[Openswan Users] Multiple clients WinXP/2000 on L2TP/IPSEC VPN server (disconnect problems)

Andrej Trobentar andrej.trobentar at rikom.si
Fri Jun 24 11:41:16 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello again,

I have a scenario that I mentioned in thread "[Openswan Users]
Roadwarior problem (Windows XP behind NAT, VPN server on public IP)". I
can now connect from WinXP/2000 (behind NAT or without NAT) to the VPN
server without problems.
But now with two clients connecting simultaniously (one behind NAT and
one without NAT ; on different public IPs) to the VPN server I have a
problem :

if one client is already connected to the VPN server and another client
wants to connect, the first client gets disconnected.

Here are my configs :

[root at ns l2tpd]# cat l2tpd.conf
[global]
; listen-addr = 192.168.1.98

[lns default]
ip range = 192.168.0.150-192.168.0.160
local ip = 192.168.0.1
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes


[root at ns ppp]# cat /etc/ppp/options.l2tpd
+mschap-v2
ipcp-accept-local
ipcp-accept-remote
ms-dns 192.168.0.1
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000


[root at ns ppp]# cat chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user1           *       "secret1"               192.168.0.2
user2           *       "secret2"               192.168.0.3


I have also tried to change chap-secrets to :

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user1           *       "secret1"               192.168.0.150
user2           *       "secret2"               192.168.0.151


and to :

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user1           *       "secret1"               *
user2           *       "secret2"               *



but with no luck. It seems that the pppd get's started, but as soon as
another client connects the pppd gets terminated. Here's an example how
my pppd line looks :

/usr/sbin/pppd passive -detach 192.168.0.1:192.168.0.151 refuse-pap auth
require-chap name LinuxVPNserver file /etc/ppp/options.l2tpd /dev/ttyp3

Any ideas where could be the problem?

- --
Thanks in advice,

	Andrej.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFCu8crVd/NU2yFfAoRAsYZAKCymrhkZ0u1M2tXgf8DsbnmigWaggCfVyOL
Fq9QSemfslMU5eA8FESBrBo=
=VnOR
-----END PGP SIGNATURE-----

More information about the Users mailing list