[Openswan Users] Problems with lt2p/ipsec

Paul Wouters paul at xelerance.com
Sun Jun 21 18:44:03 EDT 2009

On Sun, 21 Jun 2009, Mauricio Tavares wrote:

> 	That is what I installed. About starting the ppp daemon and creating
> ppp0 I thought I could do so (at least until satisfied it works when I
> do manually) by
> /etc/init.d/ipsec restart
> ipsec auto --up l2tpTest
> echo "c L2TPserver" > /var/run/xl2tpd/l2tp-control

is xl2tpd running? Did you configure it? What do the logs say?

> route add -net dev ppp0

This should not be neccessary.

> [global]                                ; Global parameters:
>    port = 1701                          ; * Bind to port 1701
>    listen-addr =

Are you doing portforwarding from your public ip to

> ; Connect to the vpn server shop.server.com
> [lac L2TPserver]

You don't need a lac section if you use xl2tpd as a daemon on
the openswan server.

> lns = shop.server.com
> require chap = yes
> refuse pap = yes
> require authentication = yes
> ; Name should be the same as the username in the PPP authentication!
> name = raub

You dont need a namesetting. just use /etc/ppp/chaps.secret for all
the names, passwords and ip addresses.

Are you trying to setup incoming l2tp/ipsec or outgoing l2tp/ipsec? I
am confused here.

For more examples configs, see openswan-2.6.x/testing/pluto/*l2tp*


More information about the Users mailing list