ ½ÇÆÐÇÑ 11 ¿¬°á·Î Àüȸ¦ °É¾ú½À´Ï´Ù. ½ÇÆÐ ½Ã ¹ÝȯµÈ ¿À·ù ÄÚµå´Â 720ÀÔ´Ï´Ù.
Ȥ½Ã ´Ù¸¥ Á¤º¸°¡ ÇÊ¿äÇÏ½Ã´Ù¸é ¾Ë·ÁÁÖ½Ã¸é °¨»çÇÏ°Ú½À´Ï´Ù.
http://windows7themes.net/en-us/fixing-vpn-error-809-and-720-remote-server-is-not-responding-connection-not-established/
ÀÏ´Ü ÇØ´ç ¸µÅ©¿¡ ÀûÇôÀִ´ë·Î º¸¾È ¼³Á¤À» ÀÚµ¿À¸·Î ÇÑ ÀÌÈÄ¿¡ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ½ÇÇàµÈ ¸í·É ÇÁ·ÒÇÁÆ®¿¡¼ netsh int ip reset Ä¿¸Çµå¸¦ ÀÔ·ÂÇÏ°í
ÀçºÎÆà ÀÌÈÄ¿¡ ¿¬°áÀ» ½ÃµµÇغ¸½Ã°í, ±×·¡µµ ¿©ÀüÈ÷ ¹®Á¦°¡ ÀÖ´Ù¸é ´õ ¾Æ·¡ÂÊÀÇ ·¹Áö½ºÆ®¸® Àû¿ëÀ» Çغ¸½Ã¸é µÉ°Å°°½À´Ï´Ù.
±× ¿Ü¿¡µµ Æ÷Æ® °³¹æÀÌ Á¦´ë·Î µÇ¾îÀÖÁö ¾Ê¾Æ¼ »ý±â´Â ¹®Á¦ÀÏ ¼ö ÀÖ´Ù°í ½áÀִµ¥, softether Ŭ¶óÀ̾ðÆ® ¸Å´ÏÀú·Î Á¢¼Ó½Ã¿¡´Â Á¢¼ÓÀÌ ÀÏ´Ü µÇ½Ã´Â°É·Î º¸¾Æ ¾Æ¸¶ ±×·± ¹®Á¦´Â ¾Æ´Ò°Å°°½À´Ï´Ù...
¶Ç´Ù½Ã ±¸±ÛÀÇ ¹Ù´Ù¸¦ Çì¸Þ¾ß °Ú³×¿ä ¤Ð¤Ð
ÀÌ ·Î±× ÆÄÀϵµ ÇÊ¿äÇϽÅÁö¿ä?