[Openswan Users] Opwenswan and L2TP Problem !

Stanislav Nedelchev stanislav.nedelchev at gmail.com
Tue Jun 7 01:08:17 CEST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


l2tpd-0.70-pre20031121.orig
with this patch
l2tpd_0.70-pre20031121-2.diff


 If you are using KLIPS you cannot use NAT-T with a PSK (as far as I know).
But one peer is not NAT-ed.


here is the log file ftom l2tpd
but unfortunately it's means nothing to me :(
This is the log file for peet that is not NAT-ed

Jun  6 22:15:34 fw l2tpd[21242]: ourtid = 33619, entropy_buf = 8353
Jun  6 22:15:34 fw l2tpd[21242]: ourcid = 4730, entropy_buf = 127a
Jun  6 22:15:34 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun  6 22:15:34 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
33619, call 4730
Jun  6 22:15:34 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun  6 22:15:34 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun  6 22:15:34 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun  6 22:15:34 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun  6 22:15:34 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun  6 22:15:34 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun  6 22:15:34 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun  6 22:15:34 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun  6 22:15:34 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8.  Will use flow control.
Jun  6 22:15:35 fw l2tpd[21242]: ourtid = 32989, entropy_buf = 80dd
Jun  6 22:15:35 fw l2tpd[21242]: ourcid = 5975, entropy_buf = 1757
Jun  6 22:15:35 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun  6 22:15:35 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
32989, call 5975
Jun  6 22:15:35 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun  6 22:15:35 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun  6 22:15:35 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun  6 22:15:35 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun  6 22:15:35 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun  6 22:15:35 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun  6 22:15:35 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun  6 22:15:35 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun  6 22:15:35 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8.  Will use flow control.
Jun  6 22:15:35 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun  6 22:15:37 fw l2tpd[21242]: ourtid = 47964, entropy_buf = bb5c
Jun  6 22:15:37 fw l2tpd[21242]: ourcid = 33095, entropy_buf = 8147
Jun  6 22:15:37 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun  6 22:15:37 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
47964, call 33095
Jun  6 22:15:37 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun  6 22:15:37 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun  6 22:15:37 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun  6 22:15:37 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun  6 22:15:37 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun  6 22:15:37 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun  6 22:15:37 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun  6 22:15:37 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun  6 22:15:37 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8.  Will use flow control.
Jun  6 22:15:37 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun  6 22:15:39 fw l2tpd[21242]: control_xmit: Maximum retries exceeded
for tunnel 33619.  Closing.
Jun  6 22:15:41 fw l2tpd[21242]: ourtid = 42522, entropy_buf = a61a
Jun  6 22:15:41 fw l2tpd[21242]: ourcid = 60909, entropy_buf = eded
Jun  6 22:15:41 fw l2tpd[21242]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun  6 22:15:41 fw l2tpd[21242]: handle_avps: handling avp's for tunnel
42522, call 60909
Jun  6 22:15:41 fw l2tpd[21242]: message_type_avp: message type 1
(Start-Control-Connection-Request)
Jun  6 22:15:41 fw l2tpd[21242]: protocol_version_avp: peer is using
version 1, revision 0.
Jun  6 22:15:41 fw l2tpd[21242]: framing_caps_avp: supported peer
frames: sync
Jun  6 22:15:41 fw l2tpd[21242]: bearer_caps_avp: supported peer bearers:
Jun  6 22:15:41 fw l2tpd[21242]: firmware_rev_avp: peer reports firmware
version 1280 (0x0500)
Jun  6 22:15:41 fw l2tpd[21242]: hostname_avp: peer reports hostname
'petkovg'
Jun  6 22:15:41 fw l2tpd[21242]: vendor_avp: peer reports vendor 'Microsoft'
Jun  6 22:15:41 fw l2tpd[21242]: assigned_tunnel_avp: using peer's tunnel 2
Jun  6 22:15:41 fw l2tpd[21242]: receive_window_size_avp: peer wants RWS
of 8.  Will use flow control.
Jun  6 22:15:41 fw l2tpd[21242]: control_finish: Peer requested tunnel 2
twice, ignoring second one.
Jun  6 22:15:44 fw l2tpd[21242]: control_xmit: Unable to deliver closing
message for tunnel 33619. Destroying anyway.

Jun  6 22:15:54 fw l2tpd[21242]: call_close : Connection 2 closed to
84.252.57.99, port 1701 (Timeout)


Jacco de Leeuw wrote:
> Stanislav Nedelchev wrote:
> 
>> Here is some log files
>> Problem is still the same
> 
> 
> Answer is the same too.
> 
> Your l2tpd logfile on the Linux side is probably more interesting
> than packet traces, at this moment. Did you have a look at it?
> You also did not mention what versions you are using.
> 
>> What can be the problem with this l2tp ?
>>         nat_traversal=yes
>>         authby=secret
> 
> 
> If you are using KLIPS you cannot use NAT-T with a PSK (as far as I know).
> 
> Jacco

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCpLtBI1Upp0RIqpERAmOOAJ4os4z1S4qcTFZJxcOWJi2cGowZdACfU/hO
uVSNHLBc+m18hgp6qPn8IqY=
=I4Kg
-----END PGP SIGNATURE-----


More information about the Users mailing list