[Openswan Users] duplicating a ipsec config
Tobias Hadem
th at lt-ec.de
Tue Jul 6 10:17:25 CEST 2004
Could you post all your configs?
i think you have a setup similar to yacco's descriptions, right?
then post your l2tpd.conf and your ipsec.conf.
when hanging on passwords, only chap-secrets may help you, because then no
demon is starting up because all connections are already up.
tobi
Am Dienstag, 6. Juli 2004 08:13 schrieben Sie:
> its an exact copy on both servers.. default actually. now I get it hangin
> on authorizing password. One machine works fine with the exact same
> config. I will check the config again. but it is mostly defualt. the ip
> in the listenaddr because I have an ip failover.
>
> thanks for all your help
>
> ipcp-accept-local
> ipcp-accept-remote
> #ms-dns 192.168.1.1
> #ms-wins 192.168.1.2
> auth
> crtscts
> idle 1800
> mtu 1410
> mru 1410
> nodefaultroute
> debug
> lock
> proxyarp
> connect-delay 5000
>
> Quoting Tobias Hadem <th at lt-ec.de>:
> > This is not an Openswan-Issue. Your l2tp-server or to be precise, your
> > ppp-server is not firing up, because some entries in the config-files are
> > bad
> >
> > or missing.
> > maybe you did not copy the options-file for ppp on the other side? or did
> > not
> >
> > change the ip in the l2tpd.conf (listenaddr)?
> >
> > tobi
> >
> > Am Dienstag, 6. Juli 2004 06:36 schrieb Brad Chang:
> > > Hi I want to duplicate my ipsec configuration from one server to
> > > another basically I thought I could just copy over all the folders (I
> > > am useing ipsec with x.509). I copied these folders and files over and
> > > figured it would work. But I think im missing a folder because I get an
> > > error on
> >
> > this
> >
> > > new vpn server (or the copying methode doesnt work):
> > >
> > > Files copied:
> > > /etc/ipsec.conf
> > > /etc/ipsec.secrets
> > > /etc/certs/crl.pem
> > > /etc/certs/demoCA/
> > > /etc/ssl/
> > > /etc/ipsec.d/
> > > /etc/l2tp/
> > > /etc/ppp/
> > >
> > >
> > > Thanks and best regards,
> > > -Brad Chang
> > >
> > > syslog Snippet:
> > >
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: check_control: control, cid = 0,
> > > Ns
> >
> > =
> >
> > > 4, Nr = 2
> > > Jul 5 22:22:37 guardfw2 pppd[7555]: no device specified and stdin is
> > > not
> >
> > a
> >
> > > tty Jul 5 22:22:37 guardfw2 l2tpd[7527]: child_handler : pppd died for
> > > call 1 Jul 5 22:22:37 guardfw2 l2tpd[7527]: write_packet: Bad file
> > > descriptor(9) Jul 5 22:22:37 guardfw2 l2tpd[7527]: call_close: Call
> >
> > 53359
> >
> > > to 154.5.21.47 disconnected
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: check_control: control, cid = 0,
> > > Ns
> >
> > =
> >
> > > 4, Nr = 3
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: check_control: control, cid = 0,
> > > Ns
> >
> > =
> >
> > > 4, Nr = 3
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: handle_avps: handling avp's for
> > > tunnel 64003, call 48738
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: message_type_avp: message type 4
> > > (Stop- Control-Connection-Notification)
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: assigned_tunnel_avp: using peer's
> > > tunnel 6 Jul 5 22:22:37 guardfw2 l2tpd[7527]: result_code_avp: peer
> > > closing for reason 6 (Requester is being shut down), error = 0
> > > ()
> > > Jul 5 22:22:37 guardfw2 l2tpd[7527]: control_finish: Connection closed
> >
> > to
> >
> > > 154.5.21.47, port 1701 (), Local: 64003, Remote:
> > > 6
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at lists.openswan.org
> > > http://lists.openswan.org/mailman/listinfo/users
> >
> > --
> >
> > Tobias Hadem th at lt-ec.de
> > LT-ec service & solutions http://www.lt-ec.de
> > fon +49 (0)911 97791355 fax +49 (0)911 97791358
> > Benno-Strauss-Strasse 5 D-90763 Fürth/Bay.
> > Zimmerstrasse 23 D-90117 Berlin
> >
> > LinuxTag - Europes largest expo and conference
> > Sommer 2004 im Messe - und Kongresszentrum Karlsruhe
> > _______________________________________________
> > Users mailing list
> > Users at lists.openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
>
> Thanks and best regards,
> -Brad Chang
> -http://www.dotnoc.com
>
>
> -------------------------------------------------------------------
> hosting,web design and managed services @ http://www.dotnoc.com
--
Tobias Hadem th at lt-ec.de
LT-ec service & solutions http://www.lt-ec.de
fon +49 (0)911 97791355 fax +49 (0)911 97791358
Benno-Strauss-Strasse 5 D-90763 Fürth/Bay.
Zimmerstrasse 23 D-90117 Berlin
LinuxTag - Europes largest expo and conference
Sommer 2004 im Messe - und Kongresszentrum Karlsruhe
More information about the Users
mailing list