[Openswan Users] Openswan Vista Client through l2tp can't finish connection

James james at nttmcl.com
Fri Dec 7 17:54:43 EST 2007 

Hi guys i have a problem with ONE vista client in my network and i can't 
figure out what's wrong with it
I've been able to go through several other vista clients fine but this 
one won't establish
The logs are different dates but they're the same messages i would get 
when that client is trying to establish
i'm using ipsec/l2tp.
I have most windows xp and vista users connecting fine.
Only thing i think it might be is maybe norton internet security but the 
user has it disabled completely so it shouldn't be filtering anything
They are not NATed at all.

Where i notice it failing in the logs look something like this.
Help plz? thanks
-James

FAIL L2TP LOGS(user's failing vista l2tp client)
Nov 20 13:41:19 vpnserv l2tpd[2767]: receive_window_size_avp: peer wants 
RWS of 8.  Will use flow control.
Nov 20 13:41:19 vpnserv l2tpd[2767]: control_finish: Peer requested 
tunnel 4 twice, ignoring second one.
Nov 20 13:41:19 vpnserv l2tpd[2767]: control_xmit: Unable to deliver 
closing message for tunnel 59212. Destroying anyway.

Nov 20 13:41:29 vpnserv pluto[2172]: packet from xxx.xxx.xxx.xxx:500: 
received and ignored informational message

FAIL IPSEC LOGS
Dec  7 09:13:51 vpnserv pluto[2172]: "roadwarrior-l2tp"[297] xxx.xxx71.8 
#396: ST
ATE_QUICK_R2: IPsec SA established {ESP=>0x9ef5b59d <0x3afa4578 
xfrm=AES_128-HMA
C_SHA1 NATD=none DPD=none}
Dec  7 09:14:22 vpnserv pluto[2172]: "roadwarrior-l2tp"[297] xxx.xxx71.8 
#395: re
ceived Delete SA(0x9ef5b59d) payload: deleting IPSEC State #396
Dec  7 09:14:22 vpnserv pluto[2172]: "roadwarrior-l2tp"[297] xxx.xxx71.8 
#395: re
ceived and ignored informational message
Dec  7 09:14:22 vpnserv pluto[2172]: "roadwarrior-l2tp"[297] xxx.xxx71.8 
#395: re
ceived Delete SA payload: deleting ISAKMP State #395
Dec  7 09:14:22 vpnserv pluto[2172]: "roadwarrior-l2tp"[297] 
xxx.xxx71.8: deletin
g connection "roadwarrior-l2tp" instance with peer xxx.xxx71.8 
{isakmp=#0/ipsec=
#0}



WORKING LOGS(my working l2tp):
Nov 20 14:42:30 vpnserv l2tpd[2767]: receive_window_size_avp: peer wants 
RWS of 8.  Will use flow control.
Nov 20 14:42:30 vpnserv l2tpd[2767]: check_control: control, cid = 0, Ns 
= 1, Nr = 1
Nov 20 14:42:30 vpnserv l2tpd[2767]: handle_avps: handling avp's for 
tunnel 46032, call 49448
Nov 20 14:42:30 vpnserv l2tpd[2767]: message_type_avp: message type 3 
(Start-Control-Connection-Connected)
Nov 20 14:42:30 vpnserv l2tpd[2767]: control_finish: Connection 
established to xxx.xxx.xxx.xxx, 1701.  Local: 46032, Remote: 1.  LNS 
session is 'default'

More information about the Users mailing list