<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div>Hi,</div><div><br></div><div>I use Fedora 16, and install<font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3"> openswan-2.6.36-1.fc16 (64 bit) and xl2tpd-1.3.1-1.fc16 (64 bit).</font></div><div><font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3">I connect to VPN server using iphone.</font></div><div><font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3">I can established a connection to the VPN server</font> access my LAN but after around 2 minutes, the connection is always drop.</div><div><br></div><div>In the log I see:</div><div>Nov 26 08:24:45 PC001 xl2tpd[4609]: Connection established to 111.65.28.11, 60697. Local: 51059, Remote: 28 (ref=0/0). LNS session is
'default'<br>Nov 26 08:24:46 PC001 xl2tpd[4609]: Call established with 111.65.28.11, Local: 39779, Remote: 705, Serial: 1<br>Nov 26 08:24:46 PC001 pppd[7310]: pppd 2.4.5 started by root, uid 0<br>Nov 26 08:24:46 PC001 pppd[7310]: Using interface ppp0<br>Nov 26 08:24:46 PC001 pppd[7310]: Connect: ppp0 <--> /dev/pts/2<br>Nov 26 08:24:47 PC001 pppd[7310]: Unsupported protocol 'IPv6 Control Protocol' (0x8057) received<br>Nov 26 08:24:47 PC001 pppd[7310]: found interface p4p1 for proxy arp<br>Nov 26 08:24:47 PC001 pppd[7310]: local IP address 192.168.1.9<br>Nov 26 08:24:47 PC001 pppd[7310]: remote IP address 192.168.1.128<br>Nov 26 08:26:50 PC001 xl2tpd[4609]: Maximum retries exceeded for tunnel 51059. Closing.<br>Nov 26 08:26:50 PC001 pppd[7310]: Modem hangup<br>Nov 26 08:26:50 PC001 pppd[7310]: Connect time 2.1 minutes.<br>Nov 26 08:26:50 PC001 pppd[7310]: Sent 693038 bytes, received 36984 bytes.<br>Nov 26 08:26:50 PC001 xl2tpd[4609]:
Connection 28 closed to 111.65.28.11, port 60697 (Timeout)<br>Nov 26 08:26:50 PC001 avahi-daemon[827]: Withdrawing workstation service for ppp0.<br>Nov 26 08:26:57 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:26:58 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:26:58 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:27:01 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:27:06 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:27:12 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:27:13 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br>Nov 26 08:27:13 PC001 xl2tpd[4609]: Can not find tunnel 51059 (refhim=0)<br></div><div><br></div><div><font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3">My VPN server is behind Router Firewall</font></div><div><font
class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3">The VPN server IP is 192.168.1.9</font></div><div><br></div><div><font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3">Here is my setting:</font></div><div style="font-family:times, serif;font-size:12pt;"><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">/etc/ipsec.conf</span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">-----------</span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino,
serif;font-size:15px;line-height:21px;"><br></span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">nat_traversal=yes</span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">oe=off</span><span
class="yiv87073739Apple-style-span" style="color:rgb(34, 34,
34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">protostack=netkey</span><br></div><div style="font-family:times, serif;font-size:12pt;"><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span></div><div style="font-family:times, serif;font-size:12pt;"><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">conn
L2TP-PSK<br>authby=secret<br>pfs=no<br>auto=add<br>keyingtries=3<br>rekey=no<br>ikelifetime=8h<br>keylife=1h<br>type=transport<br>left=192.168.1.1<br>leftprotoport=17/1701<br>right=%any<br>rightprotoport=17/%any<br></span></div><div style="font-family:times, serif;font-size:12pt;"><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">rightsubnet=vhost:%priv<br></span></div><div style="font-family:times, serif;font-size:12pt;"><span class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;"><br></span></div><div><font class="yiv87073739Apple-style-span" color="#222222" face="Georgia, Utopia, 'Palatino Linotype', Palatino, serif"><span class="yiv87073739Apple-style-span" style="font-size:15px;line-height:21px;">/etc/xl2tpd/xl2tpd.conf<br></span></font></div><span
class="yiv87073739Apple-style-span" style="color:rgb(34, 34, 34);font-family:Georgia, Utopia, Palatino, serif;font-size:15px;line-height:21px;">------------<br>[global]<br>ipsec saref = yes<br>[lns default]<br>ip range = 192.168.1.200-192.168.1.210<br>local ip = 192.168.1.9<br>refuse chap = yes<br>refuse pap = yes<br>require authentication = yes<br>ppp debug = yes<br>pppoptfile = /etc/ppp/options.xl2tpd<br>length bit = yes<br><br>/etc/ppp/options.xl2tpd<br>----------------<br>ipcp-accept-local<br>ipcp-accept-remote<br>ms-dns 192.168.1.1<br>ms-wins 192.168.1.1<br>noccp<br>auth<br>crtscts<br>idle 1800<br>name l2tpd<br>mtu 1280<br>mru 1280<br>nodefaultroute<br>debug<br>lock<br>proxyarp<br>connect-delay 5000<br><br><br><br>Thanks in advance.<br><br>Best Regards,<br>Stefanus<br></span><div><br></div><div><font class="yiv87073739Apple-style-span" face="'times new roman', 'new york', times, serif" size="3"><br></font></div></div></body></html>