У меня возникли проблемы с использованием Cisco Anyconnect VPN в Windows 7 с моим беспроводным маршрутизатором (Belkin F5D8635-4 v1 Wireless N). Иногда он подключается, но часто нет, пока маршрутизатор не будет сброшен. Беспроводной картой является Realtek RTL8192SE 802.11B/G/N. Вытащил сетевой монитор, и это похоже на то, что происходит, когда он не может подключиться.
125 5 7:48:44 AM 6/2/2013 2.7738830 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Query for vpn.caltech.edu of type Host Addr on class Internet {DNS:2, UDP:1, IPv4:3}
121 6 7:48:44 AM 6/2/2013 2.7750846 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Query for wpad.Belkin of type Host Addr on class Internet {DNS:4, UDP:3, IPv4:3}
141 7 7:48:44 AM 6/2/2013 2.7751546 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Response - Success, 192.41.208.57 {DNS:2, UDP:1, IPv4:3}
196 8 7:48:44 AM 6/2/2013 2.7761219 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Response - Name Error {DNS:4, UDP:3, IPv4:3}
Останавливается на Ошибка имени в ответ на wpad.Белкин DNS запрос. Боюсь, я не знаю достаточно о TCP/IP, чтобы понять, что это значит. Не уверен, что это проблема с моим провайдером (Virgin Broadband). Я попытался переключиться на серверы OpenDNS в маршрутизаторе. Также были аналогичные проблемы с другим маршрутизатором, хотя я не смотрел на пакеты для этого. Нашли людей с похожими проблемами в других местах, но без решений. Есть идеи? Спасибо!
Кстати, журнал маршрутизатора выглядит следующим образом - понимают, что большинство предупреждений о сканировании портов являются поддельными, но им интересно, имеют ли они какое-либо отношение к проблеме разрешения.
Jun 2 05:58:33 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: udhcpd (v0.9.9-pre) started
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: received REQUEST
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: received REQUEST
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2
Jun 2 06:07:28 localhost local0.info udhcpd[1864]: Timed out. Exiting
Jun 2 06:08:17 localhost local0.info udhcpd[8647]: udhcpd (v0.9.9-pre) started
Jun 2 06:13:17 localhost local0.info udhcpd[8647]: Timed out. Exiting
Jun 2 06:13:37 localhost local0.info udhcpd[14800]: udhcpd (v0.9.9-pre) started
Jun 2 06:18:37 localhost local0.info udhcpd[14800]: Timed out. Exiting
Jun 2 06:18:53 localhost local0.info udhcpd[20975]: udhcpd (v0.9.9-pre) started
Jun 2 06:23:53 localhost local0.info udhcpd[20975]: Timed out. Exiting
Jun 2 06:24:12 localhost local0.info udhcpd[27065]: udhcpd (v0.9.9-pre) started
Jun 2 06:29:12 localhost local0.info udhcpd[27065]: Timed out. Exiting
Jun 2 06:29:38 localhost local0.info udhcpd[933]: udhcpd (v0.9.9-pre) started
Jun 2 06:33:00 localhost user.crit syslog: User from 192.168.2.2 login success !
Jun 2 06:34:38 localhost local0.info udhcpd[933]: Timed out. Exiting
Jun 2 06:34:56 localhost local0.info udhcpd[7117]: udhcpd (v0.9.9-pre) started
Jun 2 06:39:56 localhost local0.info udhcpd[7117]: Timed out. Exiting
Jun 2 06:41:07 localhost local0.info udhcpd[14308]: udhcpd (v0.9.9-pre) started
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: received REQUEST
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: sending ACK to 192.168.2.2
Jun 2 06:46:07 localhost local0.info udhcpd[14308]: Timed out. Exiting
Jun 2 06:46:32 localhost local0.info udhcpd[20535]: udhcpd (v0.9.9-pre) started
Jun 2 06:46:45 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 06:51:32 localhost local0.info udhcpd[20535]: Timed out. Exiting
Jun 2 06:52:36 localhost local0.info udhcpd[27617]: udhcpd (v0.9.9-pre) started
Jun 2 06:57:36 localhost local0.info udhcpd[27617]: Timed out. Exiting
Jun 2 06:58:19 localhost local0.info udhcpd[1757]: udhcpd (v0.9.9-pre) started
Jun 2 07:03:19 localhost local0.info udhcpd[1757]: Timed out. Exiting
Jun 2 07:03:35 localhost local0.info udhcpd[7847]: udhcpd (v0.9.9-pre) started
Jun 2 07:08:35 localhost local0.info udhcpd[7847]: Timed out. Exiting
Jun 2 07:09:06 localhost local0.info udhcpd[14284]: udhcpd (v0.9.9-pre) started
Jun 2 07:14:06 localhost local0.info udhcpd[14284]: Timed out. Exiting
Jun 2 07:14:26 localhost local0.info udhcpd[20479]: udhcpd (v0.9.9-pre) started
Jun 2 07:19:26 localhost local0.info udhcpd[20479]: Timed out. Exiting
Jun 2 07:20:25 localhost local0.info udhcpd[27465]: udhcpd (v0.9.9-pre) started
Jun 2 07:25:25 localhost local0.info udhcpd[27465]: Timed out. Exiting
Jun 2 07:25:41 localhost local0.info udhcpd[1148]: udhcpd (v0.9.9-pre) started
Jun 2 07:30:41 localhost local0.info udhcpd[1148]: Timed out. Exiting
Jun 2 07:31:04 localhost local0.info udhcpd[7465]: udhcpd (v0.9.9-pre) started
Jun 2 07:36:04 localhost local0.info udhcpd[7465]: Timed out. Exiting
Jun 2 07:37:38 localhost local0.info udhcpd[15008]: udhcpd (v0.9.9-pre) started
Jun 2 07:42:38 localhost local0.info udhcpd[15008]: Timed out. Exiting
Jun 2 07:44:53 localhost local0.info udhcpd[23354]: udhcpd (v0.9.9-pre) started
Jun 2 07:46:40 localhost user.crit syslog: User from 192.168.2.2 login success !
Jun 2 07:49:53 localhost local0.info udhcpd[23354]: Timed out. Exiting
Jun 2 07:54:55 localhost local0.info udhcpd[2936]: udhcpd (v0.9.9-pre) started
Jun 2 07:59:55 localhost local0.info udhcpd[2936]: Timed out. Exiting
Jun 2 08:04:57 localhost local0.info udhcpd[14605]: udhcpd (v0.9.9-pre) started
Jun 2 08:09:08 localhost user.crit syslog: User from 192.168.2.2 time out
Jun 2 08:09:57 localhost local0.info udhcpd[14605]: Timed out. Exiting
Jun 2 08:12:49 localhost local0.info udhcpd[23749]: udhcpd (v0.9.9-pre) started
Jun 2 08:17:49 localhost local0.info udhcpd[23749]: Timed out. Exiting
Jun 2 08:19:49 localhost local0.info udhcpd[31891]: udhcpd (v0.9.9-pre) started
Jun 2 08:24:49 localhost local0.info udhcpd[31891]: Timed out. Exiting
Jun 2 08:25:01 localhost local0.info udhcpd[5533]: udhcpd (v0.9.9-pre) started
Jun 2 08:30:01 localhost local0.info udhcpd[5533]: Timed out. Exiting
Jun 2 08:35:03 localhost local0.info udhcpd[17262]: udhcpd (v0.9.9-pre) started
Jun 2 08:37:40 localhost user.crit syslog: User from 192.168.2.2 login success !
Firewall log:
Jun 2 03:05:40 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:05:41 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:05:42 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:06:45 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Source port is 33087, and destination port is 61440 which use the UDP protocol.
Jun 2 03:06:46 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 108.160.162.37. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:15:19 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:15:25 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:17:47 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:17:48 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 03:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 03:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 32.58.65.146. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 04:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 208.85.209.17. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 05:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 198.252.206.25. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 05:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 06:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Jun 2 06:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 50.18.252.211. Source port is 33087, and destination port is 61440 which use the TCP protocol.
Jun 2 07:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol
Изменить: для справки, вот успешное соединение. Ошибка имени также происходит там, но, кажется, не имеет значения.
121 3 9:39:59 AM 6/2/2013 2.4943862 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x3506, QUERY (Standard query), Query for wpad.Belkin of type Host Addr on class Internet {DNS:3, UDP:2, IPv4:1}
392 4 9:39:59 AM 6/2/2013 2.4986302 PS-THINKPAD 255.255.255.255 DHCP DHCP:Request, MsgType = INFORM, TransactionID = 0x0EF1238D {DHCP:6, UDP:11, IPv4:1}
196 5 9:39:59 AM 6/2/2013 2.4989521 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x3506, QUERY (Standard query), Response - Name Error {DNS:3, UDP:2, IPv4:1}
134 6 9:39:59 AM 6/2/2013 2.4995933 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:8, IPv6:7}
114 7 9:39:59 AM 6/2/2013 2.5008695 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:10, IPv4:9}
640 8 9:39:59 AM 6/2/2013 2.5035848 192.168.2.1 PS-THINKPAD DHCP DHCP:Reply, MsgType = ACK, TransactionID = 0x0EF1238D {DHCP:6, UDP:11, IPv4:1}
125 9 9:39:59 AM 6/2/2013 2.5363506 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Query for vpn.caltech.edu of type Host Addr on class Internet {DNS:13, UDP:12, IPv4:1}
141 10 9:39:59 AM 6/2/2013 2.5377057 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Response - Success, 192.41.208.57 {DNS:13, UDP:12, IPv4:1}
134 11 9:39:59 AM 6/2/2013 2.5592248 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:14, IPv6:7}
114 12 9:39:59 AM 6/2/2013 2.5619238 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:15, IPv4:9}
134 13 9:39:59 AM 6/2/2013 2.6067949 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:8, IPv6:7}
114 14 9:39:59 AM 6/2/2013 2.6068906 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0xADB2, Standard, Query for wpad of type Host Addr on class Internet {UDP:10, IPv4:9}
134 15 9:39:59 AM 6/2/2013 2.6692384 FE80:0:0:0:318A:6E05:B12F:106 FF02:0:0:0:0:0:1:3 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:14, IPv6:7}
114 16 9:39:59 AM 6/2/2013 2.6693280 PS-THINKPAD 224.0.0.252 LLMNR LLMNR:QueryId = 0x9634, Standard, Query for wpad of type Host Addr on class Internet {UDP:15, IPv4:9}
142 17 9:39:59 AM 6/2/2013 2.8099953 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 18 9:39:59 AM 6/2/2013 2.8722391 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 19 9:40:00 AM 6/2/2013 3.5738980 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 20 9:40:00 AM 6/2/2013 3.6362705 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 21 9:40:01 AM 6/2/2013 4.3382645 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
142 22 9:40:01 AM 6/2/2013 4.4006818 System PS-THINKPAD 192.168.2.255 NbtNs NbtNs:Query Request for WPAD <0x00> Workstation Service {UDP:17, IPv4:16}
125 23 9:40:02 AM 6/2/2013 5.2251198 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x717, QUERY (Standard query), Query for vpn.caltech.edu of type AAAA on class Internet {DNS:19, UDP:18, IPv4:1}
181 24 9:40:02 AM 6/2/2013 5.2447957 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x717, QUERY (Standard query), Response - Success {DNS:19, UDP:18, IPv4:1}
125 25 9:40:02 AM 6/2/2013 5.2469250 PS-THINKPAD 192.168.2.1 DNS DNS:QueryId = 0x831C, QUERY (Standard query), Query for vpn.caltech.edu of type AAAA on class Internet {DNS:21, UDP:20, IPv4:1}
181 26 9:40:02 AM 6/2/2013 5.2485386 192.168.2.1 PS-THINKPAD DNS DNS:QueryId = 0x831C, QUERY (Standard query), Response - Success {DNS:21, UDP:20, IPv4:1}
116 27 9:40:02 AM 6/2/2013 5.3215829 vpnui.exe PS-THINKPAD vpn.caltech.edu TCP TCP:Flags=......S., SrcPort=49200, DstPort=HTTPS(443), PayloadLen=0, Seq=3900950642, Ack=0, Win=8192 ( Negotiating scale factor 0x2 ) = 8192 {TCP:23, IPv4:22}