web-dev-qa-db-ja.com

VPNが私のルーターと仕事をするのに問題、WPADの問題

Windows 7上のCisco AnyConnect VPNを使用して、ワイヤレスルーター(Belkin F5D8635-4 V1 Wireless N)を使用しています。それは時々接続されますが、ルータがリセットされるまでしばしばしません。ワイヤレスカードはRealtek RTL8192SE 802.11b/g/nです。ネットワークモニタをホイップアウトし、これは接続が失敗したときに起こっているのと思われます。

125 5   7:48:44 AM 6/2/2013 2.7738830       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Query  for vpn.caltech.edu of type Host Addr on class Internet    {DNS:2, UDP:1, IPv4:3}
121 6   7:48:44 AM 6/2/2013 2.7750846       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Query  for wpad.Belkin of type Host Addr on class Internet    {DNS:4, UDP:3, IPv4:3}
141 7   7:48:44 AM 6/2/2013 2.7751546       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0x1D29, QUERY (Standard query), Response - Success, 192.41.208.57     {DNS:2, UDP:1, IPv4:3}
196 8   7:48:44 AM 6/2/2013 2.7761219       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0xB1DF, QUERY (Standard query), Response - Name Error     {DNS:4, UDP:3, IPv4:3}
 _

Wpad.belkin DNSクエリに応答して名前エラーで停止します。これが何を意味するのかを理解するためにTCP/IPについて十分にわからないと思います。 ISP(バージンブロードバンド)に問題があるかどうかわからない。ルータのOpenDnsサーバーに切り替えることを試みました。私はそのパケットを見ることはできませんでしたが、他のルータにも同様の問題がありました。他の場所でも同様の問題を持つ人々の人が見つかりましたが、解決策はありません。何か案は?ありがとう!

BTWルータのログはこのようになります - ポートスキャンアラートのほとんどを実現していますが、解決方法の問題をどうするかどうか疑問に思います。

Jun 2 05:58:33 localhost user.crit syslog: User from 192.168.2.2 time out 
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: udhcpd (v0.9.9-pre) started 
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: received REQUEST 
Jun 2 06:02:28 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2 
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: received REQUEST 
Jun 2 06:02:47 localhost local0.info udhcpd[1864]: sending ACK to 192.168.2.2 
Jun 2 06:07:28 localhost local0.info udhcpd[1864]: Timed out. Exiting 
Jun 2 06:08:17 localhost local0.info udhcpd[8647]: udhcpd (v0.9.9-pre) started 
Jun 2 06:13:17 localhost local0.info udhcpd[8647]: Timed out. Exiting 
Jun 2 06:13:37 localhost local0.info udhcpd[14800]: udhcpd (v0.9.9-pre) started 
Jun 2 06:18:37 localhost local0.info udhcpd[14800]: Timed out. Exiting 
Jun 2 06:18:53 localhost local0.info udhcpd[20975]: udhcpd (v0.9.9-pre) started 
Jun 2 06:23:53 localhost local0.info udhcpd[20975]: Timed out. Exiting 
Jun 2 06:24:12 localhost local0.info udhcpd[27065]: udhcpd (v0.9.9-pre) started 
Jun 2 06:29:12 localhost local0.info udhcpd[27065]: Timed out. Exiting 
Jun 2 06:29:38 localhost local0.info udhcpd[933]: udhcpd (v0.9.9-pre) started 
Jun 2 06:33:00 localhost user.crit syslog: User from 192.168.2.2 login success ! 
Jun 2 06:34:38 localhost local0.info udhcpd[933]: Timed out. Exiting 
Jun 2 06:34:56 localhost local0.info udhcpd[7117]: udhcpd (v0.9.9-pre) started 
Jun 2 06:39:56 localhost local0.info udhcpd[7117]: Timed out. Exiting 
Jun 2 06:41:07 localhost local0.info udhcpd[14308]: udhcpd (v0.9.9-pre) started 
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: received REQUEST 
Jun 2 06:43:14 localhost local0.info udhcpd[14308]: sending ACK to 192.168.2.2 
Jun 2 06:46:07 localhost local0.info udhcpd[14308]: Timed out. Exiting 
Jun 2 06:46:32 localhost local0.info udhcpd[20535]: udhcpd (v0.9.9-pre) started 
Jun 2 06:46:45 localhost user.crit syslog: User from 192.168.2.2 time out 
Jun 2 06:51:32 localhost local0.info udhcpd[20535]: Timed out. Exiting 
Jun 2 06:52:36 localhost local0.info udhcpd[27617]: udhcpd (v0.9.9-pre) started 
Jun 2 06:57:36 localhost local0.info udhcpd[27617]: Timed out. Exiting 
Jun 2 06:58:19 localhost local0.info udhcpd[1757]: udhcpd (v0.9.9-pre) started 
Jun 2 07:03:19 localhost local0.info udhcpd[1757]: Timed out. Exiting 
Jun 2 07:03:35 localhost local0.info udhcpd[7847]: udhcpd (v0.9.9-pre) started 
Jun 2 07:08:35 localhost local0.info udhcpd[7847]: Timed out. Exiting 
Jun 2 07:09:06 localhost local0.info udhcpd[14284]: udhcpd (v0.9.9-pre) started 
Jun 2 07:14:06 localhost local0.info udhcpd[14284]: Timed out. Exiting 
Jun 2 07:14:26 localhost local0.info udhcpd[20479]: udhcpd (v0.9.9-pre) started 
Jun 2 07:19:26 localhost local0.info udhcpd[20479]: Timed out. Exiting 
Jun 2 07:20:25 localhost local0.info udhcpd[27465]: udhcpd (v0.9.9-pre) started 
Jun 2 07:25:25 localhost local0.info udhcpd[27465]: Timed out. Exiting 
Jun 2 07:25:41 localhost local0.info udhcpd[1148]: udhcpd (v0.9.9-pre) started 
Jun 2 07:30:41 localhost local0.info udhcpd[1148]: Timed out. Exiting 
Jun 2 07:31:04 localhost local0.info udhcpd[7465]: udhcpd (v0.9.9-pre) started 
Jun 2 07:36:04 localhost local0.info udhcpd[7465]: Timed out. Exiting 
Jun 2 07:37:38 localhost local0.info udhcpd[15008]: udhcpd (v0.9.9-pre) started 
Jun 2 07:42:38 localhost local0.info udhcpd[15008]: Timed out. Exiting 
Jun 2 07:44:53 localhost local0.info udhcpd[23354]: udhcpd (v0.9.9-pre) started 
Jun 2 07:46:40 localhost user.crit syslog: User from 192.168.2.2 login success ! 
Jun 2 07:49:53 localhost local0.info udhcpd[23354]: Timed out. Exiting 
Jun 2 07:54:55 localhost local0.info udhcpd[2936]: udhcpd (v0.9.9-pre) started 
Jun 2 07:59:55 localhost local0.info udhcpd[2936]: Timed out. Exiting 
Jun 2 08:04:57 localhost local0.info udhcpd[14605]: udhcpd (v0.9.9-pre) started 
Jun 2 08:09:08 localhost user.crit syslog: User from 192.168.2.2 time out 
Jun 2 08:09:57 localhost local0.info udhcpd[14605]: Timed out. Exiting 
Jun 2 08:12:49 localhost local0.info udhcpd[23749]: udhcpd (v0.9.9-pre) started 
Jun 2 08:17:49 localhost local0.info udhcpd[23749]: Timed out. Exiting 
Jun 2 08:19:49 localhost local0.info udhcpd[31891]: udhcpd (v0.9.9-pre) started 
Jun 2 08:24:49 localhost local0.info udhcpd[31891]: Timed out. Exiting 
Jun 2 08:25:01 localhost local0.info udhcpd[5533]: udhcpd (v0.9.9-pre) started 
Jun 2 08:30:01 localhost local0.info udhcpd[5533]: Timed out. Exiting 
Jun 2 08:35:03 localhost local0.info udhcpd[17262]: udhcpd (v0.9.9-pre) started 
Jun 2 08:37:40 localhost user.crit syslog: User from 192.168.2.2 login success ! 

Firewall log:
Jun 2 03:05:40 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:05:41 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:05:42 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:06:45 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Source port is 33087, and destination port is 61440 which use the UDP protocol. 
Jun 2 03:06:46 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 108.160.162.37. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 03:15:19 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 03:15:25 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 03:17:47 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:17:48 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 66.235.142.57. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 03:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 03:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 32.58.65.146. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 04:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 208.85.209.17. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 05:17:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 198.252.206.25. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 05:47:53 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 06:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
Jun 2 06:47:50 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 50.18.252.211. Source port is 33087, and destination port is 61440 which use the TCP protocol. 
Jun 2 07:17:51 localhost user.alert kernel: PORT_SCANNER-ATTACK detected from 194.168.4.100. Use ICMP protocol 
 _

編集:参照のために、ここに接続が成功しました。名前のエラーもそこにも発生しますが、問題はありません。

121 3   9:39:59 AM 6/2/2013 2.4943862       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0x3506, QUERY (Standard query), Query  for wpad.Belkin of type Host Addr on class Internet    {DNS:3, UDP:2, IPv4:1}
392 4   9:39:59 AM 6/2/2013 2.4986302       PS-THINKPAD     255.255.255.255 DHCP    DHCP:Request, MsgType = INFORM, TransactionID = 0x0EF1238D  {DHCP:6, UDP:11, IPv4:1}
196 5   9:39:59 AM 6/2/2013 2.4989521       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0x3506, QUERY (Standard query), Response - Name Error     {DNS:3, UDP:2, IPv4:1}
134 6   9:39:59 AM 6/2/2013 2.4995933       FE80:0:0:0:318A:6E05:B12F:106   FF02:0:0:0:0:0:1:3  LLMNR   LLMNR:QueryId = 0xADB2, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:8, IPv6:7}
114 7   9:39:59 AM 6/2/2013 2.5008695       PS-THINKPAD     224.0.0.252 LLMNR   LLMNR:QueryId = 0xADB2, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:10, IPv4:9}
640 8   9:39:59 AM 6/2/2013 2.5035848       192.168.2.1 PS-THINKPAD     DHCP    DHCP:Reply, MsgType = ACK, TransactionID = 0x0EF1238D   {DHCP:6, UDP:11, IPv4:1}
125 9   9:39:59 AM 6/2/2013 2.5363506       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Query  for vpn.caltech.edu of type Host Addr on class Internet    {DNS:13, UDP:12, IPv4:1}
141 10  9:39:59 AM 6/2/2013 2.5377057       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0xEDCE, QUERY (Standard query), Response - Success, 192.41.208.57     {DNS:13, UDP:12, IPv4:1}
134 11  9:39:59 AM 6/2/2013 2.5592248       FE80:0:0:0:318A:6E05:B12F:106   FF02:0:0:0:0:0:1:3  LLMNR   LLMNR:QueryId = 0x9634, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:14, IPv6:7}
114 12  9:39:59 AM 6/2/2013 2.5619238       PS-THINKPAD     224.0.0.252 LLMNR   LLMNR:QueryId = 0x9634, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:15, IPv4:9}
134 13  9:39:59 AM 6/2/2013 2.6067949       FE80:0:0:0:318A:6E05:B12F:106   FF02:0:0:0:0:0:1:3  LLMNR   LLMNR:QueryId = 0xADB2, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:8, IPv6:7}
114 14  9:39:59 AM 6/2/2013 2.6068906       PS-THINKPAD     224.0.0.252 LLMNR   LLMNR:QueryId = 0xADB2, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:10, IPv4:9}
134 15  9:39:59 AM 6/2/2013 2.6692384       FE80:0:0:0:318A:6E05:B12F:106   FF02:0:0:0:0:0:1:3  LLMNR   LLMNR:QueryId = 0x9634, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:14, IPv6:7}
114 16  9:39:59 AM 6/2/2013 2.6693280       PS-THINKPAD     224.0.0.252 LLMNR   LLMNR:QueryId = 0x9634, Standard, Query  for wpad of type Host Addr on class Internet   {UDP:15, IPv4:9}
142 17  9:39:59 AM 6/2/2013 2.8099953   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
142 18  9:39:59 AM 6/2/2013 2.8722391   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
142 19  9:40:00 AM 6/2/2013 3.5738980   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
142 20  9:40:00 AM 6/2/2013 3.6362705   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
142 21  9:40:01 AM 6/2/2013 4.3382645   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
142 22  9:40:01 AM 6/2/2013 4.4006818   System  PS-THINKPAD     192.168.2.255   NbtNs   NbtNs:Query Request for WPAD   <0x00> Workstation Service   {UDP:17, IPv4:16}
125 23  9:40:02 AM 6/2/2013 5.2251198       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0x717, QUERY (Standard query), Query  for vpn.caltech.edu of type AAAA on class Internet  {DNS:19, UDP:18, IPv4:1}
181 24  9:40:02 AM 6/2/2013 5.2447957       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0x717, QUERY (Standard query), Response - Success     {DNS:19, UDP:18, IPv4:1}
125 25  9:40:02 AM 6/2/2013 5.2469250       PS-THINKPAD     192.168.2.1 DNS DNS:QueryId = 0x831C, QUERY (Standard query), Query  for vpn.caltech.edu of type AAAA on class Internet {DNS:21, UDP:20, IPv4:1}
181 26  9:40:02 AM 6/2/2013 5.2485386       192.168.2.1 PS-THINKPAD     DNS DNS:QueryId = 0x831C, QUERY (Standard query), Response - Success    {DNS:21, UDP:20, IPv4:1}
116 27  9:40:02 AM 6/2/2013 5.3215829   vpnui.exe   PS-THINKPAD     vpn.caltech.edu TCP TCP:Flags=......S., SrcPort=49200, DstPort=HTTPS(443), PayloadLen=0, Seq=3900950642, Ack=0, Win=8192 ( Negotiating scale factor 0x2 ) = 8192    {TCP:23, IPv4:22}
 _
1
user17945

この問題は解決されました。私はいくつかの調整をしましたが、それらすべてを個別にテストする機会がありませんでした(私は仕事のためにBig-IP Edge Client VPNを使用している他の誰かとの接続を共有していました。すべてを捨てる - うまくいけば、それは同じ問題を抱えて他の誰かを助けるでしょう。まず、ルータでUPnPを無効にします。私はこの提案が他の人の問題に対する答えでこの提案を見つけ、それが主な犯人だったと思われる。また、ツール を実行している 、ルータ上のUPnPの実装は不安定であることを示した。これはさらなる動機でした。私も障害のあるWPS(別の提案)を障害者です。ルータのMTUサイズを、Windowsに1500に設定します。また、ルータを無線Nに設定します(BまたはG)。最後に、私は常に不安定なので、私のネットワークカードのためのドライバのいくつかの異なるバージョンを試して、断続的なdriver_power_state_failure BSODを引き起こしました。接続を共有している他の人は彼らの運転手を変えませんでした、しかし、私のカードがどういうわけか私のカードがルーターを結ぶことであるならば、それはほとんどそう思われませんでした。残念ながら安定性を助けませんでしたが、VLAN、Link-Layer Discovery、TCP-IP 6などのワイヤレスネットワーク接続プロパティでいくつかの不要なオプションを無効にすることで後で緩和されたと思われます。しかし、これまでに働いているようです(指が交差しました)。私は時間を迎えたときにきれいな再インストールをするつもりです。

0
user17945