[Openswan Users] openswan + l2tpd No Authorization problem

Rafael Andara rafael.andara at gmail.com
Tue Mar 27 09:18:09 EDT 2007 

Hi,

I´m getting this message when I try to connect to my IPsec/L2TP
server, "control_finish: Denied connection to unauthorized peer <IP>".

The IPsec tunnel is up, but can´t find why I'm getting that message???

Any help???

SYSLOG output:

Mar 27 08:10:06 lab3-ing l2tpd[29377]: This binary does not support kernel L2TP.
Mar 27 08:10:06 lab3-ing l2tpd[29378]: l2tpd version 0.67 started on
lab3-ing PID:29378
Mar 27 08:10:06 lab3-ing l2tpd[29378]: Written by Mark Spencer,
Copyright (C) 1998, Adtran, Inc.
Mar 27 08:10:06 lab3-ing l2tpd[29378]: Forked by Scott Balmos and
David Stipp, (C) 2001
Mar 27 08:10:06 lab3-ing l2tpd[29378]: Linux version 2.6.8-2-386 on a
i686, port 1701
Mar 27 08:10:24 lab3-ing l2tpd[29378]: check_control: control, cid =
0, Ns = 0, Nr = 0
Mar 27 08:10:24 lab3-ing l2tpd[29378]: handle_avps: handling avp's for
tunnel 55190, call 0
Mar 27 08:10:24 lab3-ing l2tpd[29378]: message_type_avp: message type
1 (Start-Control-Connection-Request)
Mar 27 08:10:24 lab3-ing l2tpd[29378]: protocol_version_avp: peer is
using version 1, revision 0.
Mar 27 08:10:24 lab3-ing l2tpd[29378]: framing_caps_avp: supported
peer frames: sync
Mar 27 08:10:24 lab3-ing l2tpd[29378]: bearer_caps_avp: supported peer bearers:
Mar 27 08:10:25 lab3-ing l2tpd[29378]: firmware_rev_avp: peer reports
firmware version 1280 (0x0500)
Mar 27 08:10:25 lab3-ing l2tpd[29378]: hostname_avp: peer reports
hostname 'amd-2100-p'
Mar 27 08:10:25 lab3-ing l2tpd[29378]: vendor_avp: peer reports vendor
'Microsoft\200^H'
Mar 27 08:10:25 lab3-ing l2tpd[29378]: assigned_tunnel_avp: using
peer's tunnel 12
Mar 27 08:10:25 lab3-ing l2tpd[29378]: receive_window_size_avp: peer
wants RWS of 8.  Will use flow control.
Mar 27 08:10:25 lab3-ing l2tpd[29378]: control_finish: Denied
connection to unauthorized peer 200.75.133.242
Mar 27 08:10:26 lab3-ing l2tpd[29378]: call_close : Connection 12
closed to 200.75.133.242, port 1701 (No Authorization)
Mar 27 08:10:26 lab3-ing l2tpd[29378]: check_control: control, cid =
0, Ns = 0, Nr = 0
Mar 27 08:10:26 lab3-ing l2tpd[29378]: handle_avps: handling avp's for
tunnel 28463, call 0
Mar 27 08:10:26 lab3-ing l2tpd[29378]: message_type_avp: message type
1 (Start-Control-Connection-Request)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: protocol_version_avp: peer is
using version 1, revision 0.
Mar 27 08:10:27 lab3-ing l2tpd[29378]: framing_caps_avp: supported
peer frames: sync
Mar 27 08:10:27 lab3-ing l2tpd[29378]: bearer_caps_avp: supported peer bearers:
Mar 27 08:10:27 lab3-ing l2tpd[29378]: firmware_rev_avp: peer reports
firmware version 1280 (0x0500)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: hostname_avp: peer reports
hostname 'amd-2100-p'
Mar 27 08:10:27 lab3-ing l2tpd[29378]: vendor_avp: peer reports vendor
'Microsoft\200^H'
Mar 27 08:10:27 lab3-ing l2tpd[29378]: assigned_tunnel_avp: using
peer's tunnel 12
Mar 27 08:10:27 lab3-ing l2tpd[29378]: receive_window_size_avp: peer
wants RWS of 8.  Will use flow control.
Mar 27 08:10:27 lab3-ing l2tpd[29378]: control_finish: Denied
connection to unauthorized peer <IP>
Mar 27 08:10:27 lab3-ing l2tpd[29378]: call_close : Connection 12
closed to <IP>, port 1701 (No Authorization)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: check_control: control, cid =
0, Ns = 0, Nr = 0
Mar 27 08:10:27 lab3-ing l2tpd[29378]: handle_avps: handling avp's for
tunnel 29810, call 0
Mar 27 08:10:27 lab3-ing l2tpd[29378]: message_type_avp: message type
1 (Start-Control-Connection-Request)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: protocol_version_avp: peer is
using version 1, revision 0.
Mar 27 08:10:27 lab3-ing l2tpd[29378]: framing_caps_avp: supported
peer frames: sync
Mar 27 08:10:27 lab3-ing l2tpd[29378]: bearer_caps_avp: supported peer bearers:
Mar 27 08:10:27 lab3-ing l2tpd[29378]: firmware_rev_avp: peer reports
firmware version 1280 (0x0500)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: hostname_avp: peer reports
hostname 'amd-2100-p'
Mar 27 08:10:27 lab3-ing l2tpd[29378]: vendor_avp: peer reports vendor
'Microsoft\200^H'
Mar 27 08:10:27 lab3-ing l2tpd[29378]: assigned_tunnel_avp: using
peer's tunnel 12
Mar 27 08:10:27 lab3-ing l2tpd[29378]: receive_window_size_avp: peer
wants RWS of 8.  Will use flow control.
Mar 27 08:10:27 lab3-ing l2tpd[29378]: control_finish: Denied
connection to unauthorized peer 200.75.133.242
Mar 27 08:10:27 lab3-ing l2tpd[29378]: call_close : Connection 12
closed to 200.75.133.242, port 1701 (No Authorization)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: check_control: control, cid =
0, Ns = 1, Nr = 1
Mar 27 08:10:27 lab3-ing l2tpd[29378]: check_control: Received out of
order control packet on tunnel -1 (1 != 0)
Mar 27 08:10:27 lab3-ing l2tpd[29378]: handle_packet: bad control packet!

-- 
Saludos.
Linux Registered User 422700
-RA-

More information about the Users mailing list