[Openswan Users] Service xl2tpd needed
sasa
sasa at shoponweb.it
Thu Feb 1 06:34:26 EST 2007
Hi, I have a strange problem with xl2tpd that required occasionally of to be
restarted.
Occasionally from remote pc (with xp) I don't succeed to connect to my vpn,
in the log files there aren't error:
Feb 1 02:09:18 fw4 pluto[1870]: packet from 80.180.223.xxx:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Feb 1 02:09:18 fw4 pluto[1870]: packet from 80.180.223.xxx:500: ignoring
Vendor ID payload [FRAGMENTATION]
Feb 1 02:09:18 fw4 pluto[1870]: packet from 80.180.223.xxx:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Feb 1 02:09:18 fw4 pluto[1870]: packet from 80.180.223.xxx:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
responding to Main Mode from unknown peer 80.180.223.xxx
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.149 #57:
STATE_MAIN_R1: sent MR1, expecting MI2
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike
-02/03: no NAT detected
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
STATE_MAIN_R2: sent MR2, expecting MI3
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.149 #57: Main
mode peer ID is ID_IPV4_ADDR: '80.180.223.xxx'
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57: I did
not send a certificate because I do not have one
.
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Feb 1 02:09:18 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Feb 1 02:09:19 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #58:
responding to Quick Mode {msgid:b778fda1}
Feb 1 02:09:19 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #58:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Feb 1 02:09:19 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #58:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed,expecting QI2
Feb 1 02:09:19 fw4 pluto[1870]: "left-road"[27] 80.180.223.149 #58:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 1 02:09:19 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #58:
STATE_QUICK_R2: IPsec SA established {ESP=>0x75088c21
<0xc1e22e6e xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
Feb 1 02:09:25 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
received Delete SA(0x75088c21) payload: deleting IPSEC State #58
Feb 1 02:09:25 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
received and ignored informational message
Feb 1 02:09:25 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx #57:
received Delete SA payload: deleting ISAKMP State #57
Feb 1 02:09:25 fw4 pluto[1870]: "left-road"[27] 80.180.223.xxx: deleting
connection "left-road" instance with peer 80.180.223.xxx
{isakmp=#0/ipsec=#0}
Feb 1 02:09:25 fw4 pluto[1870]: packet from 80.180.223.xxx:500: received
and ignored informational message
..but on my remote PC I have the error message that the remote computer not
responding !
Then I make the restart of the xl2tpd service and recommences to work well,
this problem is occur in accidental mode.
I use Fedora Core with kernel 2.6.16.11 custom with patch nat-t and klips,
openswan version is 2.4.5.
In ipsec.conf I have:
virtual_private=%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.0.0.0/24
nat_traversal=yes
conn left-road
auto=add
authby=secret
pfs=no
rekey=no
left=81.174.xxx.xxx
leftnexthop=81.174.10.121
leftprotoport=17/1701
right=%any
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
The xl3tpd version is 1.1.06.
Thanks.
------
Salvatore.
More information about the Users
mailing list