[Openswan Users] Linux IPsec/L2TP client?

[Rick Romero]

On Thu, 2006-09-07 at 21:27 +0200, Jacco de Leeuw wrote:
> Xunhua Wang wrote:
> 
> > I am wondering if anyone has tried to connect to an Openswan Linux
> > IPsec/L2TP server from a _Linux_ client. Are there any documents about this?
> 
> Sure, it works:
> http://www.jacco2.dds.nl/networking/openswan-l2tp.html#Client
> 
> Perhaps I should have moved this section to a separate webpage.

I tried those docs, they're the furthest I've gotten, but still not
quite there :(

I can create the tunnel:
Sep 11 16:09:09 localhost pluto[16228]: "L2TP-CERT-CLIENT" #8:
transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Sep 11 16:09:09 localhost pluto[16228]: "L2TP-CERT-CLIENT" #8: ISAKMP SA
established
Sep 11 16:09:09 localhost pluto[16228]: "L2TP-CERT-CLIENT" #9:
initiating Quick Mode RSASIG+ENCRYPT+DONTREKEY+UP {using isakmp#8}
Sep 11 16:09:10 localhost pluto[16228]: "L2TP-CERT-CLIENT" #9:
transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Sep 11 16:09:10 localhost pluto[16228]: "L2TP-CERT-CLIENT" #9: sent QI2,
IPsec SA established {ESP=>0x0f7c8ee3 <0x2d6ac2f3 xfrm=AES_0-HMAC_SHA1}

But I can't do the l2tp part:

Sep 11 15:02:03 localhost l2tpd[16642]: Connecting to host 1.2.3.5, port
1701
Sep 11 15:02:08 localhost l2tpd[16642]: Maximum retries exceeded for
tunnel 4977.  Closing.
Sep 11 15:02:08 localhost l2tpd[16642]: Connection 0 closed to 1.2.3.5,
port 1701 (Timeout)
Sep 11 15:02:13 localhost l2tpd[16642]: Unable to deliver closing
message for tunnel 4977. Destroying anyway.

When I do a traceroute to 1.2.3.5 - I get a normal route back.  It
doesn't seem to be going through the tunnel.  

ipsec setup --status says 0 tunnels - though it appears in ipsec auto
--status there is a connection..  so I'm kind of confused.

Also, ipsec look on either end doesn't show the remote IP.   But I'll
admit I'm still not totally on-base with what tunnel should show up
where :/

Rick