[Openswan Users] l2tpd problem?

Dennis Leist dennis at electro-mail.de
Sat May 21 22:27:54 CEST 2005


Hi all,

I seem to have troubles with l2tpd and a winxp sp2 client.
The connection always comes up without any troubles and works very fine 
for some time, but after ca. 40 check_controls
the l2ptd ends the connection.

<v/l/m>
May 21 16:17:27 kolab l2tpd[16892]: check_control: control, cid = 0, Ns 
= 4, Nr = 79
May 21 16:17:28 kolab last message repeated 2 times
May 21 16:17:29 kolab pppd[7609]: rcvd [LCP EchoRep id=0x9a 
magic=0x7cd5576e]
May 21 16:17:57 kolab pppd[7609]: sent [LCP EchoReq id=0x9b 
magic=0x8781af71]
May 21 16:18:27 kolab pppd[7609]: sent [LCP EchoReq id=0x9c 
magic=0x8781af71]
May 21 16:18:29 kolab l2tpd[16892]: control_xmit: Maximum retries 
exceeded for tunnel 18081.  Closing.

I can see the WSASendTo error 10065 (means no route to host). Therefore 
I think
the client dosen't hang up but the server.

Does anybody have an idea, what to do?

The client's time is not pefectly syncronized, please allow up to 30 sec 
delay.
server: opensean 2.1.4
client: winXP SP2


THX for hints

<oakley.log>
 5-21: 16:18:07:341:50c QM Deleted. Notify from driver: Src 
192.168.1.105 Dest ser.ver.ad.rss InSPI 4199276350 OutSpi 3700067702  
Tunnel 0 TunnelFilter 0
 5-21: 16:18:07:341:50c Leaving adjust_peer_list entry 000C70D0 MMCount 
0 QMCount 0
 5-21: 16:18:07:341:50c constructing ISAKMP Header
 5-21: 16:18:07:341:50c constructing HASH (null)
 5-21: 16:18:07:341:50c Construct QM Delete Spi 4199276350
 5-21: 16:18:07:341:50c constructing HASH (Notify/Delete)
 5-21: 16:18:07:341:50c Not setting retransmit to downlevel client. SA 
00107750 Centry 00000000
 5-21: 16:18:07:341:50c
 5-21: 16:18:07:341:50c Sending: SA = 0x00107750 to ser.ver.ad.rss:Type 
1.4500
 5-21: 16:18:07:341:50c ISAKMP Header: (V1.0), len = 68
 5-21: 16:18:07:341:50c   I-COOKIE 7f75a086261e29e1
 5-21: 16:18:07:341:50c   R-COOKIE a11eda3339796a10
 5-21: 16:18:07:341:50c   exchange: ISAKMP Informational Exchange
 5-21: 16:18:07:341:50c   flags: 1 ( encrypted )
 5-21: 16:18:07:341:50c   next payload: HASH
 5-21: 16:18:07:341:50c   message ID: 8d791f31
 5-21: 16:18:07:341:50c Ports S:9411 D:9411
 5-21: 16:18:07:341:50c WSASendTo error 10065
 5-21: 16:18:07:341:50c PrivatePeerAddr 0
 5-21: 16:18:08:353:7e8 WSASendTo error 10004
 5-21: 16:18:28:362:7e0 Acquire from driver: op=0000000B 
src=192.168.1.105.1701 dst=ser.ver.ad.rss.1701 proto = 17, 
SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0, 
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0
 5-21: 16:18:28:362:50c Filter to match: Src ser.ver.ad.rss Dst 
192.168.1.105
 5-21: 16:18:28:362:50c MM PolicyName: L2TP Main Mode Policy
 5-21: 16:18:28:362:50c MMPolicy dwFlags 8 SoftSAExpireTime 28800
 5-21: 16:18:28:362:50c MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup 
268435457
 5-21: 16:18:28:362:50c MMOffer[0] Encrypt: Dreifach-DES CBC Hash: SHA
 5-21: 16:18:28:362:50c MMOffer[1] LifetimeSec 28800 QMLimit 0 DHGroup 2
 5-21: 16:18:28:362:50c MMOffer[1] Encrypt: Dreifach-DES CBC Hash: SHA
 5-21: 16:18:28:362:50c MMOffer[2] LifetimeSec 28800 QMLimit 0 DHGroup 2
 5-21: 16:18:28:362:50c MMOffer[2] Encrypt: Dreifach-DES CBC Hash: MD5
 5-21: 16:18:28:362:50c MMOffer[3] LifetimeSec 28800 QMLimit 0 DHGroup 1
 5-21: 16:18:28:362:50c MMOffer[3] Encrypt: DES CBC Hash: SHA
 5-21: 16:18:28:362:50c MMOffer[4] LifetimeSec 28800 QMLimit 0 DHGroup 1
 5-21: 16:18:28:362:50c MMOffer[4] Encrypt: DES CBC Hash: MD5
 5-21: 16:18:28:362:50c Auth[0]:RSA Sig C=DE, S=Hamburg, L=Hamburg, 
O=orga, OU=Adminis, CN=admin, E=admin at my.com AuthFlags 0
 5-21: 16:18:28:362:50c QM PolicyName: L2TP Require Encryption Quick 
Mode Policy dwFlags 0
 5-21: 16:18:28:362:50c QMOffer[0] LifetimeKBytes 250000 LifetimeSec 3600
 5-21: 16:18:28:362:50c QMOffer[0] dwFlags 0 dwPFSGroup 0
 5-21: 16:18:28:362:50c  Algo[0] Operation: ESP Algo: Dreifach-DES CBC 
HMAC: MD5
 5-21: 16:18:28:362:50c QMOffer[1] LifetimeKBytes 250000 LifetimeSec 3600
 5-21: 16:18:28:362:50c QMOffer[1] dwFlags 0 dwPFSGroup 0
 5-21: 16:18:28:362:50c  Algo[0] Operation: ESP Algo: Dreifach-DES CBC 
HMAC: SHA
....


More information about the Users mailing list