[Openswan Users] openswan on dedibox
Reza Issany
issanyr at gmail.com
Thu Nov 13 13:40:36 EST 2008
i'm running with xl2tpd now :)
Nov 13 19:37:19 transchaines xl2tpd[13794]: xl2tpd version xl2tpd-1.2.3
started on transchaines PID:13794
Nov 13 19:37:19 transchaines xl2tpd[13794]: Written by Mark Spencer,
Copyright (C) 1998, Adtran, Inc.
Nov 13 19:37:19 transchaines xl2tpd[13794]: Forked by Scott Balmos and
David Stipp, (C) 2001
Nov 13 19:37:19 transchaines xl2tpd[13794]: Inherited by Jeff McAdams,
(C) 2002
Nov 13 19:37:19 transchaines xl2tpd[13794]: Forked again by Xelerance
(www.xelerance.com) (C) 2006
Nov 13 19:37:19 transchaines xl2tpd[13794]: Listening on IP address
0.0.0.0, port 1701
Nov 13 19:37:25 transchaines postfix/smtpd[12726]: connect from
localhost[127.0.0.1]
Nov 13 19:37:25 transchaines postfix/smtpd[12726]: disconnect from
localhost[127.0.0.1]
Nov 13 19:37:39 transchaines xl2tpd[13794]: control_finish: Peer
requested tunnel 24 twice, ignoring second one.
Nov 13 19:37:40 transchaines xl2tpd[13794]: network_thread: select timeout
Nov 13 19:37:40 transchaines xl2tpd[13794]: network_thread: select timeout
Nov 13 19:37:40 transchaines xl2tpd[13794]: control_finish: Peer
requested tunnel 24 twice, ignoring second one.
Nov 13 19:37:41 transchaines xl2tpd[13794]: network_thread: select timeout
Nov 13 19:37:43 transchaines last message repeated 3 times
Nov 13 19:37:44 transchaines xl2tpd[13794]: control_finish: Peer
requested tunnel 24 twice, ignoring second one.
Nov 13 19:37:44 transchaines xl2tpd[13794]: network_thread: select timeout
Nov 13 19:37:44 transchaines xl2tpd[13794]: network_thread: select timeout
Nov 13 19:37:44 transchaines xl2tpd[13794]: Maximum retries exceeded for
tunnel 28465. Closing.
I don't understand anything about these logs
/etc/xl2tpd/xl2tpd.conf :
[global]
; Global parameters:
port = 1701 ; * Bind
to port 1701
[lns default] ; Our
fallthrough LNS definition
ip range = 192.168.2.10-192.168.2.20
local ip = 192.168.2.1
length bit = yes
require chap = yes ; * Require CHAP
auth. by peer
refuse pap = yes ; *
Refuse PAP authentication
require authentication = yes ; * Require peer to
authenticate
name = OCTIVPN ; * Report this
as our hostname
ppp debug = yes ; * Turn on PPP
debugging
pppoptfile = /etc/ppp/options.l2tpd.lns ; * ppp options file
/etc/ppp/options.l2tpd.lns :
ipcp-accept-local
ipcp-accept-remote
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
chap-secrets :
# Secrets for authentication using CHAP
# client server secret IP addresses
reza * "reza" 192.168.2.10/24
Paul Wouters a écrit :
> On Thu, 13 Nov 2008, Reza Issany wrote:
>
>> My l2tpd.conf is :
>
> btw. upgrade to xl2tpd if possible.
>
>> [global]
>> auth file = /etc/l2tpd/l2tp-secrets
>>
>> [lns default]
>> ip range = 192.168.2.10-192.168.2.20
>> local ip = 192.168.2.1
>> require chap = yes
>> refuse pap = yes
>> require authentication = yes
>> name = OCTIVPN
>> ppp debug = yes
>> pppoptfile = /etc/ppp/options.l2tpd
>> length bit = yes
>
> What's in options.l2tpd? something like:
>
> ipcp-accept-local
> ipcp-accept-remote
> ms-dns 193.110.157.2
> #ms-dns 192.168.1.3
> #ms-wins 192.168.1.2
> #ms-wins 192.168.1.4
> noccp
> nomppe
> auth
> crtscts
> idle 1800
> #mtu 1200
> #mru 1200
> mru 1360
> mtu 1360
> defaultroute
> debug
> lock
> proxyarp
> connect-delay 5000
>
>> Is the local IP have to be set to 192..168.2.1 or with 88.191.50.209 ?
>
> the local ip is the one your assigned ip will talk to, so the 192.168.2.1
> in your case.
>
> You should check the l2tp server logs to see what is going wrong.
>
>> is pptp is needed to get work the l2tp/ipsec connexion ? My
>> l2tpd.conf configuration
>
> no. ppp is needed, not pptp.
>
>> Maybe my config is different because the openswan server doesn't have
>> any real lan interface no ?
>
> Yes, but I think it should still work fine.
>
> Paul
>
More information about the Users
mailing list