[Openswan Users] pluto aborted

David Spear dspear at telus.net
Wed Feb 9 14:08:44 CET 2005 

Hi folks:

Not sure if maybe I should be posting to another newsgroup, as this
appears to be more of a PPP issue but:

I set up Openswan 2.3.0 as my IPSEC gateway using X.509 certs for
authentication.  This works well with a manual ipsec connection (Marcus
Mueller's ipsec.exe, etc.)  

For ease of roll-out and minimization of training, I'd like to use the
MS L2TP/IPSEC client (Win 2000/XP).  So, I downloaded and configured
l2tpd.  So far so good.  Now, I've disabled ppp authentication by
putting

"noauth"

into /etc/ppp/options.l2tpd

I am hoping/guessing that this would override any settings in
/etc/l2tpd/l2tpd.conf such as:

"require chaps = yes" or
"refuse pap = yes"

so that I could eliminate ppp authentication as a source of error.
Please correct me on this one if I am mistaken.  Anyway, the good news:

########## /relevant log entries / ################

Feb  9 13:39:05 explorer pluto[20540]: "roadwarrior-l2tp"[4]
192.168.1.102 #4: IPsec SA established {ESP=>0x8c0443e7 <0xaf46a723}

Feb  9 13:39:08 explorer l2tpd[20764]: control_finish: Connection
established to 192.168.1.102, 1701.  Local: 7463, Remote: 4.  LNS
session is 'default' 
Feb  9 13:39:08 explorer l2tpd[20764]: control_finish: Call established
with 192.168.1.102, Local: 10376, Remote: 1, Serial: 0

############## end logs ##########################

So, near as I can tell, IPSEC tunnel has been established and l2tp
tunnel is established.  Now, the bad news:

##############  pppd log   #############

Feb  9 13:39:08 explorer pppd[20779]: no device specified and stdin is
not a tty
Feb  9 13:39:08 explorer l2tpd[20764]: network_thread: tossing read
packet, error = Bad file descriptor (9).  Closing call. 
Feb  9 13:39:08 explorer l2tpd[20764]: call_close: Call 10376 to
192.168.1.102 disconnected 
Feb  9 13:39:08 explorer l2tpd[20764]: write_packet: Bad file
descriptor(9)

############# end log  ####################

So, it ain't quite there yet... I'm wondering if anybody has any clue
what is causing this?  I am guessing maybe a missing /dev/ppp or
/dev/ppp0 to write to?  I really don't know.  I've gotten pppd working
as a dial-in server years ago and recall that it was just a bastard to
set up.

Thanks

Dave

More information about the Users mailing list