[Openswan Users] Road warrior VPN - help
Brian Hoover
brianh at vidar.com
Thu Nov 17 16:13:02 CET 2005
Hello,
I am working with openswan / l2tpd for the first time. The goal is
set-up VPN connectivity for M$ clients.
My sandbox look like:
winXP (a.b.255.2) ---- direct ---- (a.b.255.247) fw03.vidar.corp
(192.168.0.88) -|
|
lan
(192.168.0.0/24) -|
fw03 is:
FC4 - 2.6.12-1.1447_FC4
openswan-2.4.0-1
openswan-klips-2.4.0-2.6.12_1.1447_FC4_1
l2tpd-0.69-12jdl
ppp-2.4.2-7
The configuration is from Nate Carlson's examples.
ipsec seems to be working but the M$ client does not connect.
I have not found any explanation of the log entries about routing below.
Any help would be accepted.
Thanks,
Brian Hoover
pluto[4314]: packet from a.b.255.2:500: ignoring Vendor ID payload [MS
NT5 ISAKMPOAKLEY 00000003]
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: responding to Main Mode
from unknown peer a.b.255.2
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: transition from state
STATE_MAIN_R0 to state STATE_MAIN_R1
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: STATE_MAIN_R1: sent
MR1, expecting MI2
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: transition from state
STATE_MAIN_R1 to state STATE_MAIN_R2
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: STATE_MAIN_R2: sent
MR2, expecting MI3
pluto[4314]: "roadwarrior-l2tp"[1] a.b.255.2 #1: Main mode peer ID is
ID_DER_ASN1_DN: 'C=US, ST=Virginia, L=Herndon, O=Vidar Systems
Corporation, CN=fw03.vidar.com'
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: deleting connection
"roadwarrior-l2tp" instance with peer a.b.255.2 {isakmp=#0/ipsec=#0}
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: I am sending my cert
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: transition from state
STATE_MAIN_R2 to state STATE_MAIN_R3
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: STATE_MAIN_R3: sent
MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: responding to
Quick Mode {msgid:fd94fe87}
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: transition from
state STATE_QUICK_R0 to state STATE_QUICK_R1
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: STATE_QUICK_R1:
sent QR1, inbound IPsec SA installed, expecting QI2
/*/*/*/* Here /*/*/*/*
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: up-host output:
Cannot open "/proc/sys/net/ipv4/route/flush"
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: route-host
output: Cannot open "/proc/sys/net/ipv4/route/flush"
/*/*/*/*/*/*/*/*/*/*/*
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: transition from
state STATE_QUICK_R1 to state STATE_QUICK_R2
pluto[4314]: "roadwarrior-l2tp-oldwin"[1] a.b.255.2 #2: STATE_QUICK_R2:
IPsec SA established {ESP=>0xb796dff8 <0xc05de399 xfrm=3DES_0-HMAC_MD5
NATD=none DPD=none}
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: received Delete
SA(0xb796dff8) payload: deleting IPSEC State #2
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: deleting connection
"roadwarrior-l2tp-oldwin" instance with peer a.b.255.2
{isakmp=#0/ipsec=#0}
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: unroute-host output:
Cannot open "/proc/sys/net/ipv4/route/flush"
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: received and ignored
informational message
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2 #1: received Delete SA
payload: deleting ISAKMP State #1
pluto[4314]: "roadwarrior-l2tp"[2] a.b.255.2: deleting connection
"roadwarrior-l2tp" instance with peer a.b.255.2 {isakmp=#0/ipsec=#0}
pluto[4314]: packet from a.b.255.2:500: received and ignored
informational message
/*/*/*/* And Here /*/*/*/*
pluto[4314]: ERROR: asynchronous network error report on eth1
(sport=500) for message to a.b.255.2 port 500, complainant a.b.255.247:
No route to host [errno 113, origin ICMP type 3 code 1 (not
authenticated)]
More information about the Users
mailing list