[Openswan Users] pluto: deleting connection instance with peer -- why?

JOR HAY flexbumpchest at gmail.com
Tue May 15 14:17:46 EDT 2007


On 5/14/07, Peter McGill <petermcgill at goco.net> wrote:
> > -----Original Message-----
> > Date: Sun, 13 May 2007 21:02:39 -0500
> > From: "JOR HAY" <flexbumpchest at gmail.com>
> > Subject: [Openswan Users] pluto: deleting connection instance with
> >       peer -- why?
> > To: users at openswan.org
> >
>
> First set plutodebug=none, we don't usually need this much info, and it's
> A real pain to look through. All the below lines which we need are still
> There without the debuging options.
>
Ok, I thought you guys would laugh at me for picking none and trying
to get help, but that looks about right, now.  Thanks

>
> > Contents of /var/log/secure
> > May 13 18:47:39 myserver pluto[28835]: "L2TP-WINXP"[2]
> > xxx.xxx.xxx.xxx #1:
> > STATE_MAIN_R3: sent MR3, ISAKMP SA established
> > {auth=OAKLEY_PRESHARED_KEY
> > cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
>
> > May 13 18:47:48 myserver pluto[28835]: "L2TP-WINXP"[2]
> > xxx.xxx.xxx.xxx #3:
> > STATE_QUICK_R2: IPsec SA established {ESP=>0x4e864e6a <0x697cc74c
> > xfrm=3DES_0-HMAC_MD5 NATD=xxx.xxx.xxx.xxx:22155 DPD=none}
>
> The above two lines indicate that the IPSec connection was made
> Correctly, so the IPSec portion is working.
>
> > May 13 18:48:19 myserver pluto[28835]: "L2TP-WINXP"[2]
> > xxx.xxx.xxx.xxx #1:
> > received Delete SA(0x4e864e6a) payload: deleting IPSEC State #3
>
> This line indicates the the Windows machine asked for a disconnect.
>
> The thing to remember with windows is it's not using IPSec but rather
> L2TP over/in IPSec. And L2TP itself uses PPP in it's tunnel. Since
> windows said it didn't get a response, and You can clearly see the
> IPSec part is working, the problem must lie in The L2TP or PPP portion
> of the connection. Did you install and configure a L2TP and PPP
> daemon/server on your linux box? If so try looking in it's logs. If not
> try downloading xl2tpd from Xelerance. Be sure to read Jacco's docs on
> L2TP/IPSec connections.
>
> http://www.xelerance.com/software/xl2tpd/
>
> http://www.jacco2.dds.nl/networking/index.html
>
> Peter
>
>
I do indeed have xl2tpd installed and configured, but NOTHING shows up
in the log after turning the service on.  I'm not sure how to start
pppd, and I don't see it running, but I guess that's a different
story.  Thanks for clearing things up.


More information about the Users mailing list