[Openswan Users] RDP from internal NET to VPN client fails, and some other strangness..
Brett Curtis
dashnu at gmail.com
Tue Nov 14 14:48:36 EST 2006
Hello all.
Every time I try to rdp into a users laptop over the VPN the
connection fails. This happens after the connection is made and the
username and password is entered for RDP.
This is the tcpdump.
14:31:15.091694 IP defender.mydomain.net.ipsec-nat-t >
65-102-18-11.ptld.qwest.net.ipsec-nat-t: UDP-encap:
ESP(spi=0xf5c876e9,seq=0x6ff), length 52
14:31:15.260882 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: UDP-encap:
ESP(spi=0x4a30d4e9,seq=0x555), length 76
14:31:15.261063 IP defender.mydomain.net.ipsec-nat-t >
65-102-18-11.ptld.qwest.net.ipsec-nat-t: UDP-encap:
ESP(spi=0xf5c876e9,seq=0x700), length 52
14:31:15.429966 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: NONESP-encap: [|isakmp]
14:31:15.430334 IP defender.mydomain.net.ipsec-nat-t >
65-102-18-11.ptld.qwest.net.ipsec-nat-t: NONESP-encap: [|isakmp]
14:31:15.435176 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: NONESP-encap: [|isakmp]
14:31:15.450702 IP defender.mydomain.net.ipsec-nat-t >
65-102-18-11.ptld.qwest.net.ipsec-nat-t: NONESP-encap: [|isakmp]
14:31:27.360698 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: isakmp-nat-keep-alive
14:31:47.391051 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: isakmp-nat-keep-alive
14:32:07.425524 IP 65-102-18-11.ptld.qwest.net.ipsec-nat-t >
defender.mydomain.net.ipsec-nat-t: isakmp-nat-keep-alive
14:32:11.492669 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=10,Nr=6
*MSGTYPE(HELLO)
14:32:12.496807 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=10,Nr=6
*MSGTYPE(HELLO)
14:32:13.500883 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=10,Nr=6
*MSGTYPE(HELLO)
14:32:14.505005 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=10,Nr=6
*MSGTYPE(HELLO)
14:32:15.509169 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=10,Nr=6
*MSGTYPE(HELLO)
14:32:16.513421 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=11,Nr=6
*MSGTYPE(StopCCN) |...
14:32:17.517415 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=11,Nr=6
*MSGTYPE(StopCCN) |...
14:32:18.521542 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=11,Nr=6
*MSGTYPE(StopCCN) |...
14:32:19.525660 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=11,Nr=6
*MSGTYPE(StopCCN) |...
14:32:20.529808 IP defender.mydomain.net.l2tp >
65-102-18-11.ptld.qwest.net.l2tp: l2tp:[TLS](10/0)Ns=11,Nr=6
*MSGTYPE(StopCCN) |...
This is my ppp & l2tp errors
Nov 14 14:31:14 defender64 pppd[27693]: rcvd [LCP TermReq id=0x8 0f af
2f e9 00 3c cd 74 00 00 00 00]
Nov 14 14:31:14 defender64 pppd[27693]: LCP terminated by peer
(^OM-//M-i^@<M-Mt^@^@^@^@)
Nov 14 14:31:14 defender64 pppd[27693]: Connect time 8.1 minutes.
Nov 14 14:31:14 defender64 pppd[27693]: Sent 1304290 bytes, received
123111 bytes.
Nov 14 14:31:14 defender64 pppd[27693]: Script /etc/ppp/ip-down
started (pid 28123)
Nov 14 14:31:14 defender64 pppd[27693]: sent [LCP TermAck id=0x8]
Nov 14 14:31:14 defender64 pppd[27693]: Script /etc/ppp/ip-down
finished (pid 28123), status = 0x1
Nov 14 14:31:15 defender64 l2tpd[26646]: control_finish: Connection
closed to 65.102.18.11, serial 0 ()
Nov 14 14:31:15 defender64 pppd[27693]: Terminating on signal 15
Nov 14 14:31:15 defender64 pppd[27693]: Modem hangup
Nov 14 14:31:15 defender64 pppd[27693]: Connection terminated.
Nov 14 14:31:15 defender64 pppd[27693]: Exit.
Nov 14 14:31:15 defender64 l2tpd[26646]: control_finish: Peer tried to
disconnect with invalid TID (10 != 57399)
Nov 14 14:32:16 defender64 l2tpd[26646]: Maximum retries exceeded for
tunnel 57399. Closing.
Nov 14 14:32:16 defender64 l2tpd[26646]: Connection 10 closed to
65.102.18.11, port 1701 (Timeout)
Nov 14 14:32:21 defender64 l2tpd[26646]: Unable to deliver closing
message for tunnel 57399. Destroying anyway.
The only other time I see these errors are with Mac clients. They lose
their connect after X number of minutes. This is a problem that I also
have yet to reslove.
Another issue :
It seems no matter what I setup in XP he can not use our DNS server
for machines that have an external DNS(via DynDNS) ip and an internal
DNS ip. He always pulls the external IP however for machines that are
only resovable internally work fine.
Has anyone seen anything like this?
I am using openswan 2.4.4, kernel 2.6.17 and xltpd-1.1.05
More information about the Users
mailing list