[Openswan Users] Basic help with configuration of L2TP/IPSEC

Gbenga stjames08 at yahoo.co.uk
Thu Jun 29 21:40:47 CEST 2006


Thanks very much Paul, but I already have this in my /etc/l2tpd/l2tpd.conf & /etc/l2tp/l2tpd.conf:

[global]
listen-addr = 10.10.3.129

[lns default]
ip range = 10.10.3.128 - 10.10.3.250
local ip = =10.10.3.130
require chap = yes
refuse pap = yes
required authentication = yes
ppp debug = yes
name = syseng
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes

/etc/ppp/options.l2tpd
ipcp-accept-local
ipcp-accept-remote
ms-dns 10.11.0.90
auth
crtscts
noccp
idle 1800
mtu 1200
mru 1200
nodefaultroute
debug
lock
proxyarp
connect-delay 5000

Maybe there s another options to set, I really do not know. I did netstat -an | grep 1701, nothing appear. I did notice that there is no entry for l2tp in /etc/services or /etc/protocols either. should I stick in an entry in one of them?


Thanks for your help,
Gbenga


----- Original Message ----
From: Paul Wouters <paul at xelerance.com>
To: Gbenga <stjames08 at yahoo.co.uk>
Cc: users at openswan.org
Sent: Thursday, 29 June, 2006 8:53:45 PM
Subject: Re: [Openswan Users] Basic help with configuration of L2TP/IPSEC

On Thu, 29 Jun 2006, Gbenga wrote:

> I downloaded the l2tpd at http://www.xelerance.com/software/xl2tpd and compiled a debian package. I also installed the ppp package from the debian stable. My configuration is the same as mentioned on the Jacco's website (and the book). when I attempted to start the l2tpd server with "/usr/sbin/l2tpd -D" I got " l2tpd[3733]: init_network: Unable to bind socket: Cannot assign the requested address. Terminating." When I did ""/usr/sbin/l2tpd" not happen either.
>
> What I would like to know is, exactly how do I confgure and start the l2tpd/ppp. A rudimentary explanation will be good. Did I need to enable pppd in /etc/inetd.conf?
>
> I did a google and all explanation was that another l2tpd might be running, but there no other l2tpd run.

Try setting the IP you want xl2tpd to listen on in l2tpd.conf:

[global]
listen-addr = 192.168.1.98

If that fails, run netstat -an|grep 1701 and see if something took that port.

Paul





More information about the Users mailing list