[Openswan Users] (no subject)
paul at xelerance.com
Fri Sep 12 10:27:15 EDT 2008
On Fri, 12 Sep 2008, Eugenio Vescovi wrote:
> [lac Eugenio_prova] ; Example VPN LAC definition lns = 141.250.x.x ; * Who is our LNS?; lns = lns2.marko.net ; * A backup LNS (not yet used) redial = yes ; * Redial if disconnected?; redial timeout = 15 ; * Wait n seconds between redials; max redials = 5 ; * Give up after n consecutive failures; hidden bit = yes ; * User hidden AVP's?; local ip = 192.168.1.1 ; * Force peer to use this IP for us; remote ip = 192.168.1.2 ; * Force peer to use this as their IP; length bit = no ; * Use length bit in payload? require pap = no ; * Require PAP auth. by peer require chap = no ; * Require CHAP auth. by peer refuse pap = yes ; * Refuse PAP authentication refuse chap = yes ; * Refuse
CHAP authentication refuse authentication = yes ; * Refuse authentication altogether; require authentication = no ; * Require peer to authenticate name = roadwarrior ; * Report this as our hostname; ppp debug = no ; * Turn on PPP debugging pppoptfile = /etc/ppp/options.l2tpd.lac ; * ppp options file for this lac; call rws = 10 ; * RWS for call (-1 is valid); tunnel rws = 4 ; * RWS for tunnel (must be > 0); flow bit = yes ; * Include sequence numbers; challenge = yes ; * Challenge authenticate peer
> I don't want any type of autentication for the moment.
I am not sure if you can do that. You now have refuse chap and pap, so I
don't think xl2tpd can do anything.
> My problem is that, when i try to startup l2tpd daemon with /etc/init.d/xl2tpd start (after creating the required folder /var/run/xl2tpd) NOTING HAPPEN.
Are you sure there are no firewall/forwarding rules in the way?
> I don't know why.I use wireshark to sniffing over eth0, but there are no packets exchanging between client and server when I startup xl2tpd.
Are you actually starting the l2tp client using:
echo "c server" >/var/run/l2tp-control
For working examples see openswan-2.x.y/testing/pluto/l2tp-*
More information about the Users