[Openswan Users] Problems with lt2p/ipsec

Mauricio Tavares raubvogel at gmail.com
Tue Jun 23 07:32:12 EDT 2009

Paul Wouters wrote:
> On Sun, 21 Jun 2009, Mauricio Tavares wrote:
>>     That is what I installed. About starting the ppp daemon and creating
>> ppp0 I thought I could do so (at least until satisfied it works when I
>> do manually) by
>> /etc/init.d/ipsec restart
>> ipsec auto --up l2tpTest
>> echo "c L2TPserver" > /var/run/xl2tpd/l2tp-control
> is xl2tpd running? Did you configure it? What do the logs say?
>> route add -net dev ppp0
> This should not be neccessary.
	Understood. But right now, once I got it running it did not add any 
route to my table. Knowing the subnet being provided by the server is, I ended up doing

route add -net dev ppp0

I still have to figure out why it is ignoring the vlan dns, but it is 

>> [global]                                ; Global parameters:
>>    port = 1701                          ; * Bind to port 1701
>>    listen-addr =
> Are you doing portforwarding from your public ip to
	I see your point. I guess I should do port forwarding to the ip 
assigned by the openswan server to my laptop. Problem is I do not know 
what it is. So, I commented the listen-addr entry off which I guess 
means it will now listen to everyone (

>> ; Connect to the vpn server shop.server.com
>> [lac L2TPserver]
> You don't need a lac section if you use xl2tpd as a daemon on
> the openswan server.
	Could you elaborate on that? I was able to get it to work but only with 
the lac session.

>> lns = shop.server.com
>> require chap = yes
>> refuse pap = yes
>> require authentication = yes
>> ; Name should be the same as the username in the PPP authentication!
>> name = raub
> You dont need a namesetting. just use /etc/ppp/chaps.secret for all
> the names, passwords and ip addresses.
	You know, I googled and googled and just could not find any info on 
chaps.secret. I know, shame on me...

> Are you trying to setup incoming l2tp/ipsec or outgoing l2tp/ipsec? I
> am confused here.
> For more examples configs, see openswan-2.6.x/testing/pluto/*l2tp*
> Paul

More information about the Users mailing list