[Openswan Users] Opwenswan and L2TP Problem !
Stanislav Nedelchev
stanislav.nedelchev at gmail.com
Tue Jun 7 01:08:17 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
l2tpd-0.70-pre20031121.orig
with this patch
l2tpd_0.70-pre20031121-2.diff
If you are using KLIPS you cannot use NAT-T with a PSK (as far as I know).
But one peer is not NAT-ed.
here is the log file ftom l2tpd
but unfortunately it's means nothing to me :(
This is the log file for peet that is not NAT-ed
Jun 6 22:15:34 fw l2tpd[21242]: ourtid = 33619, entropy_buf = 8353
Jun 6 22:15:34 fw l2tpd[21242]: ourcid = 4730, entropy_buf = 127a
Jun 6 22:15:34 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 6 22:15:34 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
33619, call 4730
Jun 6 22:15:34 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun 6 22:15:34 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun 6 22:15:34 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun 6 22:15:34 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun 6 22:15:34 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun 6 22:15:34 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun 6 22:15:34 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun 6 22:15:34 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun 6 22:15:34 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8. Will use flow control.
Jun 6 22:15:35 fw l2tpd[21242]: ourtid = 32989, entropy_buf = 80dd
Jun 6 22:15:35 fw l2tpd[21242]: ourcid = 5975, entropy_buf = 1757
Jun 6 22:15:35 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 6 22:15:35 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
32989, call 5975
Jun 6 22:15:35 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun 6 22:15:35 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun 6 22:15:35 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun 6 22:15:35 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun 6 22:15:35 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun 6 22:15:35 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun 6 22:15:35 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun 6 22:15:35 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun 6 22:15:35 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8. Will use flow control.
Jun 6 22:15:35 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun 6 22:15:37 fw l2tpd[21242]: ourtid = 47964, entropy_buf = bb5c
Jun 6 22:15:37 fw l2tpd[21242]: ourcid = 33095, entropy_buf = 8147
Jun 6 22:15:37 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 6 22:15:37 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
47964, call 33095
Jun 6 22:15:37 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun 6 22:15:37 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun 6 22:15:37 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun 6 22:15:37 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun 6 22:15:37 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun 6 22:15:37 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun 6 22:15:37 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun 6 22:15:37 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun 6 22:15:37 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8. Will use flow control.
Jun 6 22:15:37 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun 6 22:15:39 fw l2tpd[21242]: control_xmit: Maximum retries exceeded
for tunnel 33619. Closing.
Jun 6 22:15:41 fw l2tpd[21242]: ourtid = 42522, entropy_buf = a61a
Jun 6 22:15:41 fw l2tpd[21242]: ourcid = 60909, entropy_buf = eded
Jun 6 22:15:41 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 6 22:15:41 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
42522, call 60909
Jun 6 22:15:41 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun 6 22:15:41 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun 6 22:15:41 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun 6 22:15:41 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun 6 22:15:41 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun 6 22:15:41 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun 6 22:15:41 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun 6 22:15:41 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun 6 22:15:41 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8. Will use flow control.
Jun 6 22:15:41 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun 6 22:15:44 fw l2tpd[21242]: control_xmit: Unable to deliver closing
message for tunnel 33619. Destroying anyway.
Jun 6 22:15:54 fw l2tpd[21242]: call_close : Connection 2 closed to
84.252.57.99, port 1701 (Timeout)
Jacco de Leeuw wrote:
> Stanislav Nedelchev wrote:
>
>> Here is some log files
>> Problem is still the same
>
>
> Answer is the same too.
>
> Your l2tpd logfile on the Linux side is probably more interesting
> than packet traces, at this moment. Did you have a look at it?
> You also did not mention what versions you are using.
>
>> What can be the problem with this l2tp ?
>> nat_traversal=yes
>> authby=secret
>
>
> If you are using KLIPS you cannot use NAT-T with a PSK (as far as I know).
>
> Jacco
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCpLtBI1Upp0RIqpERAmOOAJ4os4z1S4qcTFZJxcOWJi2cGowZdACfU/hO
uVSNHLBc+m18hgp6qPn8IqY=
=I4Kg
-----END PGP SIGNATURE-----
More information about the Users
mailing list