[Openswan Users] PPP LCP Issues

Daniel Bartlett dbartlett at pmsi-consulting.com
Tue Oct 19 17:26:38 CEST 2004


Hi All,
I have managed to get the IPSec/L2TP parts of the VPN working, but I'm
now having issues with the PPP connection.
This is a Windows XP Pro SP2 connecting to a Fedora Core 2 Server
running OpenSwan 2.2.0 using x509 certificates.
 
The Windows IPSec/VPN client connects, negotiates keys then falls over
on the PPP setup with the error:
"Error 732: Your computer and the remote computer could not agree on PPP
control protocols."
I have setup the connection with LCP and compression turned on. Using
EAP.
 
As for on the linux box I'm getting this in /var/log/messages :
 
Oct 19 16:21:37 fedora-1 pppd[6566]: pppd 2.4.2 started by root, uid 0
Oct 19 16:21:37 fedora-1 pppd[6566]: Using interface ppp0
Oct 19 16:21:37 fedora-1 pppd[6566]: Connect: ppp0 <--> /dev/pts/4
(This is when the XP Client errors out)
Oct 19 16:22:07 fedora-1 pppd[6566]: LCP: timeout sending
Config-Requests   (This comes a while after, as you can see)
Oct 19 16:22:07 fedora-1 pppd[6566]: Connection terminated.
Oct 19 16:22:07 fedora-1 pppd[6566]: tcflush failed: Input/output error
Oct 19 16:22:07 fedora-1 pppd[6566]: Exit.

My current /etc/l2tp/l2tp.conf is:
load-handler "sync-pppd.so"
load-handler "cmd.so"
 
listen-port 1701
listen-addr 192.168.42.250
 
section sync-pppd
 
lns-pppd-opts "192.168.42.0:192.168.42.254 refuse-chap require-pap name
vpn.pmsi-consulting.com lcp-echo-failure 3 lcp-echo-interval 5"
lac-pppd-opts "name vpn.pmsi-consulting.com noipdefault
ipcp-accept-local ipcp-accept-remote lcp-echo-failure 3
lcp-echo-interval 5 file /etc/l2tp/ppp.options"
 
section peer
peer 0.0.0.0
mask 0
port 1701
lac-handler sync-pppd
lns-handler sync-pppd
hide-avps yes
 
# Configure the cmd handler.  You MUST have a "section cmd" line # even
if you don't set any options.
section cmd

And for my /etc/l2tp/ppp.options :
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 3
lcp-echo-interval 5
ms-dns  192.168.42.13
ms-wins 192.168.42.13
noccp
noauth
crtscts
deflate
bsdcomp
idle 1800
mtu 1000
mru 1000
nodefaultroute
debug
lock
proxyarp
connect-delay 500

I reckon that is has somthing todo with compression. I have tried many
combinations of on/off both on the server and the client. 
 
Can anyone shead any light on this?
 
Kind regards,
Daniel.
 
 
Daniel Bartlett
PMSI Consulting
www.pmsi-consulting.com <blocked::http://www.pmsi-consulting.com> 
White Lion House, 64 Highgate High Street, London, N6 5HX, UK
______________________________________________________
This communication may contain information that is privileged &
confidential. It is for the exclusive use of the intended recipient(s).
If you have received this e-mail in error please notify the sender. Note
that if you are not the intended recipient(s), any form of distribution,
copying or use of this communication or the information in it is
strictly prohibited and may be unlawful.
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041019/e7909e7a/attachment.htm


More information about the Users mailing list