[Openswan Users] Prb with xl2tpd
Tomasz Grzelak
tgrzelak at gmail.com
Tue Aug 28 02:29:50 EDT 2007
2007/8/28, Christophe Ngo Van Duc <cngovanduc at gmail.com>:
>
> Dear all,
>
> I am encountering a problem with a roadwarrior setup with netkey
> (ipsec/l2tpd/ppp/radius)
>
> I can establish the IPSec SA, then I use the mangling rule to forward to
> l2tp:
>
> $IPT -t mangle -A PREROUTING -p esp -j MARK --set-mark 1
> $IPT -t nat -A PREROUTING -m mark --mark 1 -p udp --dport 1701 -j DNAT
> --to internal-ip
>
> I am getting the following error on l2tpd side:
>
> xl2tpd[11438]: control_finish: Peer requested tunnel 15 twice, ignoring
> second one.
> xl2tpd[11438]: control_finish: Peer requested tunnel 15 twice, ignoring
> second one.
> xl2tpd[11438]: Maximum retries exceeded for tunnel 14572. Closing.
>
> A tcpdump also show me that no ESP traffic is sent back to the
> roadwarrior.
>
>
hello,
it looks like incoming traffic is arriving, but can't be send back.
first idea - do you have leftnexthop/rightnexthop set in your ipsec.conf to
your default gateway to Internet?
If not, try to set it up.
Regards,
Tomasz Grzelak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070828/895d9e15/attachment.html
More information about the Users
mailing list