[Openswan Users] openswan 2.6.23 crashes (pluto)
Paul Wouters
paul at xelerance.com
Mon Nov 30 12:07:11 EST 2009
On Mon, 30 Nov 2009, Matteo Campanella wrote:
> It works lovely now - I followed the guide written by Giovani Moda for
> recompiling with cryptoapi and it works beautifully now - with just two
> strange flaws:
>
> 1. from time to time i get this as soon as SA is estabilished:
>
> Nov 30 15:00:07 gate pluto[18740]: "L2TP-PSK-NAT"[2] 94.160.47.12 #2:
> STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
> cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
> Nov 30 15:00:10 gate pluto[18740]: "L2TP-PSK-NAT"[2] 94.160.47.12 #2:
> retransmitting in response to duplicate packet; already STATE_MAIN_R3
> Nov 30 15:00:13 gate pluto[18740]: "L2TP-PSK-NAT"[2] 94.160.47.12 #2:
> retransmitting in response to duplicate packet; already STATE_MAIN_R3
> Nov 30 15:00:16 gate pluto[18740]: "L2TP-PSK-NAT"[2] 94.160.47.12 #2:
> discarding duplicate packet -- exhausted retransmission; already
> STATE_MAIN_R3
> Nov 30 15:00:19 gate pluto[18740]: "L2TP-PSK-NAT"[2] 94.160.47.12 #2:
> discarding duplicate packet -- exhausted retransmission; already
> STATE_MAIN_R3
Odd. the other end seems to not be receiving all packets and retransmits.
This could be a network failure of some sort.
> 2. I had to put my secret in /etc/ppp/chap-secrets, while I was pretty
> sure it was enough to put it in l2tp-secrets for xl2tpd .. is it really
> necessary to repeat the secrets in two files? but i know this is more
> xl2tpd related...
It's always been pppd that does the user/password. l2tp secrets can be
used *in addition* to this, but in practise never are for regular Windows
or OSX clients.
Paul
More information about the Users
mailing list