• Home
  • Categories
  • WIKI
  • LANGUAGE: en
    • [Others] 在连接VPN使用strongSwan,一直提示“未提供VPN连接所需的密码”
    Product Feedback 534 views · 10 replies ·
    Tofloor
    poster avatar
    swin
    deepin
    2023-07-27 00:29
    Author

    在我链接VPN时,一直提示“未提供VPN连接所需的密码”,但是我已经配置了相关的证书和密码了。这是我的配置截图

    1690360069049.png

    Reply Favorite View the author
    All Replies
    xuqi
    deepin testing team
    2023-07-27 00:44
    #1
    • 感谢反馈的问题~
    • 这个问题我们可能需要远程定位分析一下具体原因,因为测试环境可能没有相关的证书和密码来复现该问题~
    Reply View the author
    swin
    deepin
    2023-07-27 00:48
    #2
    It has been deleted!
    182******43
    deepin
    2023-07-27 21:27
    #3 
    sudo journalctl -u NetworkManager.service -f

    看下日志哈,

    Reply View the author
    swin
    deepin
    2023-07-27 21:38
    #4
    182******43
    sudo journalctl -u NetworkManager.service -f

    看下日志哈,

    root@braveowl-PC:/home/braveowl/Desktop# sudo journalctl -u NetworkManager.service -xe
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4445] device (wlp0s20f3): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] device (wlp0s20f3): Activation: (wifi) connection 'hisunglobal' has security, and secrets exist. No new secrets>
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'ssid' value 'hisunglobal'
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'scan_ssid' value '1'
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'bgscan' value 'simple:30:-70:86400'
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK SAE FT-SAE'
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'auth_alg' value 'OPEN'
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] Config: added 'psk' value ''
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4992] device (wlp0s20f3): supplicant interface state: disconnected -> inactive
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4992] device (p2p-dev-wlp0s20f3): supplicant management interface state: disconnected -> inactive
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5057] device (wlp0s20f3): supplicant interface state: inactive -> authenticating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5057] device (p2p-dev-wlp0s20f3): supplicant management interface state: inactive -> authenticating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5375] device (wlp0s20f3): supplicant interface state: authenticating -> associating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5375] device (p2p-dev-wlp0s20f3): supplicant management interface state: authenticating -> associating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5565] device (wlp0s20f3): supplicant interface state: associating -> associated
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5565] device (p2p-dev-wlp0s20f3): supplicant management interface state: associating -> associated
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5786] device (wlp0s20f3): supplicant interface state: associated -> 4way_handshake
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5786] device (p2p-dev-wlp0s20f3): supplicant management interface state: associated -> 4way_handshake
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6360] device (wlp0s20f3): supplicant interface state: 4way_handshake -> completed
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6360] device (wlp0s20f3): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network>
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6360] device (p2p-dev-wlp0s20f3): supplicant management interface state: 4way_handshake -> completed
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6361] device (wlp0s20f3): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6364] dhcp4 (wlp0s20f3): activation: beginning transaction (timeout in 45 seconds)
    7月 27 13:33:46 braveowl-PC charon-nm[26770]: 08[KNL] fe80::c56f:4539:1646:98a6 appeared on wlp0s20f3
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6450] dhcp4 (wlp0s20f3): state changed new lease, address=192.168.80.224
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6453] policy: set 'hisunglobal' (wlp0s20f3) as default for IPv4 routing and DNS
    7月 27 13:33:46 braveowl-PC charon-nm[26770]: 12[KNL] 192.168.80.224 appeared on wlp0s20f3
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6673] device (wlp0s20f3): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6705] device (wlp0s20f3): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6706] device (wlp0s20f3): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6707] manager: NetworkManager state is now CONNECTED_SITE
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6711] device (wlp0s20f3): Activation: successful, device activated.
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6712] manager: NetworkManager state is now CONNECTED_GLOBAL
    7月 27 13:33:46 braveowl-PC charon-nm[26770]: 07[IKE] installed bypass policy for 192.168.80.0/23
    7月 27 13:33:46 braveowl-PC charon-nm[26770]: 07[IKE] interface change for bypass policy for fe80::/64 (from vethfff496d to wlp0s20f3)
    7月 27 13:33:48 braveowl-PC charon-nm[26770]: 10[KNL] flags changed for fe80::c56f:4539:1646:98a6 on wlp0s20f3
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[DMN] SIGTERM received, shutting down
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[IKE] uninstalling bypass policy for 172.17.0.0/16
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[IKE] uninstalling bypass policy for 172.19.0.0/16
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[IKE] uninstalling bypass policy for ::1/128
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[IKE] uninstalling bypass policy for fe80::/64
    7月 27 13:33:58 braveowl-PC charon-nm[26770]: 00[IKE] uninstalling bypass policy for 192.168.80.0/23

    Reply View the author
    swin
    deepin
    2023-07-27 21:41
    #5
    182******43
    sudo journalctl -u NetworkManager.service -f

    看下日志哈,

    root@braveowl-PC:/home/braveowl/Desktop# nmcli c up yinghua
    错误:连接激活失败:VP N 启动失败
    提示:使用 "journalctl -xe NM_CONNECTION=c429768a-d3f4-465b-a607-192833da97b6 + NM_DEVICE=wlp0s20f3" 来获得更详细的信息。
    root@braveowl-PC:/home/braveowl/Desktop# journalctl -xe NM_CONNECTION=c429768a-d3f4-465b-a607-192833da97b6 + NM_DEVICE=wlp0s20f3
    7月 27 12:09:18 braveowl-PC NetworkManager[1243]: [1690430958.5329] vpn[0x557d29360190,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: starting strongswan
    7月 27 12:09:18 braveowl-PC NetworkManager[1243]: [1690430958.5391] vpn[0x557d29360190,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: failed to connect: 'Loading gateway certific>
    7月 27 12:09:30 braveowl-PC NetworkManager[1243]: [1690430970.3336] vpn[0x557d29360910,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: starting strongswan
    7月 27 12:09:30 braveowl-PC NetworkManager[1243]: [1690430970.3383] vpn[0x557d29360910,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: failed to connect: 'Loading gateway certific>
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.6433] device (wlp0s20f3): state change: activated -> deactivating (reason 'sleeping', sys-iface-state: 'managed')
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.8433] device (wlp0s20f3): state change: deactivating -> disconnected (reason 'sleeping', sys-iface-state: 'managed')
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.8444] dhcp4 (wlp0s20f3): canceled DHCP transaction
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.8444] dhcp4 (wlp0s20f3): activation: beginning transaction (timeout in 45 seconds)
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.8445] dhcp4 (wlp0s20f3): state changed no lease
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.8718] device (wlp0s20f3): set-hw-addr: set MAC address to CA:A5:57:4E:7D:B4 (scanning)
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.9164] device (wlp0s20f3): supplicant interface state: completed -> disconnected
    7月 27 12:09:41 braveowl-PC NetworkManager[1243]: [1690430981.9167] device (wlp0s20f3): state change: disconnected -> unmanaged (reason 'sleeping', sys-iface-state: 'managed')
    7月 27 12:09:42 braveowl-PC NetworkManager[1243]: [1690430982.0520] device (wlp0s20f3): set-hw-addr: reset MAC address to E0:D0:45:60:CA:CF (unmanage)
    7月 27 13:33:43 braveowl-PC NetworkManager[1243]: [1690436023.0838] device (wlp0s20f3): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
    7月 27 13:33:43 braveowl-PC NetworkManager[1243]: [1690436023.1447] device (wlp0s20f3): set-hw-addr: set MAC address to 12:2A:02:46:0F:0B (scanning)
    7月 27 13:33:43 braveowl-PC NetworkManager[1243]: [1690436023.4371] device (wlp0s20f3): supplicant interface state: internal-starting -> disconnected
    7月 27 13:33:43 braveowl-PC NetworkManager[1243]: [1690436023.4380] device (wlp0s20f3): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: '>
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4074] device (wlp0s20f3): Activation: starting connection 'hisunglobal' (1772ed6a-7ad8-434c-9c17-003bf42724a2)
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4074] device (wlp0s20f3): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4418] device (wlp0s20f3): set-hw-addr: reset MAC address to E0:D0:45:60:CA:CF (preserve)
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4435] device (wlp0s20f3): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4436] device (wlp0s20f3): Activation: (wifi) access point 'hisunglobal' has security, but secrets are required.
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4437] device (wlp0s20f3): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4444] device (wlp0s20f3): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4445] device (wlp0s20f3): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4446] device (wlp0s20f3): Activation: (wifi) connection 'hisunglobal' has security, and secrets exist. No new secrets>
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.4992] device (wlp0s20f3): supplicant interface state: disconnected -> inactive
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5057] device (wlp0s20f3): supplicant interface state: inactive -> authenticating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5375] device (wlp0s20f3): supplicant interface state: authenticating -> associating
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5565] device (wlp0s20f3): supplicant interface state: associating -> associated
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.5786] device (wlp0s20f3): supplicant interface state: associated -> 4way_handshake
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6360] device (wlp0s20f3): supplicant interface state: 4way_handshake -> completed
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6360] device (wlp0s20f3): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network>
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6361] device (wlp0s20f3): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6364] dhcp4 (wlp0s20f3): activation: beginning transaction (timeout in 45 seconds)
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6450] dhcp4 (wlp0s20f3): state changed new lease, address=192.168.80.224
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6673] device (wlp0s20f3): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6705] device (wlp0s20f3): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6706] device (wlp0s20f3): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
    7月 27 13:33:46 braveowl-PC NetworkManager[1243]: [1690436026.6711] device (wlp0s20f3): Activation: successful, device activated.
    7月 27 13:38:23 braveowl-PC NetworkManager[1243]: [1690436303.9004] vpn[0x557d29360910,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: starting strongswan
    7月 27 13:38:23 braveowl-PC NetworkManager[1243]: [1690436303.9330] vpn[0x557d29360910,c429768a-d3f4-465b-a607-192833da97b6,"yinghua"]: failed to connect: 'Loading gateway certific>

    Reply View the author
    swin
    deepin
    2023-07-28 00:56
    #6

    image.png

    终于链接上了。非常感谢deepin技术大佬。

    Reply View the author
    comix
    deepin
    2023-07-28 00:57
    #7

    已解决

    Reply View the author
    swin
    deepin
    2023-07-28 01:59
    #8

    问题的关键在于,证书要放到系统指定的路径,

    /etc/ipsec.d/cacerts/ca.cer

    /etc/ipsec.d/certs/client.cer

    /etc/ipsec.d/private/client.key

    Reply View the author
    xuqi
    deepin testing team
    2023-07-28 05:59
    #9
    • 不错~感谢大佬的帮助~~有啥其他问题也可以随时反馈~~~
    Reply View the author
    zccrs
    deepin
    2023-07-28 17:48
    #10
    swin

    问题的关键在于,证书要放到系统指定的路径,

    /etc/ipsec.d/cacerts/ca.cer

    /etc/ipsec.d/certs/client.cer

    /etc/ipsec.d/private/client.key

    感觉可以加一篇wiki说明

    Reply View the author