MAC OS El Capitan - VPN-Cisco-IPSec-shared secret nicht gespeichert werden
Zusammenfassung:
Ich kann anscheinend keine Verbindung zu einem VPN mit Cisco IPSec herstellen, da das freigegebene Geheimnis nach der Eingabe nicht gespeichert wird (es bleibt immer leer).
Detaillierte Erklärung:
Ich habe eine VPN-Verbindung mit Cisco IPSec erstellt und eine erfolgreiche Verbindung hergestellt. Plötzlich (ein paar Stunden später) wurde ich getrennt und bekam den folgenden Fehler, nachdem ich versucht hatte, die Verbindung wieder herzustellen:
" Der VPN-Server hat nicht geantwortet. Überprüfen Sie die Serveradresse und versuchen Sie es wieder verbinden."
Die Adresse war in Ordnung, also habe ich die Protokolle überprüft und festgestellt:
Feb 22 17:59:35 gerry racoon[4401]: couldn't find the pskey by address 204.232.144.166.
Ich überprüfte das geteilte Geheimnis und es war leer; ich tippte es erneut ein, klickte auf OK und öffnete es sofort und bekam wieder ein leeres geteiltes Geheimnis. Ich habe das freigegebene Geheimnis erneut eingegeben und versucht, eine Verbindung herzustellen, und die folgenden Protokolle erhalten:
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetFillColorWithColor: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetStrokeColorWithColor: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCompositeOperation: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetCompositeOperation: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextFillRects: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetCompositeOperation: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextClipToRect: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetShouldSmoothFonts: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetFontSmoothingStyle: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetFontAntialiasingStyle: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetFontSmoothingStyle: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextConcatCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextDrawImages: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextRestoreGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 --- last message repeated 1 time ---
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetShouldSmoothFonts: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetFontSmoothingStyle: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSetFontSmoothingStyle: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 --- last message repeated 1 time ---
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextConcatCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextDrawImages: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextRestoreGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 --- last message repeated 1 time ---
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 --- last message repeated 1 time ---
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetDefaultUserSpaceToDeviceSpaceTransform: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextConcatCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextSaveGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextDrawImages: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextRestoreGState: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Feb 22 18:10:41 --- last message repeated 1 time ---
Feb 22 18:10:41 gerry com.apple.preference.network.remoteservice[4315]: CGContextGetCTM: invalid context 0x0. If you want to see the backtrace, please set CG_CONTEXT_SHOW_BACKTRACE environmental variable.
Ich habe nach Informationen zu diesen Protokollen gesucht, konnte aber nicht herausfinden, ob sie mit dem Problem zusammenhängen.
Ich habe versucht, die VPN-Verbindung zu löschen und erstellen eines neuen (übrigens konnte ich nicht denselben Namen verwenden) und es hat auch nicht funktioniert, also überprüfe ich erneut die Protokolle:
Feb 22 18:16:26 gerry nesessionmanager[951]: Failed to load configuration with ID <__NSConcreteUUID 0x7fedfa504910> A7892601-20D6-4D80-88B7-8D2AA22CF4E1
Feb 22 18:16:26 gerry nesessionmanager[951]: Failed to create a session with type 1 and configuration ID <__NSConcreteUUID 0x7fedfa504910> A7892601-20D6-4D80-88B7-8D2AA22CF4E1
Feb 22 18:16:26 gerry nesessionmanager[951]: Failed to load configuration with ID <__NSConcreteUUID 0x7fedfa407490> A7892601-20D6-4D80-88B7-8D2AA22CF4E1
Feb 22 18:16:26 gerry nesessionmanager[951]: Failed to create a session with type 1 and configuration ID <__NSConcreteUUID 0x7fedfa407490> A7892601-20D6-4D80-88B7-8D2AA22CF4E1
Leider konnte ich auch ohne diese Protokolle nichts machen (das gleiche Protokoll wiederholte sich ungefähr 20 Mal und hörte auf), also löschte ich (wieder) alle meine VPN-Verbindungen, erstellte eine neue (diesmal konnte ich den gleichen Namen wählen) und bekam einen anderen Protokolleintrag:
Feb 22 18:31:49 gerry nehelper[217]: 3C44D371-6954-4001-A2D7-0100446EDA8A.XAUTH: SecKeychainItemCreateFromContent failed: User interaction is not allowed.
Feb 22 18:31:49 gerry nehelper[217]: 3C44D371-6954-4001-A2D7-0100446EDA8A.SS: SecKeychainItemCreateFromContent failed: User interaction is not allowed.
Schließlich habe ich nach dem Schlüsselbundeintrag (im Schlüsselbundzugriff) für mein VPN gesucht die Verbindung aber hat keine gefunden. Ich denke, das könnte das problem sein.
Irgendwelche Ideen was könnte das Problem sein? Ich habe versucht, eine Verbindung zu einem anderen Mac (demselben Betriebssystem, El Capitan) herzustellen, und hatte überhaupt keine Probleme, kann das VPN jedoch nicht auf meinem Mac zum Laufen bringen.
Danke!
Vollständige Protokolle, die nach dem Verbindungsversuch generiert wurden (für den Kontext):
Feb 22 17:59:35 gerry nesessionmanager[951]: NESMLegacySession[VPN (Cisco IPSec):47CF9F0A-25FA-43A3-A675-9B30B55D84C0]: Received a start command from SystemUIServer[292]
Feb 22 17:59:35 gerry nesessionmanager[951]: NESMLegacySession[VPN (Cisco IPSec):47CF9F0A-25FA-43A3-A675-9B30B55D84C0]: status changed to connecting
Feb 22 17:59:35 gerry nesessionmanager[951]: IPSec connecting to server 204.232.144.166
Feb 22 17:59:35 gerry nesessionmanager[951]: IPSec Phase1 starting.
Feb 22 17:59:35 gerry racoon[4401]: accepted connection on vpn control socket.
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: IPSec connecting to server 204.232.144.166
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: Connecting.
Feb 22 17:59:35 gerry racoon[4401]: IPSec Phase 1 started (Initiated by me).
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
Feb 22 17:59:35 gerry racoon[4401]: >>>>> phase change status = Phase 1 started by us
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: none message must be encrypted, status 0x14a1, side 0
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry nesessionmanager[951]: IPSec Controller: IKE FAILED. phase 2, assert 0
Feb 22 17:59:35 gerry nesessionmanager[951]: IPSec Controller: retry IPSec aggressive mode with DH Group 2
Feb 22 17:59:35 gerry nesessionmanager[951]: IPSec Phase1 starting.
Feb 22 17:59:35 gerry racoon[4401]: IPSec connecting to server 204.232.144.166
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: Connecting.
Feb 22 17:59:35 gerry racoon[4401]: IPSec Phase 1 started (Initiated by me).
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
Feb 22 17:59:35 gerry racoon[4401]: >>>>> phase change status = Phase 1 started by us
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: port 62465 expected, but 0
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: try to get pskey by the peer's address.
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: couldn't find the pskey by address 204.232.144.166.
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: couldn't find the pskey for 204.232.144.166.
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: failed to generate SKEYID
Feb 22 17:59:35 --- last message repeated 1 time ---
Feb 22 17:59:35 gerry racoon[4401]: IKE Packet: receive failed. (Initiator, Aggressive-Mode Message 2).
Feb 22 17:59:38 gerry racoon[4401]: IKE Packet: transmit success. (Phase 1 Retransmit).
Feb 22 17:59:38 gerry racoon[4401]: port 37905 expected, but 0
Feb 22 17:59:38 --- last message repeated 1 time ---
Feb 22 17:59:38 gerry racoon[4401]: try to get pskey by the peer's address.
Feb 22 17:59:38 --- last message repeated 1 time ---
Feb 22 17:59:38 gerry racoon[4401]: couldn't find the pskey by address 204.232.144.166.
Feb 22 17:59:38 --- last message repeated 1 time ---
Feb 22 17:59:38 gerry racoon[4401]: couldn't find the pskey for 204.232.144.166.
Feb 22 17:59:38 --- last message repeated 1 time ---
Feb 22 17:59:38 gerry racoon[4401]: failed to generate SKEYID
Feb 22 17:59:38 --- last message repeated 1 time ---
Feb 22 17:59:38 gerry racoon[4401]: IKE Packet: receive failed. (Initiator, Aggressive-Mode Message 2).
Feb 22 17:59:41 gerry racoon[4401]: IKE Packet: transmit success. (Phase 1 Retransmit).
Feb 22 17:59:43 gerry racoon[4401]: port 37905 expected, but 0
Feb 22 17:59:43 --- last message repeated 1 time ---
Feb 22 17:59:43 gerry racoon[4401]: try to get pskey by the peer's address.
Feb 22 17:59:43 --- last message repeated 1 time ---
Feb 22 17:59:43 gerry racoon[4401]: couldn't find the pskey by address 204.232.144.166.
Feb 22 17:59:43 --- last message repeated 1 time ---
Feb 22 17:59:43 gerry racoon[4401]: couldn't find the pskey for 204.232.144.166.
Feb 22 17:59:43 --- last message repeated 1 time ---
Feb 22 17:59:43 gerry racoon[4401]: failed to generate SKEYID
Feb 22 17:59:43 --- last message repeated 1 time ---
Feb 22 17:59:43 gerry racoon[4401]: IKE Packet: receive failed. (Initiator, Aggressive-Mode Message 2).
Feb 22 17:59:45 gerry racoon[4401]: IKE Packet: transmit success. (Phase 1 Retransmit).
Feb 22 17:59:45 gerry nesessionmanager[951]: NESMLegacySession[VPN (Cisco IPSec):47CF9F0A-25FA-43A3-A675-9B30B55D84C0]: status changed to disconnecting
Feb 22 17:59:45 gerry nesessionmanager[951]: IPSec disconnecting from server 204.232.144.166
Feb 22 17:59:45 gerry racoon[4401]: IPSec disconnecting from server 204.232.144.166
Feb 22 17:59:45 --- last message repeated 3 times ---
Feb 22 17:59:45 gerry nesessionmanager[951]: NESMLegacySession[VPN (Cisco IPSec):47CF9F0A-25FA-43A3-A675-9B30B55D84C0]: status changed to disconnected, last stop reason None
Feb 22 17:59:45 gerry racoon[4401]: glob found no matches for path "/var/run/racoon/*.conf"
Feb 22 17:59:46 gerry racoon[4401]: Connecting.
Feb 22 17:59:46 --- last message repeated 1 time ---
Feb 22 17:59:46 gerry racoon[4401]: Unknown Informational exchange received.
3
1 answers
Das Problem war in der Tat mit Apples Schlüsselbund, ich konnte es nicht klären, also entschied ich mich, den Schlüsselbund zurückzusetzen (Schlüsselbundzugriff > Einstellungen > Standardschlüsselbund zurücksetzen) und es funktionierte, der einzige (kleinere) Nachteil war, dass ich alle meine Passwörter erneut hinzufügen musste.
Ich konnte nicht herausfinden, was das problem verursacht in den ersten Platz, also wenn jemand hat eine Idee, was dazu führen könnte, keychain fehlschlagen, bitte teilen!
UPDATE -
Das Problem tritt wieder auf, also denke ich etwas zwischen Schlüsselbund und VPN funktioniert nicht. Die einzige Möglichkeit, es zum Laufen zu bringen, besteht darin, den Schlüsselbund immer wieder neu zu starten... Irgendwelche Vorschläge?
UPDATE 2
Ich habe endlich den Ursprung dieses Problems gefunden: Die neueste Version (5.1.2) von Phusion Passenger nimmt eine Änderung an /Library/Preferences/com vor.Apfel.Sicherheit.plist, was zu Problemen mit dem Schlüsselbund führt.
Die vollständige Problembeschreibung und eine temporäre Lösung finden Sie hier.
1
Author: Gerry,
Warning: date(): Invalid date.timezone value 'Europe/Kyiv', we selected the timezone 'UTC' for now. in /var/www/agent_stack/data/www/techietown.info/template/agent.layouts/content.php on line 61
2017-02-26 04:15:07
Warning: date(): Invalid date.timezone value 'Europe/Kyiv', we selected the timezone 'UTC' for now. in /var/www/agent_stack/data/www/techietown.info/template/agent.layouts/content.php on line 61
2017-02-26 04:15:07