[Openswan Users] duplicating a ipsec config - full logs and config

Brad Chang openswan at dotnoc.com
Tue Jul 6 12:38:16 CEST 2004 

Hi here is all the logs for the password hang.. aparently this is caused by
chap-secrets?  but that file looks fine..

cat chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
nathan          *       "nathan"                *


==> /var/log/daemon.log <==
Jul  6 12:33:25 guardfw2 l2tpd[4474]: ourtid = 65481, entropy_buf = ffc9
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 0, Ns = 0,
Nr = 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: handle_avps: handling avp's for tunnel
65481, call 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jul  6 12:33:25 guardfw2 l2tpd[4474]: protocol_version_avp: peer is using
version 1, revision 0.
Jul  6 12:33:25 guardfw2 l2tpd[4474]: framing_caps_avp: supported peer frames: sync
Jul  6 12:33:25 guardfw2 l2tpd[4474]: bearer_caps_avp: supported peer bearers:
Jul  6 12:33:25 guardfw2 l2tpd[4474]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jul  6 12:33:25 guardfw2 l2tpd[4474]: hostname_avp: peer reports hostname 'pikachu'
Jul  6 12:33:25 guardfw2 l2tpd[4474]: vendor_avp: peer reports vendor
'Microsoft\200^H'
Jul  6 12:33:25 guardfw2 l2tpd[4474]: assigned_tunnel_avp: using peer's tunnel 1
Jul  6 12:33:25 guardfw2 l2tpd[4474]: receive_window_size_avp: peer wants RWS of
8.  Will use flow control.
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 0, Ns = 1,
Nr = 1
Jul  6 12:33:25 guardfw2 l2tpd[4474]: handle_avps: handling avp's for tunnel
65481, call 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: message_type_avp: message type 3
(Start-Control-Connection-Connected)
Jul  6 12:33:25 guardfw2 l2tpd[4474]: control_finish: Connection established to
64.180.180.220, 1701.  Local: 65481, Remote: 1.  LNS session is 'default'
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 0, Ns = 2,
Nr = 1
Jul  6 12:33:25 guardfw2 l2tpd[4474]: handle_avps: handling avp's for tunnel
65481, call 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: message_type_avp: message type 10
(Incoming-Call-Request)
Jul  6 12:33:25 guardfw2 l2tpd[4474]: message_type_avp: new incoming call
Jul  6 12:33:25 guardfw2 l2tpd[4474]: ourcid = 287, entropy_buf = 11f
Jul  6 12:33:25 guardfw2 l2tpd[4474]: assigned_call_avp: using peer's call 1
Jul  6 12:33:25 guardfw2 l2tpd[4474]: call_serno_avp: serial number is 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: bearer_type_avp: peer bears: analog
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 0, Ns = 3,
Nr = 1
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 1, Ns = 3,
Nr = 2
Jul  6 12:33:25 guardfw2 l2tpd[4474]: handle_avps: handling avp's for tunnel
65481, call 287
Jul  6 12:33:25 guardfw2 l2tpd[4474]: message_type_avp: message type 12
(Incoming-Call-Connected)
Jul  6 12:33:25 guardfw2 l2tpd[4474]: tx_speed_avp: transmit baud rate is 10000000
Jul  6 12:33:25 guardfw2 l2tpd[4474]: frame_type_avp: peer uses:sync frames
Jul  6 12:33:25 guardfw2 l2tpd[4474]: ignore_avp : Ignoring AVP
Jul  6 12:33:25 guardfw2 l2tpd[4474]: start_pppd: I'm running:
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "/usr/sbin/pppd"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "passive"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "-detach"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "216.187.95.142:192.168.1.25"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "refuse-pap"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "auth"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "require-chap"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "name"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "GuardianVPNserver"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "debug"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "file"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "/etc/ppp/options.l2tpd"
Jul  6 12:33:25 guardfw2 l2tpd[4474]: "/dev/ttyp0"
Jul  6 12:33:25 guardfw2 l2tpd[4474]:
Jul  6 12:33:25 guardfw2 l2tpd[4474]: control_finish: Call established with
64.180.180.220, Local: 287, Remote: 1, Serial: 0
Jul  6 12:33:25 guardfw2 l2tpd[4474]: check_control: control, cid = 0, Ns = 4,
Nr = 2

==> /var/log/syslog <==
Jul  6 12:33:29 guardfw2 pppd[4683]: sent [LCP ConfReq id=0xc <asyncmap 0x0>
<auth chap MD5> <magic 0x52fe05b5> <pcomp> <accomp>]
Jul  6 12:33:56 guardfw2 last message repeated 9 times
Jul  6 12:33:59 guardfw2 pppd[4683]: LCP: timeout sending Config-Requests
Jul  6 12:34:30 guardfw2 l2tpd[4474]: control_xmit: Maximum retries exceeded for
tunnel 65481.  Closing.
Jul  6 12:34:30 guardfw2 pppd[4683]: Modem hangup
Jul  6 12:34:30 guardfw2 pppd[4683]: Connection terminated.
Jul  6 12:34:30 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 12:34:30 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 12:34:30 guardfw2 pppd[4683]: Terminating on signal 15.
Jul  6 12:34:30 guardfw2 pppd[4683]: Exit.
Jul  6 12:34:30 guardfw2 l2tpd[4474]: call_close : Connection 1 closed to
64.180.180.220, port 1701 (Timeout)

==> /var/log/daemon.log <==
Jul  6 12:34:30 guardfw2 l2tpd[4474]: control_xmit: Maximum retries exceeded for
tunnel 65481.  Closing.
Jul  6 12:34:30 guardfw2 l2tpd[4474]: call_close : Connection 1 closed to
64.180.180.220, port 1701 (Timeout)

==> /var/log/syslog <==
Jul  6 12:34:35 guardfw2 l2tpd[4474]: control_xmit: Unable to deliver closing
message for tunnel 65481. Destroying anyway.

==> /var/log/daemon.log <==
Jul  6 12:34:35 guardfw2 l2tpd[4474]: control_xmit: Unable to deliver closing
message for tunnel 65481. Destroying anyway.



Quoting Jacco de Leeuw <jacco2 at dds.nl>:

> 
> Brad Chang wrote:
> 
> > Hi I want to duplicate my ipsec configuration from one server to another 
> > basically I thought I could just copy over all the folders (I am useing
> ipsec 
> > with x.509).  I copied these folders and files over and figured it would
> work.  
> 
> It probably should, but my guess is that those two servers are not exactly
> the
> same. Right?
> 
> > Jul  5 22:22:37 guardfw2 pppd[7555]: no device specified and stdin is not a
> tty
> 
> This is a problem with l2tpd on kernel 2.6, if the kernel does not support
> "Legacy tty" (such as Fedora Core 2's standard kernel). You will probably
> have to recompile the kernel with legacy tty support or switch to rp-l2tp.
> 
> Jacco
> -- 
> Jacco de Leeuw                         mailto:jacco2 at dds.nl
> Zaandam, The Netherlands           http://www.jacco2.dds.nl
> _______________________________________________
> Users mailing list
> Users at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 






Thanks and best regards,
-Brad Chang
-http://www.dotnoc.com


-------------------------------------------------------------------
hosting,web design and managed services @ http://www.dotnoc.com

More information about the Users mailing list