[Openswan Users] help l2tp/ipsec

tpl tpl tpl.a1406 at gmail.com
Tue Sep 6 18:38:49 CEST 2005


> > Yes , more than one client could connect.But the problem is that I have 
> > three network interface cards in my Openswan server.They are eth0,eth1 
> > and eth2.If they are all up ,only the eth0 could be connect success.The 
> > eth1 and eth2 could only let ipsec establish,but the l2tp fail(time 
> > out).If I down the eth0(ifconfig eth0 down),The eth1 could be connected 
> > success,but the eth2 still fail.Only when the eth0 and eth1 down,the 
> > eth2 could be connected .
> 
> That's a bit odd. I've never heard of problems because too many cards
> were installed. Could you post your ipsec.conf and l2tpd.conf? And
> the logs? Can you describe what eth0, eth1 and eth2 are used for?

The eth0,eth1 and eth2 are all normal network interface card,they all
connect to a PC.No matter what they connect ,the problem is the same.
When I read the 'man pppd',I found this words,is this be the problem?

man pppd
<local_IP_address>:<remote_IP_address>
              Set the local and/or remote interface IP addresses. 
Either one may be omitted.   The
              IP  addresses  can  be  specified  with  a host name or
in decimal dot notation (e.g.
              150.234.56.78).  The default local address is the
(first) IP address  of  the  system
              (unless  the  noipdefault option is given).

////////////////////////////////////////////////////////////////////////////////////////////
this  my config file ,is there something wrong????
this is a command for ipsec .

ipsec whack --name test --host 192.168.20.254 --nexthop 192.168.20.1
--clientprotoport 17/0 --sendcert yes --cert /home/tpl/111.pem --to
--host 0.0.0.0 --nexthop 0.0.0.0 --clientprotoport 17/1701 --sendcert
yes --encrypt --tunnel --rsasig

///////////////////////////////////////////////////////////////////////////////////////////////////////////////
/etc/l2tpd/l2tpd.conf

[global]

[lns default]
ip range = 192.168.1.5-192.168.1.100
local ip = 192.168.1.1
require chap = yes
refuse pap = no
require authentication = yes
name = LinuxVPNserver
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes

///////////////////////////////////////////////////////////////////////////
/etc/ppp/options.l2tpd

ipcp-accept-local
ipcp-accept-remote
ms-dns  192.168.1.1
ms-dns  192.168.1.3
ms-wins 192.168.1.2
ms-wins 192.168.1.4
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
logfile /var/log/l2tpd.log
proxyarp
connect-delay 5000


More information about the Users mailing list