search

theinvisible / openfortigui

VPN-GUI to connect to Fortigate-Hardware, based on openfortivpn
https://hadler.me/linux/openfortigui/
GNU General Public License v3.0
489 stars 54 forks source link

Peer refused to agree to his IP address #194

Closed jgui1014 closed 4 months ago

jgui1014 commented 9 months ago

Hi.

I've been using openfortigui for some time now, but after updating my Arch box, all connection attempts fail with: Peer refused to agree to his IP address.

Before update:

Aug 21 16:06:50 Hangup (SIGHUP) Modem hangup Connect time 6.5 minutes. Sent 711160 bytes, received 4568390 bytes. Connection terminated. Aug 30 21:00:37 INFO: Start tunnel. Aug 30 21:00:44 INFO: Connected to gateway. INFO: Authenticated. Aug 30 21:00:45 INFO: Remote gateway has allocated a VPN. Aug 30 21:00:45 Using interface ppp0 Connect: ppp0 <--> /dev/pts/5 Aug 30 21:00:45 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Aug 30 21:00:48 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Aug 30 21:00:51 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Aug 30 21:00:52 INFO: Negotiation complete. Cannot determine ethernet address for proxy ARP local IP address 10.212.134.200 remote IP address 169.254.2.1 INFO: Interface ppp0 is UP. INFO: Setting new routes... INFO: Adding VPN nameservers... INFO: Tunnel is up and running. Aug 30 21:02:43 INFO: Setting ppp0 interface down. INFO: Restoring routes... INFO: Removing VPN nameservers... Aug 30 21:02:45 Hangup (SIGHUP) Modem hangup Connect time 1.9 minutes. Sent 540297 bytes, received 4152445 bytes. Connection terminated.

Today:

Sep 11 13:22:26 INFO: Start tunnel. Sep 11 13:22:34 INFO: Connected to gateway. INFO: Authenticated. Sep 11 13:22:34 INFO: Remote gateway has allocated a VPN. Sep 11 13:22:34 Warning: couldn't open ppp database /run/pppd/pppd2.tdb Using interface ppp0 Connect: ppp0 <--> /dev/pts/4 Sep 11 13:22:35 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Sep 11 13:22:38 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Sep 11 13:22:41 INFO: Got addresses: [10.212.134.200], ns [0.0.0.0, 0.0.0.0] INFO: Negotiation complete. Sep 11 13:22:43 INFO: Negotiation complete. Peer refused to agree to his IP address Connect time 0.2 minutes. Sent 1125 bytes, received 1090 bytes.

Thanks!

lgaggini commented 9 months ago

Hi,

very likely it's related to the ppp upgrade to the version 2.5.0. You can check this issue on openfortivpn: https://github.com/adrienverge/openfortivpn/issues/1076 on which openfortigui is built on.

gamelaster commented 9 months ago

Hi, yes, it's because of that option. It would be great if we can configure this in OpenFortiGUI

petrkr commented 7 months ago

Just got same problem today.. New openfortivpn have cmd line param for it "--pppd-accept-remote"

Would be nice to add this option to "pppd" section too

  --pppd-accept-remote          Invoke pppd with option 'ipcp-accept-remote'.                                It might help avoid errors with PPP 2.5.0.