[Openswan Users] ipsec vpn l2tp connects but then dies

Brad Chang openswan at dotnoc.com
Tue Jul 6 14:12:22 CEST 2004 

Hi everyone,

I have a vpn that is semi working. basically the tunnel will come up for about a
minuite, but during this time there is no ping over the tunnel etc.. I can see
the packets from my win2k box comming over the tunnel but nothig goes back.  I
have a default accept on my firewall so im pretty sure its not rules.

my setup is with l2tp and ppp with x.509 certs

any help would be greatly appreciated :-)

thanks and best regards to everyone,

cat /etc/ppp/options.l2tpd
ipcp-accept-local
ipcp-accept-remote
#ms-dns  192.168.1.1
#ms-wins 192.168.1.2
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000


cat /etc/l2tp/l2tpd.conf
[global]

[lns default]
ip range = 192.168.1.25-192.168.1.50
local ip = 216.187.95.142
require chap = yes
refuse pap = yes
require authentication = yes
name = GuardianVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes


logs:


Jul  6 14:04:53 guardfw2 pppd[7583]: sent [CCP ConfReq id=0x1 <deflate 15>
<deflate(old#) 15>]
Jul  6 14:04:53 guardfw2 pppd[7583]: CHAP peer authentication succeeded for nathan
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [CCP ConfReq id=0x4 < 12 06 01 00 00 01>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [CCP ConfRej id=0x4 < 12 06 01 00 00 01>]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [IPCP ConfReq id=0x5 <addr 0.0.0.0>
<ms-dns1 0.0.0.0> <ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [IPCP ConfRej id=0x5 <ms-dns1 0.0.0.0>
<ms-wins 0.0.0.0> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [IPCP ConfReq id=0x2 <addr
216.187.95.142>]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [CCP ConfRej id=0x1 <deflate 15>
<deflate(old#) 15>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [CCP ConfReq id=0x2]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [CCP TermReq
id=0x6"h\37777777725y\025\000<\37777777715t\000\000\002\37777777734"]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [CCP TermAck id=0x6]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [IPCP ConfReq id=0x7 <addr 0.0.0.0>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [IPCP ConfNak id=0x7 <addr 192.168.1.25>]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [IPCP ConfAck id=0x2 <addr
216.187.95.142>]
Jul  6 14:04:53 guardfw2 pppd[7583]: rcvd [IPCP ConfReq id=0x8 <addr 192.168.1.25>]
Jul  6 14:04:53 guardfw2 pppd[7583]: sent [IPCP ConfAck id=0x8 <addr 192.168.1.25>]
Jul  6 14:04:53 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 14:04:53 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 14:04:53 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 14:04:53 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 14:04:53 guardfw2 pppd[7583]: found interface eth1 for proxy arp
Jul  6 14:04:53 guardfw2 pppd[7583]: local  IP address 216.187.95.142
Jul  6 14:04:53 guardfw2 pppd[7583]: remote IP address 192.168.1.25
Jul  6 14:04:53 guardfw2 pppd[7583]: Script /etc/ppp/ip-up started (pid 7588)
Jul  6 14:04:53 guardfw2 pppd[7583]: Script /etc/ppp/ip-up finished (pid 7588),
status = 0x0
Jul  6 14:04:56 guardfw2 pppd[7583]: sent [CCP ConfReq id=0x2]
Jul  6 14:05:20 guardfw2 last message repeated 8 times
Jul  6 14:05:23 guardfw2 pppd[7583]: sent [LCP EchoReq id=0x1 magic=0xa8be42ca]
Jul  6 14:05:23 guardfw2 pppd[7583]: CCP: timeout sending Config-Requests
Jul  6 14:05:53 guardfw2 pppd[7583]: sent [LCP EchoReq id=0x2 magic=0xa8be42ca]
Jul  6 14:05:58 guardfw2 l2tpd[4755]: control_xmit: Maximum retries exceeded for
tunnel 46282.  Closing.
Jul  6 14:05:58 guardfw2 pppd[7583]: Terminating on signal 15.
Jul  6 14:05:58 guardfw2 pppd[7583]: Modem hangup
Jul  6 14:05:58 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 14:05:58 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 14:05:58 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 14:05:58 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 14:05:58 guardfw2 pppd[7583]: Script /etc/ppp/ip-down started (pid 7593)
Jul  6 14:05:58 guardfw2 pppd[7583]: Connection terminated.
Jul  6 14:05:58 guardfw2 pppd[7583]: Connect time 1.1 minutes.
Jul  6 14:05:58 guardfw2 pppd[7583]: Sent 896 bytes, received 112 bytes.
Jul  6 14:05:58 guardfw2 Keepalived_vrrp: Netlink: filter function error
Jul  6 14:05:58 guardfw2 Keepalived_healthcheckers: Netlink: filter function error
Jul  6 14:05:58 guardfw2 pppd[7583]: Waiting for 1 child processes...
Jul  6 14:05:58 guardfw2 pppd[7583]:   script /etc/ppp/ip-down, pid 7593
Jul  6 14:05:58 guardfw2 pppd[7583]: Script /etc/ppp/ip-down finished (pid
7593), status = 0x0
Jul  6 14:05:58 guardfw2 pppd[7583]: Exit.
Jul  6 14:05:58 guardfw2 l2tpd[4755]: call_close : Connection 1 closed to
64.180.180.220, port 1701 (Timeout)
Jul  6 14:06:03 guardfw2 l2tpd[4755]: control_xmit: Unable to deliver closing
message for tunnel 46282. Destroying anyway.





Thanks and best regards,
-Brad Chang
-http://www.dotnoc.com


-------------------------------------------------------------------
hosting,web design and managed services @ http://www.dotnoc.com

More information about the Users mailing list