none
проблема с SSTP RRS feed

  • Общие обсуждения

  • сервер на 2012 R2. Около 30 клиентов. Совершенно рандомно у какого-нибудь клиента перестаёт подключаться VPN, при этом у других, даже в соседней комнате, всё работает. Думаю, что дело в самом клиенте. Возращается ошибка - сервер не доступен, хотя 443 порт прекрасно виден с клиентского компьютера. Сделал лог wiresharkom:

    No.     Time           Source                Destination           Protocol Length Info
        484 4.697279       192.168.157.125       XXX.XXX.XXX.XXX        TCP      66     50150 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
    
    Frame 484: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
    Ethernet II, Src: IntelCor_86:c1:44 (3c:f8:62:86:c1:44), Dst: IETF-VRRP-VRID_30 (00:00:5e:00:01:30)
    Internet Protocol Version 4, Src: 192.168.157.125, Dst: XXX.XXX.XXX.XXX
    Transmission Control Protocol, Src Port: 50150, Dst Port: 443, Seq: 0, Len: 0
        Source Port: 50150
        Destination Port: 443
        [Stream index: 5]
        [TCP Segment Len: 0]
        Sequence number: 0    (relative sequence number)
        [Next sequence number: 0    (relative sequence number)]
        Acknowledgment number: 0
        1000 .... = Header Length: 32 bytes (8)
        Flags: 0x002 (SYN)
            000. .... .... = Reserved: Not set
            ...0 .... .... = Nonce: Not set
            .... 0... .... = Congestion Window Reduced (CWR): Not set
            .... .0.. .... = ECN-Echo: Not set
            .... ..0. .... = Urgent: Not set
            .... ...0 .... = Acknowledgment: Not set
            .... .... 0... = Push: Not set
            .... .... .0.. = Reset: Not set
            .... .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443]
                    [Connection establish request (SYN): server port 443]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... .... ...0 = Fin: Not set
            [TCP Flags: ··········S·]
        Window size value: 64240
        [Calculated window size: 64240]
        Checksum: 0xc32b [unverified]
        [Checksum Status: Unverified]
        Urgent pointer: 0
        Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
        [Timestamps]
    
    No.     Time           Source                Destination           Protocol Length Info
       1307 7.698394       192.168.157.125       XXX.XXX.XXX.XXX        TCP      66     [TCP Retransmission] 50150 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
    
    Frame 1307: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
    Ethernet II, Src: IntelCor_86:c1:44 (3c:f8:62:86:c1:44), Dst: IETF-VRRP-VRID_30 (00:00:5e:00:01:30)
    Internet Protocol Version 4, Src: 192.168.157.125, Dst: XXX.XXX.XXX.XXX
    Transmission Control Protocol, Src Port: 50150, Dst Port: 443, Seq: 0, Len: 0
        Source Port: 50150
        Destination Port: 443
        [Stream index: 5]
        [TCP Segment Len: 0]
        Sequence number: 0    (relative sequence number)
        [Next sequence number: 0    (relative sequence number)]
        Acknowledgment number: 0
        1000 .... = Header Length: 32 bytes (8)
        Flags: 0x002 (SYN)
            000. .... .... = Reserved: Not set
            ...0 .... .... = Nonce: Not set
            .... 0... .... = Congestion Window Reduced (CWR): Not set
            .... .0.. .... = ECN-Echo: Not set
            .... ..0. .... = Urgent: Not set
            .... ...0 .... = Acknowledgment: Not set
            .... .... 0... = Push: Not set
            .... .... .0.. = Reset: Not set
            .... .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443]
                    [Connection establish request (SYN): server port 443]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... .... ...0 = Fin: Not set
            [TCP Flags: ··········S·]
        Window size value: 64240
        [Calculated window size: 64240]
        Checksum: 0xc32b [unverified]
        [Checksum Status: Unverified]
        Urgent pointer: 0
        Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
        [SEQ/ACK analysis]
            [TCP Analysis Flags]
                [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
                    [This frame is a (suspected) retransmission]
                    [Severity level: Note]
                    [Group: Sequence]
                [The RTO for this segment was: 3.001115000 seconds]
                [RTO based on delta from frame: 484]
        [Timestamps]
    
    No.     Time           Source                Destination           Protocol Length Info
       2718 13.698897      192.168.157.125       XXX.XXX.XXX.XXX        TCP      66     [TCP Retransmission] 50150 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1
    
    Frame 2718: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
    Ethernet II, Src: IntelCor_86:c1:44 (3c:f8:62:86:c1:44), Dst: IETF-VRRP-VRID_30 (00:00:5e:00:01:30)
    Internet Protocol Version 4, Src: 192.168.157.125, Dst: XXX.XXX.XXX.XXX
    Transmission Control Protocol, Src Port: 50150, Dst Port: 443, Seq: 0, Len: 0
        Source Port: 50150
        Destination Port: 443
        [Stream index: 5]
        [TCP Segment Len: 0]
        Sequence number: 0    (relative sequence number)
        [Next sequence number: 0    (relative sequence number)]
        Acknowledgment number: 0
        1000 .... = Header Length: 32 bytes (8)
        Flags: 0x002 (SYN)
            000. .... .... = Reserved: Not set
            ...0 .... .... = Nonce: Not set
            .... 0... .... = Congestion Window Reduced (CWR): Not set
            .... .0.. .... = ECN-Echo: Not set
            .... ..0. .... = Urgent: Not set
            .... ...0 .... = Acknowledgment: Not set
            .... .... 0... = Push: Not set
            .... .... .0.. = Reset: Not set
            .... .... ..1. = Syn: Set
                [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443]
                    [Connection establish request (SYN): server port 443]
                    [Severity level: Chat]
                    [Group: Sequence]
            .... .... ...0 = Fin: Not set
            [TCP Flags: ··········S·]
        Window size value: 64240
        [Calculated window size: 64240]
        Checksum: 0xc32b [unverified]
        [Checksum Status: Unverified]
        Urgent pointer: 0
        Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
        [SEQ/ACK analysis]
            [TCP Analysis Flags]
                [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
                    [This frame is a (suspected) retransmission]
                    [Severity level: Note]
                    [Group: Sequence]
                [The RTO for this segment was: 9.001618000 seconds]
                [RTO based on delta from frame: 484]
        [Timestamps]

    в чём может быть проблема? VPN перезосдавал, winsocket сбрасывал. Точно знаю - переустновка ОС поможет.

    • Изменен тип Anton Sashev Ivanov 2 октября 2018 г. 6:15 Отсутствие активности.
    5 сентября 2018 г. 17:26
    Модератор

Все ответы