<div dir="ltr">Hello sir,<div><br></div><div>Thank you .I have gone throught below link<br><br><div class="gmail_quote">On Fri, Jun 24, 2011 at 10:15 PM, Willie Gillespie <span dir="ltr"><<a href="mailto:wgillespie%2Bopenswan@es2eng.com">wgillespie+openswan@es2eng.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On 6/23/2011 11:51 PM, heta shah wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello All experts,<br>
<br>
Any help me regarding IPSEC / L2TP configuration in UBUNTU. HOW To for<br>
IPSEC/L2TP for VPN server configuration in ubuntu....<br>
<br>
Any material/ document...<br>
</blockquote>
<br></div>
I'm assuming you want something like this:<br>
<a href="http://www.rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html" target="_blank">http://www.rootmanager.com/<u></u>ubuntu-ipsec-l2tp-windows-<u></u>domain-auth/setting-up-<u></u>openswan-xl2tpd-with-native-<u></u>windows-clients.html</a><br>
<br>
</blockquote></div> </div><div>I have configure IPSEC with L2TP with PSK shared key. But client cannot connect to VPN server. It showing error in xl2tpd . </div><div>My logs of VPN servers are.</div><div><br></div><div><div>
<font class="Apple-style-span" color="#000066">tail -f /var/log/auth.log</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:40 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:4500">115.248.122.242:4500</a>: received and ignored informational message</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:500">115.248.122.242:500</a>: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:500">115.248.122.242:500</a>: ignoring Vendor ID payload [FRAGMENTATION]</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:500">115.248.122.242:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:500">115.248.122.242:500</a>: ignoring Vendor ID payload [Vid-Initial-Contact]</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:43 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: responding to Main Mode from unknown peer 115.248.122.242</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: STATE_MAIN_R1: sent MR1, expecting MI2</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: STATE_MAIN_R2: sent MR2, expecting MI3</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: Main mode peer ID is ID_FQDN: '@<a href="http://2k3test.enjay.com">2k3test.enjay.com</a>'</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242 #27: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: deleting connection "L2TP-PSK-NAT" instance with peer 115.248.122.242 {isakmp=#0/ipsec=#0}</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: new NAT mapping for #27, was <a href="http://115.248.122.242:500">115.248.122.242:500</a>, now <a href="http://115.248.122.242:4500">115.248.122.242:4500</a></font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: peer client type is FQDN</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: Applying workaround for MS-818043 NAT-T bug</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: IDci was FQDN: t\307\251-, using NAT_OA=<a href="http://192.168.1.35/32">192.168.1.35/32</a> as IDci</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: the peer proposed: <a href="http://116.199.169.45/32:17/1701">116.199.169.45/32:17/1701</a> -> <a href="http://192.168.1.35/32:17/0">192.168.1.35/32:17/0</a></font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: responding to Quick Mode proposal {msgid:d5ee3142}</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: us: 116.199.169.45<116.199.169.45>[+S=C]:17/1701</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: them: 115.248.122.242[@<a href="http://2k3test.enjay.com">2k3test.enjay.com</a>,+S=C]:17/1701===?</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1</font></div><div>
<font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2</font></div><div>
<font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #28: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x6f99f081 <0x1e9a9771 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.1.35 NATD=<a href="http://115.248.122.242:4500">115.248.122.242:4500</a> DPD=none}</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: received Delete SA(0x6f99f081) payload: deleting IPSEC State #28</font></div><div>
<font class="Apple-style-span" color="#000066">Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: received and ignored informational message</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242 #27: received Delete SA payload: deleting ISAKMP State #27</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] <a href="http://115.248.122.242">115.248.122.242</a>: deleting connection "L2TP-PSK-NAT" instance with peer 115.248.122.242 {isakmp=#0/ipsec=#0}</font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:49 cloud-enjay pluto[3914]: packet from <a href="http://115.248.122.242:4500">115.248.122.242:4500</a>: received and ignored informational message</font></div>
<div><br></div><div><br></div><div><br></div><div><font class="Apple-style-span" color="#000066">root@cloud-enjay:~# tail -f /var/log/debug</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:55:25 cloud-enjay xl2tpd[7585]: Unable to deliver closing message for tunnel 3261. Destroying anyway. </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:55:33 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 17 twice, ignoring second one. </font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:55:38 cloud-enjay xl2tpd[7585]: Unable to deliver closing message for tunnel 15425. Destroying anyway. </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:55:43 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 17 twice, ignoring second one. </font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:07 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 18 twice, ignoring second one. </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:20 cloud-enjay last message repeated 3 times</font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:25 cloud-enjay xl2tpd[7585]: Unable to deliver closing message for tunnel 25945. Destroying anyway. </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:30 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 18 twice, ignoring second one. </font></div><div><font class="Apple-style-span" color="#000066">Jun 25 13:58:46 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 19 twice, ignoring second one. </font></div>
<div><font class="Apple-style-span" color="#000066">Jun 25 13:58:47 cloud-enjay xl2tpd[7585]: control_finish: Peer requested tunnel 19 twice, ignoring second one. </font></div><div><br></div><div><br></div><div>Please help me regarding this error.</div>
<br>-- <br>Thanks and Regards.<br><br>Heta Shah<br><br><br><br>
</div></div>