<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="State"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="Street"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="address"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p
{mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:595.3pt 841.9pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Hi,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>I am running openswan 2.4.6 and xl2tpd 1.0.4 (from
Xelerance) on an IPCOP 1.4.11 firewall for windows XP road warrior L2TP/IPSec connections.
I have xl2tpd listening on the internal IP address of the firewall (not the
external internet facing IP address). The L2TP/IPSec connections work
fine.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>However, I notice in the logs I always get the
following type of error when client disconnects. The disconnection
eventually times out successfully but I would prefer the connection to close
without errors.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:04:53 firewall l2tpd[30017]: Connection
established to xxx.xxx.xxx.xxx, 1701. Local: 56119, Remote: 6. LNS
session is 'default'<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:04:54 firewall l2tpd[30017]: Call
established with xxx.xxx.xxx.xxx, Local: 62656, Remote: 1, Serial: 0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>…<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:34:33 firewall l2tpd[30017]:
control_finish: Peer tried to disconnect with invalid TID (6 != 56119)<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>…<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:34:59 firewall l2tpd[30017]: Maximum
retries exceeded for tunnel 56119. Closing.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:34:59 firewall l2tpd[30017]: Connection 6
closed to xxx.xxx.xxx.xxx, port 1701 (Timeout)<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Oct 23 12:35:04 firewall l2tpd[30017]: Unable to
deliver closing message for tunnel 56119. Destroying anyway.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Looking through previous posts on this topic by Jacco
de Leeuw and others I notice that the code in control.c in (x)l2tpd has been
changed, swapping to try and correct this. However I still get the
error. Looking at the values of the connection and tunnel ID’s I
notice that the connection and tunnel ID’s are switched around, hence the
error message.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Should I be getting this error in my situation?<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Is this a function of having xl2tpd listening on the
internal IP address or is there some other problem?<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Regards<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-AU style='font-size:
10.0pt;font-family:Arial'>Paul<o:p></o:p></span></font></p>
<p><font size=2 color=navy face="Courier New"><span lang=EN-AU
style='font-size:10.0pt;font-family:"Courier New";color:navy'>+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++<br>
EML Consulting Services Pty
Ltd
Telephone: +61 3 9836 1999<br>
<st1:Street w:st="on"><st1:address w:st="on">417-431 Canterbury Road</st1:address></st1:Street>
Facsimile: +61 3 9836 0517<br>
<st1:place w:st="on"><st1:City w:st="on">SURREY HILLS</st1:City>, <st1:State
w:st="on">VICTORIA</st1:State></st1:place>
3127 Email:
Paul.Freeman@eml.com.au<br>
+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++</span></font><span
lang=EN-AU> </span><o:p></o:p></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span lang=EN-AU
style='font-size:12.0pt'><o:p> </o:p></span></font></p>
</div>
</body>
</html>